Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8ce6a1-130c-480e-a903-db8eff1b11a0/1/zHkX2mInRLvkmwdTDBgus1FmbQ8.roa
File: zHkX2mInRLvkmwdTDBgus1FmbQ8.roa (raw, json)
Hash identifier: kJEn/2XGlgZABIngUO+7PSYqBaNI22PNyhu3KDXVGws=
Subject key identifier: CC:79:17:DA:62:27:44:BB:E4:9B:07:53:0C:18:2E:B3:51:66:6D:0F
Certificate issuer: /CN=ac8a0e0b1b21f093333c0748145b1628418cf2b5
Certificate serial: 07DA5921
Authority key identifier: AC:8A:0E:0B:1B:21:F0:93:33:3C:07:48:14:5B:16:28:41:8C:F2:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rIoOCxsh8JMzPAdIFFsWKEGM8rU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8ce6a1-130c-480e-a903-db8eff1b11a0/1/zHkX2mInRLvkmwdTDBgus1FmbQ8.roa
Signing time: Tue 15 Mar 2022 18:26:44 +0000
ROA not before: Tue 15 Mar 2022 18:26:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200000
IP address blocks: 185.233.120.0/22 maxlen: 22
185.124.8.0/22 maxlen: 22
185.233.136.0/22 maxlen: 22
185.39.224.0/22 maxlen: 22
185.149.40.0/22 maxlen: 22
185.233.116.0/22 maxlen: 22
185.235.168.0/22 maxlen: 22
185.104.44.0/22 maxlen: 22
185.65.244.0/22 maxlen: 22
185.226.24.0/22 maxlen: 22
185.225.212.0/22 maxlen: 22
185.25.116.0/22 maxlen: 22
185.68.16.0/22 maxlen: 22
185.233.36.0/22 maxlen: 22
185.233.40.0/22 maxlen: 22
185.233.44.0/22 maxlen: 22
185.130.120.0/22 maxlen: 22
185.69.152.0/22 maxlen: 22
185.239.180.0/22 maxlen: 22
185.234.176.0/22 maxlen: 22
2a0c:c80::/29 maxlen: 29
2a0c:6080::/29 maxlen: 29
2a0c:d80::/29 maxlen: 29
2a0c:e80::/29 maxlen: 29
2a04:8000::/29 maxlen: 29
2a0d:6500::/29 maxlen: 29
2a0d:1100::/29 maxlen: 29
2a05:480::/29 maxlen: 29
2a0c:780::/29 maxlen: 29
2a06:6440::/29 maxlen: 29
2a0c:a80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 131750177 (0x7da5921)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac8a0e0b1b21f093333c0748145b1628418cf2b5
Validity
Not Before: Mar 15 18:26:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cc7917da622744bbe49b07530c182eb351666d0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:c0:e6:c2:53:3f:d9:9a:18:4a:c1:ea:d1:23:
83:fa:a4:a8:92:41:d5:21:93:33:61:e7:58:05:44:
c5:8f:87:f0:18:8b:fe:a3:19:c8:3f:ab:20:b7:1c:
84:c5:db:e7:92:4e:ce:d8:1c:3b:a3:52:9b:d8:1b:
88:c0:b0:a1:79:08:3f:13:c2:78:df:ed:54:ac:f3:
e0:c0:e8:c5:79:eb:7f:f5:2a:6b:d3:92:be:52:91:
e5:45:66:81:d1:c8:b0:a8:fa:f6:f9:9c:33:fb:c9:
da:38:ce:50:ef:33:78:e5:fe:ca:ec:4e:41:82:e9:
19:33:f6:8e:d7:d0:85:49:32:74:32:a1:34:5f:ba:
de:c3:ee:f4:35:6c:05:9f:2e:fe:16:93:17:de:a1:
33:be:ea:38:db:05:fc:ba:ec:3f:9c:2f:08:54:c1:
11:6d:ee:e7:a2:97:bc:e6:f7:86:8c:3b:a7:21:d8:
a8:a1:ba:af:c2:d5:3f:0e:3e:ab:3f:2f:0a:55:b6:
e2:db:3a:56:11:9e:d2:30:dc:d0:03:c5:a0:be:79:
f4:d9:f5:26:82:76:f9:c4:87:0a:c5:2a:19:10:e7:
12:01:86:b7:38:7b:dd:eb:3e:62:58:11:07:69:6a:
c2:3b:b0:08:35:b4:e2:9a:50:e2:f2:c0:28:e2:8e:
47:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:79:17:DA:62:27:44:BB:E4:9B:07:53:0C:18:2E:B3:51:66:6D:0F
X509v3 Authority Key Identifier:
keyid:AC:8A:0E:0B:1B:21:F0:93:33:3C:07:48:14:5B:16:28:41:8C:F2:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rIoOCxsh8JMzPAdIFFsWKEGM8rU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8ce6a1-130c-480e-a903-db8eff1b11a0/1/zHkX2mInRLvkmwdTDBgus1FmbQ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8ce6a1-130c-480e-a903-db8eff1b11a0/1/rIoOCxsh8JMzPAdIFFsWKEGM8rU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.25.116.0/22
185.39.224.0/22
185.65.244.0/22
185.68.16.0/22
185.69.152.0/22
185.104.44.0/22
185.124.8.0/22
185.130.120.0/22
185.149.40.0/22
185.225.212.0/22
185.226.24.0/22
185.233.36.0-185.233.47.255
185.233.116.0-185.233.123.255
185.233.136.0/22
185.234.176.0/22
185.235.168.0/22
185.239.180.0/22
IPv6:
2a04:8000::/29
2a05:480::/29
2a06:6440::/29
2a0c:780::/29
2a0c:a80::/29
2a0c:c80::/29
2a0c:d80::/29
2a0c:e80::/29
2a0c:6080::/29
2a0d:1100::/29
2a0d:6500::/29
Signature Algorithm: sha256WithRSAEncryption
24:91:43:46:32:fb:13:6e:f7:58:3d:05:c7:3d:ff:16:11:50:
55:10:0c:5f:c7:d6:40:d4:58:b8:f5:fc:af:aa:0b:cd:d1:e2:
76:ad:f1:42:28:96:5e:67:21:a4:f7:97:98:04:2d:5d:f6:ab:
5b:f0:84:6f:a7:fb:9b:28:98:1d:a6:64:04:5c:dd:09:a5:75:
03:b0:57:06:27:38:05:52:d4:eb:1a:3a:66:77:cc:be:59:f6:
d7:03:bd:47:a8:78:3f:c6:db:92:95:c5:b0:52:7d:e3:55:0b:
dd:5f:6f:a1:d9:49:9e:98:56:36:46:c7:c6:02:25:d4:ba:e6:
13:21:79:09:40:9b:92:01:db:49:17:de:0c:83:73:7b:c1:05:
75:66:2c:a4:60:bf:90:11:31:3b:bf:5a:c2:c6:3c:e4:08:5d:
54:c1:02:c1:25:94:71:cb:c9:8e:fe:d9:1b:f7:79:35:80:9c:
be:f1:34:d9:b1:b3:7a:76:b9:56:19:0b:07:15:77:91:0c:5e:
dc:8a:92:6d:f3:6f:6d:9c:41:06:cd:c7:34:69:71:a7:6e:f6:
20:d9:7b:bb:4e:8d:e3:09:10:de:c5:1d:6c:f8:77:aa:75:27:
eb:e2:3c:d2:31:7d:1b:e7:80:9d:a1:8a:36:42:a0:00:57:6b:
2b:61:18:f1
-----BEGIN CERTIFICATE-----
MIIFtzCCBJ+gAwIBAgIEB9pZITANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YzhhMGUwYjFiMjFmMDkzMzMzYzA3NDgxNDViMTYyODQxOGNmMmI1MB4XDTIyMDMx
NTE4MjY0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2M3OTE3ZGE2MjI3
NDRiYmU0OWIwNzUzMGMxODJlYjM1MTY2NmQwZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAODA5sJTP9maGErB6tEjg/qkqJJB1SGTM2HnWAVExY+H8BiL
/qMZyD+rILcchMXb55JOztgcO6NSm9gbiMCwoXkIPxPCeN/tVKzz4MDoxXnrf/Uq
a9OSvlKR5UVmgdHIsKj69vmcM/vJ2jjOUO8zeOX+yuxOQYLpGTP2jtfQhUkydDKh
NF+63sPu9DVsBZ8u/haTF96hM77qONsF/LrsP5wvCFTBEW3u56KXvOb3how7pyHY
qKG6r8LVPw4+qz8vClW24ts6VhGe0jDc0APFoL559Nn1JoJ2+cSHCsUqGRDnEgGG
tzh73es+YlgRB2lqwjuwCDW04ppQ4vLAKOKORzMCAwEAAaOCAtEwggLNMB0GA1Ud
DgQWBBTMeRfaYidEu+SbB1MMGC6zUWZtDzAfBgNVHSMEGDAWgBSsig4LGyHwkzM8
B0gUWxYoQYzytTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3JJb09DeHNoOEpNelBBZElGRnNXS0VHTThyVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmMvOGNlNmExLTEzMGMtNDgwZS1hOTAzLWRiOGVmZjFiMTFhMC8x
L3pIa1gybUluUkx2a213ZFREQmd1czFGbWJROC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmMv
OGNlNmExLTEzMGMtNDgwZS1hOTAzLWRiOGVmZjFiMTFhMC8xL3JJb09DeHNoOEpN
elBBZElGRnNXS0VHTThyVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
5gYIKwYBBQUHAQcBAf8EgdYwgdMwfAQCAAEwdgMEArkZdAMEArkn4AMEArlB9AME
ArlEEAMEArlFmAMEArloLAMEArl8CAMEArmCeAMEArmVKAMEArnh1AMEArniGDAM
AwQCuekkAwQEuekgMAwDBAK56XQDBAK56XgDBAK56YgDBAK56rADBAK566gDBAK5
77QwUwQCAAIwTQMFAyoEgAADBQMqBQSAAwUDKgZkQAMFAyoMB4ADBQMqDAqAAwUD
KgwMgAMFAyoMDYADBQMqDA6AAwUDKgxggAMFAyoNEQADBQMqDWUAMA0GCSqGSIb3
DQEBCwUAA4IBAQAkkUNGMvsTbvdYPQXHPf8WEVBVEAxfx9ZA1Fi49fyvqgvN0eJ2
rfFCKJZeZyGk95eYBC1d9qtb8IRvp/ubKJgdpmQEXN0JpXUDsFcGJzgFUtTrGjpm
d8y+WfbXA71HqHg/xtuSlcWwUn3jVQvdX2+h2UmemFY2RsfGAiXUuuYTIXkJQJuS
AdtJF94Mg3N7wQV1ZiykYL+QETE7v1rCxjzkCF1UwQLBJZRxy8mO/tkb93k1gJy+
8TTZsbN6drlWGQsHFXeRDF7cipJt829tnEEGzcc0aXGnbvYg2Xu7To3jCRDexR1s
+HeqdSfr4jzSMX0b54CdoYo2QqAAV2srYRjx
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:43 2024 by rpki-client on console-fra.rpki-client.org