Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/243f91-8747-4981-9cbf-1d373499924e/1/iP8jISsXstbArfcPaH25PggxrNM.roa
File: iP8jISsXstbArfcPaH25PggxrNM.roa (raw, json)
Hash identifier: APke2SgfFBRRW6tlMhxbzgWyZvRsH1SyjvwlfYF6SV4=
Subject key identifier: 88:FF:23:21:2B:17:B2:D6:C0:AD:F7:0F:68:7D:B9:3E:08:31:AC:D3
Certificate issuer: /CN=c755702467770ed69b367b77bbe640bc6db4153e
Certificate serial: 018039F2
Authority key identifier: C7:55:70:24:67:77:0E:D6:9B:36:7B:77:BB:E6:40:BC:6D:B4:15:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x1VwJGd3DtabNnt3u-ZAvG20FT4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/243f91-8747-4981-9cbf-1d373499924e/1/iP8jISsXstbArfcPaH25PggxrNM.roa
Signing time: Tue 15 Mar 2022 08:20:02 +0000
ROA not before: Tue 15 Mar 2022 08:20:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201935
IP address blocks: 84.254.137.0/24 maxlen: 24
84.254.144.0/23 maxlen: 24
95.210.111.0/24 maxlen: 24
95.210.132.0/24 maxlen: 24
95.210.132.0/23 maxlen: 24
95.210.133.0/24 maxlen: 24
84.254.130.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25180658 (0x18039f2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c755702467770ed69b367b77bbe640bc6db4153e
Validity
Not Before: Mar 15 08:20:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=88ff23212b17b2d6c0adf70f687db93e0831acd3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:b5:06:7a:ff:5c:9e:d5:d4:ee:a2:be:bb:23:
d2:ea:27:64:fd:34:a4:fc:ef:fb:1c:04:04:32:43:
78:a3:94:3e:e3:ef:7c:0d:c1:32:74:95:6e:d5:26:
52:20:f1:28:b4:06:88:00:b5:d7:cd:f4:9c:d3:74:
3d:fe:e9:2a:d9:7d:5c:52:96:da:79:97:d4:cb:39:
10:18:6c:a6:ac:8a:f3:a6:0f:44:27:94:0d:bf:00:
4e:78:94:b0:33:cd:13:2c:e5:f9:ef:d0:af:ab:1d:
29:1c:ab:55:5e:ef:37:58:e0:3f:07:6c:e4:16:44:
72:63:0d:45:c5:ae:e4:00:17:fa:fc:d4:a0:8e:61:
68:c0:fc:25:f6:97:75:61:8f:eb:b0:b2:86:14:39:
62:a0:85:83:01:db:d1:55:f0:0e:07:63:c4:ed:ec:
05:4c:03:ec:d2:d8:5f:1a:3e:38:ac:ee:06:f8:c6:
21:42:37:2d:de:c3:57:8b:4c:14:e4:b5:86:b4:79:
8f:d6:06:f5:35:0b:f9:fd:06:09:13:72:88:3b:92:
68:84:c0:e9:2f:94:7f:c5:7c:67:93:be:c8:3d:0b:
76:29:9d:1f:6f:13:9f:d7:f1:30:a9:a6:27:1e:90:
dd:80:e1:ab:d6:13:27:3d:07:c5:90:b8:d8:c0:06:
b0:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:FF:23:21:2B:17:B2:D6:C0:AD:F7:0F:68:7D:B9:3E:08:31:AC:D3
X509v3 Authority Key Identifier:
keyid:C7:55:70:24:67:77:0E:D6:9B:36:7B:77:BB:E6:40:BC:6D:B4:15:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x1VwJGd3DtabNnt3u-ZAvG20FT4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/243f91-8747-4981-9cbf-1d373499924e/1/iP8jISsXstbArfcPaH25PggxrNM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/243f91-8747-4981-9cbf-1d373499924e/1/x1VwJGd3DtabNnt3u-ZAvG20FT4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.254.130.0/24
84.254.137.0/24
84.254.144.0/23
95.210.111.0/24
95.210.132.0/23
Signature Algorithm: sha256WithRSAEncryption
8c:a8:3e:f1:d4:c2:59:30:e3:fe:59:eb:1f:84:3d:eb:0e:3f:
98:e0:14:ce:f2:ac:1a:e1:03:a2:50:23:b9:c7:53:b2:91:6d:
b1:c0:b2:4a:6b:f5:07:27:5a:ad:4f:fa:f5:99:8a:87:f9:70:
ef:b9:d9:87:99:a3:0e:7a:02:54:60:a7:f4:24:25:16:70:88:
fb:43:2f:1a:39:dd:dd:31:d4:a6:2e:db:37:69:d5:22:65:98:
5d:e3:e7:48:7a:b1:f7:6a:a4:03:3f:0b:5c:5f:69:c2:cd:a5:
9c:f0:37:dc:45:89:cd:e3:31:9d:83:ee:db:d0:71:7d:3f:ce:
e2:f0:15:04:f0:74:cc:bc:c0:34:75:92:65:04:41:8c:23:6e:
c5:81:6a:b1:f7:62:d2:28:15:ff:a9:bd:d0:86:06:be:d6:e8:
ec:26:e3:cb:e0:9e:f7:a9:36:02:fd:8f:2d:08:f5:6e:a6:94:
a5:e1:a5:ba:e9:28:f1:3a:b7:fa:ee:7c:63:e4:25:ab:cb:c4:
06:7c:99:14:86:17:38:e3:c0:84:1f:b3:09:14:ee:b0:dd:de:
d6:2e:37:94:4a:5f:5c:ba:2f:f7:42:89:3c:ff:5d:43:54:5f:
1c:06:0b:ca:2e:18:94:21:77:ae:cf:c9:a3:be:6b:15:fc:fc:
78:d2:da:63
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIEAYA58jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NzU1NzAyNDY3NzcwZWQ2OWIzNjdiNzdiYmU2NDBiYzZkYjQxNTNlMB4XDTIyMDMx
NTA4MjAwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODhmZjIzMjEyYjE3
YjJkNmMwYWRmNzBmNjg3ZGI5M2UwODMxYWNkMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL21Bnr/XJ7V1O6ivrsj0uonZP00pPzv+xwEBDJDeKOUPuPv
fA3BMnSVbtUmUiDxKLQGiAC11830nNN0Pf7pKtl9XFKW2nmX1Ms5EBhspqyK86YP
RCeUDb8ATniUsDPNEyzl+e/Qr6sdKRyrVV7vN1jgPwds5BZEcmMNRcWu5AAX+vzU
oI5haMD8JfaXdWGP67CyhhQ5YqCFgwHb0VXwDgdjxO3sBUwD7NLYXxo+OKzuBvjG
IUI3Ld7DV4tMFOS1hrR5j9YG9TUL+f0GCRNyiDuSaITA6S+Uf8V8Z5O+yD0Ldimd
H28Tn9fxMKmmJx6Q3YDhq9YTJz0HxZC42MAGsOECAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBSI/yMhKxey1sCt9w9ofbk+CDGs0zAfBgNVHSMEGDAWgBTHVXAkZ3cO1ps2
e3e75kC8bbQVPjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3gxVndKR2QzRHRhYk5udDN1LVpBdkcyMEZUNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzcvMjQzZjkxLTg3NDctNDk4MS05Y2JmLTFkMzczNDk5OTI0ZS8x
L2lQOGpJU3NYc3RiQXJmY1BhSDI1UGdneHJOTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzcv
MjQzZjkxLTg3NDctNDk4MS05Y2JmLTFkMzczNDk5OTI0ZS8xL3gxVndKR2QzRHRh
Yk5udDN1LVpBdkcyMEZUNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAFT+ggMEAFT+iQMEAVT+kAMEAF/S
bwMEAV/ShDANBgkqhkiG9w0BAQsFAAOCAQEAjKg+8dTCWTDj/lnrH4Q96w4/mOAU
zvKsGuEDolAjucdTspFtscCySmv1BydarU/69ZmKh/lw77nZh5mjDnoCVGCn9CQl
FnCI+0MvGjnd3THUpi7bN2nVImWYXePnSHqx92qkAz8LXF9pws2lnPA33EWJzeMx
nYPu29BxfT/O4vAVBPB0zLzANHWSZQRBjCNuxYFqsfdi0igV/6m90IYGvtbo7Cbj
y+Ce96k2Av2PLQj1bqaUpeGluuko8Tq3+u58Y+Qlq8vEBnyZFIYXOOPAhB+zCRTu
sN3e1i43lEpfXLov90KJPP9dQ1RfHAYLyi4YlCF3rs/Jo75rFfz8eNLaYw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:19 2024 by rpki-client on console-fra.rpki-client.org