Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/9f682c-1c57-4ce5-bb98-0605c089fc38/1/u8EM-yyugxqBFwMM7FIpHDNyI1A.roa
File: u8EM-yyugxqBFwMM7FIpHDNyI1A.roa (raw, json)
Hash identifier: czfBZ4GjCHmie3/CnFLBv2duM6Ts41g8bvtIQCuOpAs=
Subject key identifier: BB:C1:0C:FB:2C:AE:83:1A:81:17:03:0C:EC:52:29:1C:33:72:23:50
Certificate issuer: /CN=b38bb62a47b1a2aedb70f32f58c979ba0c777f06
Certificate serial: 018432E9E62691605001F18041E92C3FEFF0
Authority key identifier: B3:8B:B6:2A:47:B1:A2:AE:DB:70:F3:2F:58:C9:79:BA:0C:77:7F:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s4u2Kkexoq7bcPMvWMl5ugx3fwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/9f682c-1c57-4ce5-bb98-0605c089fc38/1/u8EM-yyugxqBFwMM7FIpHDNyI1A.roa
Signing time: Tue 01 Nov 2022 11:18:20 +0000
ROA not before: Tue 01 Nov 2022 11:18:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34245
IP address blocks: 185.106.88.0/22 maxlen: 24
212.17.32.0/19 maxlen: 24
87.192.80.0/24 maxlen: 24
89.124.242.0/23 maxlen: 24
89.124.244.0/24 maxlen: 24
87.232.193.0/24 maxlen: 24
213.159.128.0/22 maxlen: 24
87.192.220.0/23 maxlen: 24
85.91.0.0/19 maxlen: 24
87.198.204.0/24 maxlen: 24
87.232.128.0/21 maxlen: 24
87.232.134.0/24 maxlen: 24
87.198.0.0/16 maxlen: 24
87.232.64.0/18 maxlen: 24
213.79.32.0/19 maxlen: 24
89.127.253.0/24 maxlen: 24
89.127.252.0/24 maxlen: 24
89.127.252.0/23 maxlen: 24
87.232.224.0/24 maxlen: 24
87.232.250.0/23 maxlen: 24
87.232.252.0/22 maxlen: 24
87.232.32.0/19 maxlen: 24
2a01:148::/29 maxlen: 32
2a01:14f::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:32:e9:e6:26:91:60:50:01:f1:80:41:e9:2c:3f:ef:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b38bb62a47b1a2aedb70f32f58c979ba0c777f06
Validity
Not Before: Nov 1 11:18:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bbc10cfb2cae831a8117030cec52291c33722350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:f2:3f:7d:67:ba:68:91:31:01:0d:78:26:ad:
b1:fd:74:5a:e2:0d:2f:41:a4:26:14:71:d3:56:46:
2e:0a:b8:66:4d:67:bf:52:f8:74:de:e5:d4:a2:6a:
89:52:9b:38:be:5e:52:1a:4b:4a:a7:f3:45:fa:6c:
ff:88:3e:3d:39:b7:28:2c:ce:94:c2:e5:13:42:a2:
02:f4:f5:4e:bc:ff:cd:a3:45:79:89:eb:ad:9d:af:
0b:3a:74:14:28:50:11:08:7b:78:4a:bc:27:26:e0:
5e:7d:ac:4a:40:0e:b3:f3:a6:59:fc:b6:c3:d9:f6:
35:37:95:9f:53:ba:0d:1c:36:c7:53:07:77:71:66:
ee:39:33:f2:40:e8:cf:8a:c5:91:7d:41:d2:bd:1f:
f6:cd:f2:53:7f:30:67:2c:6e:88:6b:54:18:6c:0b:
f5:a2:9d:e2:4c:32:ac:18:f6:e4:e0:50:30:db:8e:
f8:5f:89:c1:99:c0:f5:05:ed:c0:f2:d7:65:fc:1a:
1d:d5:81:40:2b:e7:31:27:57:d8:95:dd:4e:2c:09:
db:d9:3c:fb:99:2d:fe:4a:bc:a2:45:ba:48:93:d7:
74:16:a9:27:65:de:3a:2e:e1:d7:fd:25:67:84:0a:
b1:f2:eb:b9:db:20:de:10:cf:3d:ca:ef:48:51:41:
58:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:C1:0C:FB:2C:AE:83:1A:81:17:03:0C:EC:52:29:1C:33:72:23:50
X509v3 Authority Key Identifier:
keyid:B3:8B:B6:2A:47:B1:A2:AE:DB:70:F3:2F:58:C9:79:BA:0C:77:7F:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s4u2Kkexoq7bcPMvWMl5ugx3fwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/9f682c-1c57-4ce5-bb98-0605c089fc38/1/u8EM-yyugxqBFwMM7FIpHDNyI1A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/9f682c-1c57-4ce5-bb98-0605c089fc38/1/s4u2Kkexoq7bcPMvWMl5ugx3fwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.91.0.0/19
87.192.80.0/24
87.192.220.0/23
87.198.0.0/16
87.232.32.0-87.232.135.255
87.232.193.0/24
87.232.224.0/24
87.232.250.0-87.232.255.255
89.124.242.0-89.124.244.255
89.127.252.0/23
185.106.88.0/22
212.17.32.0/19
213.79.32.0/19
213.159.128.0/22
IPv6:
2a01:148::/29
Signature Algorithm: sha256WithRSAEncryption
13:03:0d:b6:4a:91:be:ce:09:25:e4:49:fa:fc:2c:66:51:85:
13:4f:eb:77:76:81:4a:16:97:78:50:65:a8:1d:04:ff:d5:f4:
4e:bf:bd:f0:3d:05:8e:ca:e8:88:fa:05:6e:da:03:ca:60:80:
8a:51:0b:1c:5a:be:4d:92:08:f5:c0:79:de:2a:5d:d6:03:78:
d0:ba:dc:27:65:27:f8:5d:3b:e6:e0:76:05:55:e1:bd:a4:1c:
d3:41:ef:5a:8c:77:cb:18:0f:ba:08:9d:f6:23:be:ae:15:3b:
44:97:41:b8:cd:53:d9:5e:75:56:cc:74:91:02:f6:19:b1:21:
3d:86:6d:75:97:05:15:d3:57:13:99:07:b7:5f:c6:53:f9:af:
7e:36:ab:0e:0f:40:7f:27:c4:ce:0a:f1:65:aa:cd:36:95:32:
58:c1:46:13:a5:53:31:65:a0:50:fe:90:e7:e1:60:74:b4:3b:
da:2b:68:ed:83:82:b9:fd:be:e6:bd:fd:c2:98:99:d6:cd:46:
30:c6:f8:7b:92:42:81:34:c0:93:5c:14:3d:41:26:e1:b2:84:
a0:64:0e:c8:e9:95:e8:96:f6:c2:84:0c:42:ec:6f:3b:bc:b2:
0d:ea:a3:c5:e2:3f:26:62:99:1b:05:b2:6b:28:cf:ac:b4:43:
c5:c2:7d:08
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAYQy6eYmkWBQAfGAQeksP+/wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzOGJiNjJhNDdiMWEyYWVkYjcwZjMyZjU4Yzk3OWJhMGM3
NzdmMDYwHhcNMjIxMTAxMTExODIwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmMxMGNmYjJjYWU4MzFhODExNzAzMGNlYzUyMjkxYzMzNzIyMzUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtvI/fWe6aJExAQ14Jq2x/XRa4g0v
QaQmFHHTVkYuCrhmTWe/Uvh03uXUomqJUps4vl5SGktKp/NF+mz/iD49ObcoLM6U
wuUTQqIC9PVOvP/No0V5ieutna8LOnQUKFARCHt4SrwnJuBefaxKQA6z86ZZ/LbD
2fY1N5WfU7oNHDbHUwd3cWbuOTPyQOjPisWRfUHSvR/2zfJTfzBnLG6Ia1QYbAv1
op3iTDKsGPbk4FAw2474X4nBmcD1Be3A8tdl/Bod1YFAK+cxJ1fYld1OLAnb2Tz7
mS3+SryiRbpIk9d0FqknZd46LuHX/SVnhAqx8uu52yDeEM89yu9IUUFYFQIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFLvBDPssroMagRcDDOxSKRwzciNQMB8GA1UdIwQY
MBaAFLOLtipHsaKu23DzL1jJeboMd38GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczR1MktrZXhvcTdiY1BNdldNbDV1Z3gzZndZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi85ZjY4MmMtMWM1Ny00Y2U1LWJiOTgt
MDYwNWMwODlmYzM4LzEvdThFTS15eXVneHFCRndNTTdGSXBIRE55STFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi85ZjY4MmMtMWM1Ny00Y2U1LWJiOTgtMDYwNWMwODlmYzM4
LzEvczR1MktrZXhvcTdiY1BNdldNbDV1Z3gzZndZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGUBggrBgEFBQcBBwEB/wSBhDCBgTBwBAIAATBqAwQFVVsA
AwQAV8BQAwQBV8DcAwMAV8YwDAMEBVfoIAMEA1fogAMEAFfowQMEAFfo4DALAwQB
V+j6AwMAV+gwDAMEAVl88gMEAFl89AMEAVl//AMEArlqWAMEBdQRIAMEBdVPIAME
AtWfgDANBAIAAjAHAwUDKgEBSDANBgkqhkiG9w0BAQsFAAOCAQEAEwMNtkqRvs4J
JeRJ+vwsZlGFE0/rd3aBShaXeFBlqB0E/9X0Tr+98D0FjsroiPoFbtoDymCAilEL
HFq+TZII9cB53ipd1gN40LrcJ2Un+F075uB2BVXhvaQc00HvWox3yxgPugid9iO+
rhU7RJdBuM1T2V51Vsx0kQL2GbEhPYZtdZcFFdNXE5kHt1/GU/mvfjarDg9AfyfE
zgrxZarNNpUyWMFGE6VTMWWgUP6Q5+FgdLQ72ito7YOCuf2+5r39wpiZ1s1GMMb4
e5JCgTTAk1wUPUEm4bKEoGQOyOmV6Jb2woQMQuxvO7yyDeqjxeI/JmKZGwWyayjP
rLRDxcJ9CA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:52 2024 by rpki-client on console-ams.rpki-client.org