Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/2a72ee-ec1f-40c6-ad9d-5a4df896fc3e/1/8Zwu64UyTpzsdSbIDzdaOSvPlI4.roa
File: 8Zwu64UyTpzsdSbIDzdaOSvPlI4.roa (raw, json)
Hash identifier: XYVCcVDV40IAiONzLbLcK5a9fc3mnq/d89kHzx8wB18=
Subject key identifier: F1:9C:2E:EB:85:32:4E:9C:EC:75:26:C8:0F:37:5A:39:2B:CF:94:8E
Certificate issuer: /CN=480b4e6530f58db338e41d434e5c248eb8b49eb5
Certificate serial: 01B79B
Authority key identifier: 48:0B:4E:65:30:F5:8D:B3:38:E4:1D:43:4E:5C:24:8E:B8:B4:9E:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SAtOZTD1jbM45B1DTlwkjri0nrU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/2a72ee-ec1f-40c6-ad9d-5a4df896fc3e/1/8Zwu64UyTpzsdSbIDzdaOSvPlI4.roa
Signing time: Thu 17 Mar 2022 23:18:03 +0000
ROA not before: Thu 17 Mar 2022 23:18:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44628
IP address blocks: 91.211.176.0/24 maxlen: 24
91.211.178.0/24 maxlen: 24
91.211.179.0/24 maxlen: 24
91.237.232.0/24 maxlen: 24
195.42.136.0/23 maxlen: 23
91.237.233.0/24 maxlen: 24
91.237.234.0/24 maxlen: 24
91.237.235.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 112539 (0x1b79b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=480b4e6530f58db338e41d434e5c248eb8b49eb5
Validity
Not Before: Mar 17 23:18:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f19c2eeb85324e9cec7526c80f375a392bcf948e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:33:bd:58:f3:b8:9b:e9:0c:49:d2:84:13:aa:
4a:df:97:9c:a4:43:d6:9a:75:6f:97:25:fe:af:58:
09:70:4c:2c:e0:c8:a1:d2:1c:d6:17:be:e1:77:78:
c1:b9:52:99:91:7a:82:5a:5d:12:10:28:fb:09:18:
da:b4:39:96:e8:14:a9:95:e4:be:b1:da:35:5e:45:
2c:8a:cd:ba:8d:e7:d0:f2:71:f7:c3:70:bb:44:cf:
c0:1c:74:7f:ac:f5:70:02:40:cf:6b:fb:65:22:99:
ff:f8:cf:ca:1e:d4:1b:3c:2c:67:9e:78:d0:c6:0f:
08:0d:72:c3:75:dd:22:b1:45:40:f3:6a:18:65:26:
20:80:38:df:65:c8:13:21:e3:98:c6:f2:a2:2d:51:
98:e8:1f:c8:77:9e:d4:59:19:a8:5d:ba:54:55:98:
8c:6b:4d:48:38:b2:f7:db:03:af:28:a6:b6:9d:04:
8e:c8:c7:db:46:d4:9b:ed:d0:ed:15:55:38:f5:85:
84:9c:e0:d2:23:f3:de:b5:64:79:dc:b5:2a:61:cf:
cc:72:49:cf:12:47:a4:0a:78:ad:71:d0:87:b4:c2:
ed:ec:90:80:04:17:95:20:bc:f6:7a:16:23:5a:ed:
58:20:10:94:b6:42:6c:e3:34:b9:7c:ed:b2:53:24:
4d:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:9C:2E:EB:85:32:4E:9C:EC:75:26:C8:0F:37:5A:39:2B:CF:94:8E
X509v3 Authority Key Identifier:
keyid:48:0B:4E:65:30:F5:8D:B3:38:E4:1D:43:4E:5C:24:8E:B8:B4:9E:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAtOZTD1jbM45B1DTlwkjri0nrU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/2a72ee-ec1f-40c6-ad9d-5a4df896fc3e/1/8Zwu64UyTpzsdSbIDzdaOSvPlI4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/2a72ee-ec1f-40c6-ad9d-5a4df896fc3e/1/SAtOZTD1jbM45B1DTlwkjri0nrU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.211.176.0/24
91.211.178.0/23
91.237.232.0/22
195.42.136.0/23
Signature Algorithm: sha256WithRSAEncryption
d5:5f:eb:6b:36:c1:ff:3b:29:f9:0f:4e:6c:07:52:6a:48:77:
39:c7:59:15:a4:9c:ae:c8:a9:d1:ee:b6:3b:c3:2f:76:bb:69:
ea:30:cb:ce:b1:d8:62:75:eb:d0:0c:ef:bc:a0:9d:95:7f:62:
09:6c:0c:0c:88:4c:f4:91:1f:bd:de:7c:e0:07:08:ad:1a:3d:
ed:7a:58:86:e5:f7:b8:70:5d:33:fc:a1:d9:cd:b9:71:bc:b8:
52:c7:23:8b:d4:f3:d4:07:8a:8b:1c:47:ad:e7:ea:18:5d:a1:
12:8c:02:80:6e:51:3e:76:39:58:62:19:67:13:44:3c:c7:3e:
97:08:61:94:55:fc:8d:6f:13:be:ee:27:6b:34:00:62:3a:e1:
17:eb:d0:6b:78:7e:75:47:20:be:a4:9c:92:fe:17:2e:b9:58:
37:d5:ee:7d:7e:35:b0:b4:7b:7f:40:c5:93:8a:99:9f:06:d4:
ba:a8:58:b0:f6:1d:40:55:f1:60:15:f0:c3:ea:9a:aa:3e:a6:
9d:44:b2:22:cc:1e:5d:18:57:eb:8f:1d:5c:bd:f3:d5:3a:b7:
09:3a:fb:7c:c0:4a:aa:9a:27:07:c6:f4:5f:25:6e:ff:21:d9:
22:5d:ca:76:68:ee:f8:c4:c4:2c:92:08:13:90:da:b0:ef:12:
03:da:8d:5e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIDAbebMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDQ4
MGI0ZTY1MzBmNThkYjMzOGU0MWQ0MzRlNWMyNDhlYjhiNDllYjUwHhcNMjIwMzE3
MjMxODAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhmMTljMmVlYjg1MzI0
ZTljZWM3NTI2YzgwZjM3NWEzOTJiY2Y5NDhlMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA5zO9WPO4m+kMSdKEE6pK35ecpEPWmnVvlyX+r1gJcEws4Mih
0hzWF77hd3jBuVKZkXqCWl0SECj7CRjatDmW6BSpleS+sdo1XkUsis26jefQ8nH3
w3C7RM/AHHR/rPVwAkDPa/tlIpn/+M/KHtQbPCxnnnjQxg8IDXLDdd0isUVA82oY
ZSYggDjfZcgTIeOYxvKiLVGY6B/Id57UWRmoXbpUVZiMa01IOLL32wOvKKa2nQSO
yMfbRtSb7dDtFVU49YWEnODSI/PetWR53LUqYc/McknPEkekCnitcdCHtMLt7JCA
BBeVILz2ehYjWu1YIBCUtkJs4zS5fO2yUyRNHwIDAQABo4ICGzCCAhcwHQYDVR0O
BBYEFPGcLuuFMk6c7HUmyA83Wjkrz5SOMB8GA1UdIwQYMBaAFEgLTmUw9Y2zOOQd
Q05cJI64tJ61MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
U0F0T1pURDFqYk00NUIxRFRsd2tqcmkwbnJVLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC84Zi8yYTcyZWUtZWMxZi00MGM2LWFkOWQtNWE0ZGY4OTZmYzNlLzEv
OFp3dTY0VXlUcHpzZFNiSUR6ZGFPU3ZQbEk0LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi8y
YTcyZWUtZWMxZi00MGM2LWFkOWQtNWE0ZGY4OTZmYzNlLzEvU0F0T1pURDFqYk00
NUIxRFRsd2tqcmkwbnJVLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDEG
CCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAW9OwAwQBW9OyAwQCW+3oAwQBwyqI
MA0GCSqGSIb3DQEBCwUAA4IBAQDVX+trNsH/Oyn5D05sB1JqSHc5x1kVpJyuyKnR
7rY7wy92u2nqMMvOsdhidevQDO+8oJ2Vf2IJbAwMiEz0kR+93nzgBwitGj3teliG
5fe4cF0z/KHZzblxvLhSxyOL1PPUB4qLHEet5+oYXaESjAKAblE+djlYYhlnE0Q8
xz6XCGGUVfyNbxO+7idrNABiOuEX69BreH51RyC+pJyS/hcuuVg31e59fjWwtHt/
QMWTipmfBtS6qFiw9h1AVfFgFfDD6pqqPqadRLIizB5dGFfrjx1cvfPVOrcJOvt8
wEqqmicHxvRfJW7/IdkiXcp2aO74xMQskggTkNqw7xID2o1e
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:01 2024 by rpki-client on console-fra.rpki-client.org