Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/0aa541-e90f-46fd-a0dc-03d904c802ce/1/T-8W5M9qm_aTuvzNee3UmBJVLJ8.roa
File: T-8W5M9qm_aTuvzNee3UmBJVLJ8.roa (raw, json)
Hash identifier: hPkOL8gDdgrXzzEPvuJ2jtZwC/Psb28wunaSJrQjxMY=
Subject key identifier: 4F:EF:16:E4:CF:6A:9B:F6:93:BA:FC:CD:79:ED:D4:98:12:55:2C:9F
Certificate issuer: /CN=f159077e043877059603caa0e3e584b1626e8f7b
Certificate serial: 01853A1B222484B465516417C09F9C6CA6DD
Authority key identifier: F1:59:07:7E:04:38:77:05:96:03:CA:A0:E3:E5:84:B1:62:6E:8F:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8VkHfgQ4dwWWA8qg4-WEsWJuj3s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/0aa541-e90f-46fd-a0dc-03d904c802ce/1/T-8W5M9qm_aTuvzNee3UmBJVLJ8.roa
Signing time: Thu 22 Dec 2022 13:52:14 +0000
ROA not before: Thu 22 Dec 2022 13:52:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 30879
IP address blocks: 83.97.15.0/24 maxlen: 24
83.97.14.0/24 maxlen: 24
83.97.13.0/24 maxlen: 24
83.97.12.0/24 maxlen: 24
195.34.200.0/22 maxlen: 24
83.97.8.0/24 maxlen: 24
83.97.11.0/24 maxlen: 24
83.97.10.0/24 maxlen: 24
83.97.8.0/21 maxlen: 21
83.97.9.0/24 maxlen: 24
2a11:d940::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:3a:1b:22:24:84:b4:65:51:64:17:c0:9f:9c:6c:a6:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f159077e043877059603caa0e3e584b1626e8f7b
Validity
Not Before: Dec 22 13:52:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4fef16e4cf6a9bf693bafccd79edd49812552c9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:c3:e1:50:1c:75:e7:2c:8a:66:6a:32:0b:73:
6f:2c:48:66:d5:90:f0:46:49:1a:5b:91:53:ca:ae:
7b:dc:d8:33:9b:41:79:41:27:99:ee:cc:bd:8b:63:
2f:cb:f1:de:60:78:5b:8d:8e:0c:1f:07:82:00:97:
5f:9a:db:4d:77:82:86:9b:20:3e:cf:07:de:3d:1b:
76:b2:73:b0:c7:98:30:07:e5:bc:e2:fe:4a:79:cc:
85:72:b3:05:7c:42:01:2f:a9:76:0c:71:6a:2e:38:
5e:15:98:3d:4a:45:e9:3f:86:ab:39:9b:a7:a8:56:
ae:f2:1d:93:fd:c0:6e:b5:09:14:22:b3:b3:95:ad:
5c:ed:03:f8:9e:b3:c0:f8:ba:6d:27:03:47:e0:52:
1d:08:4d:19:9c:3b:5a:c4:fe:de:b5:c1:e9:aa:73:
8f:4e:48:37:a0:09:65:b2:e3:41:22:c4:ef:c7:f4:
6d:6e:c4:69:f9:a6:ed:fe:22:80:2f:a6:25:e9:e5:
4d:8d:29:4f:59:c7:f2:cb:fd:ec:7f:e4:c5:44:55:
71:d0:ae:98:98:b4:19:8c:1e:9f:69:65:51:10:85:
0c:df:e5:05:9f:ca:3e:38:cf:05:05:20:4d:21:40:
a6:6b:79:4d:d3:12:55:99:04:6a:e2:4c:40:a9:44:
3a:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:EF:16:E4:CF:6A:9B:F6:93:BA:FC:CD:79:ED:D4:98:12:55:2C:9F
X509v3 Authority Key Identifier:
keyid:F1:59:07:7E:04:38:77:05:96:03:CA:A0:E3:E5:84:B1:62:6E:8F:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8VkHfgQ4dwWWA8qg4-WEsWJuj3s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/0aa541-e90f-46fd-a0dc-03d904c802ce/1/T-8W5M9qm_aTuvzNee3UmBJVLJ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/0aa541-e90f-46fd-a0dc-03d904c802ce/1/8VkHfgQ4dwWWA8qg4-WEsWJuj3s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.97.8.0/21
195.34.200.0/22
IPv6:
2a11:d940::/29
Signature Algorithm: sha256WithRSAEncryption
5a:6b:4e:4e:c7:85:24:cf:11:1e:e1:2e:cc:06:d0:ae:e9:fb:
5d:3e:a6:f8:dd:0f:39:9b:3b:e1:6c:f3:32:cb:26:14:f9:6f:
ea:2b:74:6a:ed:a0:31:8a:1c:94:cf:cf:65:02:37:13:44:07:
c0:f1:cd:ec:01:cd:5b:a3:43:46:d7:42:20:2e:2a:a0:28:d5:
61:b9:7a:52:f4:b1:95:a6:b6:a3:56:9b:fa:21:96:eb:65:36:
5e:5d:41:c7:d0:ca:6d:37:e7:1d:2a:ab:86:80:d2:74:84:b9:
71:da:3f:28:45:ff:10:73:ca:ed:93:f4:ae:e0:cc:90:66:79:
28:02:39:8a:1c:41:9a:11:18:e9:64:41:40:4a:64:f2:f4:a6:
60:85:05:f6:83:cd:85:24:7e:51:d4:f1:b3:09:87:1a:0b:e8:
9f:bf:84:01:1c:4e:c5:4d:26:6d:c3:76:24:32:7e:a1:2e:69:
f9:7f:ae:e2:6f:2b:24:3e:b0:59:c8:37:a6:16:c6:b3:06:0a:
de:74:8e:1a:ab:46:a7:37:61:98:92:a3:94:fe:37:bc:bb:b8:
96:e6:99:f1:81:88:76:8b:96:5e:3b:38:1e:d1:f6:0d:a3:b9:
98:6f:6f:1a:de:d3:9a:80:8e:47:34:b9:8b:20:8a:5c:f5:7e:
e4:67:27:15
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYU6GyIkhLRlUWQXwJ+cbKbdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxNTkwNzdlMDQzODc3MDU5NjAzY2FhMGUzZTU4NGIxNjI2
ZThmN2IwHhcNMjIxMjIyMTM1MjE0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmVmMTZlNGNmNmE5YmY2OTNiYWZjY2Q3OWVkZDQ5ODEyNTUyYzlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo8PhUBx15yyKZmoyC3NvLEhm1ZDw
RkkaW5FTyq573Ngzm0F5QSeZ7sy9i2Mvy/HeYHhbjY4MHweCAJdfmttNd4KGmyA+
zwfePRt2snOwx5gwB+W84v5KecyFcrMFfEIBL6l2DHFqLjheFZg9SkXpP4arOZun
qFau8h2T/cButQkUIrOzla1c7QP4nrPA+LptJwNH4FIdCE0ZnDtaxP7etcHpqnOP
Tkg3oAllsuNBIsTvx/RtbsRp+abt/iKAL6Yl6eVNjSlPWcfyy/3sf+TFRFVx0K6Y
mLQZjB6faWVREIUM3+UFn8o+OM8FBSBNIUCma3lN0xJVmQRq4kxAqUQ6qQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFE/vFuTPapv2k7r8zXnt1JgSVSyfMB8GA1UdIwQY
MBaAFPFZB34EOHcFlgPKoOPlhLFibo97MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFZrSGZnUTRkd1dXQThxZzQtV0VzV0p1ajNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy8wYWE1NDEtZTkwZi00NmZkLWEwZGMt
MDNkOTA0YzgwMmNlLzEvVC04VzVNOXFtX2FUdXZ6TmVlM1VtQkpWTEo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy8wYWE1NDEtZTkwZi00NmZkLWEwZGMtMDNkOTA0YzgwMmNl
LzEvOFZrSGZnUTRkd1dXQThxZzQtV0VzV0p1ajNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDU2EIAwQC
wyLIMA0EAgACMAcDBQMqEdlAMA0GCSqGSIb3DQEBCwUAA4IBAQBaa05Ox4UkzxEe
4S7MBtCu6ftdPqb43Q85mzvhbPMyyyYU+W/qK3Rq7aAxihyUz89lAjcTRAfA8c3s
Ac1bo0NG10IgLiqgKNVhuXpS9LGVprajVpv6IZbrZTZeXUHH0MptN+cdKquGgNJ0
hLlx2j8oRf8Qc8rtk/Su4MyQZnkoAjmKHEGaERjpZEFASmTy9KZghQX2g82FJH5R
1PGzCYcaC+ifv4QBHE7FTSZtw3YkMn6hLmn5f67ibyskPrBZyDemFsazBgredI4a
q0anN2GYkqOU/je8u7iW5pnxgYh2i5ZeOzge0fYNo7mYb28a3tOagI5HNLmLIIpc
9X7kZycV
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:01 2024 by rpki-client on console-ams.rpki-client.org