Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/2215f7-887a-4bd5-bf97-ffb709f7668c/1/8j8MEPulL36QIGtQ-RbcvtTQ4qE.roa
File: 8j8MEPulL36QIGtQ-RbcvtTQ4qE.roa (raw, json)
Hash identifier: fVC95/q4lCZq5Isk2WNvET5uzMVYjhHHE5zP/YCI/ls=
Subject key identifier: F2:3F:0C:10:FB:A5:2F:7E:90:20:6B:50:F9:16:DC:BE:D4:D0:E2:A1
Certificate issuer: /CN=4c87389ef41f18c1fcc82754349ea7096980b1e3
Certificate serial: 18F873D9
Authority key identifier: 4C:87:38:9E:F4:1F:18:C1:FC:C8:27:54:34:9E:A7:09:69:80:B1:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TIc4nvQfGMH8yCdUNJ6nCWmAseM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/2215f7-887a-4bd5-bf97-ffb709f7668c/1/8j8MEPulL36QIGtQ-RbcvtTQ4qE.roa
Signing time: Sat 01 Jan 2022 14:01:01 +0000
ROA not before: Sat 01 Jan 2022 14:01:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57822
IP address blocks: 185.54.246.0/24 maxlen: 24
185.54.245.0/24 maxlen: 24
185.54.247.0/24 maxlen: 24
94.247.109.0/24 maxlen: 24
94.247.108.0/24 maxlen: 24
94.247.107.0/24 maxlen: 24
94.247.106.0/24 maxlen: 24
2a02:47a0:201::/48 maxlen: 48
2a02:47a0:4::/48 maxlen: 48
2a02:47a0:202::/48 maxlen: 48
2a02:47a0:203::/48 maxlen: 48
2a02:47a0:3::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 418935769 (0x18f873d9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c87389ef41f18c1fcc82754349ea7096980b1e3
Validity
Not Before: Jan 1 14:01:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f23f0c10fba52f7e90206b50f916dcbed4d0e2a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:d4:3d:25:01:c3:e5:50:2b:7b:86:f0:eb:2d:
8a:f3:23:d5:c1:5a:c3:c4:4e:20:02:3c:26:a7:da:
0d:ec:00:52:5c:18:14:b3:44:ab:a8:52:fc:55:5b:
ac:4e:56:c9:66:af:8f:cd:78:fc:15:38:55:49:1b:
2c:37:01:e9:c7:10:74:a8:12:dd:bd:4b:0c:55:87:
63:94:55:55:d9:33:55:e5:11:a7:c7:00:87:33:08:
d6:00:2f:5f:07:a2:2c:e7:54:2a:fb:d8:cf:a1:d9:
d7:a7:53:08:95:9d:2c:d5:53:46:30:d4:a3:1b:3f:
9e:f1:f8:78:64:83:15:1e:51:42:f6:4e:ec:0f:2b:
41:4f:ac:ae:50:06:2b:e7:69:50:a8:fd:93:c6:4f:
a5:6d:17:51:4c:46:be:87:fa:37:4c:d9:2b:4d:a8:
cd:7e:e6:b7:93:8c:3a:8e:3a:e9:6b:7f:af:eb:3c:
8d:25:d3:74:d3:0d:ca:1f:ce:3b:70:e7:11:84:d3:
f6:43:68:41:65:40:b1:2a:31:65:9d:ed:60:17:e3:
a7:15:6e:2b:d1:ca:68:77:5b:12:4f:b4:0d:fa:ff:
e7:c0:6b:9b:3a:f0:cf:10:34:b2:36:ef:1c:9b:9a:
1b:2f:6e:20:d3:d6:e0:f4:65:3e:c2:0a:7f:d3:f1:
b0:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:3F:0C:10:FB:A5:2F:7E:90:20:6B:50:F9:16:DC:BE:D4:D0:E2:A1
X509v3 Authority Key Identifier:
keyid:4C:87:38:9E:F4:1F:18:C1:FC:C8:27:54:34:9E:A7:09:69:80:B1:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TIc4nvQfGMH8yCdUNJ6nCWmAseM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/2215f7-887a-4bd5-bf97-ffb709f7668c/1/8j8MEPulL36QIGtQ-RbcvtTQ4qE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/2215f7-887a-4bd5-bf97-ffb709f7668c/1/TIc4nvQfGMH8yCdUNJ6nCWmAseM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.247.106.0-94.247.109.255
185.54.245.0-185.54.247.255
IPv6:
2a02:47a0:3::-2a02:47a0:4:ffff:ffff:ffff:ffff:ffff
2a02:47a0:201::-2a02:47a0:203:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
44:df:65:3d:18:86:c8:b7:ea:d4:f8:b4:19:b2:0d:cd:f4:94:
2b:14:24:27:34:5a:3f:72:9f:e2:5e:21:fb:fb:5d:8e:40:1c:
37:06:c9:70:cc:dd:60:a1:54:c7:5a:b5:ac:86:87:42:13:d6:
b5:e0:32:de:93:cb:e0:17:52:98:f2:ae:7e:58:34:db:70:b1:
8d:47:f2:8e:2c:56:d5:79:28:e8:b6:6d:9a:f7:a4:90:c2:c2:
50:3b:9e:8b:d8:13:1a:d1:58:fa:78:5f:b4:65:1f:9a:2f:ee:
34:4c:01:e1:94:ea:2d:33:50:58:0a:bf:d0:b1:71:57:71:75:
03:8d:05:da:a2:be:4b:be:93:b2:bd:a1:21:7e:25:27:e0:a3:
70:78:e0:ad:79:22:3a:e9:c3:ed:17:de:76:f0:11:68:65:fe:
07:fd:d7:54:2a:10:70:03:f1:7a:48:26:8c:76:da:91:cc:4a:
24:96:2a:87:80:8d:c1:1f:d4:af:44:99:1f:b3:7e:47:f1:01:
92:a4:ee:06:59:e0:52:5b:a2:bf:25:96:8f:8f:18:df:09:3d:
8e:ff:a7:5d:69:10:0f:05:e8:70:00:f6:6b:40:40:64:c6:92:
0f:ee:9c:b6:c9:fc:f5:8d:b0:71:d8:fc:5d:73:64:52:47:42:
89:e9:f5:1e
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIEGPhz2TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
Yzg3Mzg5ZWY0MWYxOGMxZmNjODI3NTQzNDllYTcwOTY5ODBiMWUzMB4XDTIyMDEw
MTE0MDEwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjIzZjBjMTBmYmE1
MmY3ZTkwMjA2YjUwZjkxNmRjYmVkNGQwZTJhMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJvUPSUBw+VQK3uG8OstivMj1cFaw8ROIAI8JqfaDewAUlwY
FLNEq6hS/FVbrE5WyWavj814/BU4VUkbLDcB6ccQdKgS3b1LDFWHY5RVVdkzVeUR
p8cAhzMI1gAvXweiLOdUKvvYz6HZ16dTCJWdLNVTRjDUoxs/nvH4eGSDFR5RQvZO
7A8rQU+srlAGK+dpUKj9k8ZPpW0XUUxGvof6N0zZK02ozX7mt5OMOo466Wt/r+s8
jSXTdNMNyh/OO3DnEYTT9kNoQWVAsSoxZZ3tYBfjpxVuK9HKaHdbEk+0Dfr/58Br
mzrwzxA0sjbvHJuaGy9uINPW4PRlPsIKf9PxsM0CAwEAAaOCAk8wggJLMB0GA1Ud
DgQWBBTyPwwQ+6UvfpAga1D5Fty+1NDioTAfBgNVHSMEGDAWgBRMhzie9B8YwfzI
J1Q0nqcJaYCx4zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1RJYzRudlFmR01IOHlDZFVOSjZuQ1dtQXNlTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTgvMjIxNWY3LTg4N2EtNGJkNS1iZjk3LWZmYjcwOWY3NjY4Yy8x
LzhqOE1FUHVsTDM2UUlHdFEtUmJjdnRUUTRxRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTgv
MjIxNWY3LTg4N2EtNGJkNS1iZjk3LWZmYjcwOWY3NjY4Yy8xL1RJYzRudlFmR01I
OHlDZFVOSjZuQ1dtQXNlTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBl
BggrBgEFBQcBBwEB/wRWMFQwIgQCAAEwHDAMAwQBXvdqAwQBXvdsMAwDBAC5NvUD
BAO5NvAwLgQCAAIwKDASAwcAKgJHoAADAwcAKgJHoAAEMBIDBwAqAkegAgEDBwIq
AkegAgAwDQYJKoZIhvcNAQELBQADggEBAETfZT0Yhsi36tT4tBmyDc30lCsUJCc0
Wj9yn+JeIfv7XY5AHDcGyXDM3WChVMdatayGh0IT1rXgMt6Ty+AXUpjyrn5YNNtw
sY1H8o4sVtV5KOi2bZr3pJDCwlA7novYExrRWPp4X7RlH5ov7jRMAeGU6i0zUFgK
v9CxcVdxdQONBdqivku+k7K9oSF+JSfgo3B44K15Ijrpw+0X3nbwEWhl/gf911Qq
EHAD8XpIJox22pHMSiSWKoeAjcEf1K9EmR+zfkfxAZKk7gZZ4FJbor8llo+PGN8J
PY7/p11pEA8F6HAA9mtAQGTGkg/unLbJ/PWNsHHY/F1zZFJHQonp9R4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:50 2024 by rpki-client on console-fra.rpki-client.org