Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/s8JgGkRr7Ae-zw-kh7jOzXzDmyc.roa
File: s8JgGkRr7Ae-zw-kh7jOzXzDmyc.roa (raw, json)
Hash identifier: 9W9273bSIfBEZ23+rUGO48HVx2HWLAobNpUOeujbGKw=
Subject key identifier: B3:C2:60:1A:44:6B:EC:07:BE:CF:0F:A4:87:B8:CE:CD:7C:C3:9B:27
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 08AE1209
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/s8JgGkRr7Ae-zw-kh7jOzXzDmyc.roa
Signing time: Sat 01 Jan 2022 11:04:16 +0000
ROA not before: Sat 01 Jan 2022 11:04:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 394844
IP address blocks: 94.154.177.0/24 maxlen: 24
94.154.180.0/23 maxlen: 23
45.67.140.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 145625609 (0x8ae1209)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: Jan 1 11:04:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b3c2601a446bec07becf0fa487b8cecd7cc39b27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:70:0a:d5:de:85:bf:8a:42:23:8b:b9:45:80:
a4:fc:aa:52:6d:10:94:56:7d:9b:00:42:fd:99:5a:
fa:f2:8a:19:6d:90:b3:e8:e0:97:29:e1:0a:f2:17:
3b:db:9e:31:ec:9f:64:ca:55:96:57:95:4d:74:89:
e0:cc:5e:b0:6e:b1:bf:d5:c4:42:81:40:d6:fa:60:
18:0d:04:a3:44:39:d4:02:a4:f2:82:c1:4c:87:cb:
4e:a7:82:fc:15:f0:01:e9:b5:e6:b2:13:2e:83:43:
a0:80:9d:6f:36:f9:7a:f1:80:b4:1b:06:9e:e4:9e:
81:8b:fd:24:a2:29:28:f0:f2:e5:46:d8:f0:81:51:
62:c4:28:4e:a4:3e:88:d9:5e:60:b5:c5:8d:82:cf:
6f:b7:5f:b0:66:f9:42:b1:b5:e2:6b:ba:11:c2:3c:
84:14:91:25:30:f1:ec:d5:c1:e6:58:c2:6b:0f:c0:
df:3a:ed:e0:85:7f:df:38:ca:74:83:1d:05:f2:ab:
ca:3a:4a:84:1d:49:fa:b2:f9:cd:0b:4b:68:cb:8f:
7d:c9:a8:b4:34:af:b0:38:59:cd:90:1c:95:0c:84:
5c:01:1a:5c:34:bd:08:7b:fc:5a:95:e5:a5:a5:8c:
dc:26:24:c9:26:dc:1e:de:58:bd:93:87:d8:74:aa:
b3:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:C2:60:1A:44:6B:EC:07:BE:CF:0F:A4:87:B8:CE:CD:7C:C3:9B:27
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/s8JgGkRr7Ae-zw-kh7jOzXzDmyc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.140.0/24
94.154.177.0/24
94.154.180.0/23
Signature Algorithm: sha256WithRSAEncryption
56:95:a9:08:3c:95:83:15:1c:38:1d:66:76:43:c0:ac:26:8a:
fe:a5:ae:83:95:66:50:ea:a8:eb:d2:0c:35:e7:a0:fe:42:7a:
dd:7d:d9:42:30:2f:8f:ff:be:38:d1:ea:dd:a6:60:9a:17:18:
89:d9:4a:65:8a:f0:c5:e9:97:9a:94:b3:eb:aa:78:01:38:52:
f5:0e:0f:63:cd:68:da:59:ef:db:0f:94:96:5f:b1:5f:2e:cd:
5e:9d:30:60:7f:1f:95:61:79:63:b4:50:c9:d4:a5:25:09:b7:
05:f3:c3:5c:16:50:d8:7f:7b:a2:71:97:81:61:f6:77:c6:21:
2a:26:1d:4f:99:d9:50:2c:60:9f:ed:99:52:09:3e:b9:32:df:
c4:d8:16:f8:16:3c:8d:a0:07:a3:b0:86:19:b2:23:c6:a0:e1:
60:8b:d8:d9:cf:da:f1:54:c7:16:d3:e8:ca:f1:8e:0b:53:19:
45:b3:0e:05:93:65:42:a5:b7:0e:5f:69:33:8b:99:5a:3e:4f:
a0:f1:df:96:d4:20:e0:fb:d8:64:5d:db:f3:0a:f5:04:b1:b5:
e1:11:aa:50:01:a9:f2:fc:2b:59:4a:07:09:23:ec:90:15:09:
c0:ee:10:89:d2:b3:0b:fc:65:11:f3:1a:bd:34:8d:5a:fa:3a:
82:aa:eb:93
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIECK4SCTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MmI3OGY2NjgyZmMzOWM1NWI0MWQ0OGY4MGI4ODM4ZDVkMmRiZjA3MB4XDTIyMDEw
MTExMDQxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjNjMjYwMWE0NDZi
ZWMwN2JlY2YwZmE0ODdiOGNlY2Q3Y2MzOWIyNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN9wCtXehb+KQiOLuUWApPyqUm0QlFZ9mwBC/Zla+vKKGW2Q
s+jglynhCvIXO9ueMeyfZMpVlleVTXSJ4MxesG6xv9XEQoFA1vpgGA0Eo0Q51AKk
8oLBTIfLTqeC/BXwAem15rITLoNDoICdbzb5evGAtBsGnuSegYv9JKIpKPDy5UbY
8IFRYsQoTqQ+iNleYLXFjYLPb7dfsGb5QrG14mu6EcI8hBSRJTDx7NXB5ljCaw/A
3zrt4IV/3zjKdIMdBfKryjpKhB1J+rL5zQtLaMuPfcmotDSvsDhZzZAclQyEXAEa
XDS9CHv8WpXlpaWM3CYkySbcHt5YvZOH2HSqs/sCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBSzwmAaRGvsB77PD6SHuM7NfMObJzAfBgNVHSMEGDAWgBRyt49mgvw5xVtB
1I+AuIONXS2/BzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NyZVBab0w4T2NWYlFkU1BnTGlEalYwdHZ3Yy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2EvM2M0YjhhLWJmYzctNDFlOS05OWUxLWYzZTUwNmFlYWEwMS8x
L3M4SmdHa1JyN0FlLXp3LWtoN2pPelh6RG15Yy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Ev
M2M0YjhhLWJmYzctNDFlOS05OWUxLWYzZTUwNmFlYWEwMS8xL2NyZVBab0w4T2NW
YlFkU1BnTGlEalYwdHZ3Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAC1DjAMEAF6asQMEAV6atDANBgkq
hkiG9w0BAQsFAAOCAQEAVpWpCDyVgxUcOB1mdkPArCaK/qWug5VmUOqo69IMNeeg
/kJ63X3ZQjAvj/++ONHq3aZgmhcYidlKZYrwxemXmpSz66p4AThS9Q4PY81o2lnv
2w+Ull+xXy7NXp0wYH8flWF5Y7RQydSlJQm3BfPDXBZQ2H97onGXgWH2d8YhKiYd
T5nZUCxgn+2ZUgk+uTLfxNgW+BY8jaAHo7CGGbIjxqDhYIvY2c/a8VTHFtPoyvGO
C1MZRbMOBZNlQqW3Dl9pM4uZWj5PoPHfltQg4PvYZF3b8wr1BLG14RGqUAGp8vwr
WUoHCSPskBUJwO4QidKzC/xlEfMavTSNWvo6gqrrkw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:58 2023 by rpki-client on console-fra.rpki-client.org