Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/7db80c-5113-4e83-b2c8-f2664d1921d3/1/h3V1uu9BVdrPWF2vn9Zfa1sYipg.roa
File: h3V1uu9BVdrPWF2vn9Zfa1sYipg.roa (raw, json)
Hash identifier: 9FTi2/Cf92qZ4gWLtxsv9UU+gSL8ozMddhJDa3+pmeA=
Subject key identifier: 87:75:75:BA:EF:41:55:DA:CF:58:5D:AF:9F:D6:5F:6B:5B:18:8A:98
Certificate issuer: /CN=f394a464728b82856dc2b955ccae9ab5ba6539c8
Certificate serial: 09F86563
Authority key identifier: F3:94:A4:64:72:8B:82:85:6D:C2:B9:55:CC:AE:9A:B5:BA:65:39:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/85SkZHKLgoVtwrlVzK6atbplOcg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/7db80c-5113-4e83-b2c8-f2664d1921d3/1/h3V1uu9BVdrPWF2vn9Zfa1sYipg.roa
Signing time: Thu 21 Apr 2022 07:33:08 +0000
ROA not before: Thu 21 Apr 2022 07:33:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1299
IP address blocks: 188.244.110.0/24 maxlen: 24
188.244.111.0/24 maxlen: 24
188.244.108.0/24 maxlen: 24
188.244.109.0/24 maxlen: 24
164.138.240.0/24 maxlen: 24
164.138.243.0/24 maxlen: 24
164.138.244.0/24 maxlen: 24
164.138.245.0/24 maxlen: 24
164.138.241.0/24 maxlen: 24
164.138.242.0/24 maxlen: 24
164.138.247.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 167273827 (0x9f86563)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f394a464728b82856dc2b955ccae9ab5ba6539c8
Validity
Not Before: Apr 21 07:33:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=877575baef4155dacf585daf9fd65f6b5b188a98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:fe:12:4a:c2:99:c3:ac:73:29:df:41:de:7c:
9c:8e:a4:30:66:04:c5:59:3a:c4:8e:1b:a3:a1:55:
70:c5:19:7b:e7:f0:c9:ef:10:0e:65:4e:0a:10:72:
f3:16:da:11:fc:ba:af:9e:79:b3:33:0d:2c:4a:a0:
dc:6c:0e:8d:42:78:f8:6a:77:4e:0a:75:9c:37:00:
52:9e:3b:bb:6c:72:c8:47:76:2e:4b:d8:6e:4e:b9:
c7:fb:0e:1e:94:09:f0:fe:b5:0f:7f:f2:a7:cb:3b:
1a:d4:2b:0c:9d:c6:7c:84:09:ef:d0:74:b9:7d:17:
85:0c:11:97:6f:47:db:36:16:01:ee:17:d2:20:1d:
0d:af:7d:84:ab:78:d9:4e:0b:6b:02:97:79:10:34:
70:fa:e0:62:03:63:19:34:ec:6c:c9:78:f2:9b:c7:
01:f3:b3:cc:cb:21:e1:97:31:55:a7:07:14:0d:ac:
6d:ba:79:de:23:13:68:35:dc:65:7a:6c:4c:83:62:
cc:0a:1d:0e:af:51:96:67:c7:a3:ef:58:28:4b:00:
b2:5b:a7:60:94:21:58:6b:7d:74:8f:0f:68:72:c5:
24:98:77:08:b3:d1:ec:18:b2:fb:78:72:af:ea:58:
39:44:05:86:4d:45:77:76:ca:33:70:c8:34:a9:48:
43:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:75:75:BA:EF:41:55:DA:CF:58:5D:AF:9F:D6:5F:6B:5B:18:8A:98
X509v3 Authority Key Identifier:
keyid:F3:94:A4:64:72:8B:82:85:6D:C2:B9:55:CC:AE:9A:B5:BA:65:39:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/85SkZHKLgoVtwrlVzK6atbplOcg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/7db80c-5113-4e83-b2c8-f2664d1921d3/1/h3V1uu9BVdrPWF2vn9Zfa1sYipg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/7db80c-5113-4e83-b2c8-f2664d1921d3/1/85SkZHKLgoVtwrlVzK6atbplOcg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
164.138.240.0-164.138.245.255
164.138.247.0/24
188.244.108.0/22
Signature Algorithm: sha256WithRSAEncryption
2a:19:cb:d8:02:bf:2f:ee:82:28:cc:c6:e1:a7:59:3a:2c:18:
3f:c8:e4:af:8d:56:e4:4e:bb:9a:d4:63:83:3d:8d:88:60:32:
5c:11:0e:a7:85:d3:d1:8e:6d:11:1a:3d:ca:9c:21:ee:4f:d4:
2c:56:75:57:78:17:b2:85:8e:65:98:de:8f:be:6c:fc:7a:06:
44:b4:ae:15:a0:85:95:f0:3b:27:11:04:fc:70:0b:b3:f2:2c:
88:b0:a4:38:a6:67:ea:7a:9d:fd:1a:c0:a8:d3:73:4b:6a:37:
11:26:a8:45:06:f8:59:0d:62:2f:b2:be:68:66:43:32:c8:cc:
68:e2:b4:19:28:b5:33:86:df:b9:a9:6c:a0:e0:2b:ea:6f:7d:
28:11:23:35:f8:45:53:4a:4b:63:78:bf:a6:99:6e:e1:a9:66:
ee:9e:9d:ee:08:0f:32:a2:3f:69:87:94:f6:ae:72:41:82:f6:
f8:aa:c5:1f:a3:1f:08:7c:47:61:28:e3:79:22:a8:0e:80:c2:
61:aa:c3:6a:b6:ac:02:b4:e3:e0:80:af:53:a3:08:e6:89:d9:
8d:a6:87:60:82:fd:6c:68:36:cd:b7:5e:8b:15:6d:6f:a1:54:
47:6c:6b:2a:5b:10:73:f1:da:95:22:32:06:49:60:c9:00:c1:
92:ce:f8:4d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIECfhlYzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
Mzk0YTQ2NDcyOGI4Mjg1NmRjMmI5NTVjY2FlOWFiNWJhNjUzOWM4MB4XDTIyMDQy
MTA3MzMwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODc3NTc1YmFlZjQx
NTVkYWNmNTg1ZGFmOWZkNjVmNmI1YjE4OGE5ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJr+EkrCmcOscynfQd58nI6kMGYExVk6xI4bo6FVcMUZe+fw
ye8QDmVOChBy8xbaEfy6r555szMNLEqg3GwOjUJ4+Gp3Tgp1nDcAUp47u2xyyEd2
LkvYbk65x/sOHpQJ8P61D3/yp8s7GtQrDJ3GfIQJ79B0uX0XhQwRl29H2zYWAe4X
0iAdDa99hKt42U4LawKXeRA0cPrgYgNjGTTsbMl48pvHAfOzzMsh4ZcxVacHFA2s
bbp53iMTaDXcZXpsTINizAodDq9RlmfHo+9YKEsAslunYJQhWGt9dI8PaHLFJJh3
CLPR7Biy+3hyr+pYOUQFhk1Fd3bKM3DINKlIQ90CAwEAAaOCAh0wggIZMB0GA1Ud
DgQWBBSHdXW670FV2s9YXa+f1l9rWxiKmDAfBgNVHSMEGDAWgBTzlKRkcouChW3C
uVXMrpq1umU5yDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
Lzg1U2taSEtMZ29WdHdybFZ6SzZhdGJwbE9jZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzIvN2RiODBjLTUxMTMtNGU4My1iMmM4LWYyNjY0ZDE5MjFkMy8x
L2gzVjF1dTlCVmRyUFdGMnZuOVpmYTFzWWlwZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzIv
N2RiODBjLTUxMTMtNGU4My1iMmM4LWYyNjY0ZDE5MjFkMy8xLzg1U2taSEtMZ29W
dHdybFZ6SzZhdGJwbE9jZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAz
BggrBgEFBQcBBwEB/wQkMCIwIAQCAAEwGjAMAwQEpIrwAwQBpIr0AwQApIr3AwQC
vPRsMA0GCSqGSIb3DQEBCwUAA4IBAQAqGcvYAr8v7oIozMbhp1k6LBg/yOSvjVbk
Trua1GODPY2IYDJcEQ6nhdPRjm0RGj3KnCHuT9QsVnVXeBeyhY5lmN6Pvmz8egZE
tK4VoIWV8DsnEQT8cAuz8iyIsKQ4pmfqep39GsCo03NLajcRJqhFBvhZDWIvsr5o
ZkMyyMxo4rQZKLUzht+5qWyg4Cvqb30oESM1+EVTSktjeL+mmW7hqWbunp3uCA8y
oj9ph5T2rnJBgvb4qsUfox8IfEdhKON5IqgOgMJhqsNqtqwCtOPggK9TowjmidmN
podggv1saDbNt16LFW1voVRHbGsqWxBz8dqVIjIGSWDJAMGSzvhN
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:18 2023 by rpki-client on console-ams.rpki-client.org