Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/8NN1axnpUqJB56URhRY-AAqyZ8g.roa
File: 8NN1axnpUqJB56URhRY-AAqyZ8g.roa (raw, json)
Hash identifier: rzkbQq/j6dw8yvFtG+EfKnLf0//pYXBBe53zJ7GK7Zk=
Subject key identifier: F0:D3:75:6B:19:E9:52:A2:41:E7:A5:11:85:16:3E:00:0A:B2:67:C8
Certificate issuer: /CN=f51369ccbf86b1e84e1aeb46e6d336d39f752ae7
Certificate serial: 01844632E095AF24A3226B845956E94548B2
Authority key identifier: F5:13:69:CC:BF:86:B1:E8:4E:1A:EB:46:E6:D3:36:D3:9F:75:2A:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/8NN1axnpUqJB56URhRY-AAqyZ8g.roa
Signing time: Sat 05 Nov 2022 05:10:50 +0000
ROA not before: Sat 05 Nov 2022 05:10:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20857
IP address blocks: 188.240.52.0/22 maxlen: 22
93.119.0.0/20 maxlen: 20
84.247.8.0/21 maxlen: 21
195.8.195.0/24 maxlen: 24
85.10.128.0/19 maxlen: 19
89.41.168.0/22 maxlen: 22
87.253.128.0/19 maxlen: 19
31.14.96.0/22 maxlen: 22
185.10.48.0/22 maxlen: 22
77.72.144.0/21 maxlen: 21
95.170.64.0/19 maxlen: 19
80.69.64.0/19 maxlen: 19
195.135.195.0/24 maxlen: 24
185.108.112.0/22 maxlen: 22
37.97.128.0/17 maxlen: 17
86.105.244.0/22 maxlen: 22
188.241.148.0/22 maxlen: 22
149.210.128.0/17 maxlen: 24
141.138.136.0/21 maxlen: 21
37.34.56.0/21 maxlen: 21
2a01:7c8::/32 maxlen: 32
2a01:7c8:7000::/36 maxlen: 36
2a01:7c8:d000::/36 maxlen: 36
2a01:7c8:e000::/36 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:46:32:e0:95:af:24:a3:22:6b:84:59:56:e9:45:48:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f51369ccbf86b1e84e1aeb46e6d336d39f752ae7
Validity
Not Before: Nov 5 05:10:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f0d3756b19e952a241e7a51185163e000ab267c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:03:72:3a:0e:58:9a:5b:92:1e:87:61:73:34:
58:e0:bd:ef:c0:66:34:14:58:8c:1f:e5:68:2c:b5:
11:5b:51:d2:7a:c1:51:7e:c9:8e:bb:98:8b:cd:d4:
d4:28:13:8b:b5:d5:7c:1a:b8:68:62:5b:2c:84:ba:
e5:2f:1c:cb:e9:16:53:cb:65:ba:84:de:16:54:9d:
73:e4:3c:d9:ce:c2:4d:07:0d:6c:4e:ab:f6:66:5b:
f8:94:f0:c6:c6:47:98:88:f5:3f:c2:f8:c0:a8:cf:
8d:c3:d9:36:67:df:5b:57:ff:38:1c:f0:78:5a:10:
c0:d6:aa:12:a5:a0:bf:f0:ec:6c:6e:00:72:54:ae:
96:0a:04:27:65:4a:4e:88:eb:28:a1:c0:25:e2:31:
75:b7:ce:2a:e0:69:57:84:eb:36:3a:31:75:50:59:
a6:4c:2a:ac:97:f0:11:47:2f:5f:d9:91:e5:2a:09:
32:80:7a:aa:13:66:0a:4d:88:88:dd:71:d2:cd:d9:
e1:b9:5c:8d:d4:7d:b8:34:4f:1f:18:2e:03:9d:d9:
1e:57:d0:79:ec:2b:cb:97:ec:d5:cf:ea:d8:07:72:
7c:66:55:1b:7b:9b:6b:05:9f:c5:d3:73:73:70:04:
c2:c0:1b:d3:bb:67:a3:68:43:74:5c:ff:de:ba:16:
45:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:D3:75:6B:19:E9:52:A2:41:E7:A5:11:85:16:3E:00:0A:B2:67:C8
X509v3 Authority Key Identifier:
keyid:F5:13:69:CC:BF:86:B1:E8:4E:1A:EB:46:E6:D3:36:D3:9F:75:2A:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/8NN1axnpUqJB56URhRY-AAqyZ8g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/9RNpzL-GsehOGutG5tM20591Kuc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.96.0/22
37.34.56.0/21
37.97.128.0/17
77.72.144.0/21
80.69.64.0/19
84.247.8.0/21
85.10.128.0/19
86.105.244.0/22
87.253.128.0/19
89.41.168.0/22
93.119.0.0/20
95.170.64.0/19
141.138.136.0/21
149.210.128.0/17
185.10.48.0/22
185.108.112.0/22
188.240.52.0/22
188.241.148.0/22
195.8.195.0/24
195.135.195.0/24
IPv6:
2a01:7c8::/32
Signature Algorithm: sha256WithRSAEncryption
cc:fe:e3:5e:3c:da:26:16:93:df:ad:20:ec:fb:98:67:79:47:
a0:8d:35:8c:21:a0:24:83:7d:35:b3:71:c5:32:ce:db:0d:aa:
64:2e:9d:4d:f5:e1:cb:6a:19:ad:b9:2b:cb:b2:12:e4:aa:58:
88:86:ef:92:a0:42:57:6c:f4:d3:ef:ac:f7:8b:74:a0:b1:02:
f9:e4:8b:72:80:71:aa:91:97:96:dc:b9:c4:da:e5:f8:c1:5a:
34:17:18:3f:60:66:f6:78:b7:70:4a:61:94:28:cb:7a:4c:b9:
9c:b3:5f:ac:fc:45:1f:52:e6:07:67:12:ea:32:36:4f:ec:b9:
ec:49:75:67:4d:b9:23:56:59:5e:16:b4:ce:54:a3:2f:b4:6b:
15:37:d1:b1:c0:f3:35:cb:05:c9:17:30:8d:ac:30:22:81:b0:
a1:d5:4e:e8:d7:68:3b:53:6b:1f:d3:0f:02:c3:7b:67:e1:60:
ee:1e:0e:bf:fc:ad:99:37:9b:16:7a:2e:1e:a1:48:19:bf:bd:
71:c0:a1:99:9f:4c:b4:be:e5:b2:a7:46:61:d9:a0:58:6b:18:
3b:38:b7:89:de:29:f0:f4:1a:ef:f0:e5:61:cc:9f:2e:8e:df:
3c:98:7d:7b:4c:eb:05:2d:18:c9:85:01:ac:6e:64:4b:9b:1f:
27:fe:57:1d
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgISAYRGMuCVrySjImuEWVbpRUiyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1MTM2OWNjYmY4NmIxZTg0ZTFhZWI0NmU2ZDMzNmQzOWY3
NTJhZTcwHhcNMjIxMTA1MDUxMDUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMGQzNzU2YjE5ZTk1MmEyNDFlN2E1MTE4NTE2M2UwMDBhYjI2N2M4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmwNyOg5YmluSHodhczRY4L3vwGY0
FFiMH+VoLLURW1HSesFRfsmOu5iLzdTUKBOLtdV8GrhoYlsshLrlLxzL6RZTy2W6
hN4WVJ1z5DzZzsJNBw1sTqv2Zlv4lPDGxkeYiPU/wvjAqM+Nw9k2Z99bV/84HPB4
WhDA1qoSpaC/8OxsbgByVK6WCgQnZUpOiOsoocAl4jF1t84q4GlXhOs2OjF1UFmm
TCqsl/ARRy9f2ZHlKgkygHqqE2YKTYiI3XHSzdnhuVyN1H24NE8fGC4DndkeV9B5
7CvLl+zVz+rYB3J8ZlUbe5trBZ/F03NzcATCwBvTu2ejaEN0XP/euhZFiwIDAQAB
o4ICjTCCAokwHQYDVR0OBBYEFPDTdWsZ6VKiQeelEYUWPgAKsmfIMB8GA1UdIwQY
MBaAFPUTacy/hrHoThrrRubTNtOfdSrnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVJOcHpMLUdzZWhPR3V0RzV0TTIwNTkxS3VjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi8yZDViZGYtNTI2NS00OWI4LThhZmUt
MmI5MjBiZGUzOTkwLzEvOE5OMWF4bnBVcUpCNTZVUmhSWS1BQXF5WjhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi8yZDViZGYtNTI2NS00OWI4LThhZmUtMmI5MjBiZGUzOTkw
LzEvOVJOcHpMLUdzZWhPR3V0RzV0TTIwNTkxS3VjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGiBggrBgEFBQcBBwEB/wSBkjCBjzB+BAIAATB4AwQCHw5g
AwQDJSI4AwQHJWGAAwQDTUiQAwQFUEVAAwQDVPcIAwQFVQqAAwQCVmn0AwQFV/2A
AwQCWSmoAwQEXXcAAwQFX6pAAwQDjYqIAwQHldKAAwQCuQowAwQCuWxwAwQCvPA0
AwQCvPGUAwQAwwjDAwQAw4fDMA0EAgACMAcDBQAqAQfIMA0GCSqGSIb3DQEBCwUA
A4IBAQDM/uNePNomFpPfrSDs+5hneUegjTWMIaAkg301s3HFMs7bDapkLp1N9eHL
ahmtuSvLshLkqliIhu+SoEJXbPTT76z3i3SgsQL55ItygHGqkZeW3LnE2uX4wVo0
Fxg/YGb2eLdwSmGUKMt6TLmcs1+s/EUfUuYHZxLqMjZP7LnsSXVnTbkjVlleFrTO
VKMvtGsVN9GxwPM1ywXJFzCNrDAigbCh1U7o12g7U2sf0w8Cw3tn4WDuHg6//K2Z
N5sWei4eoUgZv71xwKGZn0y0vuWyp0Zh2aBYaxg7OLeJ3inw9Brv8OVhzJ8ujt88
mH17TOsFLRjJhQGsbmRLmx8n/lcd
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:01 2024 by rpki-client on console-fra.rpki-client.org