Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/f2f1c5-866c-42b5-8b46-38669d1e2301/1/8qBHkPkaTReR0qIw2SGedwYWd2c.roa
File: 8qBHkPkaTReR0qIw2SGedwYWd2c.roa (raw, json)
Hash identifier: aWIuNLoFh1KBbBR80Ew5/W7HIb3OsfTwAAnnHAjFnMQ=
Subject key identifier: F2:A0:47:90:F9:1A:4D:17:91:D2:A2:30:D9:21:9E:77:06:16:77:67
Certificate issuer: /CN=6dfa4a1ffc749b1c4fa3b6da819b6dbb9ae885a0
Certificate serial: 0183C156EB3163E214A9AAC600CF1E1D3920
Authority key identifier: 6D:FA:4A:1F:FC:74:9B:1C:4F:A3:B6:DA:81:9B:6D:BB:9A:E8:85:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bfpKH_x0mxxPo7bagZttu5rohaA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/f2f1c5-866c-42b5-8b46-38669d1e2301/1/8qBHkPkaTReR0qIw2SGedwYWd2c.roa
Signing time: Mon 10 Oct 2022 10:00:42 +0000
ROA not before: Mon 10 Oct 2022 10:00:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39642
IP address blocks: 45.14.140.0/22 maxlen: 22
185.37.84.0/22 maxlen: 22
45.80.92.0/22 maxlen: 22
85.218.128.0/17 maxlen: 17
62.107.0.0/16 maxlen: 16
89.184.128.0/19 maxlen: 19
46.32.32.0/19 maxlen: 19
94.138.64.0/19 maxlen: 19
86.52.0.0/16 maxlen: 16
178.132.224.0/20 maxlen: 20
95.154.0.0/18 maxlen: 18
78.157.96.0/19 maxlen: 19
212.10.0.0/16 maxlen: 16
31.185.64.0/19 maxlen: 19
37.128.208.0/20 maxlen: 20
5.206.192.0/21 maxlen: 21
212.37.128.0/19 maxlen: 19
212.112.128.0/19 maxlen: 19
178.155.128.0/17 maxlen: 17
185.5.164.0/22 maxlen: 22
2a02:2b98::/32 maxlen: 32
2a02:6940::/32 maxlen: 32
2a03:7400::/29 maxlen: 32
2a00:1b70::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:c1:56:eb:31:63:e2:14:a9:aa:c6:00:cf:1e:1d:39:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6dfa4a1ffc749b1c4fa3b6da819b6dbb9ae885a0
Validity
Not Before: Oct 10 10:00:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f2a04790f91a4d1791d2a230d9219e7706167767
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:ee:89:8e:21:8f:6c:83:5a:8e:ed:2b:5e:10:
0e:2c:1e:48:6b:e6:53:09:b3:b5:33:c4:7f:4e:a7:
da:15:e8:98:2f:da:92:13:f6:9c:1f:cf:c4:a0:58:
cb:b1:ee:96:fe:57:48:02:95:00:ba:4b:82:22:5c:
33:95:48:8e:c5:2e:3a:a0:dd:da:04:68:df:ea:17:
e6:13:68:c1:8a:d5:37:18:42:0b:d7:f7:dd:ae:cc:
4d:3e:77:45:c3:f7:cc:77:d2:59:9c:2e:db:60:50:
80:f7:c4:a6:be:9a:ea:c2:ae:3c:3d:da:c4:3b:34:
cb:f3:04:1e:23:d6:85:0c:19:b5:f0:6d:44:10:19:
fc:0a:dd:a8:41:4a:98:3a:5e:0a:1e:98:f1:74:ef:
e3:b8:ae:31:ca:0e:5e:a0:43:43:65:93:30:7a:50:
db:5b:1d:2f:3e:49:be:0e:7a:6b:19:e9:9b:a4:ac:
d7:48:5c:a0:0b:a1:df:a8:30:c1:17:62:92:fa:3b:
11:dd:46:0a:db:b6:e6:74:3b:22:3e:a9:b3:bf:5b:
a8:65:b0:be:81:d3:36:c5:27:dc:be:1d:6f:72:f6:
39:d4:2c:df:64:f0:00:d0:18:b1:b5:e8:f2:24:51:
cd:82:d5:19:e1:1f:59:5e:85:91:e7:e5:7f:db:ab:
7a:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:A0:47:90:F9:1A:4D:17:91:D2:A2:30:D9:21:9E:77:06:16:77:67
X509v3 Authority Key Identifier:
keyid:6D:FA:4A:1F:FC:74:9B:1C:4F:A3:B6:DA:81:9B:6D:BB:9A:E8:85:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bfpKH_x0mxxPo7bagZttu5rohaA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/f2f1c5-866c-42b5-8b46-38669d1e2301/1/8qBHkPkaTReR0qIw2SGedwYWd2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/f2f1c5-866c-42b5-8b46-38669d1e2301/1/bfpKH_x0mxxPo7bagZttu5rohaA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.206.192.0/21
31.185.64.0/19
37.128.208.0/20
45.14.140.0/22
45.80.92.0/22
46.32.32.0/19
62.107.0.0/16
78.157.96.0/19
85.218.128.0/17
86.52.0.0/16
89.184.128.0/19
94.138.64.0/19
95.154.0.0/18
178.132.224.0/20
178.155.128.0/17
185.5.164.0/22
185.37.84.0/22
212.10.0.0/16
212.37.128.0/19
212.112.128.0/19
IPv6:
2a00:1b70::/29
2a02:2b98::/32
2a02:6940::/32
2a03:7400::/29
Signature Algorithm: sha256WithRSAEncryption
4b:5c:65:c3:c3:fd:30:4d:69:e0:89:a4:fd:3a:cd:08:89:3d:
18:a2:12:37:03:16:13:64:dd:21:e0:dd:e5:6c:40:3f:47:af:
47:88:61:08:8e:76:52:73:7b:7c:a3:5c:5d:a4:ce:2e:87:2f:
0c:30:76:1d:e6:28:25:aa:a7:dd:11:bb:f1:f6:ce:ff:dc:6b:
e0:c9:ba:a1:d7:37:a2:47:fe:0f:5d:ef:f9:fd:69:6f:a5:d4:
8c:4e:16:67:9a:6b:64:7d:48:63:20:e2:3c:16:67:9e:d2:6f:
85:c2:eb:00:c5:f6:d8:91:6d:e6:a5:2b:13:55:3e:66:b2:77:
c5:d5:ec:15:b3:3c:dd:2e:f4:3c:13:79:53:94:0d:75:08:2a:
65:69:e5:6e:23:3c:e6:32:fa:15:75:b8:8a:0b:78:d9:09:01:
3f:36:98:c0:52:e1:6c:d3:13:6c:62:b7:b4:62:49:2d:09:0b:
64:89:1f:3c:8e:b0:b0:d9:12:c7:93:f0:3d:e2:6b:40:61:bb:
6a:b5:3f:03:9a:8b:87:c1:b3:73:d8:6a:67:6a:6e:de:9c:40:
f6:93:81:2f:1d:f1:f5:64:c7:67:29:cd:73:d5:68:fe:70:97:
ab:e4:d9:ad:12:3b:68:45:ad:ea:28:55:3a:e0:ce:f7:58:c8:
be:39:ff:f5
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgISAYPBVusxY+IUqarGAM8eHTkgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZmE0YTFmZmM3NDliMWM0ZmEzYjZkYTgxOWI2ZGJiOWFl
ODg1YTAwHhcNMjIxMDEwMTAwMDQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmEwNDc5MGY5MWE0ZDE3OTFkMmEyMzBkOTIxOWU3NzA2MTY3NzY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhu6JjiGPbINaju0rXhAOLB5Ia+ZT
CbO1M8R/TqfaFeiYL9qSE/acH8/EoFjLse6W/ldIApUAukuCIlwzlUiOxS46oN3a
BGjf6hfmE2jBitU3GEIL1/fdrsxNPndFw/fMd9JZnC7bYFCA98Smvprqwq48PdrE
OzTL8wQeI9aFDBm18G1EEBn8Ct2oQUqYOl4KHpjxdO/juK4xyg5eoENDZZMwelDb
Wx0vPkm+DnprGembpKzXSFygC6HfqDDBF2KS+jsR3UYK27bmdDsiPqmzv1uoZbC+
gdM2xSfcvh1vcvY51CzfZPAA0BixtejyJFHNgtUZ4R9ZXoWR5+V/26t67QIDAQAB
o4ICnzCCApswHQYDVR0OBBYEFPKgR5D5Gk0XkdKiMNkhnncGFndnMB8GA1UdIwQY
MBaAFG36Sh/8dJscT6O22oGbbbua6IWgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmZwS0hfeDBteHhQbzdiYWdadHR1NXJvaGFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS9mMmYxYzUtODY2Yy00MmI1LThiNDYt
Mzg2NjlkMWUyMzAxLzEvOHFCSGtQa2FUUmVSMHFJdzJTR2Vkd1lXZDJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS9mMmYxYzUtODY2Yy00MmI1LThiNDYtMzg2NjlkMWUyMzAx
LzEvYmZwS0hfeDBteHhQbzdiYWdadHR1NXJvaGFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG0BggrBgEFBQcBBwEB/wSBpDCBoTB7BAIAATB1AwQDBc7A
AwQFH7lAAwQEJYDQAwQCLQ6MAwQCLVBcAwQFLiAgAwMAPmsDBAVOnWADBAdV2oAD
AwBWNAMEBVm4gAMEBV6KQAMEBl+aAAMEBLKE4AMEB7KbgAMEArkFpAMEArklVAMD
ANQKAwQF1CWAAwQF1HCAMCIEAgACMBwDBQMqABtwAwUAKgIrmAMFACoCaUADBQMq
A3QAMA0GCSqGSIb3DQEBCwUAA4IBAQBLXGXDw/0wTWngiaT9Os0IiT0YohI3AxYT
ZN0h4N3lbEA/R69HiGEIjnZSc3t8o1xdpM4uhy8MMHYd5iglqqfdEbvx9s7/3Gvg
ybqh1zeiR/4PXe/5/WlvpdSMThZnmmtkfUhjIOI8Fmee0m+FwusAxfbYkW3mpSsT
VT5msnfF1ewVszzdLvQ8E3lTlA11CCplaeVuIzzmMvoVdbiKC3jZCQE/NpjAUuFs
0xNsYre0YkktCQtkiR88jrCw2RLHk/A94mtAYbtqtT8DmouHwbNz2Gpnam7enED2
k4EvHfH1ZMdnKc1z1Wj+cJer5NmtEjtoRa3qKFU64M73WMi+Of/1
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:54 2024 by rpki-client on console-ams.rpki-client.org