Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/0yjUAiiAA5wZT34Ogp3IOHSK4SI.roa
File: 0yjUAiiAA5wZT34Ogp3IOHSK4SI.roa (raw, json)
Hash identifier: Ivz08W4q1+2dAAvpp2aPxHkBu4wuHtum0xIKz8yPclg=
Subject key identifier: D3:28:D4:02:28:80:03:9C:19:4F:7E:0E:82:9D:C8:38:74:8A:E1:22
Certificate issuer: /CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Certificate serial: 1B75EBF5
Authority key identifier: F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/0yjUAiiAA5wZT34Ogp3IOHSK4SI.roa
Signing time: Sat 01 Jan 2022 10:02:48 +0000
ROA not before: Sat 01 Jan 2022 10:02:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211595
IP address blocks: 195.228.112.0/24 maxlen: 24
195.228.4.0/24 maxlen: 24
84.1.236.0/24 maxlen: 24
195.228.15.0/24 maxlen: 24
195.228.31.0/24 maxlen: 24
84.2.54.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 460712949 (0x1b75ebf5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Validity
Not Before: Jan 1 10:02:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d328d4022880039c194f7e0e829dc838748ae122
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:fc:ee:32:3d:f0:30:27:64:65:3c:65:5d:b7:
c6:b5:e2:43:3b:88:ef:06:7a:40:84:6a:f3:04:a8:
05:84:6a:36:a5:58:17:19:a4:ff:ae:9a:4e:5f:b4:
63:11:cf:48:00:39:74:3f:c5:b8:22:b0:6d:7b:b3:
47:4c:7c:5f:e8:5c:b5:21:7b:5e:39:2a:86:32:94:
ed:e3:3a:4e:a8:0b:33:27:4d:9d:ce:53:34:97:7d:
da:71:89:b9:b4:57:04:e3:ed:a1:0c:9f:41:7f:a4:
31:d3:0b:bf:d3:96:6f:d0:e6:a5:23:be:5b:09:d4:
78:19:ff:6e:c1:03:f7:cd:22:56:bd:52:0d:66:3c:
ca:5d:5f:c2:09:18:d9:37:b7:2b:4a:18:89:5d:78:
4f:73:3e:2d:17:c5:68:50:08:3a:97:44:6d:92:07:
bc:b1:d0:5a:1e:98:c0:cd:fe:0e:4c:85:ad:bb:9f:
a2:54:14:52:3a:38:d7:b1:a0:37:7d:7d:85:eb:4e:
de:f3:bd:14:3d:0e:65:32:a6:65:3d:c6:95:21:ff:
a1:ac:d7:fa:df:ba:fe:4a:45:da:59:6d:b9:45:79:
e4:78:8a:88:01:70:a6:59:4b:f7:26:84:11:96:e0:
57:ac:d5:fe:b8:da:6d:8a:73:f5:60:0d:f8:0f:27:
3e:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:28:D4:02:28:80:03:9C:19:4F:7E:0E:82:9D:C8:38:74:8A:E1:22
X509v3 Authority Key Identifier:
keyid:F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/0yjUAiiAA5wZT34Ogp3IOHSK4SI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.1.236.0/24
84.2.54.0/24
195.228.4.0/24
195.228.15.0/24
195.228.31.0/24
195.228.112.0/24
Signature Algorithm: sha256WithRSAEncryption
78:72:9a:06:27:72:a5:e1:23:aa:57:01:7b:47:dd:3f:23:2b:
d0:f6:26:c6:bd:c7:3f:0c:87:67:47:98:a1:06:aa:82:4b:38:
20:60:53:7a:9d:ca:ec:d1:67:7d:d3:ef:fd:6f:f2:b0:07:f9:
9b:4c:a1:15:88:90:b9:cc:16:be:c7:aa:17:fc:c2:a0:a2:2f:
fe:f2:f9:a5:25:ea:2c:a2:55:ae:dc:a6:b8:b8:bf:cd:ff:fb:
0e:4e:19:8b:77:82:bb:9a:88:65:8f:cc:3a:35:59:b5:fa:62:
ab:83:97:08:bf:e5:56:21:8a:80:ac:73:b2:7b:cb:6d:c4:d0:
03:21:62:3d:df:5e:ae:90:9f:71:e9:c2:ef:ca:77:68:20:e9:
fd:fe:e8:73:12:9a:ef:9c:a9:29:7d:d2:9b:cd:c9:b1:d5:a9:
ab:e4:dd:8e:28:24:5f:cd:f1:d9:3d:af:9f:5c:8f:e3:f0:53:
48:1a:fb:59:08:fd:5f:ee:90:c3:c3:8d:8f:20:74:74:d6:a8:
b4:8e:bb:1a:48:f1:7b:0c:06:fc:6e:11:09:c5:79:68:51:43:
43:40:f7:c2:55:1b:1c:7b:c4:34:ef:c1:e8:6b:6d:4c:1a:e2:
9e:16:05:9c:d4:f2:11:fb:ae:fc:9f:89:6c:5c:e8:f8:83:ae:
a4:a6:c1:a1
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIEG3Xr9TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
MDJkYWM2MDVmNDY1OTcxOGMwYTE1ZTFmNzMyY2JkNGY0OGFhZTdiMB4XDTIyMDEw
MTEwMDI0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDMyOGQ0MDIyODgw
MDM5YzE5NGY3ZTBlODI5ZGM4Mzg3NDhhZTEyMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ387jI98DAnZGU8ZV23xrXiQzuI7wZ6QIRq8wSoBYRqNqVY
Fxmk/66aTl+0YxHPSAA5dD/FuCKwbXuzR0x8X+hctSF7XjkqhjKU7eM6TqgLMydN
nc5TNJd92nGJubRXBOPtoQyfQX+kMdMLv9OWb9DmpSO+WwnUeBn/bsED980iVr1S
DWY8yl1fwgkY2Te3K0oYiV14T3M+LRfFaFAIOpdEbZIHvLHQWh6YwM3+DkyFrbuf
olQUUjo417GgN319hetO3vO9FD0OZTKmZT3GlSH/oazX+t+6/kpF2lltuUV55HiK
iAFwpllL9yaEEZbgV6zV/rjabYpz9WAN+A8nPoUCAwEAAaOCAicwggIjMB0GA1Ud
DgQWBBTTKNQCKIADnBlPfg6Cncg4dIrhIjAfBgNVHSMEGDAWgBTwLaxgX0ZZcYwK
FeH3MsvU9IquezAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzhDMnNZRjlHV1hHTUNoWGg5ekxMMVBTS3Jucy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGQvZTkwOTc2LTNkZDEtNDcxNi1iYmY2LTI5MmFlNDZlNjMwMi8x
LzB5alVBaWlBQTV3WlQzNE9ncDNJT0hTSzRTSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGQv
ZTkwOTc2LTNkZDEtNDcxNi1iYmY2LTI5MmFlNDZlNjMwMi8xLzhDMnNZRjlHV1hH
TUNoWGg5ekxMMVBTS3Jucy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9
BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEAFQB7AMEAFQCNgMEAMPkBAMEAMPk
DwMEAMPkHwMEAMPkcDANBgkqhkiG9w0BAQsFAAOCAQEAeHKaBidypeEjqlcBe0fd
PyMr0PYmxr3HPwyHZ0eYoQaqgks4IGBTep3K7NFnfdPv/W/ysAf5m0yhFYiQucwW
vseqF/zCoKIv/vL5pSXqLKJVrtymuLi/zf/7Dk4Zi3eCu5qIZY/MOjVZtfpiq4OX
CL/lViGKgKxzsnvLbcTQAyFiPd9erpCfcenC78p3aCDp/f7ocxKa75ypKX3Sm83J
sdWpq+TdjigkX83x2T2vn1yP4/BTSBr7WQj9X+6Qw8ONjyB0dNaotI67GkjxewwG
/G4RCcV5aFFDQ0D3wlUbHHvENO/B6GttTBrinhYFnNTyEfuu/J+JbFzo+IOupKbB
oQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:17 2023 by rpki-client on console-fra.rpki-client.org