Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/243f91-8747-4981-9cbf-1d373499924e/1/h8CQ_2KerCT9Ck8ey7C8echN8tI.roa
File: h8CQ_2KerCT9Ck8ey7C8echN8tI.roa (raw, json)
Hash identifier: B1nw+YZpC8f6zrY49/0uDb6cpv6+qPe+nlExsBKLfOA=
Subject key identifier: 87:C0:90:FF:62:9E:AC:24:FD:0A:4F:1E:CB:B0:BC:79:C8:4D:F2:D2
Certificate issuer: /CN=c755702467770ed69b367b77bbe640bc6db4153e
Certificate serial: 0114F5D1
Authority key identifier: C7:55:70:24:67:77:0E:D6:9B:36:7B:77:BB:E6:40:BC:6D:B4:15:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x1VwJGd3DtabNnt3u-ZAvG20FT4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/243f91-8747-4981-9cbf-1d373499924e/1/h8CQ_2KerCT9Ck8ey7C8echN8tI.roa
Signing time: Mon 31 Jan 2022 09:34:15 +0000
ROA not before: Mon 31 Jan 2022 09:34:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29286
IP address blocks: 95.210.192.0/20 maxlen: 20
5.61.192.0/21 maxlen: 21
95.210.0.0/22 maxlen: 22
95.210.0.0/16 maxlen: 16
88.202.121.0/24 maxlen: 24
95.210.142.0/24 maxlen: 24
5.175.64.0/20 maxlen: 20
176.227.128.0/20 maxlen: 20
84.254.129.0/24 maxlen: 24
84.254.128.0/18 maxlen: 18
95.210.94.0/24 maxlen: 24
95.210.105.0/24 maxlen: 24
88.202.0.0/17 maxlen: 17
95.210.110.0/24 maxlen: 24
213.209.160.0/19 maxlen: 19
95.210.36.0/24 maxlen: 24
95.210.34.0/24 maxlen: 24
95.210.68.0/24 maxlen: 24
2a00:ca0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18150865 (0x114f5d1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c755702467770ed69b367b77bbe640bc6db4153e
Validity
Not Before: Jan 31 09:34:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=87c090ff629eac24fd0a4f1ecbb0bc79c84df2d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:27:9a:b1:d7:e7:3a:71:e2:03:51:c1:d6:70:
51:d8:26:41:eb:5e:6e:7c:8a:9e:bc:59:f1:20:18:
43:91:60:e4:78:8e:15:c6:93:43:77:2c:35:d8:97:
74:82:72:30:cc:7e:65:bb:0a:3b:a1:a9:0c:c2:e6:
98:1b:bf:f3:cd:77:9f:f2:2d:b0:28:e7:ec:d9:2a:
71:49:0d:f8:14:4b:6d:ed:55:7d:05:37:93:f8:75:
92:fe:c3:34:e7:50:3b:fd:b4:63:18:14:d0:0c:dd:
3c:92:a4:c2:a2:aa:46:a4:b9:a7:d0:55:41:8a:f7:
f4:a2:15:97:3d:1a:b4:80:82:1b:6f:b9:d3:a2:cb:
74:4b:20:6c:be:8e:16:42:85:45:a3:ba:d2:de:29:
b3:01:63:19:82:9f:6f:f2:93:f8:ac:67:02:ff:dd:
a9:1f:cc:98:4d:aa:17:8f:9c:ee:f7:65:4b:95:dd:
60:d1:f5:b8:f4:b1:4e:b9:54:d4:04:49:c5:07:27:
0f:6e:41:77:c5:fa:8d:0c:c7:10:88:22:1e:94:8f:
93:0c:f1:0b:35:29:c8:75:72:e5:1e:86:5c:50:44:
08:a0:3b:c8:b1:1f:cf:2b:dd:b9:8e:85:e6:1c:db:
af:db:c4:76:66:f5:6c:57:d6:37:08:c5:91:e7:55:
08:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:C0:90:FF:62:9E:AC:24:FD:0A:4F:1E:CB:B0:BC:79:C8:4D:F2:D2
X509v3 Authority Key Identifier:
keyid:C7:55:70:24:67:77:0E:D6:9B:36:7B:77:BB:E6:40:BC:6D:B4:15:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x1VwJGd3DtabNnt3u-ZAvG20FT4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/243f91-8747-4981-9cbf-1d373499924e/1/h8CQ_2KerCT9Ck8ey7C8echN8tI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/243f91-8747-4981-9cbf-1d373499924e/1/x1VwJGd3DtabNnt3u-ZAvG20FT4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.192.0/21
5.175.64.0/20
84.254.128.0/18
88.202.0.0/17
95.210.0.0/16
176.227.128.0/20
213.209.160.0/19
IPv6:
2a00:ca0::/32
Signature Algorithm: sha256WithRSAEncryption
25:5f:af:6e:ed:35:09:8e:fa:97:08:81:80:cd:8a:de:f3:72:
64:ad:e7:d7:6e:ce:08:d7:05:63:b2:8d:6d:b3:3c:d8:29:31:
b7:a4:f0:e1:ff:9d:62:cf:72:31:fe:2d:1b:f7:3a:f9:1d:3d:
6c:da:00:c7:af:ac:45:e4:6c:da:c0:c9:57:60:52:64:b9:05:
ab:c4:c5:ea:f1:c3:52:d4:01:b4:0c:e1:d6:c0:be:b6:f6:17:
ac:85:6d:f5:ed:29:7f:cd:72:a5:83:32:a3:c7:8d:1b:cb:b7:
5c:36:72:c7:01:19:30:f6:cf:87:9d:c4:38:67:6f:f0:40:bb:
5a:17:22:af:a2:88:4f:23:18:10:51:99:b2:08:11:21:9b:40:
66:2e:0d:83:3b:44:65:39:dd:61:f4:7a:84:51:34:a8:13:02:
a2:6c:98:ff:68:e3:5f:db:06:0e:b3:31:eb:0e:6b:72:31:96:
62:8d:2f:7b:82:fe:5b:88:f8:a1:03:94:9b:3d:01:6a:c9:d6:
0f:c3:f7:14:25:66:a4:fe:49:9a:7c:24:5e:b7:1c:47:a5:c5:
00:df:96:2e:44:a5:84:05:e9:df:48:c5:ea:a8:39:81:58:6a:
8e:fd:b7:3f:82:69:e9:45:f4:b1:74:2f:23:30:10:89:1c:b9:
49:59:76:95
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgIEART10TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NzU1NzAyNDY3NzcwZWQ2OWIzNjdiNzdiYmU2NDBiYzZkYjQxNTNlMB4XDTIyMDEz
MTA5MzQxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODdjMDkwZmY2Mjll
YWMyNGZkMGE0ZjFlY2JiMGJjNzljODRkZjJkMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJknmrHX5zpx4gNRwdZwUdgmQetebnyKnrxZ8SAYQ5Fg5HiO
FcaTQ3csNdiXdIJyMMx+ZbsKO6GpDMLmmBu/8813n/ItsCjn7NkqcUkN+BRLbe1V
fQU3k/h1kv7DNOdQO/20YxgU0AzdPJKkwqKqRqS5p9BVQYr39KIVlz0atICCG2+5
06LLdEsgbL6OFkKFRaO60t4pswFjGYKfb/KT+KxnAv/dqR/MmE2qF4+c7vdlS5Xd
YNH1uPSxTrlU1ARJxQcnD25Bd8X6jQzHEIgiHpSPkwzxCzUpyHVy5R6GXFBECKA7
yLEfzyvduY6F5hzbr9vEdmb1bFfWNwjFkedVCDMCAwEAAaOCAjswggI3MB0GA1Ud
DgQWBBSHwJD/Yp6sJP0KTx7LsLx5yE3y0jAfBgNVHSMEGDAWgBTHVXAkZ3cO1ps2
e3e75kC8bbQVPjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3gxVndKR2QzRHRhYk5udDN1LVpBdkcyMEZUNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzcvMjQzZjkxLTg3NDctNDk4MS05Y2JmLTFkMzczNDk5OTI0ZS8x
L2g4Q1FfMktlckNUOUNrOGV5N0M4ZWNoTjh0SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzcv
MjQzZjkxLTg3NDctNDk4MS05Y2JmLTFkMzczNDk5OTI0ZS8xL3gxVndKR2QzRHRh
Yk5udDN1LVpBdkcyMEZUNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBR
BggrBgEFBQcBBwEB/wRCMEAwLwQCAAEwKQMEAwU9wAMEBAWvQAMEBlT+gAMEB1jK
AAMDAF/SAwQEsOOAAwQF1dGgMA0EAgACMAcDBQAqAAygMA0GCSqGSIb3DQEBCwUA
A4IBAQAlX69u7TUJjvqXCIGAzYre83JkrefXbs4I1wVjso1tszzYKTG3pPDh/51i
z3Ix/i0b9zr5HT1s2gDHr6xF5GzawMlXYFJkuQWrxMXq8cNS1AG0DOHWwL629hes
hW317Sl/zXKlgzKjx40by7dcNnLHARkw9s+HncQ4Z2/wQLtaFyKvoohPIxgQUZmy
CBEhm0BmLg2DO0RlOd1h9HqEUTSoEwKibJj/aONf2wYOszHrDmtyMZZijS97gv5b
iPihA5SbPQFqydYPw/cUJWak/kmafCRetxxHpcUA35YuRKWEBenfSMXqqDmBWGqO
/bc/gmnpRfSxdC8jMBCJHLlJWXaV
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:26 2024 by rpki-client on console-ams.rpki-client.org