Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/x8_t5cahJHmNzYd4rOnqmDDR9bo.roa
File: x8_t5cahJHmNzYd4rOnqmDDR9bo.roa (raw, json)
Hash identifier: JLIu6H0lcVgXzN2kHydozAd2QGID2yPfnhB47crMl7M=
Subject key identifier: C7:CF:ED:E5:C6:A1:24:79:8D:CD:87:78:AC:E9:EA:98:30:D1:F5:BA
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 36ECBE2F
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/x8_t5cahJHmNzYd4rOnqmDDR9bo.roa
Signing time: Mon 28 Feb 2022 09:00:58 +0000
ROA not before: Mon 28 Feb 2022 09:00:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25198
IP address blocks: 93.114.194.0/24 maxlen: 24
86.107.179.0/24 maxlen: 24
86.107.178.0/24 maxlen: 24
185.101.107.0/24 maxlen: 24
89.34.27.0/24 maxlen: 24
89.41.181.0/24 maxlen: 24
89.41.180.0/24 maxlen: 24
188.241.219.0/24 maxlen: 24
188.241.218.0/24 maxlen: 24
89.36.95.0/24 maxlen: 24
89.36.94.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 921484847 (0x36ecbe2f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Feb 28 09:00:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c7cfede5c6a124798dcd8778ace9ea9830d1f5ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:1f:d4:4f:7c:04:73:53:3c:b7:88:79:c1:21:
f8:5e:19:d0:6a:bb:d2:b2:d1:53:46:ce:99:4a:91:
b9:17:fa:4b:ca:4a:56:27:5a:53:c0:58:79:7d:c8:
92:8f:86:b2:3b:f8:71:a2:a9:82:50:8c:8d:6d:cb:
06:8d:60:15:a7:17:0c:ad:db:8d:a6:f0:d9:47:0b:
21:e9:7c:f7:00:74:08:19:01:0e:af:73:12:35:c6:
dc:7f:37:a1:53:e3:3f:86:2c:c5:28:80:82:2c:ad:
8c:bc:72:8e:12:03:21:ce:e4:31:ae:5d:6a:10:3a:
0a:df:bf:fc:a1:b7:15:0c:67:81:be:c8:cc:88:7a:
94:85:f3:d5:63:ea:13:6f:0d:26:3d:38:0f:76:9c:
f4:25:d5:57:06:f1:da:b6:6c:46:18:96:e3:57:ac:
ac:55:c2:b0:12:27:d3:b8:4b:f7:d1:19:f5:60:94:
b3:cf:cb:86:ed:db:ed:c8:c7:be:f2:5d:0e:03:b2:
b7:19:b8:92:3d:ce:4c:b5:bf:03:18:08:e5:f4:d2:
70:72:3a:d8:3e:7b:87:6b:88:29:17:db:47:49:cb:
8d:ef:c9:84:c1:a1:ac:9d:a9:9e:f9:68:ed:20:d8:
74:17:2d:76:6e:41:fe:57:a5:98:51:3d:8f:e9:29:
6a:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:CF:ED:E5:C6:A1:24:79:8D:CD:87:78:AC:E9:EA:98:30:D1:F5:BA
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/x8_t5cahJHmNzYd4rOnqmDDR9bo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.107.178.0/23
89.34.27.0/24
89.36.94.0/23
89.41.180.0/23
93.114.194.0/24
185.101.107.0/24
188.241.218.0/23
Signature Algorithm: sha256WithRSAEncryption
12:ad:75:35:94:bc:ac:82:a4:c7:ec:b8:45:3f:a0:db:f9:ba:
11:a1:ea:60:3b:db:55:d6:a2:16:08:f1:e6:a7:9f:23:84:72:
f8:70:7b:98:c3:ef:4c:40:df:70:94:d5:e5:13:af:ba:66:89:
4c:82:2a:a8:88:ff:ce:99:46:7c:66:58:a8:21:ec:66:4e:1f:
7c:9d:a1:2e:db:9d:84:92:3e:ae:b1:96:fd:3b:72:30:99:48:
93:ee:a8:10:d9:1d:bf:99:48:1c:8c:db:c3:03:5f:8a:5b:55:
84:d7:ed:9a:df:e2:a5:05:cd:8b:2d:f5:8d:c0:d2:10:92:7f:
c0:43:c4:a2:22:b9:c6:18:5d:35:47:5d:6d:67:3f:61:15:52:
3e:21:0b:d3:2b:dc:6f:6f:e6:53:4a:fb:d2:81:c9:4d:24:12:
ef:09:b8:e0:ed:dd:66:ee:23:33:39:2d:01:f7:44:80:5c:4a:
89:b9:ef:c0:38:72:61:fb:22:2f:b9:98:fa:94:db:47:a8:77:
3b:07:1c:06:28:ae:43:cd:3e:cb:20:89:9e:73:15:76:fe:8e:
ad:a9:20:8f:5b:14:6c:30:51:91:6c:7a:84:c1:10:29:5c:ed:
e5:d5:ac:b8:aa:1f:d2:a7:0c:79:a1:76:3f:59:ff:6b:91:e0:
46:3e:1d:46
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgIENuy+LzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
MWQ0NmUwZTNlOGNhYWFlZDRhNTI5YmQ3ZDczMDhiZDFlZjAxYzFkMB4XDTIyMDIy
ODA5MDA1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzdjZmVkZTVjNmEx
MjQ3OThkY2Q4Nzc4YWNlOWVhOTgzMGQxZjViYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKkf1E98BHNTPLeIecEh+F4Z0Gq70rLRU0bOmUqRuRf6S8pK
VidaU8BYeX3Iko+Gsjv4caKpglCMjW3LBo1gFacXDK3bjabw2UcLIel89wB0CBkB
Dq9zEjXG3H83oVPjP4YsxSiAgiytjLxyjhIDIc7kMa5dahA6Ct+//KG3FQxngb7I
zIh6lIXz1WPqE28NJj04D3ac9CXVVwbx2rZsRhiW41esrFXCsBIn07hL99EZ9WCU
s8/Lhu3b7cjHvvJdDgOytxm4kj3OTLW/AxgI5fTScHI62D57h2uIKRfbR0nLje/J
hMGhrJ2pnvlo7SDYdBctdm5B/lelmFE9j+kpauMCAwEAAaOCAi0wggIpMB0GA1Ud
DgQWBBTHz+3lxqEkeY3Nh3is6eqYMNH1ujAfBgNVHSMEGDAWgBTx1G4OPoyqrtSl
Kb19cwi9HvAcHTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzhkUnVEajZNcXE3VXBTbTlmWE1JdlI3d0hCMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWIvODRlYjQ0LWJiZGYtNDZjMS1iMDQzLWI0MmYyM2Q4MjhjMy8x
L3g4X3Q1Y2FoSkhtTnpZZDRyT25xbUREUjliby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWIv
ODRlYjQ0LWJiZGYtNDZjMS1iMDQzLWI0MmYyM2Q4MjhjMy8xLzhkUnVEajZNcXE3
VXBTbTlmWE1JdlI3d0hCMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBD
BggrBgEFBQcBBwEB/wQ0MDIwMAQCAAEwKgMEAVZrsgMEAFkiGwMEAVkkXgMEAVkp
tAMEAF1ywgMEALllawMEAbzx2jANBgkqhkiG9w0BAQsFAAOCAQEAEq11NZS8rIKk
x+y4RT+g2/m6EaHqYDvbVdaiFgjx5qefI4Ry+HB7mMPvTEDfcJTV5ROvumaJTIIq
qIj/zplGfGZYqCHsZk4ffJ2hLtudhJI+rrGW/TtyMJlIk+6oENkdv5lIHIzbwwNf
iltVhNftmt/ipQXNiy31jcDSEJJ/wEPEoiK5xhhdNUddbWc/YRVSPiEL0yvcb2/m
U0r70oHJTSQS7wm44O3dZu4jMzktAfdEgFxKibnvwDhyYfsiL7mY+pTbR6h3Owcc
BiiuQ80+yyCJnnMVdv6Orakgj1sUbDBRkWx6hMEQKVzt5dWsuKof0qcMeaF2P1n/
a5HgRj4dRg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:03 2023 by rpki-client on console-fra.rpki-client.org