Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/b70658-e1dc-4944-a06b-1c680adf7a26/1/n8fdp362G1yExGDsm4-CwKMsvUU.roa
File: n8fdp362G1yExGDsm4-CwKMsvUU.roa (raw, json)
Hash identifier: PLT1/nxRDI08NTK0U7uPJERy/hQ0TkCaPZrpy4Kiqww=
Subject key identifier: 9F:C7:DD:A7:7E:B6:1B:5C:84:C4:60:EC:9B:8F:82:C0:A3:2C:BD:45
Certificate issuer: /CN=d3600cbafd26fee5064fc89f301dfc8e3c1d3ca5
Certificate serial: 0C9E5930
Authority key identifier: D3:60:0C:BA:FD:26:FE:E5:06:4F:C8:9F:30:1D:FC:8E:3C:1D:3C:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/02AMuv0m_uUGT8ifMB38jjwdPKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/b70658-e1dc-4944-a06b-1c680adf7a26/1/n8fdp362G1yExGDsm4-CwKMsvUU.roa
Signing time: Tue 31 May 2022 15:19:14 +0000
ROA not before: Tue 31 May 2022 15:19:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208149
IP address blocks: 185.83.72.0/22 maxlen: 24
94.154.134.0/23 maxlen: 24
91.220.176.0/24 maxlen: 24
185.117.35.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 211704112 (0xc9e5930)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3600cbafd26fee5064fc89f301dfc8e3c1d3ca5
Validity
Not Before: May 31 15:19:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9fc7dda77eb61b5c84c460ec9b8f82c0a32cbd45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:e3:6d:57:f6:1d:cb:5f:2d:1d:03:ba:5a:6b:
16:25:5c:69:43:e3:90:be:19:5e:6b:8c:95:f3:8e:
91:f1:44:0c:34:66:35:95:e9:34:bf:16:32:6b:b3:
1a:b2:aa:99:e2:f8:92:98:b3:48:88:e7:c5:72:4b:
24:da:59:87:b6:3f:49:95:9f:dd:bb:e5:2e:74:d3:
fe:b8:35:24:d1:39:ff:fc:dd:eb:25:40:a2:6e:ef:
c8:a6:fb:fa:c5:59:c4:67:db:35:4e:71:5b:42:ea:
be:3f:41:e9:16:02:b7:87:7b:9d:ea:28:21:1c:6d:
a8:86:05:a6:c1:0d:e1:6c:6f:e4:ec:4e:5c:59:ce:
c2:20:0e:11:5c:e4:cc:09:dd:22:e6:9a:e7:02:aa:
90:76:0c:4e:0d:1a:de:fd:2e:eb:03:3c:b8:0d:e8:
44:65:d7:6a:d0:3a:b6:d0:03:e2:48:bb:27:bb:dc:
a2:00:ff:60:0a:78:0b:70:ed:9e:78:77:94:71:03:
4f:18:3b:2b:2e:70:a6:07:1a:64:6c:74:bf:e2:22:
56:16:3d:1b:23:28:e4:f5:28:af:f9:51:6e:3b:c5:
c9:3a:3e:20:cd:24:a2:16:b9:82:47:04:0d:6b:0c:
b6:f7:1b:fc:1d:73:43:f1:e0:74:79:20:59:fd:14:
f7:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:C7:DD:A7:7E:B6:1B:5C:84:C4:60:EC:9B:8F:82:C0:A3:2C:BD:45
X509v3 Authority Key Identifier:
keyid:D3:60:0C:BA:FD:26:FE:E5:06:4F:C8:9F:30:1D:FC:8E:3C:1D:3C:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/02AMuv0m_uUGT8ifMB38jjwdPKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/b70658-e1dc-4944-a06b-1c680adf7a26/1/n8fdp362G1yExGDsm4-CwKMsvUU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/b70658-e1dc-4944-a06b-1c680adf7a26/1/02AMuv0m_uUGT8ifMB38jjwdPKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.176.0/24
94.154.134.0/23
185.83.72.0/22
185.117.35.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:7f:58:e7:98:20:23:c3:13:6f:7b:f5:f6:0f:ca:a0:61:43:
37:74:89:16:1d:81:58:92:f1:fe:30:52:b4:90:d2:f5:43:53:
52:c4:dd:c3:6b:ad:5f:a4:27:58:28:46:ac:e9:c5:ab:68:48:
d1:8b:41:e3:49:d2:e4:9c:68:11:8d:02:f0:44:d1:31:50:8c:
b1:25:de:69:95:74:bc:17:7c:2d:ba:b1:63:3e:2b:e3:ac:1c:
d4:43:aa:93:80:fa:20:f0:80:f8:0e:60:7f:06:e2:73:46:31:
60:35:a7:d2:41:48:b0:bf:41:d6:3e:3f:dc:ed:d3:b9:1b:a5:
b3:9d:6f:43:8b:88:ce:85:b6:a3:2a:95:40:fe:44:72:85:24:
67:ce:94:0f:4c:27:cd:a3:76:83:9e:58:5b:eb:65:88:00:3d:
a6:4c:38:16:11:ce:81:9f:98:d6:04:45:95:76:06:40:81:d7:
c1:e0:40:95:2f:dc:a3:20:25:4d:50:92:07:e5:67:48:b0:9d:
80:fd:cf:ff:49:59:d3:09:74:05:ea:fe:6e:42:9a:90:33:be:
b9:34:75:81:00:52:c0:ea:26:ee:89:bb:4b:27:65:81:7f:75:
61:e0:dc:af:28:cd:81:91:35:8f:e3:8f:c6:af:a5:a4:4c:04:
d7:08:4c:90
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEDJ5ZMDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MzYwMGNiYWZkMjZmZWU1MDY0ZmM4OWYzMDFkZmM4ZTNjMWQzY2E1MB4XDTIyMDUz
MTE1MTkxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWZjN2RkYTc3ZWI2
MWI1Yzg0YzQ2MGVjOWI4ZjgyYzBhMzJjYmQ0NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALDjbVf2HctfLR0DulprFiVcaUPjkL4ZXmuMlfOOkfFEDDRm
NZXpNL8WMmuzGrKqmeL4kpizSIjnxXJLJNpZh7Y/SZWf3bvlLnTT/rg1JNE5//zd
6yVAom7vyKb7+sVZxGfbNU5xW0Lqvj9B6RYCt4d7neooIRxtqIYFpsEN4Wxv5OxO
XFnOwiAOEVzkzAndIuaa5wKqkHYMTg0a3v0u6wM8uA3oRGXXatA6ttAD4ki7J7vc
ogD/YAp4C3Dtnnh3lHEDTxg7Ky5wpgcaZGx0v+IiVhY9GyMo5PUor/lRbjvFyTo+
IM0koha5gkcEDWsMtvcb/B1zQ/HgdHkgWf0U9xECAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBSfx92nfrYbXITEYOybj4LAoyy9RTAfBgNVHSMEGDAWgBTTYAy6/Sb+5QZP
yJ8wHfyOPB08pTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzAyQU11djBtX3VVR1Q4aWZNQjM4amp3ZFBLVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzAvYjcwNjU4LWUxZGMtNDk0NC1hMDZiLTFjNjgwYWRmN2EyNi8x
L244ZmRwMzYyRzF5RXhHRHNtNC1Dd0tNc3ZVVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzAv
YjcwNjU4LWUxZGMtNDk0NC1hMDZiLTFjNjgwYWRmN2EyNi8xLzAyQU11djBtX3VV
R1Q4aWZNQjM4amp3ZFBLVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAFvcsAMEAV6ahgMEArlTSAMEALl1
IzANBgkqhkiG9w0BAQsFAAOCAQEAin9Y55ggI8MTb3v19g/KoGFDN3SJFh2BWJLx
/jBStJDS9UNTUsTdw2utX6QnWChGrOnFq2hI0YtB40nS5JxoEY0C8ETRMVCMsSXe
aZV0vBd8LbqxYz4r46wc1EOqk4D6IPCA+A5gfwbic0YxYDWn0kFIsL9B1j4/3O3T
uRuls51vQ4uIzoW2oyqVQP5EcoUkZ86UD0wnzaN2g55YW+tliAA9pkw4FhHOgZ+Y
1gRFlXYGQIHXweBAlS/coyAlTVCSB+VnSLCdgP3P/0lZ0wl0Ber+bkKakDO+uTR1
gQBSwOom7om7SydlgX91YeDcryjNgZE1j+OPxq+lpEwE1whMkA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:16 2024 by rpki-client on console-ams.rpki-client.org