Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/8shSsEU5m_KbLHL9XxLS6qM0tro.roa
File: 8shSsEU5m_KbLHL9XxLS6qM0tro.roa (raw, json)
Hash identifier: HJuDJKrX1qYcmkKVzHRO2Tt6QyBu9DBBLSW+k2ukYeY=
Subject key identifier: F2:C8:52:B0:45:39:9B:F2:9B:2C:72:FD:5F:12:D2:EA:A3:34:B6:BA
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 0342FC22
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/8shSsEU5m_KbLHL9XxLS6qM0tro.roa
Signing time: Sat 01 Jan 2022 16:04:38 +0000
ROA not before: Sat 01 Jan 2022 16:04:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209242
IP address blocks: 185.174.138.0/24 maxlen: 24
5.252.118.0/24 maxlen: 24
185.200.190.0/24 maxlen: 24
45.8.211.0/24 maxlen: 24
185.109.21.0/24 maxlen: 24
45.133.246.0/24 maxlen: 24
45.133.247.0/24 maxlen: 24
194.53.55.0/24 maxlen: 24
194.53.53.0/24 maxlen: 24
185.221.160.0/24 maxlen: 24
185.221.161.0/24 maxlen: 24
45.142.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 54721570 (0x342fc22)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Jan 1 16:04:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f2c852b045399bf29b2c72fd5f12d2eaa334b6ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:3b:6a:55:6e:58:7a:c6:62:8a:9d:4a:9d:7b:
26:e9:9a:a5:e9:5a:37:75:f4:38:50:1c:cf:23:83:
59:6f:44:3b:20:c0:23:88:00:ec:ed:85:19:3e:c1:
e5:f7:18:60:bc:ba:f8:4b:ee:4c:53:85:0a:29:ed:
38:6c:63:21:8e:a1:a5:28:9d:22:60:44:ef:e6:dc:
95:43:fb:b2:47:b6:01:ca:77:a9:c0:d0:c5:53:ba:
fc:e0:18:cd:0e:90:77:23:23:77:a9:be:ab:ea:9c:
eb:ee:9d:b0:13:74:1e:4a:f1:a1:40:ac:05:80:98:
79:d0:ed:6e:80:65:00:e6:6f:7c:2a:38:f1:b5:48:
57:bf:a1:ed:81:92:3a:c4:b5:dd:55:75:b9:af:0d:
4c:06:6b:0f:87:27:fb:ab:1b:34:a7:13:8b:cb:bc:
b9:0e:86:14:a0:66:a0:24:a0:62:b9:98:de:d3:ac:
ae:13:b1:e1:35:7c:36:2f:c0:47:9b:88:35:95:8b:
5f:c4:ae:b8:a6:f0:45:9e:20:99:7a:c8:d4:21:38:
76:b0:6d:4c:e1:63:73:1e:48:c1:90:d4:11:9c:c2:
a6:72:b2:60:dc:89:98:f9:01:30:2e:62:59:df:f0:
4c:c7:bf:bb:a6:31:08:4e:68:3c:fb:25:76:ca:34:
95:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:C8:52:B0:45:39:9B:F2:9B:2C:72:FD:5F:12:D2:EA:A3:34:B6:BA
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/8shSsEU5m_KbLHL9XxLS6qM0tro.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.118.0/24
45.8.211.0/24
45.133.246.0/23
45.142.120.0/24
185.109.21.0/24
185.174.138.0/24
185.200.190.0/24
185.221.160.0/23
194.53.53.0/24
194.53.55.0/24
Signature Algorithm: sha256WithRSAEncryption
13:6c:b5:4f:bd:79:6c:f8:34:58:70:fa:60:9f:fb:96:97:c8:
73:f9:0a:01:bf:0c:90:fb:c0:ed:34:aa:f2:52:27:38:1f:48:
a7:96:9e:63:aa:d5:49:f2:24:8f:ac:25:05:43:aa:d6:98:44:
3c:a4:55:39:72:50:cc:e4:14:75:af:90:1f:b0:6c:fa:8f:f3:
d8:e4:46:14:6e:cf:bc:7b:27:d8:e1:0d:06:3b:ff:ee:95:8d:
a9:a2:1e:35:c9:68:da:0d:0a:42:64:1b:9c:73:9f:a3:8f:9b:
4d:fe:43:d8:4e:fb:b6:ee:bb:a2:07:b3:42:17:5e:f8:c0:fd:
60:8d:22:4d:1a:cf:72:e1:15:e3:f5:6f:24:50:d4:91:5a:51:
23:a4:7a:d2:77:4b:8b:db:32:26:62:f1:89:bb:f6:ea:77:ae:
60:13:e5:f3:9e:47:e4:66:ff:3c:4e:c6:a2:bc:57:0f:35:94:
f3:5c:e7:91:a1:0d:7b:05:ba:a4:ee:fc:02:68:d5:d3:42:51:
c6:80:f6:ee:4b:f5:a0:d3:cf:bf:30:0e:6d:4d:17:7a:f1:47:
a7:00:a5:ee:93:fb:7a:05:c6:6b:d7:88:e2:81:df:b3:61:59:
1a:2e:ca:6a:d4:72:10:6a:9d:9d:b3:7e:5d:54:57:87:d4:96:
10:28:c4:0a
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgIEA0L8IjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NGY5NjM0NWQzZjIyZWRiMzk1ZDI0N2Y3Yjg2ZDJkNzNlNGEwMDkxMB4XDTIyMDEw
MTE2MDQzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjJjODUyYjA0NTM5
OWJmMjliMmM3MmZkNWYxMmQyZWFhMzM0YjZiYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIM7alVuWHrGYoqdSp17JumapelaN3X0OFAczyODWW9EOyDA
I4gA7O2FGT7B5fcYYLy6+EvuTFOFCintOGxjIY6hpSidImBE7+bclUP7ske2Acp3
qcDQxVO6/OAYzQ6QdyMjd6m+q+qc6+6dsBN0HkrxoUCsBYCYedDtboBlAOZvfCo4
8bVIV7+h7YGSOsS13VV1ua8NTAZrD4cn+6sbNKcTi8u8uQ6GFKBmoCSgYrmY3tOs
rhOx4TV8Ni/AR5uINZWLX8SuuKbwRZ4gmXrI1CE4drBtTOFjcx5IwZDUEZzCpnKy
YNyJmPkBMC5iWd/wTMe/u6YxCE5oPPsldso0lUECAwEAAaOCAj8wggI7MB0GA1Ud
DgQWBBTyyFKwRTmb8psscv1fEtLqozS2ujAfBgNVHSMEGDAWgBS0+WNF0/Iu2zld
JH97htLXPkoAkTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RQbGpSZFB5THRzNVhTUl9lNGJTMXo1S0FKRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzUvOGUxMjFkLTczYjMtNDM4YS04M2M0LTZmYzM0M2Q3N2NkMi8x
LzhzaFNzRVU1bV9LYkxITDlYeExTNnFNMHRyby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzUv
OGUxMjFkLTczYjMtNDM4YS04M2M0LTZmYzM0M2Q3N2NkMi8xL3RQbGpSZFB5THRz
NVhTUl9lNGJTMXo1S0FKRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBV
BggrBgEFBQcBBwEB/wRGMEQwQgQCAAEwPAMEAAX8dgMEAC0I0wMEAS2F9gMEAC2O
eAMEALltFQMEALmuigMEALnIvgMEAbndoAMEAMI1NQMEAMI1NzANBgkqhkiG9w0B
AQsFAAOCAQEAE2y1T715bPg0WHD6YJ/7lpfIc/kKAb8MkPvA7TSq8lInOB9Ip5ae
Y6rVSfIkj6wlBUOq1phEPKRVOXJQzOQUda+QH7Bs+o/z2ORGFG7PvHsn2OENBjv/
7pWNqaIeNclo2g0KQmQbnHOfo4+bTf5D2E77tu67ogezQhde+MD9YI0iTRrPcuEV
4/VvJFDUkVpRI6R60ndLi9syJmLxibv26neuYBPl855H5Gb/PE7GorxXDzWU81zn
kaENewW6pO78AmjV00JRxoD27kv1oNPPvzAObU0XevFHpwCl7pP7egXGa9eI4oHf
s2FZGi7KatRyEGqdnbN+XVRXh9SWECjECg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:08 2024 by rpki-client on console-ams.rpki-client.org