Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/ad7d2e-f728-4f91-a380-3529526987cf/1/D5kUQDXhE-CHcLhNEs-R2c2ss_8.roa
File: D5kUQDXhE-CHcLhNEs-R2c2ss_8.roa (raw, json)
Hash identifier: R/m/UFvhAglQaF5QJxzsqKk6oqQZd0EEGGTi1vXkC+E=
Subject key identifier: 0F:99:14:40:35:E1:13:E0:87:70:B8:4D:12:CF:91:D9:CD:AC:B3:FF
Certificate issuer: /CN=d9689b436a2a49f38d4860fd4eb701e7947bf965
Certificate serial: 01899CCD
Authority key identifier: D9:68:9B:43:6A:2A:49:F3:8D:48:60:FD:4E:B7:01:E7:94:7B:F9:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2WibQ2oqSfONSGD9TrcB55R7-WU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/ad7d2e-f728-4f91-a380-3529526987cf/1/D5kUQDXhE-CHcLhNEs-R2c2ss_8.roa
Signing time: Sat 01 Jan 2022 15:59:15 +0000
ROA not before: Sat 01 Jan 2022 15:59:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29177
IP address blocks: 80.86.144.0/20 maxlen: 24
188.125.96.0/19 maxlen: 24
185.182.196.0/22 maxlen: 24
31.216.240.0/20 maxlen: 24
2a03:5c00::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25795789 (0x1899ccd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9689b436a2a49f38d4860fd4eb701e7947bf965
Validity
Not Before: Jan 1 15:59:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0f99144035e113e08770b84d12cf91d9cdacb3ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:fd:fc:2d:03:92:29:3f:6e:38:ee:1a:4c:5f:
48:e7:73:0c:1a:1b:91:d6:9f:8f:7c:e5:5d:a9:64:
65:ee:11:01:7f:e4:f7:5a:a3:a8:fb:11:4d:65:0f:
12:01:5a:ca:ca:88:7f:54:e8:7d:44:f6:49:c7:36:
40:cb:9c:ea:e2:a5:2d:00:cd:22:c2:f9:a0:b6:b3:
8f:8a:f7:10:5a:78:10:63:e2:b9:65:72:42:7d:b8:
c2:92:ca:24:5d:2a:bc:d4:1e:3f:9e:63:9c:37:40:
1d:af:75:f6:ea:83:a0:72:9a:59:8e:09:f7:e6:dd:
99:b5:6c:d5:ce:22:d1:5b:70:fd:ee:e0:34:00:7f:
09:48:94:7c:33:3c:a0:d5:65:f8:97:0a:7d:9c:5f:
92:33:4d:92:89:a3:d1:4b:76:5e:c1:6f:06:16:9a:
99:25:f9:cf:de:3d:7c:bb:5b:c6:8b:a5:2e:b7:9c:
58:95:50:6b:be:05:42:ca:48:ae:65:53:29:34:5b:
ef:06:32:b0:54:74:57:a0:c2:44:25:d6:79:0b:02:
e7:1a:b1:10:48:fc:30:53:61:8c:0c:27:49:71:02:
0b:6e:29:43:f3:4c:d7:7d:a9:71:26:34:14:81:d2:
c1:0e:c0:d2:ab:ce:07:ce:78:e0:d9:c2:7e:97:30:
70:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:99:14:40:35:E1:13:E0:87:70:B8:4D:12:CF:91:D9:CD:AC:B3:FF
X509v3 Authority Key Identifier:
keyid:D9:68:9B:43:6A:2A:49:F3:8D:48:60:FD:4E:B7:01:E7:94:7B:F9:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2WibQ2oqSfONSGD9TrcB55R7-WU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/ad7d2e-f728-4f91-a380-3529526987cf/1/D5kUQDXhE-CHcLhNEs-R2c2ss_8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/ad7d2e-f728-4f91-a380-3529526987cf/1/2WibQ2oqSfONSGD9TrcB55R7-WU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.216.240.0/20
80.86.144.0/20
185.182.196.0/22
188.125.96.0/19
IPv6:
2a03:5c00::/32
Signature Algorithm: sha256WithRSAEncryption
9b:49:cc:c4:d8:70:50:42:ff:dc:85:2d:bd:59:01:e6:e6:ac:
3b:fc:81:65:eb:48:d5:3d:9e:37:be:0f:3d:dd:c2:a9:6b:aa:
07:e1:8f:8d:7c:e2:3e:94:db:13:75:93:8e:11:87:90:ff:f1:
ac:34:4b:e5:83:dd:b8:15:7d:1b:0e:7c:99:a9:67:f9:40:ce:
ab:41:0c:67:b0:8d:18:d6:f6:1e:2e:cf:ce:e4:66:be:45:bc:
a7:ab:da:da:15:e6:19:e7:4e:70:84:9a:59:68:6e:92:ca:a0:
80:a9:2e:e0:a4:79:99:cb:6b:ce:49:33:6a:85:31:3f:64:c3:
84:23:a9:b9:46:28:a3:3f:11:8c:5b:85:bb:bb:69:d2:5a:a9:
c4:59:a0:50:e9:7a:75:2b:45:b6:7c:7c:77:72:5d:26:9a:4b:
2f:04:ec:47:4f:6e:bd:cc:fc:6b:10:75:f9:04:a3:e8:ab:46:
0c:5b:6b:11:87:c5:0b:09:b5:6b:9f:52:d2:d7:44:2f:f4:9b:
2e:8d:73:04:23:78:af:80:63:08:32:c3:70:bd:a6:9e:50:aa:
e3:f7:52:93:3f:4e:f9:90:27:d1:2e:c9:6b:12:41:5d:d9:da:
80:69:de:84:bf:50:46:f2:d9:db:5e:6b:b0:2e:ae:87:0a:4d:
83:08:a3:41
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIEAYmczTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
OTY4OWI0MzZhMmE0OWYzOGQ0ODYwZmQ0ZWI3MDFlNzk0N2JmOTY1MB4XDTIyMDEw
MTE1NTkxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGY5OTE0NDAzNWUx
MTNlMDg3NzBiODRkMTJjZjkxZDljZGFjYjNmZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM79/C0Dkik/bjjuGkxfSOdzDBobkdafj3zlXalkZe4RAX/k
91qjqPsRTWUPEgFaysqIf1TofUT2Scc2QMuc6uKlLQDNIsL5oLazj4r3EFp4EGPi
uWVyQn24wpLKJF0qvNQeP55jnDdAHa919uqDoHKaWY4J9+bdmbVs1c4i0Vtw/e7g
NAB/CUiUfDM8oNVl+JcKfZxfkjNNkomj0Ut2XsFvBhaamSX5z949fLtbxoulLrec
WJVQa74FQspIrmVTKTRb7wYysFR0V6DCRCXWeQsC5xqxEEj8MFNhjAwnSXECC24p
Q/NM132pcSY0FIHSwQ7A0qvOB8544NnCfpcwcAMCAwEAAaOCAiowggImMB0GA1Ud
DgQWBBQPmRRANeET4IdwuE0Sz5HZzayz/zAfBgNVHSMEGDAWgBTZaJtDaipJ841I
YP1OtwHnlHv5ZTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJXaWJRMm9xU2ZPTlNHRDlUcmNCNTVSNy1XVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2IvYWQ3ZDJlLWY3MjgtNGY5MS1hMzgwLTM1Mjk1MjY5ODdjZi8x
L0Q1a1VRRFhoRS1DSGNMaE5Fcy1SMmMyc3NfOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Iv
YWQ3ZDJlLWY3MjgtNGY5MS1hMzgwLTM1Mjk1MjY5ODdjZi8xLzJXaWJRMm9xU2ZP
TlNHRDlUcmNCNTVSNy1XVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEBB/Y8AMEBFBWkAMEArm2xAMEBbx9
YDANBAIAAjAHAwUAKgNcADANBgkqhkiG9w0BAQsFAAOCAQEAm0nMxNhwUEL/3IUt
vVkB5uasO/yBZetI1T2eN74PPd3CqWuqB+GPjXziPpTbE3WTjhGHkP/xrDRL5YPd
uBV9Gw58maln+UDOq0EMZ7CNGNb2Hi7PzuRmvkW8p6va2hXmGedOcISaWWhuksqg
gKku4KR5mctrzkkzaoUxP2TDhCOpuUYooz8RjFuFu7tp0lqpxFmgUOl6dStFtnx8
d3JdJppLLwTsR09uvcz8axB1+QSj6KtGDFtrEYfFCwm1a59S0tdEL/SbLo1zBCN4
r4BjCDLDcL2mnlCq4/dSkz9O+ZAn0S7JaxJBXdnagGnehL9QRvLZ215rsC6uhwpN
gwijQQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:02 2023 by rpki-client on console-fra.rpki-client.org