Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/iltN7FgtZpjnHkiPOcgkOVPkew0.roa
File: iltN7FgtZpjnHkiPOcgkOVPkew0.roa (raw, json)
Hash identifier: QMdb3r/ShFlYBBSHg+TvbM8EupojI1j9j+60TvSRYeM=
Subject key identifier: 8A:5B:4D:EC:58:2D:66:98:E7:1E:48:8F:39:C8:24:39:53:E4:7B:0D
Certificate issuer: /CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Certificate serial: 1C235D34
Authority key identifier: F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/iltN7FgtZpjnHkiPOcgkOVPkew0.roa
Signing time: Wed 16 Mar 2022 13:53:21 +0000
ROA not before: Wed 16 Mar 2022 13:53:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 19905
IP address blocks: 195.228.112.0/24 maxlen: 24
195.228.4.0/24 maxlen: 24
84.1.236.0/24 maxlen: 24
195.56.199.0/24 maxlen: 24
84.2.54.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 472079668 (0x1c235d34)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Validity
Not Before: Mar 16 13:53:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8a5b4dec582d6698e71e488f39c8243953e47b0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:02:d3:7b:0e:9f:1f:36:67:1e:98:2b:a9:27:
86:c0:ec:2d:f6:b9:34:0f:32:6d:6d:60:1f:a6:8c:
b2:c2:ad:76:de:3f:a3:af:b0:87:85:18:cb:01:39:
f2:bd:a8:4b:89:c4:55:94:b5:fe:c1:fc:8f:72:6e:
ab:1b:85:7d:a0:7e:3f:47:ed:51:ee:79:c7:af:c1:
47:21:33:ac:7e:cc:be:9c:aa:f8:a0:1d:78:a1:3a:
5a:77:eb:f5:1c:bd:81:2e:73:db:70:1a:43:e9:65:
ac:94:47:10:a7:5a:99:d3:74:83:dc:c5:72:4c:37:
5c:ce:61:54:2f:a3:41:a4:6a:62:5f:76:7f:e5:e3:
75:be:88:2a:e1:14:e9:a6:d5:6d:ed:5e:20:f0:6e:
51:3b:4a:88:da:12:c1:b0:21:bb:b5:ed:aa:13:25:
b1:04:56:d9:04:46:ee:d5:18:03:02:c6:48:01:06:
38:9e:19:25:95:9a:e7:b4:e2:0f:37:81:c0:5e:50:
0b:04:e9:3a:97:f3:d9:f8:a7:86:8e:4b:fb:3f:71:
bd:26:c2:d1:3c:3f:3c:3e:39:c8:af:b5:97:aa:4b:
4b:11:cd:e9:19:20:88:83:2b:3d:8b:3a:ef:bd:df:
9f:2a:f3:a6:56:80:08:5f:d8:1f:b2:fd:72:62:b6:
b0:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:5B:4D:EC:58:2D:66:98:E7:1E:48:8F:39:C8:24:39:53:E4:7B:0D
X509v3 Authority Key Identifier:
keyid:F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/iltN7FgtZpjnHkiPOcgkOVPkew0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.1.236.0/24
84.2.54.0/24
195.56.199.0/24
195.228.4.0/24
195.228.112.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:78:a6:c2:76:9d:f3:f4:5c:e2:65:87:5a:8e:0b:7a:f5:21:
1c:7a:e4:f3:3b:fe:22:0d:d2:21:d9:74:7a:49:89:73:54:dd:
c9:eb:21:67:31:7c:cf:3c:b1:b7:54:3e:77:38:01:f7:2f:90:
be:5a:4d:e1:28:c0:c2:35:a9:89:3a:0a:e7:f7:35:6a:32:9c:
1c:d1:14:c4:50:86:1b:df:b9:2d:4f:d2:3e:11:30:5e:64:40:
37:f6:82:81:8a:0a:85:08:b3:3a:5c:57:02:1f:b0:f3:61:c8:
e1:a2:8f:be:4c:3d:1f:e1:6c:d9:d1:8f:0a:19:23:b4:28:bc:
9c:12:3d:3a:a7:1f:d4:c4:95:75:8f:ed:3d:99:fd:ff:26:5e:
d7:36:8f:c0:7b:50:d0:7d:8d:9e:f5:ce:1d:4a:d6:41:f3:3f:
4a:8c:25:b1:b7:88:17:c4:ca:77:fb:c1:b4:0c:bc:d8:04:03:
76:1b:c9:f1:fa:e4:c3:60:e5:0b:59:ba:68:7d:8c:da:d1:a8:
84:14:8a:4d:e1:5c:84:b0:06:6f:af:f3:60:aa:fc:f8:8d:19:
26:40:f1:0e:e3:c8:de:50:f8:c2:c6:a4:70:88:10:0b:87:8f:
07:64:fa:56:6e:83:e1:50:f5:b2:3f:e9:7f:97:82:72:a9:6e:
d5:c2:b6:87
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIEHCNdNDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
MDJkYWM2MDVmNDY1OTcxOGMwYTE1ZTFmNzMyY2JkNGY0OGFhZTdiMB4XDTIyMDMx
NjEzNTMyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGE1YjRkZWM1ODJk
NjY5OGU3MWU0ODhmMzljODI0Mzk1M2U0N2IwZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ4C03sOnx82Zx6YK6knhsDsLfa5NA8ybW1gH6aMssKtdt4/
o6+wh4UYywE58r2oS4nEVZS1/sH8j3JuqxuFfaB+P0ftUe55x6/BRyEzrH7Mvpyq
+KAdeKE6Wnfr9Ry9gS5z23AaQ+llrJRHEKdamdN0g9zFckw3XM5hVC+jQaRqYl92
f+Xjdb6IKuEU6abVbe1eIPBuUTtKiNoSwbAhu7XtqhMlsQRW2QRG7tUYAwLGSAEG
OJ4ZJZWa57TiDzeBwF5QCwTpOpfz2finho5L+z9xvSbC0Tw/PD45yK+1l6pLSxHN
6RkgiIMrPYs6773fnyrzplaACF/YH7L9cmK2sD8CAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBSKW03sWC1mmOceSI85yCQ5U+R7DTAfBgNVHSMEGDAWgBTwLaxgX0ZZcYwK
FeH3MsvU9IquezAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzhDMnNZRjlHV1hHTUNoWGg5ekxMMVBTS3Jucy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGQvZTkwOTc2LTNkZDEtNDcxNi1iYmY2LTI5MmFlNDZlNjMwMi8x
L2lsdE43Rmd0WnBqbkhraVBPY2drT1ZQa2V3MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGQv
ZTkwOTc2LTNkZDEtNDcxNi1iYmY2LTI5MmFlNDZlNjMwMi8xLzhDMnNZRjlHV1hH
TUNoWGg5ekxMMVBTS3Jucy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAFQB7AMEAFQCNgMEAMM4xwMEAMPk
BAMEAMPkcDANBgkqhkiG9w0BAQsFAAOCAQEAbHimwnad8/Rc4mWHWo4LevUhHHrk
8zv+Ig3SIdl0ekmJc1TdyeshZzF8zzyxt1Q+dzgB9y+QvlpN4SjAwjWpiToK5/c1
ajKcHNEUxFCGG9+5LU/SPhEwXmRAN/aCgYoKhQizOlxXAh+w82HI4aKPvkw9H+Fs
2dGPChkjtCi8nBI9Oqcf1MSVdY/tPZn9/yZe1zaPwHtQ0H2NnvXOHUrWQfM/Sowl
sbeIF8TKd/vBtAy82AQDdhvJ8frkw2DlC1m6aH2M2tGohBSKTeFchLAGb6/zYKr8
+I0ZJkDxDuPI3lD4wsakcIgQC4ePB2T6Vm6D4VD1sj/pf5eCcqlu1cK2hw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:13 2024 by rpki-client on console-ams.rpki-client.org