Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/h2xeir9N4O2BQ-WSbBNyFlQkLeY.roa
File: h2xeir9N4O2BQ-WSbBNyFlQkLeY.roa (raw, json)
Hash identifier: Xn1PA9CSM9Ee6PuvG8r4Gcv2Zze98ri50pgK7tWO/6o=
Subject key identifier: 87:6C:5E:8A:BF:4D:E0:ED:81:43:E5:92:6C:13:72:16:54:24:2D:E6
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 01845DB1761668AD393CC03AED0A172B69F3
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/h2xeir9N4O2BQ-WSbBNyFlQkLeY.roa
Signing time: Wed 09 Nov 2022 18:40:21 +0000
ROA not before: Wed 09 Nov 2022 18:40:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 94.241.136.0/21 maxlen: 24
91.186.200.0/22 maxlen: 24
91.186.214.0/23 maxlen: 24
94.241.168.0/21 maxlen: 24
94.241.176.0/21 maxlen: 24
83.147.216.0/23 maxlen: 24
178.253.31.0/24 maxlen: 24
83.147.222.0/23 maxlen: 24
83.147.232.0/22 maxlen: 24
178.253.52.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:5d:b1:76:16:68:ad:39:3c:c0:3a:ed:0a:17:2b:69:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Nov 9 18:40:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=876c5e8abf4de0ed8143e5926c13721654242de6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:8a:37:81:9b:72:19:a3:5f:b9:91:d2:a1:8d:
b2:3a:f8:cf:29:6d:e9:0c:10:bb:e7:d3:dc:cb:f9:
be:12:06:fd:c4:33:e6:9a:52:91:33:61:e6:8e:81:
87:cf:02:e9:cd:09:f2:d7:4a:69:54:87:f6:e8:9b:
27:ce:97:55:73:62:30:7b:67:4c:fc:7b:36:a8:7e:
25:84:9f:78:5c:6b:c2:e9:d1:22:f7:2e:6c:82:c5:
c6:53:9c:91:f5:2a:eb:87:6c:db:e4:48:4d:43:99:
8a:77:e7:33:2f:9b:d9:d0:57:d0:93:7c:18:31:bb:
6e:e0:8e:9b:3c:15:9d:6a:b2:7f:c3:57:8c:29:33:
c1:83:20:7d:29:c2:f7:7c:40:42:ad:ac:7d:aa:84:
c7:b7:8b:d8:f2:b1:cd:ef:5b:eb:13:18:e8:7d:20:
7f:12:0d:61:fc:a3:66:27:51:49:0c:be:09:c9:3a:
1f:16:73:9b:a5:d9:c6:0d:3c:51:c9:e7:12:3d:95:
40:6d:fc:22:22:d9:e6:7c:7d:59:ac:5b:0e:3a:4f:
af:14:1a:17:af:71:46:a7:9b:4d:58:59:5f:4a:88:
dc:c0:37:a6:93:26:49:74:e7:4a:04:6a:a0:65:b3:
6f:04:0a:cd:d2:98:b5:27:e7:49:38:bb:31:6c:53:
9b:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:6C:5E:8A:BF:4D:E0:ED:81:43:E5:92:6C:13:72:16:54:24:2D:E6
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/h2xeir9N4O2BQ-WSbBNyFlQkLeY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.216.0/23
83.147.222.0/23
83.147.232.0/22
91.186.200.0/22
91.186.214.0/23
94.241.136.0/21
94.241.168.0-94.241.183.255
178.253.31.0/24
178.253.52.0/23
Signature Algorithm: sha256WithRSAEncryption
3b:2f:d8:e9:e1:4d:a7:68:b6:80:39:12:6f:60:47:c7:ba:ed:
c6:98:12:5d:5d:39:af:3f:00:89:ad:7a:94:21:ac:ff:3c:7b:
dc:99:c4:a2:7e:46:a0:8c:b7:86:ef:d1:ee:22:d4:b8:5b:06:
d2:4d:2d:4a:0e:ab:ec:42:b2:eb:37:ef:fb:ff:54:57:b0:55:
81:72:ff:52:a2:02:22:21:38:5d:59:55:f8:97:d4:74:16:4c:
bd:cd:e8:b9:44:cf:9c:5b:27:e4:86:82:88:13:cc:7f:be:9e:
ce:3f:90:7d:0d:28:90:df:c1:d9:0f:07:20:3e:4f:fc:df:7a:
6a:a9:35:f4:fc:0f:c3:42:76:ee:30:0e:8e:66:bb:b3:f1:8e:
af:2a:18:0d:d2:ab:55:a3:b2:6c:20:ba:5b:d4:60:d5:82:eb:
27:fa:f3:10:57:b8:d4:99:1e:58:95:e5:a6:9f:4a:b6:36:03:
72:27:35:72:79:3a:79:89:de:25:06:bc:ef:ff:7c:1c:bd:0d:
dc:4e:64:63:4e:aa:68:6e:a1:c8:40:fe:bd:a5:83:db:bd:fe:
a3:aa:90:0f:02:d0:32:71:e4:5b:f8:c7:2c:7c:05:d2:37:30:
28:81:58:0a:f9:80:66:58:a0:5c:29:8a:3e:b7:78:16:4a:7b:
b9:0c:81:8d
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYRdsXYWaK05PMA67QoXK2nzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjIxMTA5MTg0MDIxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzZjNWU4YWJmNGRlMGVkODE0M2U1OTI2YzEzNzIxNjU0MjQyZGU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvYo3gZtyGaNfuZHSoY2yOvjPKW3p
DBC759Pcy/m+Egb9xDPmmlKRM2HmjoGHzwLpzQny10ppVIf26JsnzpdVc2Iwe2dM
/Hs2qH4lhJ94XGvC6dEi9y5sgsXGU5yR9Srrh2zb5EhNQ5mKd+czL5vZ0FfQk3wY
Mbtu4I6bPBWdarJ/w1eMKTPBgyB9KcL3fEBCrax9qoTHt4vY8rHN71vrExjofSB/
Eg1h/KNmJ1FJDL4JyTofFnObpdnGDTxRyecSPZVAbfwiItnmfH1ZrFsOOk+vFBoX
r3FGp5tNWFlfSojcwDemkyZJdOdKBGqgZbNvBArN0pi1J+dJOLsxbFOb3QIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFIdsXoq/TeDtgUPlkmwTchZUJC3mMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvaDJ4ZWlyOU40TzJCUS1XU2JCTnlGbFFrTGVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQBU5PYAwQB
U5PeAwQCU5PoAwQCW7rIAwQBW7rWAwQDXvGIMAwDBANe8agDBANe8bADBACy/R8D
BAGy/TQwDQYJKoZIhvcNAQELBQADggEBADsv2OnhTadotoA5Em9gR8e67caYEl1d
Oa8/AImtepQhrP88e9yZxKJ+RqCMt4bv0e4i1LhbBtJNLUoOq+xCsus37/v/VFew
VYFy/1KiAiIhOF1ZVfiX1HQWTL3N6LlEz5xbJ+SGgogTzH++ns4/kH0NKJDfwdkP
ByA+T/zfemqpNfT8D8NCdu4wDo5mu7Pxjq8qGA3Sq1WjsmwgulvUYNWC6yf68xBX
uNSZHliV5aafSrY2A3InNXJ5OnmJ3iUGvO//fBy9DdxOZGNOqmhuochA/r2lg9u9
/qOqkA8C0DJx5Fv4xyx8BdI3MCiBWAr5gGZYoFwpij63eBZKe7kMgY0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:19 2024 by rpki-client on console-ams.rpki-client.org