Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/7f0464-226d-4f49-a270-1cd6c871c1e8/1/8iE8fbLF2M7SbPAdlntfJC9LexE.roa
File: 8iE8fbLF2M7SbPAdlntfJC9LexE.roa (raw, json)
Hash identifier: SzNWPsR/eYXoxEXMotjTxXzpg3JDoMH85nceO+b7FmI=
Subject key identifier: F2:21:3C:7D:B2:C5:D8:CE:D2:6C:F0:1D:96:7B:5F:24:2F:4B:7B:11
Certificate issuer: /CN=20d2633bffb16da2d75edaf49bc821187cfb88ef
Certificate serial: 0184A9176E68F4F53DD68F8C4D121634216A
Authority key identifier: 20:D2:63:3B:FF:B1:6D:A2:D7:5E:DA:F4:9B:C8:21:18:7C:FB:88:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/INJjO_-xbaLXXtr0m8ghGHz7iO8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/7f0464-226d-4f49-a270-1cd6c871c1e8/1/8iE8fbLF2M7SbPAdlntfJC9LexE.roa
Signing time: Thu 24 Nov 2022 10:03:15 +0000
ROA not before: Thu 24 Nov 2022 10:03:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47895
IP address blocks: 185.244.20.0/22 maxlen: 22
185.189.100.0/22 maxlen: 22
185.34.21.0/24 maxlen: 24
185.34.20.0/22 maxlen: 22
91.205.131.0/24 maxlen: 24
91.205.128.0/22 maxlen: 22
78.142.232.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:a9:17:6e:68:f4:f5:3d:d6:8f:8c:4d:12:16:34:21:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20d2633bffb16da2d75edaf49bc821187cfb88ef
Validity
Not Before: Nov 24 10:03:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f2213c7db2c5d8ced26cf01d967b5f242f4b7b11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:38:bf:83:f1:53:0f:42:48:2a:37:13:59:8b:
1b:d9:2b:89:c6:b7:6e:8f:03:9f:3b:a9:f6:b2:fd:
b7:2f:b3:c7:40:2c:ee:b2:ff:2f:aa:66:ab:37:39:
8e:29:46:fb:52:3d:07:7e:22:38:26:da:f5:f1:d3:
59:e4:b0:eb:a5:ca:c0:f4:f7:14:7e:e0:3a:27:c6:
13:3b:5b:7a:14:f4:a9:4c:c6:e2:f0:86:42:69:29:
b3:d9:67:99:d5:93:d8:e8:84:a8:7f:7f:11:bc:ce:
b2:ea:04:b3:19:c3:25:27:7f:b2:ca:f2:21:a5:b7:
2f:96:46:85:f4:36:3a:91:4a:12:53:3e:a0:96:6c:
2f:1e:c2:c5:fd:13:86:88:c4:f0:3e:4d:6b:1b:1e:
ae:93:3e:ca:0a:b1:46:a7:93:fa:12:1c:57:07:c9:
5c:88:c8:35:eb:b7:c7:50:32:60:77:09:53:df:3c:
33:10:3b:ef:a2:2c:5f:99:cf:ba:c2:08:4f:19:3f:
57:01:f2:c9:80:20:3d:8b:87:98:87:ba:35:d2:0d:
f4:da:2f:ed:bf:6d:93:71:8e:08:11:83:6f:51:6c:
16:bd:21:c7:67:00:b4:95:f8:be:e0:1a:cb:1c:cd:
1d:f6:f3:db:f1:dd:e9:81:8a:33:ec:fc:73:15:cc:
2b:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:21:3C:7D:B2:C5:D8:CE:D2:6C:F0:1D:96:7B:5F:24:2F:4B:7B:11
X509v3 Authority Key Identifier:
keyid:20:D2:63:3B:FF:B1:6D:A2:D7:5E:DA:F4:9B:C8:21:18:7C:FB:88:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/INJjO_-xbaLXXtr0m8ghGHz7iO8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/7f0464-226d-4f49-a270-1cd6c871c1e8/1/8iE8fbLF2M7SbPAdlntfJC9LexE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/7f0464-226d-4f49-a270-1cd6c871c1e8/1/INJjO_-xbaLXXtr0m8ghGHz7iO8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.142.232.0/22
91.205.128.0/22
185.34.20.0/22
185.189.100.0/22
185.244.20.0/22
Signature Algorithm: sha256WithRSAEncryption
12:fb:cc:0e:c7:2f:79:f9:b3:d1:cb:30:85:b8:60:93:12:41:
90:6e:8b:52:f6:b7:2c:2c:93:c6:ea:7d:b9:25:13:9b:65:ea:
75:fa:4a:7d:07:3d:7d:8d:2d:45:9c:6d:61:af:af:75:25:d5:
d6:f7:8e:65:e7:0a:13:06:ad:29:7e:da:0a:6a:5b:a0:d9:d2:
17:27:3a:a1:0a:82:e1:f4:d5:8f:fa:a8:83:98:2e:84:bd:fb:
47:40:f2:3f:95:54:1d:4b:64:3c:4d:21:c6:48:e9:19:b1:9e:
d3:d3:dc:dd:8d:1d:7c:90:ac:9d:3e:b9:38:ff:91:29:9e:b7:
a9:1d:7b:41:69:be:04:e1:7f:34:7a:a9:ae:73:2f:d7:fa:10:
80:86:2f:22:08:17:dd:a7:44:21:ba:2e:93:d3:30:f6:a9:ca:
2c:69:4a:43:69:7a:37:a8:5b:43:40:ba:53:28:56:19:24:45:
4f:b3:4d:e5:17:6d:57:ab:e8:96:75:f4:86:11:a1:3e:2d:17:
cb:d7:87:23:e9:6c:cc:9e:44:4e:29:79:a7:6f:07:78:0d:e0:
fd:93:4d:04:58:02:0d:fe:62:e3:f7:e9:f7:d8:e4:15:e7:34:
b0:c7:e6:d0:0b:bd:73:12:35:0d:d9:22:66:eb:05:e0:19:21:
06:c6:8e:67
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYSpF25o9PU91o+MTRIWNCFqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwZDI2MzNiZmZiMTZkYTJkNzVlZGFmNDliYzgyMTE4N2Nm
Yjg4ZWYwHhcNMjIxMTI0MTAwMzE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjIxM2M3ZGIyYzVkOGNlZDI2Y2YwMWQ5NjdiNWYyNDJmNGI3YjExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnTi/g/FTD0JIKjcTWYsb2SuJxrdu
jwOfO6n2sv23L7PHQCzusv8vqmarNzmOKUb7Uj0HfiI4Jtr18dNZ5LDrpcrA9PcU
fuA6J8YTO1t6FPSpTMbi8IZCaSmz2WeZ1ZPY6ISof38RvM6y6gSzGcMlJ3+yyvIh
pbcvlkaF9DY6kUoSUz6glmwvHsLF/ROGiMTwPk1rGx6ukz7KCrFGp5P6EhxXB8lc
iMg167fHUDJgdwlT3zwzEDvvoixfmc+6wghPGT9XAfLJgCA9i4eYh7o10g302i/t
v22TcY4IEYNvUWwWvSHHZwC0lfi+4BrLHM0d9vPb8d3pgYoz7PxzFcwrbQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFPIhPH2yxdjO0mzwHZZ7XyQvS3sRMB8GA1UdIwQY
MBaAFCDSYzv/sW2i117a9JvIIRh8+4jvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSU5Kak9fLXhiYUxYWHRyMG04Z2hHSHo3aU84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi83ZjA0NjQtMjI2ZC00ZjQ5LWEyNzAt
MWNkNmM4NzFjMWU4LzEvOGlFOGZiTEYyTTdTYlBBZGxudGZKQzlMZXhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi83ZjA0NjQtMjI2ZC00ZjQ5LWEyNzAtMWNkNmM4NzFjMWU4
LzEvSU5Kak9fLXhiYUxYWHRyMG04Z2hHSHo3aU84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCTo7oAwQC
W82AAwQCuSIUAwQCub1kAwQCufQUMA0GCSqGSIb3DQEBCwUAA4IBAQAS+8wOxy95
+bPRyzCFuGCTEkGQbotS9rcsLJPG6n25JRObZep1+kp9Bz19jS1FnG1hr691JdXW
945l5woTBq0pftoKalug2dIXJzqhCoLh9NWP+qiDmC6EvftHQPI/lVQdS2Q8TSHG
SOkZsZ7T09zdjR18kKydPrk4/5EpnrepHXtBab4E4X80eqmucy/X+hCAhi8iCBfd
p0Qhui6T0zD2qcosaUpDaXo3qFtDQLpTKFYZJEVPs03lF21Xq+iWdfSGEaE+LRfL
14cj6WzMnkROKXmnbwd4DeD9k00EWAIN/mLj9+n32OQV5zSwx+bQC71zEjUN2SJm
6wXgGSEGxo5n
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:10 2023 by rpki-client on console-ams.rpki-client.org