Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/8zQONP8ZDTVPF0o6T90jVszsOp0.roa
File: 8zQONP8ZDTVPF0o6T90jVszsOp0.roa (raw, json)
Hash identifier: pCKK2D2VQ8RtG0vbS4LhU3xMI4bcPpC2su6YQlfjexs=
Subject key identifier: F3:34:0E:34:FF:19:0D:35:4F:17:4A:3A:4F:DD:23:56:CC:EC:3A:9D
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 01855846EF6707CD81716C7E015324EC9C0F
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/8zQONP8ZDTVPF0o6T90jVszsOp0.roa
Signing time: Wed 28 Dec 2022 10:28:41 +0000
ROA not before: Wed 28 Dec 2022 10:28:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50129
IP address blocks: 185.215.0.0/22 maxlen: 24
31.44.144.0/20 maxlen: 24
178.239.240.0/20 maxlen: 24
185.30.196.0/22 maxlen: 24
31.222.96.0/19 maxlen: 24
185.209.8.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:58:46:ef:67:07:cd:81:71:6c:7e:01:53:24:ec:9c:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Dec 28 10:28:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f3340e34ff190d354f174a3a4fdd2356ccec3a9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:99:3b:e4:d8:35:9d:f7:e3:4a:49:f7:f7:33:
4b:53:83:6b:e0:ca:9f:de:43:03:2b:f5:71:06:d2:
5a:97:f3:92:18:f0:e4:3d:d9:49:c0:52:ac:f1:d1:
80:41:43:6d:4a:48:2c:73:6f:82:2a:01:13:61:7b:
62:59:b0:5f:61:52:8d:65:5d:0c:7e:e6:6c:05:00:
d6:a3:d0:4f:1b:8d:38:db:2d:ea:29:5e:f8:0a:d3:
d0:c7:b8:15:e3:69:94:8c:45:f9:35:f7:ce:84:42:
65:fd:ff:d6:d3:79:09:6b:0c:b5:98:47:7e:11:3d:
c7:fe:64:a8:98:06:7a:54:92:59:6f:b9:99:45:4b:
b2:21:46:fc:cf:77:39:31:13:8e:96:82:8b:d6:e5:
95:41:e5:42:1f:66:f2:15:87:e1:86:79:55:9b:67:
f6:03:6c:90:fb:28:c7:18:d4:30:e6:ef:51:90:c1:
71:01:c1:42:f9:b3:86:c3:84:2e:a9:92:bc:74:89:
58:5f:72:be:04:16:d7:79:46:40:70:a7:ee:82:e3:
9c:5a:fd:a5:51:54:9e:03:c8:44:a2:97:9e:30:41:
c8:0b:ed:91:c2:21:cb:42:05:c6:41:12:1b:7c:ae:
0a:4c:c4:44:1a:b0:e1:58:76:30:20:02:a6:55:fa:
3e:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:34:0E:34:FF:19:0D:35:4F:17:4A:3A:4F:DD:23:56:CC:EC:3A:9D
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/8zQONP8ZDTVPF0o6T90jVszsOp0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.44.144.0/20
31.222.96.0/19
178.239.240.0/20
185.30.196.0/22
185.209.8.0/22
185.215.0.0/22
Signature Algorithm: sha256WithRSAEncryption
1e:01:42:b4:36:2b:dd:65:b9:3d:d2:d2:4e:e6:02:2d:06:54:
62:45:b2:95:3f:98:83:6a:3f:5e:c9:b7:1e:37:aa:0d:d2:ee:
03:d7:2d:9a:f1:d5:4d:02:e5:07:0c:7d:cf:54:24:c4:47:8c:
f4:e9:2d:22:c0:06:65:6d:44:50:52:b6:9b:97:c5:58:d2:84:
7e:c8:c6:a8:69:1c:ec:d2:5b:5c:60:a8:f7:83:48:7a:01:bd:
29:ec:dc:9c:d2:0f:e5:61:7d:86:09:87:5b:0e:53:4b:bc:be:
41:73:8a:62:98:c7:9e:50:86:47:92:fa:4d:e7:89:52:c7:a7:
ba:80:76:76:95:ea:ed:20:08:e6:6b:2e:50:98:11:86:7e:7b:
64:c0:54:b6:d2:00:58:2e:16:23:1a:86:5e:74:b2:51:de:81:
80:de:4b:fe:c4:d4:f6:32:0a:bb:c7:6a:03:ab:83:2e:44:b9:
8b:ca:9a:f6:0b:18:f4:6a:d6:57:91:3e:b9:e6:28:2f:a0:61:
a2:ea:87:2e:15:83:94:cc:5d:bb:55:36:4e:d1:5a:8a:07:fb:
fb:f4:28:e3:05:64:2c:4a:02:d7:76:1c:9f:6c:d6:96:b1:e1:
87:5b:13:de:cc:c0:29:e6:19:68:bc:46:91:24:85:26:f6:28:
b1:7f:70:bd
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYVYRu9nB82BcWx+AVMk7JwPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjIxMjI4MTAyODQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzM0MGUzNGZmMTkwZDM1NGYxNzRhM2E0ZmRkMjM1NmNjZWMzYTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr5k75Ng1nffjSkn39zNLU4Nr4Mqf
3kMDK/VxBtJal/OSGPDkPdlJwFKs8dGAQUNtSkgsc2+CKgETYXtiWbBfYVKNZV0M
fuZsBQDWo9BPG4042y3qKV74CtPQx7gV42mUjEX5NffOhEJl/f/W03kJawy1mEd+
ET3H/mSomAZ6VJJZb7mZRUuyIUb8z3c5MROOloKL1uWVQeVCH2byFYfhhnlVm2f2
A2yQ+yjHGNQw5u9RkMFxAcFC+bOGw4QuqZK8dIlYX3K+BBbXeUZAcKfuguOcWv2l
UVSeA8hEopeeMEHIC+2RwiHLQgXGQRIbfK4KTMREGrDhWHYwIAKmVfo+AQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFPM0DjT/GQ01TxdKOk/dI1bM7DqdMB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvOHpRT05QOFpEVFZQRjBvNlQ5MGpWc3pzT3AwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQEHyyQAwQF
H95gAwQEsu/wAwQCuR7EAwQCudEIAwQCudcAMA0GCSqGSIb3DQEBCwUAA4IBAQAe
AUK0NivdZbk90tJO5gItBlRiRbKVP5iDaj9eybceN6oN0u4D1y2a8dVNAuUHDH3P
VCTER4z06S0iwAZlbURQUrabl8VY0oR+yMaoaRzs0ltcYKj3g0h6Ab0p7Nyc0g/l
YX2GCYdbDlNLvL5Bc4pimMeeUIZHkvpN54lSx6e6gHZ2lertIAjmay5QmBGGfntk
wFS20gBYLhYjGoZedLJR3oGA3kv+xNT2Mgq7x2oDq4MuRLmLypr2Cxj0atZXkT65
5igvoGGi6ocuFYOUzF27VTZO0VqKB/v79CjjBWQsSgLXdhyfbNaWseGHWxPezMAp
5hlovEaRJIUm9iixf3C9
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:36 2024 by rpki-client on console-fra.rpki-client.org