Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/4rIJfyDqUbKuCK4Rwsb68BDM9Lo.roa
File: 4rIJfyDqUbKuCK4Rwsb68BDM9Lo.roa (raw, json)
Hash identifier: bxHaEyzyk37xgqotVbD/bOT2iVbPdKjwA7gb1ELCcM8=
Subject key identifier: E2:B2:09:7F:20:EA:51:B2:AE:08:AE:11:C2:C6:FA:F0:10:CC:F4:BA
Certificate issuer: /CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Certificate serial: 3AA3D1EC
Authority key identifier: 1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/4rIJfyDqUbKuCK4Rwsb68BDM9Lo.roa
Signing time: Wed 02 Mar 2022 00:26:08 +0000
ROA not before: Wed 02 Mar 2022 00:26:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12912
IP address blocks: 217.8.160.0/19 maxlen: 19
94.42.0.0/16 maxlen: 16
195.94.192.0/19 maxlen: 19
78.133.128.0/17 maxlen: 17
85.219.128.0/17 maxlen: 17
89.174.0.0/16 maxlen: 16
217.153.0.0/16 maxlen: 16
157.25.0.0/16 maxlen: 16
2001:4190::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 983814636 (0x3aa3d1ec)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Validity
Not Before: Mar 2 00:26:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e2b2097f20ea51b2ae08ae11c2c6faf010ccf4ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:3b:ae:44:57:25:75:1a:a4:a6:3e:5e:fc:92:
65:ff:96:38:43:d3:cc:9f:25:53:cc:11:f6:4a:bf:
c7:47:17:5d:10:6d:af:19:d5:fb:47:11:fc:d6:9c:
eb:fb:80:6d:06:b3:30:c2:fb:fb:5d:13:14:d5:37:
d3:3e:86:24:ff:24:ad:cf:2d:05:5f:03:d3:0f:d3:
f9:99:52:04:f0:63:67:f1:db:c1:55:ed:b8:24:c3:
34:24:b3:20:c5:e7:9f:bd:e3:04:54:8e:28:8f:d1:
4f:05:9e:c4:48:02:f5:ed:1b:c9:84:af:0a:7d:74:
ca:1f:11:66:ae:2c:cb:44:e3:4c:80:18:3a:43:ae:
9f:68:dd:2a:91:70:93:3e:23:9c:c1:22:e6:46:e9:
73:03:8f:00:9c:59:51:40:14:b6:a3:a7:a6:5a:04:
b5:dd:25:38:02:3c:f5:63:21:6a:32:1f:c1:72:f5:
7f:eb:ad:3c:37:09:e5:ba:87:37:8a:06:29:d1:d7:
3d:f4:51:7e:19:aa:76:15:d5:98:19:ad:4c:fc:c7:
42:9e:24:00:0c:7b:be:8d:ae:c0:04:2c:29:63:b4:
89:3d:21:19:2f:7c:d2:78:8c:82:c1:7f:a2:2d:21:
6d:71:b6:5a:e2:56:5f:b1:d3:2a:e7:3a:a3:93:76:
22:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:B2:09:7F:20:EA:51:B2:AE:08:AE:11:C2:C6:FA:F0:10:CC:F4:BA
X509v3 Authority Key Identifier:
keyid:1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/4rIJfyDqUbKuCK4Rwsb68BDM9Lo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.133.128.0/17
85.219.128.0/17
89.174.0.0/16
94.42.0.0/16
157.25.0.0/16
195.94.192.0/19
217.8.160.0/19
217.153.0.0/16
IPv6:
2001:4190::/32
Signature Algorithm: sha256WithRSAEncryption
23:ea:b7:a2:49:b7:72:e2:d3:28:4b:f2:ab:34:db:f6:49:89:
41:a0:a7:54:c9:bc:4e:60:49:fa:11:85:e6:d2:f7:b8:db:98:
e4:25:88:d0:db:f4:23:43:02:8c:4b:b5:4a:02:3e:44:6a:e7:
d7:b9:db:a6:e6:36:1d:b0:bd:02:99:b5:dd:32:5a:ee:9e:17:
f7:52:31:db:89:b1:85:03:8d:df:ea:31:a1:3b:37:92:74:ec:
9b:d6:e5:fd:2d:68:1b:0a:56:0b:82:2b:13:00:34:c7:cc:20:
8b:bb:b5:6e:ad:7f:7e:b2:ce:0a:3a:e9:d4:04:ed:36:ac:3d:
1b:c8:ba:b4:9f:e3:99:5e:e2:01:87:3a:e3:73:08:30:b6:3d:
b3:ce:39:87:3a:be:3f:fe:96:52:f3:f2:3b:2b:ab:96:35:29:
19:f0:2f:74:a4:e7:51:52:a6:6e:fd:b0:83:50:22:87:93:51:
ce:bb:b7:5b:9d:02:76:bd:b2:99:d8:e3:ef:b3:32:3a:ee:cb:
01:24:db:aa:e3:6b:45:6f:0d:55:17:4e:01:ae:51:cf:b7:96:
78:dc:ef:02:10:72:a0:84:68:65:97:4c:3a:c1:d3:d7:62:70:
cc:4e:78:a4:6b:95:e6:22:03:a4:d2:ce:24:ba:89:cc:9e:1b:
86:9c:72:42
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgIEOqPR7DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
YWNhNjNkZjI0OGI3YWRmM2RkZDA3ZThjMmQzZWVkZDAyY2VmOTMzMB4XDTIyMDMw
MjAwMjYwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTJiMjA5N2YyMGVh
NTFiMmFlMDhhZTExYzJjNmZhZjAxMGNjZjRiYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANM7rkRXJXUapKY+XvySZf+WOEPTzJ8lU8wR9kq/x0cXXRBt
rxnV+0cR/Nac6/uAbQazMML7+10TFNU30z6GJP8krc8tBV8D0w/T+ZlSBPBjZ/Hb
wVXtuCTDNCSzIMXnn73jBFSOKI/RTwWexEgC9e0byYSvCn10yh8RZq4sy0TjTIAY
OkOun2jdKpFwkz4jnMEi5kbpcwOPAJxZUUAUtqOnploEtd0lOAI89WMhajIfwXL1
f+utPDcJ5bqHN4oGKdHXPfRRfhmqdhXVmBmtTPzHQp4kAAx7vo2uwAQsKWO0iT0h
GS980niMgsF/oi0hbXG2WuJWX7HTKuc6o5N2IiECAwEAAaOCAj4wggI6MB0GA1Ud
DgQWBBTisgl/IOpRsq4IrhHCxvrwEMz0ujAfBgNVHSMEGDAWgBQaymPfJIt63z3d
B+jC0+7dAs75MzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0dzcGozeVNMZXQ4OTNRZm93dFB1M1FMTy1UTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmUvMWY2NDU4LWRjNzUtNGFkZC1hZTcyLTkxZTMxODRiYjBhYi8x
LzRySUpmeURxVWJLdUNLNFJ3c2I2OEJETTlMby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmUv
MWY2NDU4LWRjNzUtNGFkZC1hZTcyLTkxZTMxODRiYjBhYi8xL0dzcGozeVNMZXQ4
OTNRZm93dFB1M1FMTy1UTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBU
BggrBgEFBQcBBwEB/wRFMEMwMgQCAAEwLAMEB06FgAMEB1XbgAMDAFmuAwMAXioD
AwCdGQMEBcNewAMEBdkIoAMDANmZMA0EAgACMAcDBQAgAUGQMA0GCSqGSIb3DQEB
CwUAA4IBAQAj6reiSbdy4tMoS/KrNNv2SYlBoKdUybxOYEn6EYXm0ve425jkJYjQ
2/QjQwKMS7VKAj5EaufXudum5jYdsL0CmbXdMlrunhf3UjHbibGFA43f6jGhOzeS
dOyb1uX9LWgbClYLgisTADTHzCCLu7VurX9+ss4KOunUBO02rD0byLq0n+OZXuIB
hzrjcwgwtj2zzjmHOr4//pZS8/I7K6uWNSkZ8C90pOdRUqZu/bCDUCKHk1HOu7db
nQJ2vbKZ2OPvszI67ssBJNuq42tFbw1VF04BrlHPt5Z43O8CEHKghGhll0w6wdPX
YnDMTnika5XmIgOk0s4kuonMnhuGnHJC
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:02 2023 by rpki-client on console-ams.rpki-client.org