Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/2d11bb-5e2e-4085-a34b-359b64d709b9/1/nU8BxBe07ZG_MiWyD_LikCisTgY.roa
File: nU8BxBe07ZG_MiWyD_LikCisTgY.roa (raw, json)
Hash identifier: E9qmZxVgn6/jg2mBysb59PMHYqc2lMlld+U3pP7nOWk=
Subject key identifier: 9D:4F:01:C4:17:B4:ED:91:BF:32:25:B2:0F:F2:E2:90:28:AC:4E:06
Certificate issuer: /CN=2a264605245af2019c293c3728f6a5e255d89f25
Certificate serial: 08FBB8A8
Authority key identifier: 2A:26:46:05:24:5A:F2:01:9C:29:3C:37:28:F6:A5:E2:55:D8:9F:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KiZGBSRa8gGcKTw3KPal4lXYnyU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/2d11bb-5e2e-4085-a34b-359b64d709b9/1/nU8BxBe07ZG_MiWyD_LikCisTgY.roa
Signing time: Sat 01 Jan 2022 16:10:27 +0000
ROA not before: Sat 01 Jan 2022 16:10:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61205
IP address blocks: 185.213.176.0/22 maxlen: 24
185.120.112.0/22 maxlen: 24
94.198.200.0/21 maxlen: 24
188.213.56.0/21 maxlen: 21
188.213.56.0/22 maxlen: 22
185.117.56.0/22 maxlen: 24
2a03:c2c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 150714536 (0x8fbb8a8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a264605245af2019c293c3728f6a5e255d89f25
Validity
Not Before: Jan 1 16:10:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9d4f01c417b4ed91bf3225b20ff2e29028ac4e06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:d8:9c:23:7b:e8:54:42:d5:31:24:60:4a:a1:
c5:0a:9e:7b:5a:f7:9d:4d:d6:9f:cf:16:c1:db:71:
a4:3c:9f:cc:8d:58:5f:61:df:c9:e1:7a:9f:9a:9c:
ed:5a:ea:dc:7c:6a:56:ba:31:b1:f0:06:5c:b1:44:
e6:18:22:9f:6b:cf:22:10:1e:17:38:92:c6:7f:51:
8a:c0:8d:e3:08:11:09:88:10:66:11:ec:1d:f0:2e:
a1:bc:ca:d5:f8:e4:67:c5:7a:79:6d:9c:f4:a8:56:
11:36:3a:0d:1c:79:ff:4b:9f:ba:f8:eb:04:b9:74:
27:e2:c5:b6:bb:47:e7:f1:a7:cb:69:a1:92:5d:5e:
87:cc:de:c9:9b:6c:c6:92:6d:2b:aa:30:b2:3b:7b:
5a:3a:57:bd:b6:8e:59:ad:aa:09:90:57:af:8e:66:
02:6b:7d:53:08:6b:3b:f1:42:d9:b3:06:a0:c8:55:
47:02:83:4c:cf:c2:64:2e:65:e0:43:80:0f:c4:4d:
23:91:18:56:e4:a4:d6:32:54:1e:b0:b3:10:e4:d8:
4c:7f:c2:d6:30:7c:61:b5:11:a9:10:53:58:d0:ed:
d9:58:ea:4c:ad:f9:e6:45:82:d0:d1:46:d5:b3:4f:
8e:5d:b7:f4:41:95:98:11:fc:65:6f:83:b5:f7:f5:
5e:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:4F:01:C4:17:B4:ED:91:BF:32:25:B2:0F:F2:E2:90:28:AC:4E:06
X509v3 Authority Key Identifier:
keyid:2A:26:46:05:24:5A:F2:01:9C:29:3C:37:28:F6:A5:E2:55:D8:9F:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KiZGBSRa8gGcKTw3KPal4lXYnyU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/2d11bb-5e2e-4085-a34b-359b64d709b9/1/nU8BxBe07ZG_MiWyD_LikCisTgY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/2d11bb-5e2e-4085-a34b-359b64d709b9/1/KiZGBSRa8gGcKTw3KPal4lXYnyU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.198.200.0/21
185.117.56.0/22
185.120.112.0/22
185.213.176.0/22
188.213.56.0/21
IPv6:
2a03:c2c0::/32
Signature Algorithm: sha256WithRSAEncryption
09:c1:7b:28:9d:88:f9:8f:8c:78:06:cd:e3:ff:c0:06:ed:de:
9b:7a:49:85:f4:90:15:a2:99:27:99:94:ca:aa:93:d2:4c:1d:
30:f6:3a:5c:02:48:9c:84:fd:b6:b1:d5:dc:f7:2f:49:a7:5d:
fa:9a:3a:23:9e:93:24:c6:97:40:b8:db:6e:2e:70:9b:3a:09:
09:b4:be:1b:60:1d:ad:3f:7d:62:76:89:d9:76:a6:da:83:9f:
7b:83:9e:51:25:06:ac:bf:8c:e8:c7:48:ed:5a:65:e5:41:7d:
6c:c6:2d:c9:c3:fc:47:eb:c7:3d:f9:9a:66:8b:2b:dd:98:60:
94:99:85:61:4f:61:72:c4:16:83:f0:0b:6e:0f:22:a4:f7:bb:
c4:e1:12:6a:ce:e5:55:2d:44:14:a6:97:7d:6e:1a:2e:fb:96:
bf:75:d5:05:dd:39:2b:30:96:ff:1c:06:59:13:4c:ad:7d:80:
79:d6:00:a5:46:49:5f:7a:17:73:e6:70:95:04:41:c7:1b:72:
66:b2:e0:42:d9:db:0f:fd:fb:61:23:26:e8:8e:c7:e6:fb:82:
ee:90:6a:ed:d4:d4:9b:56:18:88:d3:b1:74:ff:5c:6d:a7:03:
d1:0a:e1:47:4b:e5:e4:aa:c5:2c:84:94:eb:87:dc:95:65:c1:
90:84:b2:9f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIECPu4qDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
YTI2NDYwNTI0NWFmMjAxOWMyOTNjMzcyOGY2YTVlMjU1ZDg5ZjI1MB4XDTIyMDEw
MTE2MTAyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWQ0ZjAxYzQxN2I0
ZWQ5MWJmMzIyNWIyMGZmMmUyOTAyOGFjNGUwNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANjYnCN76FRC1TEkYEqhxQqee1r3nU3Wn88WwdtxpDyfzI1Y
X2HfyeF6n5qc7Vrq3HxqVroxsfAGXLFE5hgin2vPIhAeFziSxn9RisCN4wgRCYgQ
ZhHsHfAuobzK1fjkZ8V6eW2c9KhWETY6DRx5/0ufuvjrBLl0J+LFtrtH5/Gny2mh
kl1eh8zeyZtsxpJtK6owsjt7WjpXvbaOWa2qCZBXr45mAmt9UwhrO/FC2bMGoMhV
RwKDTM/CZC5l4EOAD8RNI5EYVuSk1jJUHrCzEOTYTH/C1jB8YbURqRBTWNDt2Vjq
TK355kWC0NFG1bNPjl239EGVmBH8ZW+Dtff1Xk0CAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBSdTwHEF7Ttkb8yJbIP8uKQKKxOBjAfBgNVHSMEGDAWgBQqJkYFJFryAZwp
PDco9qXiVdifJTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tpWkdCU1JhOGdHY0tUdzNLUGFsNGxYWW55VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWMvMmQxMWJiLTVlMmUtNDA4NS1hMzRiLTM1OWI2NGQ3MDliOS8x
L25VOEJ4QmUwN1pHX01pV3lEX0xpa0Npc1RnWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWMv
MmQxMWJiLTVlMmUtNDA4NS1hMzRiLTM1OWI2NGQ3MDliOS8xL0tpWkdCU1JhOGdH
Y0tUdzNLUGFsNGxYWW55VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBG
BggrBgEFBQcBBwEB/wQ3MDUwJAQCAAEwHgMEA17GyAMEArl1OAMEArl4cAMEArnV
sAMEA7zVODANBAIAAjAHAwUAKgPCwDANBgkqhkiG9w0BAQsFAAOCAQEACcF7KJ2I
+Y+MeAbN4//ABu3em3pJhfSQFaKZJ5mUyqqT0kwdMPY6XAJInIT9trHV3PcvSadd
+po6I56TJMaXQLjbbi5wmzoJCbS+G2AdrT99YnaJ2Xam2oOfe4OeUSUGrL+M6MdI
7Vpl5UF9bMYtycP8R+vHPfmaZosr3ZhglJmFYU9hcsQWg/ALbg8ipPe7xOESas7l
VS1EFKaXfW4aLvuWv3XVBd05KzCW/xwGWRNMrX2AedYApUZJX3oXc+ZwlQRBxxty
ZrLgQtnbD/37YSMm6I7H5vuC7pBq7dTUm1YYiNOxdP9cbacD0QrhR0vl5KrFLISU
64fclWXBkISynw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:02 2024 by rpki-client on console-ams.rpki-client.org