Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/22f570-0b26-4004-8ed0-d9509473072c/1/8Mt9tYqnXHHQYhI8MnCJ3Y76dlA.roa
File: 8Mt9tYqnXHHQYhI8MnCJ3Y76dlA.roa (raw, json)
Hash identifier: xkdm4BOmDBk70GIdBIBiig0ZYAk/UKluPKzQ4LdYG/0=
Subject key identifier: F0:CB:7D:B5:8A:A7:5C:71:D0:62:12:3C:32:70:89:DD:8E:FA:76:50
Certificate issuer: /CN=3eb1788fe220e46434692d1cc437072d792d7888
Certificate serial: 0C7D7BCC
Authority key identifier: 3E:B1:78:8F:E2:20:E4:64:34:69:2D:1C:C4:37:07:2D:79:2D:78:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PrF4j-Ig5GQ0aS0cxDcHLXkteIg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/22f570-0b26-4004-8ed0-d9509473072c/1/8Mt9tYqnXHHQYhI8MnCJ3Y76dlA.roa
Signing time: Sat 01 Jan 2022 14:02:37 +0000
ROA not before: Sat 01 Jan 2022 14:02:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58069
IP address blocks: 157.180.228.0/22 maxlen: 22
157.180.232.0/22 maxlen: 22
192.108.45.0/24 maxlen: 24
192.108.46.0/23 maxlen: 23
2a00:139c::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 209550284 (0xc7d7bcc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3eb1788fe220e46434692d1cc437072d792d7888
Validity
Not Before: Jan 1 14:02:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f0cb7db58aa75c71d062123c327089dd8efa7650
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:e7:fb:51:57:0a:77:e8:04:80:d5:97:28:46:
c2:08:37:66:f6:aa:44:6f:2f:cd:b1:49:71:7e:00:
03:c1:0c:12:27:12:a7:16:e8:be:95:3d:1a:71:de:
8b:88:f5:d5:15:de:3d:53:e9:6d:8e:99:2d:9e:1f:
6c:14:fd:98:9d:0e:a4:2e:fd:9a:29:42:85:00:54:
fb:02:f8:99:60:1e:73:ca:6f:80:77:31:83:8c:c9:
f1:01:87:a2:41:30:5b:4f:1b:12:59:79:1b:ca:be:
ca:6c:2e:f6:6a:9a:5e:48:58:e1:2d:1e:e6:d0:4c:
eb:7f:3f:28:82:99:94:c2:c9:f3:c8:df:40:63:4c:
d6:7c:27:02:53:df:f6:6b:eb:8a:0a:82:5d:4a:b3:
c5:22:0b:f8:bd:0c:e4:21:60:3c:51:57:a2:4a:8b:
95:c9:b1:ef:88:35:26:95:91:15:6b:76:c8:78:b9:
4c:bd:1e:be:d4:22:e4:b1:49:87:0b:54:25:69:bd:
6f:3e:f3:d3:38:a2:ff:2c:ad:42:9b:63:71:5e:d7:
20:a4:ad:a1:e2:ae:95:45:96:1c:90:35:15:85:ca:
34:c4:6a:34:5c:3f:8a:70:a8:d1:99:6a:4f:88:c7:
0a:68:1f:9d:0e:7a:be:c4:dd:fd:68:70:a6:7d:93:
44:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:CB:7D:B5:8A:A7:5C:71:D0:62:12:3C:32:70:89:DD:8E:FA:76:50
X509v3 Authority Key Identifier:
keyid:3E:B1:78:8F:E2:20:E4:64:34:69:2D:1C:C4:37:07:2D:79:2D:78:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PrF4j-Ig5GQ0aS0cxDcHLXkteIg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/22f570-0b26-4004-8ed0-d9509473072c/1/8Mt9tYqnXHHQYhI8MnCJ3Y76dlA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/22f570-0b26-4004-8ed0-d9509473072c/1/PrF4j-Ig5GQ0aS0cxDcHLXkteIg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.180.228.0-157.180.235.255
192.108.45.0-192.108.47.255
IPv6:
2a00:139c::/32
Signature Algorithm: sha256WithRSAEncryption
0d:40:e2:86:ce:ee:8b:f8:c7:24:0a:f5:c0:9e:8d:bc:a6:cb:
75:42:e3:e0:f1:93:75:2a:af:53:8c:82:64:17:64:e1:2e:4a:
cc:19:e4:51:a8:6a:e8:e7:d9:87:21:44:9f:8d:7f:c8:66:00:
a8:b7:33:86:47:ee:a5:1b:31:1c:cb:68:35:e0:f5:b5:0c:ae:
c7:36:fc:b9:a8:5a:97:1d:13:40:0d:21:04:52:19:e6:f6:57:
bf:c5:4c:e7:ae:f5:67:0a:07:f1:8e:c1:11:61:69:14:ea:f4:
9a:98:91:1f:03:1a:8f:7d:ee:7a:3a:5d:40:c7:aa:30:d9:ef:
90:24:85:c4:82:7e:22:73:4c:f5:60:31:b9:53:80:ac:8a:cb:
7d:5c:b3:eb:bc:a6:09:01:d4:f3:a6:55:28:d2:0a:bf:2c:9a:
3c:6a:5f:40:b2:54:ce:a1:db:30:8f:50:73:5f:77:63:f8:aa:
e1:28:4a:c7:59:d5:15:32:d0:05:3b:ee:be:ab:eb:b6:21:8d:
0f:cd:b2:60:cf:5e:e7:09:bc:00:8c:1a:2e:c5:b7:32:a1:19:
e1:82:ff:d6:15:d3:86:42:d3:49:20:48:9d:4f:9b:8b:ee:c0:
b6:5f:32:de:cd:bc:93:7c:f6:09:a8:3a:2b:ba:47:70:7c:e8:
62:2d:19:78
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgIEDH17zDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
ZWIxNzg4ZmUyMjBlNDY0MzQ2OTJkMWNjNDM3MDcyZDc5MmQ3ODg4MB4XDTIyMDEw
MTE0MDIzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjBjYjdkYjU4YWE3
NWM3MWQwNjIxMjNjMzI3MDg5ZGQ4ZWZhNzY1MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKbn+1FXCnfoBIDVlyhGwgg3ZvaqRG8vzbFJcX4AA8EMEicS
pxbovpU9GnHei4j11RXePVPpbY6ZLZ4fbBT9mJ0OpC79milChQBU+wL4mWAec8pv
gHcxg4zJ8QGHokEwW08bEll5G8q+ymwu9mqaXkhY4S0e5tBM638/KIKZlMLJ88jf
QGNM1nwnAlPf9mvrigqCXUqzxSIL+L0M5CFgPFFXokqLlcmx74g1JpWRFWt2yHi5
TL0evtQi5LFJhwtUJWm9bz7z0zii/yytQptjcV7XIKStoeKulUWWHJA1FYXKNMRq
NFw/inCo0ZlqT4jHCmgfnQ56vsTd/Whwpn2TRJMCAwEAAaOCAi4wggIqMB0GA1Ud
DgQWBBTwy321iqdccdBiEjwycIndjvp2UDAfBgNVHSMEGDAWgBQ+sXiP4iDkZDRp
LRzENwcteS14iDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1ByRjRqLUlnNUdRMGFTMGN4RGNITFhrdGVJZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGUvMjJmNTcwLTBiMjYtNDAwNC04ZWQwLWQ5NTA5NDczMDcyYy8x
LzhNdDl0WXFuWEhIUVloSThNbkNKM1k3NmRsQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGUv
MjJmNTcwLTBiMjYtNDAwNC04ZWQwLWQ5NTA5NDczMDcyYy8xL1ByRjRqLUlnNUdR
MGFTMGN4RGNITFhrdGVJZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBE
BggrBgEFBQcBBwEB/wQ1MDMwIgQCAAEwHDAMAwQCnbTkAwQCnbToMAwDBADAbC0D
BATAbCAwDQQCAAIwBwMFACoAE5wwDQYJKoZIhvcNAQELBQADggEBAA1A4obO7ov4
xyQK9cCejbymy3VC4+Dxk3Uqr1OMgmQXZOEuSswZ5FGoaujn2YchRJ+Nf8hmAKi3
M4ZH7qUbMRzLaDXg9bUMrsc2/LmoWpcdE0ANIQRSGeb2V7/FTOeu9WcKB/GOwRFh
aRTq9JqYkR8DGo997no6XUDHqjDZ75AkhcSCfiJzTPVgMblTgKyKy31cs+u8pgkB
1POmVSjSCr8smjxqX0CyVM6h2zCPUHNfd2P4quEoSsdZ1RUy0AU77r6r67YhjQ/N
smDPXucJvACMGi7FtzKhGeGC/9YV04ZC00kgSJ1Pm4vuwLZfMt7NvJN89gmoOiu6
R3B86GItGXg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:53 2024 by rpki-client on console-fra.rpki-client.org