Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/a72891-de2f-4156-a011-43f64bcea99d/1/8kf2i9MuVJwdfxTKhcGKOZJbL6w.roa
File: 8kf2i9MuVJwdfxTKhcGKOZJbL6w.roa (raw, json)
Hash identifier: noSkfoi/2ZVIf9Tmpg0aqhmshoSLpTLuh9sOt1hxIWA=
Subject key identifier: F2:47:F6:8B:D3:2E:54:9C:1D:7F:14:CA:85:C1:8A:39:92:5B:2F:AC
Certificate issuer: /CN=0bac82804700ad36538bf86f34c073e971430da5
Certificate serial: 182E40C5
Authority key identifier: 0B:AC:82:80:47:00:AD:36:53:8B:F8:6F:34:C0:73:E9:71:43:0D:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C6yCgEcArTZTi_hvNMBz6XFDDaU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/a72891-de2f-4156-a011-43f64bcea99d/1/8kf2i9MuVJwdfxTKhcGKOZJbL6w.roa
Signing time: Sat 01 Jan 2022 04:52:45 +0000
ROA not before: Sat 01 Jan 2022 04:52:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57021
IP address blocks: 194.58.200.0/24 maxlen: 24
194.58.204.0/24 maxlen: 24
194.58.203.0/24 maxlen: 24
194.58.202.0/24 maxlen: 24
194.58.206.0/24 maxlen: 24
194.58.205.0/24 maxlen: 24
194.58.207.0/24 maxlen: 24
2a01:3f7:6::/48 maxlen: 48
2a01:3f7::/48 maxlen: 48
2a01:3f7:5::/48 maxlen: 48
2a01:3f7:4::/48 maxlen: 48
2a01:3f7:3::/48 maxlen: 48
2a01:3f7:2::/48 maxlen: 48
2a01:3f7:7::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 405684421 (0x182e40c5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0bac82804700ad36538bf86f34c073e971430da5
Validity
Not Before: Jan 1 04:52:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f247f68bd32e549c1d7f14ca85c18a39925b2fac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:cd:ab:81:89:2f:1d:99:44:ae:b6:1d:9c:c2:
19:0b:cf:7e:e3:48:a3:cb:10:e5:a9:0d:d7:3e:c2:
d7:66:40:83:29:25:c8:36:e0:d8:98:20:51:9f:b3:
7d:09:e9:2b:de:9c:f3:ed:a7:52:3d:b1:c9:d9:a4:
3b:1b:21:b9:9c:88:a1:6b:98:92:7f:f1:f3:87:cf:
65:e3:69:27:35:b9:72:4f:9f:30:a4:f9:a2:82:7e:
8e:a3:c7:51:c5:b4:5f:ae:46:b9:e9:2a:55:4e:e1:
67:93:6a:d9:52:6d:ff:a2:49:32:04:a6:5c:9c:70:
ad:84:5b:27:e5:e4:c7:21:ff:8a:e2:a1:49:b0:39:
91:2b:b4:6e:c5:6d:88:d3:5e:c6:7e:df:ba:5c:8b:
02:f8:05:82:f6:3b:b3:76:0c:14:67:1d:e1:3b:74:
08:5c:54:85:af:d9:0d:48:0b:f3:fb:60:45:35:96:
a3:94:39:8a:52:df:ad:6d:ee:83:2d:13:cb:d6:2d:
15:1c:40:0b:98:38:ae:4b:83:45:e6:d3:f9:2c:5c:
05:7a:db:a0:5b:f5:7b:2c:0e:97:f7:03:03:6a:03:
81:80:58:c9:79:5e:48:60:98:da:ab:78:a8:0b:17:
42:6b:26:2a:c0:b2:0c:be:8b:28:eb:04:d1:3a:2c:
9a:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:47:F6:8B:D3:2E:54:9C:1D:7F:14:CA:85:C1:8A:39:92:5B:2F:AC
X509v3 Authority Key Identifier:
keyid:0B:AC:82:80:47:00:AD:36:53:8B:F8:6F:34:C0:73:E9:71:43:0D:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C6yCgEcArTZTi_hvNMBz6XFDDaU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/a72891-de2f-4156-a011-43f64bcea99d/1/8kf2i9MuVJwdfxTKhcGKOZJbL6w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/a72891-de2f-4156-a011-43f64bcea99d/1/C6yCgEcArTZTi_hvNMBz6XFDDaU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.58.200.0/24
194.58.202.0-194.58.207.255
IPv6:
2a01:3f7::/48
2a01:3f7:2::-2a01:3f7:7:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
14:f0:95:24:8a:52:46:aa:99:24:d0:06:6e:8d:41:ce:6f:67:
dc:af:c5:ee:cb:cf:92:55:b8:86:e5:29:7f:08:9e:cb:7c:39:
c0:4b:92:d7:e9:3c:a5:0a:17:c4:8b:cd:55:b9:3e:0d:b9:6d:
8b:fe:70:27:b7:8f:c6:84:d1:0c:fc:27:dd:73:38:cc:86:00:
77:5b:36:6e:48:6f:9e:9e:ee:b5:f4:c5:df:96:97:ba:91:24:
2f:89:74:44:17:ad:b4:d2:68:0f:bc:2e:bb:46:b6:8e:ed:9d:
fb:0d:91:ff:90:cf:ed:74:6d:73:32:9b:cc:8f:cb:52:83:eb:
46:c6:1b:46:02:be:cd:91:3c:b1:58:fd:97:cf:4f:f3:a0:e7:
86:ad:15:6e:da:67:6e:72:db:8e:11:a5:9a:b2:46:47:4c:2e:
89:4d:d9:2a:77:3f:c5:4b:d5:1d:f9:6d:0c:a5:9a:bc:64:3d:
1a:f9:89:50:f4:aa:50:f9:b3:61:be:3f:bd:c1:df:f1:dd:dd:
76:40:d4:4e:2c:fc:17:2d:23:73:10:8b:c8:e9:11:46:c1:c2:
25:40:6d:83:02:d7:fb:73:6f:0e:2f:b7:db:81:4e:e5:c5:ec:
72:d7:b3:1f:d9:ac:f6:b4:0f:76:84:35:3c:47:0e:6c:0f:90:
f0:97:3c:d5
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgIEGC5AxTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
YmFjODI4MDQ3MDBhZDM2NTM4YmY4NmYzNGMwNzNlOTcxNDMwZGE1MB4XDTIyMDEw
MTA0NTI0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjI0N2Y2OGJkMzJl
NTQ5YzFkN2YxNGNhODVjMThhMzk5MjViMmZhYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMDNq4GJLx2ZRK62HZzCGQvPfuNIo8sQ5akN1z7C12ZAgykl
yDbg2JggUZ+zfQnpK96c8+2nUj2xydmkOxshuZyIoWuYkn/x84fPZeNpJzW5ck+f
MKT5ooJ+jqPHUcW0X65GuekqVU7hZ5Nq2VJt/6JJMgSmXJxwrYRbJ+XkxyH/iuKh
SbA5kSu0bsVtiNNexn7fulyLAvgFgvY7s3YMFGcd4Tt0CFxUha/ZDUgL8/tgRTWW
o5Q5ilLfrW3ugy0Ty9YtFRxAC5g4rkuDRebT+SxcBXrboFv1eywOl/cDA2oDgYBY
yXleSGCY2qt4qAsXQmsmKsCyDL6LKOsE0TosmqcCAwEAAaOCAjwwggI4MB0GA1Ud
DgQWBBTyR/aL0y5UnB1/FMqFwYo5klsvrDAfBgNVHSMEGDAWgBQLrIKARwCtNlOL
+G80wHPpcUMNpTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0M2eUNnRWNBclRaVGlfaHZOTUJ6NlhGRERhVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWEvYTcyODkxLWRlMmYtNDE1Ni1hMDExLTQzZjY0YmNlYTk5ZC8x
LzhrZjJpOU11Vkp3ZGZ4VEtoY0dLT1pKYkw2dy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWEv
YTcyODkxLWRlMmYtNDE1Ni1hMDExLTQzZjY0YmNlYTk5ZC8xL0M2eUNnRWNBclRa
VGlfaHZOTUJ6NlhGRERhVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBS
BggrBgEFBQcBBwEB/wRDMEEwGgQCAAEwFAMEAMI6yDAMAwQBwjrKAwQEwjrAMCME
AgACMB0DBwAqAQP3AAAwEgMHASoBA/cAAgMHAyoBA/cAADANBgkqhkiG9w0BAQsF
AAOCAQEAFPCVJIpSRqqZJNAGbo1Bzm9n3K/F7svPklW4huUpfwiey3w5wEuS1+k8
pQoXxIvNVbk+Dblti/5wJ7ePxoTRDPwn3XM4zIYAd1s2bkhvnp7utfTF35aXupEk
L4l0RBettNJoD7wuu0a2ju2d+w2R/5DP7XRtczKbzI/LUoPrRsYbRgK+zZE8sVj9
l89P86Dnhq0VbtpnbnLbjhGlmrJGR0wuiU3ZKnc/xUvVHfltDKWavGQ9GvmJUPSq
UPmzYb4/vcHf8d3ddkDUTiz8Fy0jcxCLyOkRRsHCJUBtgwLX+3NvDi+324FO5cXs
ctezH9ms9rQPdoQ1PEcObA+Q8Jc81Q==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:40 2023 by rpki-client on console-ams.rpki-client.org