Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/8DJkV5Xf6AUSk6TW9rTamA5E0hk.roa
File: 8DJkV5Xf6AUSk6TW9rTamA5E0hk.roa (raw, json)
Hash identifier: DHSGK9iEZMpe8Wsxe7K9hCXb5F31ADvqJ9IznCEGghA=
Subject key identifier: F0:32:64:57:95:DF:E8:05:12:93:A4:D6:F6:B4:DA:98:0E:44:D2:19
Certificate issuer: /CN=f4b769a53dd86352d3440f222bdf907cf09c2dba
Certificate serial: 1583FB28
Authority key identifier: F4:B7:69:A5:3D:D8:63:52:D3:44:0F:22:2B:DF:90:7C:F0:9C:2D:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9LdppT3YY1LTRA8iK9-QfPCcLbo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/8DJkV5Xf6AUSk6TW9rTamA5E0hk.roa
Signing time: Sat 01 Jan 2022 14:59:13 +0000
ROA not before: Sat 01 Jan 2022 14:59:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20880
IP address blocks: 158.181.68.0/22 maxlen: 22
158.181.76.0/22 maxlen: 22
158.181.72.0/22 maxlen: 22
158.181.80.0/20 maxlen: 20
158.181.80.0/22 maxlen: 22
82.119.0.0/19 maxlen: 19
82.119.0.0/20 maxlen: 20
82.119.16.0/20 maxlen: 20
62.117.16.0/20 maxlen: 20
94.139.0.0/19 maxlen: 19
94.139.0.0/20 maxlen: 20
94.139.16.0/20 maxlen: 20
158.181.64.0/19 maxlen: 19
158.181.64.0/20 maxlen: 20
5.28.64.0/19 maxlen: 19
5.28.64.0/18 maxlen: 18
89.16.128.0/19 maxlen: 19
89.16.128.0/20 maxlen: 20
89.16.144.0/20 maxlen: 20
5.28.96.0/19 maxlen: 19
185.9.224.0/22 maxlen: 22
62.117.0.192/28 maxlen: 28
95.168.128.0/19 maxlen: 19
95.168.128.0/20 maxlen: 20
95.168.144.0/20 maxlen: 20
86.56.64.0/18 maxlen: 18
37.120.64.0/18 maxlen: 18
62.117.0.128/26 maxlen: 26
62.117.0.0/19 maxlen: 19
62.117.0.0/20 maxlen: 24
37.120.0.0/17 maxlen: 17
37.120.0.0/18 maxlen: 18
86.56.0.0/17 maxlen: 17
86.56.0.0/18 maxlen: 18
2a02:2450::/32 maxlen: 32
2a02:2454::/33 maxlen: 33
2a02:2450::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 360971048 (0x1583fb28)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4b769a53dd86352d3440f222bdf907cf09c2dba
Validity
Not Before: Jan 1 14:59:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f032645795dfe8051293a4d6f6b4da980e44d219
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:aa:2c:10:0a:b3:5c:ec:9d:f9:6d:19:6c:b5:
a6:61:71:e8:0a:b9:45:d7:5a:9d:d0:f9:1b:39:6b:
9b:b2:e0:82:cf:3e:32:35:c0:5e:05:83:8c:cb:4a:
1f:f8:05:66:2f:fb:87:c8:92:4e:cc:fb:f8:db:b2:
79:1d:67:b9:a0:11:60:23:86:fe:7d:91:92:89:59:
98:bd:cf:14:ca:85:de:3b:a5:77:c2:ad:2a:c1:37:
5f:66:9a:dd:8e:47:b9:63:08:80:59:9d:e1:64:a2:
8f:38:1d:c2:4f:bd:0b:5a:10:fe:e1:31:36:22:4a:
af:df:06:fb:e3:99:cd:99:f9:88:45:d6:7e:d0:ea:
f7:d7:01:a6:48:b7:87:22:f5:6d:ec:fb:a2:4a:f8:
3f:57:3f:4f:a1:d8:a4:73:ce:08:bd:29:bd:4e:df:
ee:d3:5a:44:eb:b7:fc:13:56:14:f9:7c:77:30:d5:
9b:13:4d:9b:cc:9b:44:6a:96:79:c6:7c:f1:2b:30:
e9:5e:24:c4:35:71:28:d8:1d:cf:21:f0:ad:94:8d:
91:a8:41:a5:0c:7c:ec:64:cf:ae:1b:b0:48:26:dd:
c2:a6:55:69:0c:a8:c4:af:fe:4b:38:dc:7f:f5:f0:
68:9e:71:a4:64:7d:86:88:e2:df:0f:33:ce:e2:1d:
17:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:32:64:57:95:DF:E8:05:12:93:A4:D6:F6:B4:DA:98:0E:44:D2:19
X509v3 Authority Key Identifier:
keyid:F4:B7:69:A5:3D:D8:63:52:D3:44:0F:22:2B:DF:90:7C:F0:9C:2D:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9LdppT3YY1LTRA8iK9-QfPCcLbo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/8DJkV5Xf6AUSk6TW9rTamA5E0hk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/9LdppT3YY1LTRA8iK9-QfPCcLbo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.28.64.0/18
37.120.0.0/17
62.117.0.0/19
82.119.0.0/19
86.56.0.0/17
89.16.128.0/19
94.139.0.0/19
95.168.128.0/19
158.181.64.0/19
185.9.224.0/22
IPv6:
2a02:2450::/29
Signature Algorithm: sha256WithRSAEncryption
70:a2:68:91:2d:fd:f6:f3:e8:a8:0a:8b:80:96:12:c0:17:c2:
de:8e:1a:25:f4:9a:bf:8f:ea:1e:dc:c8:30:cf:15:f3:fb:2b:
b2:45:3b:d5:3c:1d:c3:45:fd:eb:85:0f:9a:94:c4:85:2a:87:
c0:bf:70:27:46:d8:04:45:da:82:70:83:3a:2c:e6:e8:d3:56:
42:d0:8a:4e:4c:6e:08:8e:c0:71:91:14:5e:d6:d7:a1:db:a8:
fc:21:33:f9:d5:6f:8a:cd:2a:14:5e:e7:51:90:21:96:69:b8:
d6:86:18:af:fb:af:72:cc:62:2c:fe:49:91:1f:61:85:e1:18:
06:ac:2e:7b:c3:38:13:bf:bc:3e:0c:ff:72:b7:ec:6a:b9:25:
85:17:2e:01:2a:87:b2:9e:92:46:78:fe:31:03:fd:fe:7d:34:
26:7c:7f:14:11:0f:6c:3c:b9:72:e6:86:fb:b4:ae:08:68:4c:
9f:0a:5e:90:c4:e5:95:69:20:21:d6:0f:6a:3a:f0:9a:0b:2d:
03:de:ee:09:cd:a4:57:47:cf:62:d7:6e:8d:30:ad:02:d3:5c:
05:8f:ea:ac:c9:0f:9e:90:50:1d:3d:4d:f3:8a:45:97:17:da:
fb:a4:1a:bd:9d:42:1a:6a:61:bb:e1:16:37:bc:f5:4b:15:6b:
fd:c3:eb:05
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIEFYP7KDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
NGI3NjlhNTNkZDg2MzUyZDM0NDBmMjIyYmRmOTA3Y2YwOWMyZGJhMB4XDTIyMDEw
MTE0NTkxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjAzMjY0NTc5NWRm
ZTgwNTEyOTNhNGQ2ZjZiNGRhOTgwZTQ0ZDIxOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOeqLBAKs1zsnfltGWy1pmFx6Aq5RddandD5Gzlrm7Lggs8+
MjXAXgWDjMtKH/gFZi/7h8iSTsz7+NuyeR1nuaARYCOG/n2RkolZmL3PFMqF3jul
d8KtKsE3X2aa3Y5HuWMIgFmd4WSijzgdwk+9C1oQ/uExNiJKr98G++OZzZn5iEXW
ftDq99cBpki3hyL1bez7okr4P1c/T6HYpHPOCL0pvU7f7tNaROu3/BNWFPl8dzDV
mxNNm8ybRGqWecZ88Ssw6V4kxDVxKNgdzyHwrZSNkahBpQx87GTPrhuwSCbdwqZV
aQyoxK/+Szjcf/XwaJ5xpGR9hoji3w8zzuIdF+ECAwEAAaOCAk4wggJKMB0GA1Ud
DgQWBBTwMmRXld/oBRKTpNb2tNqYDkTSGTAfBgNVHSMEGDAWgBT0t2mlPdhjUtNE
DyIr35B88JwtujAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzlMZHBwVDNZWTFMVFJBOGlLOS1RZlBDY0xiby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmMvNzBkNTBmLWZmM2MtNGY2My04ZGVjLWQ3YzM2YzI3YzA4Ny8x
LzhESmtWNVhmNkFVU2s2VFc5clRhbUE1RTBoay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmMv
NzBkNTBmLWZmM2MtNGY2My04ZGVjLWQ3YzM2YzI3YzA4Ny8xLzlMZHBwVDNZWTFM
VFJBOGlLOS1RZlBDY0xiby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBk
BggrBgEFBQcBBwEB/wRVMFMwQgQCAAEwPAMEBgUcQAMEByV4AAMEBT51AAMEBVJ3
AAMEB1Y4AAMEBVkQgAMEBV6LAAMEBV+ogAMEBZ61QAMEArkJ4DANBAIAAjAHAwUD
KgIkUDANBgkqhkiG9w0BAQsFAAOCAQEAcKJokS399vPoqAqLgJYSwBfC3o4aJfSa
v4/qHtzIMM8V8/srskU71Twdw0X964UPmpTEhSqHwL9wJ0bYBEXagnCDOizm6NNW
QtCKTkxuCI7AcZEUXtbXoduo/CEz+dVvis0qFF7nUZAhlmm41oYYr/uvcsxiLP5J
kR9hheEYBqwue8M4E7+8Pgz/crfsarklhRcuASqHsp6SRnj+MQP9/n00Jnx/FBEP
bDy5cuaG+7SuCGhMnwpekMTllWkgIdYPajrwmgstA97uCc2kV0fPYtdujTCtAtNc
BY/qrMkPnpBQHT1N84pFlxfa+6QavZ1CGmphu+EWN7z1SxVr/cPrBQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:56 2023 by rpki-client on console-fra.rpki-client.org