Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/360a9d-b121-45ae-830d-066b63237d85/1/0P8nyJXjxFuXUnOlxkrHZdgoNT4.roa
File: 0P8nyJXjxFuXUnOlxkrHZdgoNT4.roa (raw, json)
Hash identifier: txPqnnFkd7RYpXkyhbG3cBXeS6VsB1bX1cNWizUEBKo=
Subject key identifier: D0:FF:27:C8:95:E3:C4:5B:97:52:73:A5:C6:4A:C7:65:D8:28:35:3E
Certificate issuer: /CN=73189d26bae7f85cb4e06ab5ab536de5a80c16a1
Certificate serial: 17D71FF7
Authority key identifier: 73:18:9D:26:BA:E7:F8:5C:B4:E0:6A:B5:AB:53:6D:E5:A8:0C:16:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cxidJrrn-Fy04Gq1q1Nt5agMFqE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/360a9d-b121-45ae-830d-066b63237d85/1/0P8nyJXjxFuXUnOlxkrHZdgoNT4.roa
Signing time: Thu 24 Mar 2022 09:31:42 +0000
ROA not before: Thu 24 Mar 2022 09:31:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60876
IP address blocks: 185.24.168.0/22 maxlen: 24
85.204.120.0/23 maxlen: 24
85.204.132.0/23 maxlen: 24
85.204.136.0/23 maxlen: 24
212.237.96.0/20 maxlen: 24
85.204.194.0/23 maxlen: 24
195.192.248.0/23 maxlen: 24
185.166.120.0/22 maxlen: 24
2a00:7660::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 399974391 (0x17d71ff7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=73189d26bae7f85cb4e06ab5ab536de5a80c16a1
Validity
Not Before: Mar 24 09:31:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d0ff27c895e3c45b975273a5c64ac765d828353e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:49:22:e0:7c:bd:ba:9b:08:c1:39:79:65:df:
e0:e4:cc:7a:87:49:0e:d6:2f:6c:60:e3:50:5b:a8:
04:e7:4a:06:88:44:e0:d2:55:f8:51:05:5c:4b:e7:
79:31:c5:7b:2c:52:a7:58:10:8b:00:fc:c3:37:98:
55:89:59:60:99:ba:a2:0d:e2:94:de:62:9f:3b:aa:
4a:f5:4a:e7:33:26:e0:59:cf:ff:c9:8b:0a:64:0d:
5d:6a:b3:b4:09:ec:76:80:45:fd:a8:85:61:dc:3d:
5a:e4:02:63:2d:39:d9:fb:65:17:fb:0f:ec:3b:e4:
ec:40:cf:65:e5:2a:86:eb:cf:7a:c7:bf:91:b0:28:
46:a5:fb:69:bf:64:b0:9c:fb:5b:d7:33:16:dc:05:
e4:c4:f0:c3:ca:46:94:43:66:7d:e3:c8:12:5f:9c:
f9:48:a2:92:cb:9d:c0:9a:47:fc:aa:90:c1:75:ef:
40:12:ae:f1:db:8f:3a:bc:bb:9a:33:fc:93:98:6e:
3e:4e:62:fb:bf:6c:59:ff:6c:cd:69:8c:b0:c9:e2:
2e:6d:54:97:9f:f8:44:3c:51:9e:c4:3b:9f:58:5a:
44:67:03:99:db:04:16:0e:50:2e:20:24:25:7b:55:
32:d6:8a:28:d3:2e:d2:ff:e2:43:87:22:7e:6a:45:
eb:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:FF:27:C8:95:E3:C4:5B:97:52:73:A5:C6:4A:C7:65:D8:28:35:3E
X509v3 Authority Key Identifier:
keyid:73:18:9D:26:BA:E7:F8:5C:B4:E0:6A:B5:AB:53:6D:E5:A8:0C:16:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cxidJrrn-Fy04Gq1q1Nt5agMFqE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/360a9d-b121-45ae-830d-066b63237d85/1/0P8nyJXjxFuXUnOlxkrHZdgoNT4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/360a9d-b121-45ae-830d-066b63237d85/1/cxidJrrn-Fy04Gq1q1Nt5agMFqE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.120.0/23
85.204.132.0/23
85.204.136.0/23
85.204.194.0/23
185.24.168.0/22
185.166.120.0/22
195.192.248.0/23
212.237.96.0/20
IPv6:
2a00:7660::/29
Signature Algorithm: sha256WithRSAEncryption
1f:dc:f9:ba:b5:75:ba:44:26:a8:05:f3:51:a8:48:82:5e:3a:
d6:a7:33:47:89:ba:17:58:cb:2c:06:0c:87:42:69:ed:1a:0c:
a5:8a:ce:7d:47:c5:d4:59:55:a6:b1:15:fc:1c:9b:bd:5b:80:
ea:04:1f:e3:ac:bb:45:d0:78:ab:2b:5d:1f:8b:12:da:92:0b:
0c:05:f4:c8:82:ba:11:81:d6:8c:ad:fe:45:1b:a7:7e:70:5a:
95:c3:da:b9:5d:96:9b:08:f0:69:b3:fa:6c:50:20:66:01:e9:
70:43:34:57:f1:12:cc:60:c5:d1:9d:95:07:30:11:01:2d:de:
41:29:5d:88:38:61:3f:ea:c6:06:57:30:7a:2f:63:1b:e5:c0:
20:3a:1e:09:75:7f:5b:5e:fc:51:b9:dc:c8:01:bb:28:20:4c:
57:82:f5:10:f3:cf:94:8e:dd:2c:fc:b6:bb:00:47:db:e3:b8:
a9:ee:d5:89:16:f6:f0:17:db:46:65:45:d2:88:5d:55:c6:61:
01:c6:c4:7e:d5:0e:ac:2f:ed:ed:c1:b7:f3:51:61:f8:93:38:
5d:ed:01:54:8b:42:f6:88:f6:ac:1d:17:af:8e:c7:a4:bb:54:
8e:f5:b8:7d:dd:55:84:0b:71:cc:70:d9:ee:ac:d5:0f:ff:29:
57:1c:d9:08
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIEF9cf9zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MzE4OWQyNmJhZTdmODVjYjRlMDZhYjVhYjUzNmRlNWE4MGMxNmExMB4XDTIyMDMy
NDA5MzE0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDBmZjI3Yzg5NWUz
YzQ1Yjk3NTI3M2E1YzY0YWM3NjVkODI4MzUzZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANhJIuB8vbqbCME5eWXf4OTMeodJDtYvbGDjUFuoBOdKBohE
4NJV+FEFXEvneTHFeyxSp1gQiwD8wzeYVYlZYJm6og3ilN5inzuqSvVK5zMm4FnP
/8mLCmQNXWqztAnsdoBF/aiFYdw9WuQCYy052ftlF/sP7Dvk7EDPZeUqhuvPese/
kbAoRqX7ab9ksJz7W9czFtwF5MTww8pGlENmfePIEl+c+UiiksudwJpH/KqQwXXv
QBKu8duPOry7mjP8k5huPk5i+79sWf9szWmMsMniLm1Ul5/4RDxRnsQ7n1haRGcD
mdsEFg5QLiAkJXtVMtaKKNMu0v/iQ4cifmpF6w8CAwEAAaOCAkIwggI+MB0GA1Ud
DgQWBBTQ/yfIlePEW5dSc6XGSsdl2Cg1PjAfBgNVHSMEGDAWgBRzGJ0muuf4XLTg
arWrU23lqAwWoTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2N4aWRKcnJuLUZ5MDRHcTFxMU50NWFnTUZxRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWIvMzYwYTlkLWIxMjEtNDVhZS04MzBkLTA2NmI2MzIzN2Q4NS8x
LzBQOG55SlhqeEZ1WFVuT2x4a3JIWmRnb05UNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWIv
MzYwYTlkLWIxMjEtNDVhZS04MzBkLTA2NmI2MzIzN2Q4NS8xL2N4aWRKcnJuLUZ5
MDRHcTFxMU50NWFnTUZxRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBY
BggrBgEFBQcBBwEB/wRJMEcwNgQCAAEwMAMEAVXMeAMEAVXMhAMEAVXMiAMEAVXM
wgMEArkYqAMEArmmeAMEAcPA+AMEBNTtYDANBAIAAjAHAwUDKgB2YDANBgkqhkiG
9w0BAQsFAAOCAQEAH9z5urV1ukQmqAXzUahIgl461qczR4m6F1jLLAYMh0Jp7RoM
pYrOfUfF1FlVprEV/BybvVuA6gQf46y7RdB4qytdH4sS2pILDAX0yIK6EYHWjK3+
RRunfnBalcPauV2WmwjwabP6bFAgZgHpcEM0V/ESzGDF0Z2VBzARAS3eQSldiDhh
P+rGBlcwei9jG+XAIDoeCXV/W178UbncyAG7KCBMV4L1EPPPlI7dLPy2uwBH2+O4
qe7ViRb28BfbRmVF0ohdVcZhAcbEftUOrC/t7cG381Fh+JM4Xe0BVItC9oj2rB0X
r47HpLtUjvW4fd1VhAtxzHDZ7qzVD/8pVxzZCA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:56 2023 by rpki-client on console-fra.rpki-client.org