Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/2d958c-8878-4323-bedc-25e535c8a5b9/1/8ylrUhfhZ2UzxX2ltfgD29D5GWU.roa
File: 8ylrUhfhZ2UzxX2ltfgD29D5GWU.roa (raw, json)
Hash identifier: a2hVDbdNjZ+93Fl9IfIHykmdshvtynatiXtnNQkug8Y=
Subject key identifier: F3:29:6B:52:17:E1:67:65:33:C5:7D:A5:B5:F8:03:DB:D0:F9:19:65
Certificate issuer: /CN=8624f3f661f24be5fef641dc722e5cf5ac87389e
Certificate serial: 0184EBC18B696DA0696CEED3A00F958B1743
Authority key identifier: 86:24:F3:F6:61:F2:4B:E5:FE:F6:41:DC:72:2E:5C:F5:AC:87:38:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hiTz9mHyS-X-9kHcci5c9ayHOJ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/2d958c-8878-4323-bedc-25e535c8a5b9/1/8ylrUhfhZ2UzxX2ltfgD29D5GWU.roa
Signing time: Wed 07 Dec 2022 08:44:00 +0000
ROA not before: Wed 07 Dec 2022 08:44:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8784
IP address blocks: 194.117.211.0/24 maxlen: 24
194.117.208.0/24 maxlen: 24
194.117.208.0/20 maxlen: 20
194.117.219.0/24 maxlen: 24
194.117.216.0/24 maxlen: 24
195.46.192.0/19 maxlen: 19
195.46.198.0/24 maxlen: 24
195.46.195.0/24 maxlen: 24
195.46.193.0/24 maxlen: 24
195.46.204.0/24 maxlen: 24
195.46.210.0/24 maxlen: 24
195.46.209.0/24 maxlen: 24
195.46.213.0/24 maxlen: 24
195.46.216.0/24 maxlen: 24
195.46.214.0/24 maxlen: 24
195.46.219.0/24 maxlen: 24
195.46.223.0/24 maxlen: 24
178.22.152.0/21 maxlen: 21
194.153.214.0/24 maxlen: 24
83.169.120.0/24 maxlen: 24
83.169.120.0/22 maxlen: 22
83.169.119.0/24 maxlen: 24
83.169.124.0/24 maxlen: 24
83.169.123.0/24 maxlen: 24
83.169.122.0/24 maxlen: 24
83.169.121.0/24 maxlen: 24
83.169.71.0/24 maxlen: 24
83.169.70.0/23 maxlen: 23
83.169.70.0/24 maxlen: 24
83.169.69.0/24 maxlen: 24
83.169.64.0/18 maxlen: 18
83.169.73.0/24 maxlen: 24
83.169.85.0/24 maxlen: 24
83.169.84.0/24 maxlen: 24
83.169.83.0/24 maxlen: 24
83.169.81.0/24 maxlen: 24
83.169.80.0/24 maxlen: 24
83.169.89.0/24 maxlen: 24
83.169.92.0/24 maxlen: 24
83.169.99.0/24 maxlen: 24
83.169.103.0/24 maxlen: 24
83.169.102.0/24 maxlen: 24
83.169.100.0/24 maxlen: 24
83.169.100.0/22 maxlen: 22
83.169.118.0/24 maxlen: 24
83.169.117.0/24 maxlen: 24
83.169.116.0/22 maxlen: 22
83.169.116.0/24 maxlen: 24
83.169.115.0/24 maxlen: 24
83.169.114.0/23 maxlen: 23
83.169.114.0/24 maxlen: 24
213.139.96.0/19 maxlen: 19
213.139.112.0/24 maxlen: 24
213.139.111.0/24 maxlen: 24
213.139.117.0/24 maxlen: 24
213.139.123.0/24 maxlen: 24
212.37.192.0/19 maxlen: 19
83.169.64.0/23 maxlen: 23
2a02:d50::/32 maxlen: 32
2001:4b90::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:eb:c1:8b:69:6d:a0:69:6c:ee:d3:a0:0f:95:8b:17:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8624f3f661f24be5fef641dc722e5cf5ac87389e
Validity
Not Before: Dec 7 08:44:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f3296b5217e1676533c57da5b5f803dbd0f91965
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:04:04:6b:fe:05:9d:17:2f:4f:7c:7a:af:07:
12:84:26:7c:2e:56:23:d1:9f:bb:46:75:a6:bf:ed:
fb:52:5e:e2:35:12:55:ab:d7:d9:6a:65:03:97:28:
e6:28:99:a3:4a:d2:72:1d:f5:07:af:48:85:bb:c9:
cc:2a:19:e0:67:40:96:1e:67:a8:f1:a1:b0:28:2c:
a8:9d:65:f8:f2:cf:67:22:01:48:82:be:7f:08:07:
3d:bb:8d:81:cb:80:0f:ed:c0:ac:09:3e:30:44:ad:
ec:d9:e5:52:d6:9f:09:fc:57:82:b7:f7:c0:65:d6:
5a:ef:cb:c5:a7:63:41:19:cf:04:fb:cd:fa:b3:74:
49:0c:a4:e0:fa:dd:bb:49:2f:3b:a0:29:fa:66:82:
78:01:82:9f:b7:70:b0:66:e8:07:3f:d3:e3:34:a6:
2a:8d:a6:09:1a:86:5c:b2:d9:02:ef:e1:c6:f3:d8:
ae:57:fd:94:8d:04:a8:91:68:3e:c9:c6:02:98:41:
99:69:70:72:ce:7c:f7:ce:6b:fa:05:5c:63:fa:f6:
c5:6a:8b:0d:3c:8f:18:c8:72:d8:5a:52:3c:53:d8:
61:50:d9:41:ad:4f:f1:f4:37:39:4e:0e:2f:01:5e:
84:46:77:d5:dc:f4:9c:03:d0:db:1b:74:5d:34:a5:
f6:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:29:6B:52:17:E1:67:65:33:C5:7D:A5:B5:F8:03:DB:D0:F9:19:65
X509v3 Authority Key Identifier:
keyid:86:24:F3:F6:61:F2:4B:E5:FE:F6:41:DC:72:2E:5C:F5:AC:87:38:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hiTz9mHyS-X-9kHcci5c9ayHOJ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/2d958c-8878-4323-bedc-25e535c8a5b9/1/8ylrUhfhZ2UzxX2ltfgD29D5GWU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/2d958c-8878-4323-bedc-25e535c8a5b9/1/hiTz9mHyS-X-9kHcci5c9ayHOJ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.169.64.0/18
178.22.152.0/21
194.117.208.0/20
194.153.214.0/24
195.46.192.0/19
212.37.192.0/19
213.139.96.0/19
IPv6:
2001:4b90::/32
2a02:d50::/32
Signature Algorithm: sha256WithRSAEncryption
94:53:60:c8:a7:20:8a:b0:3e:e9:a6:fb:32:9c:eb:6e:9e:ce:
79:7e:61:de:73:15:c7:a5:84:fe:b4:3a:31:09:d8:09:81:d2:
2d:6a:b7:6b:06:a6:0c:a5:ef:61:7c:af:ee:93:86:8c:38:c7:
c5:19:07:5e:b9:ba:b7:b3:c1:84:38:77:2c:9c:04:22:90:00:
21:9f:9d:7a:98:b4:07:04:bc:96:90:8d:5b:d4:9c:40:51:d2:
8d:1a:f8:6b:9a:fc:93:db:7f:34:27:22:13:6f:87:a6:04:2e:
ef:ab:9b:44:a7:15:6b:0e:3a:2b:37:75:db:18:a4:13:dc:66:
93:70:e6:cc:3f:16:e1:7f:f0:86:57:71:9d:07:b2:92:ec:f3:
15:34:7c:79:e8:a1:4f:1f:05:4e:91:35:48:c4:9b:f4:78:32:
2b:30:12:d1:ce:fb:2e:6f:71:84:14:2a:24:72:4e:22:4e:1b:
88:ad:8c:55:ae:79:0e:a3:40:e2:4d:40:97:9f:39:a1:3d:92:
d1:2a:d7:04:ab:71:f5:9f:11:a3:66:41:53:d3:15:4f:4b:81:
43:a8:21:13:5b:90:24:0d:74:58:de:7f:ac:93:6b:c9:48:2d:
6f:7b:87:9c:5b:aa:63:f3:5e:50:3e:4e:11:20:d7:e0:45:c3:
4e:08:23:a7
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAYTrwYtpbaBpbO7ToA+VixdDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2MjRmM2Y2NjFmMjRiZTVmZWY2NDFkYzcyMmU1Y2Y1YWM4
NzM4OWUwHhcNMjIxMjA3MDg0NDAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzI5NmI1MjE3ZTE2NzY1MzNjNTdkYTViNWY4MDNkYmQwZjkxOTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvAQEa/4FnRcvT3x6rwcShCZ8LlYj
0Z+7RnWmv+37Ul7iNRJVq9fZamUDlyjmKJmjStJyHfUHr0iFu8nMKhngZ0CWHmeo
8aGwKCyonWX48s9nIgFIgr5/CAc9u42By4AP7cCsCT4wRK3s2eVS1p8J/FeCt/fA
ZdZa78vFp2NBGc8E+836s3RJDKTg+t27SS87oCn6ZoJ4AYKft3CwZugHP9PjNKYq
jaYJGoZcstkC7+HG89iuV/2UjQSokWg+ycYCmEGZaXByznz3zmv6BVxj+vbFaosN
PI8YyHLYWlI8U9hhUNlBrU/x9Dc5Tg4vAV6ERnfV3PScA9DbG3RdNKX2WwIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFPMpa1IX4WdlM8V9pbX4A9vQ+RllMB8GA1UdIwQY
MBaAFIYk8/Zh8kvl/vZB3HIuXPWshzieMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGlUejltSHlTLVgtOWtIY2NpNWM5YXlIT0o0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi8yZDk1OGMtODg3OC00MzIzLWJlZGMt
MjVlNTM1YzhhNWI5LzEvOHlsclVoZmhaMlV6eFgybHRmZ0QyOUQ1R1dVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi8yZDk1OGMtODg3OC00MzIzLWJlZGMtMjVlNTM1YzhhNWI5
LzEvaGlUejltSHlTLVgtOWtIY2NpNWM5YXlIT0o0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDAwBAIAATAqAwQGU6lAAwQD
shaYAwQEwnXQAwQAwpnWAwQFwy7AAwQF1CXAAwQF1YtgMBQEAgACMA4DBQAgAUuQ
AwUAKgINUDANBgkqhkiG9w0BAQsFAAOCAQEAlFNgyKcgirA+6ab7Mpzrbp7OeX5h
3nMVx6WE/rQ6MQnYCYHSLWq3awamDKXvYXyv7pOGjDjHxRkHXrm6t7PBhDh3LJwE
IpAAIZ+depi0BwS8lpCNW9ScQFHSjRr4a5r8k9t/NCciE2+HpgQu76ubRKcVaw46
Kzd12xikE9xmk3DmzD8W4X/whldxnQeykuzzFTR8eeihTx8FTpE1SMSb9HgyKzAS
0c77Lm9xhBQqJHJOIk4biK2MVa55DqNA4k1Al585oT2S0SrXBKtx9Z8Ro2ZBU9MV
T0uBQ6ghE1uQJA10WN5/rJNryUgtb3uHnFuqY/NeUD5OESDX4EXDTggjpw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:31 2024 by rpki-client on console-ams.rpki-client.org