Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/4b2e49-f667-494a-afe9-6df3e4a4eeb1/1/t7soR0aSXHv3H23NvojY8e8wt8w.roa
File: t7soR0aSXHv3H23NvojY8e8wt8w.roa (raw, json)
Hash identifier: nfJaPt9qtTQq/HBKbSV3tzCweL4yMTsUVFD1aP03z/0=
Subject key identifier: B7:BB:28:47:46:92:5C:7B:F7:1F:6D:CD:BE:88:D8:F1:EF:30:B7:CC
Certificate issuer: /CN=8324c5df19789d5259104e0ae0dcd4672a8e2bab
Certificate serial: 0DC4218C
Authority key identifier: 83:24:C5:DF:19:78:9D:52:59:10:4E:0A:E0:DC:D4:67:2A:8E:2B:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gyTF3xl4nVJZEE4K4NzUZyqOK6s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/4b2e49-f667-494a-afe9-6df3e4a4eeb1/1/t7soR0aSXHv3H23NvojY8e8wt8w.roa
Signing time: Fri 25 Mar 2022 12:08:11 +0000
ROA not before: Fri 25 Mar 2022 12:08:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8680
IP address blocks: 93.191.206.0/23 maxlen: 23
93.191.202.0/23 maxlen: 23
93.191.200.0/22 maxlen: 22
93.191.200.0/21 maxlen: 24
93.191.204.0/23 maxlen: 23
93.191.200.0/23 maxlen: 23
185.48.60.0/22 maxlen: 24
46.254.248.0/21 maxlen: 24
83.137.248.0/21 maxlen: 24
5.42.128.0/21 maxlen: 24
2a01:94a0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 230957452 (0xdc4218c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8324c5df19789d5259104e0ae0dcd4672a8e2bab
Validity
Not Before: Mar 25 12:08:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b7bb284746925c7bf71f6dcdbe88d8f1ef30b7cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:85:da:7e:6b:b2:4a:04:a2:56:c5:7c:74:4f:
a5:b5:34:14:36:00:ba:fe:27:39:78:b4:df:69:2d:
1f:cd:be:b6:14:2f:14:04:67:bd:0a:45:4f:8e:61:
d0:7b:df:80:97:9e:94:d9:ed:57:7b:cd:8e:16:2b:
37:18:fc:fc:e4:0a:e3:b8:9d:22:63:92:d2:1b:af:
db:ce:39:30:1a:3c:97:72:11:21:3e:69:bc:d2:66:
09:39:e9:a9:69:52:1d:ed:d3:32:8b:16:a4:11:76:
ee:d4:a9:e4:aa:98:59:b2:53:87:cb:a9:d3:fb:e5:
a8:bd:20:f5:8f:f2:d9:6c:44:72:79:9e:df:ea:75:
13:c6:35:db:69:5b:38:8c:81:1b:bd:ac:62:bf:10:
fb:6b:b0:1b:a9:38:87:ad:e4:cd:c4:6e:77:f0:4c:
ef:d8:cb:ea:c5:81:34:20:b5:4d:6e:9d:d3:8f:ab:
13:18:8c:16:a0:67:78:26:66:de:d1:7b:7c:bd:17:
36:18:2b:77:bc:35:64:b9:19:45:90:e1:3a:d6:cd:
8a:5c:58:fc:c6:b4:45:27:05:c0:82:cc:20:44:81:
15:a5:a1:5b:4a:c5:0e:02:62:b0:0a:f2:81:a6:23:
a3:6e:f5:54:46:61:85:aa:9e:ef:a1:05:64:44:fb:
95:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:BB:28:47:46:92:5C:7B:F7:1F:6D:CD:BE:88:D8:F1:EF:30:B7:CC
X509v3 Authority Key Identifier:
keyid:83:24:C5:DF:19:78:9D:52:59:10:4E:0A:E0:DC:D4:67:2A:8E:2B:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gyTF3xl4nVJZEE4K4NzUZyqOK6s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/4b2e49-f667-494a-afe9-6df3e4a4eeb1/1/t7soR0aSXHv3H23NvojY8e8wt8w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/4b2e49-f667-494a-afe9-6df3e4a4eeb1/1/gyTF3xl4nVJZEE4K4NzUZyqOK6s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.42.128.0/21
46.254.248.0/21
83.137.248.0/21
93.191.200.0/21
185.48.60.0/22
IPv6:
2a01:94a0::/32
Signature Algorithm: sha256WithRSAEncryption
1a:ae:72:30:2a:c3:cc:ab:cc:04:74:98:ba:3c:6d:1e:1d:2a:
65:ff:91:6c:04:cb:b9:8a:c4:19:45:18:20:6f:b0:0c:5b:f4:
76:38:c0:81:77:9c:de:13:1a:10:78:c9:02:03:6a:88:6b:14:
73:6f:a3:e4:9d:38:d8:0a:3a:c2:e6:0b:1c:c8:e8:78:6f:13:
bf:3b:82:6d:bb:ea:88:63:f2:21:c3:82:7d:2f:2f:73:12:81:
b2:3e:b9:e7:6e:ea:f2:a7:83:4d:a0:36:be:80:dc:d2:88:99:
6f:a0:17:f9:cf:3b:14:7d:1d:9d:6e:5e:fe:42:cb:95:a1:a4:
f5:06:76:74:06:a5:6b:d6:0e:94:60:5a:fe:55:7a:f8:c9:b7:
a3:6a:2e:fa:35:fb:d6:03:c8:79:16:e1:bc:30:29:03:f8:2f:
fa:4b:61:ab:94:ec:45:16:74:37:68:f8:61:89:ac:2e:e3:c3:
65:31:ef:fb:e8:81:f1:97:14:38:57:f5:6a:52:6d:d0:8e:83:
ac:72:a2:64:65:6a:86:46:ab:9b:ad:c5:ec:f7:c0:52:7f:89:
a4:34:46:67:41:84:12:ac:f0:88:bd:ea:fe:9d:be:ef:12:d8:
9c:77:3b:75:5f:5e:f0:6f:19:74:6f:ce:6c:91:cf:ce:1b:d8:
6e:68:37:b8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIEDcQhjDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MzI0YzVkZjE5Nzg5ZDUyNTkxMDRlMGFlMGRjZDQ2NzJhOGUyYmFiMB4XDTIyMDMy
NTEyMDgxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjdiYjI4NDc0Njky
NWM3YmY3MWY2ZGNkYmU4OGQ4ZjFlZjMwYjdjYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALqF2n5rskoEolbFfHRPpbU0FDYAuv4nOXi032ktH82+thQv
FARnvQpFT45h0HvfgJeelNntV3vNjhYrNxj8/OQK47idImOS0huv2845MBo8l3IR
IT5pvNJmCTnpqWlSHe3TMosWpBF27tSp5KqYWbJTh8up0/vlqL0g9Y/y2WxEcnme
3+p1E8Y122lbOIyBG72sYr8Q+2uwG6k4h63kzcRud/BM79jL6sWBNCC1TW6d04+r
ExiMFqBneCZm3tF7fL0XNhgrd7w1ZLkZRZDhOtbNilxY/Ma0RScFwILMIESBFaWh
W0rFDgJisArygaYjo271VEZhhaqe76EFZET7lUUCAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBS3uyhHRpJce/cfbc2+iNjx7zC3zDAfBgNVHSMEGDAWgBSDJMXfGXidUlkQ
Tgrg3NRnKo4rqzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2d5VEYzeGw0blZKWkVFNEs0TnpVWnlxT0s2cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTMvNGIyZTQ5LWY2NjctNDk0YS1hZmU5LTZkZjNlNGE0ZWViMS8x
L3Q3c29SMGFTWEh2M0gyM052b2pZOGU4d3Q4dy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTMv
NGIyZTQ5LWY2NjctNDk0YS1hZmU5LTZkZjNlNGE0ZWViMS8xL2d5VEYzeGw0blZK
WkVFNEs0TnpVWnlxT0s2cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBG
BggrBgEFBQcBBwEB/wQ3MDUwJAQCAAEwHgMEAwUqgAMEAy7++AMEA1OJ+AMEA12/
yAMEArkwPDANBAIAAjAHAwUAKgGUoDANBgkqhkiG9w0BAQsFAAOCAQEAGq5yMCrD
zKvMBHSYujxtHh0qZf+RbATLuYrEGUUYIG+wDFv0djjAgXec3hMaEHjJAgNqiGsU
c2+j5J042Ao6wuYLHMjoeG8TvzuCbbvqiGPyIcOCfS8vcxKBsj65527q8qeDTaA2
voDc0oiZb6AX+c87FH0dnW5e/kLLlaGk9QZ2dAala9YOlGBa/lV6+Mm3o2ou+jX7
1gPIeRbhvDApA/gv+kthq5TsRRZ0N2j4YYmsLuPDZTHv++iB8ZcUOFf1alJt0I6D
rHKiZGVqhkarm63F7PfAUn+JpDRGZ0GEEqzwiL3q/p2+7xLYnHc7dV9e8G8ZdG/O
bJHPzhvYbmg3uA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:17 2024 by rpki-client on console-ams.rpki-client.org