Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/02fdfd-7ac8-4321-b930-8fa551e6ae75/1/8aD__8TOtMwk1hOUT1ssH7mdr7s.roa
File: 8aD__8TOtMwk1hOUT1ssH7mdr7s.roa (raw, json)
Hash identifier: V5EhnMmSsaDXBxOzJ0AgosPsuAe5RSSs2owOW29NlN0=
Subject key identifier: F1:A0:FF:FF:C4:CE:B4:CC:24:D6:13:94:4F:5B:2C:1F:B9:9D:AF:BB
Certificate issuer: /CN=b51e3f6bebcd05291dc5265e08b1cd6c401b9cfd
Certificate serial: 09B133DC
Authority key identifier: B5:1E:3F:6B:EB:CD:05:29:1D:C5:26:5E:08:B1:CD:6C:40:1B:9C:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tR4_a-vNBSkdxSZeCLHNbEAbnP0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/02fdfd-7ac8-4321-b930-8fa551e6ae75/1/8aD__8TOtMwk1hOUT1ssH7mdr7s.roa
Signing time: Sat 01 Jan 2022 04:58:46 +0000
ROA not before: Sat 01 Jan 2022 04:58:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8495
IP address blocks: 89.146.192.0/18 maxlen: 24
85.209.200.0/22 maxlen: 24
195.34.160.0/19 maxlen: 24
2a01:130::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 162608092 (0x9b133dc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b51e3f6bebcd05291dc5265e08b1cd6c401b9cfd
Validity
Not Before: Jan 1 04:58:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f1a0ffffc4ceb4cc24d613944f5b2c1fb99dafbb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:c0:f0:1c:0c:d5:d1:4c:08:bd:7a:d6:cb:50:
27:8b:af:61:6b:91:36:a1:fc:40:f8:2e:3b:46:97:
27:28:07:d8:0d:4e:37:3e:03:83:18:36:ac:6d:ff:
78:3f:b6:65:47:a9:87:17:43:f1:94:28:2f:cb:9c:
a3:26:c5:d8:6d:79:cf:0a:4d:67:61:a9:99:bc:2b:
f1:a2:37:cd:84:38:bd:7e:4c:6f:81:e2:f2:55:49:
01:76:b2:54:e0:02:81:d6:d1:cf:20:ad:a4:94:59:
0b:cf:04:5d:94:fb:19:de:ca:f1:4f:b4:10:4d:f5:
af:88:03:08:9f:03:4a:64:0d:68:b1:bd:a8:2c:bb:
d0:8a:2f:e7:2b:d8:53:22:1e:e4:0b:6d:fc:bb:70:
be:7c:f4:35:7b:de:2c:4e:88:cc:49:dc:dd:b1:1b:
3b:7c:e5:bd:0a:48:13:01:68:5b:ec:fd:76:84:dd:
40:1f:6b:13:2a:36:90:c8:f5:37:e4:f8:9c:99:0c:
cf:de:69:89:b4:e2:c1:11:bc:5e:39:d9:98:ba:5a:
4f:1e:22:1f:98:f3:1d:fa:d2:e9:15:77:65:03:42:
13:dd:59:d5:7e:78:56:61:3a:b9:d7:ec:1b:29:4a:
5b:a0:d9:d4:45:6e:60:7e:b8:0a:81:87:54:f2:15:
e1:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:A0:FF:FF:C4:CE:B4:CC:24:D6:13:94:4F:5B:2C:1F:B9:9D:AF:BB
X509v3 Authority Key Identifier:
keyid:B5:1E:3F:6B:EB:CD:05:29:1D:C5:26:5E:08:B1:CD:6C:40:1B:9C:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tR4_a-vNBSkdxSZeCLHNbEAbnP0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/02fdfd-7ac8-4321-b930-8fa551e6ae75/1/8aD__8TOtMwk1hOUT1ssH7mdr7s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/02fdfd-7ac8-4321-b930-8fa551e6ae75/1/tR4_a-vNBSkdxSZeCLHNbEAbnP0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.200.0/22
89.146.192.0/18
195.34.160.0/19
IPv6:
2a01:130::/32
Signature Algorithm: sha256WithRSAEncryption
25:91:d6:0c:07:03:ef:d8:2d:9a:75:ea:d1:35:45:b0:3f:0f:
49:15:8c:4e:70:f7:87:d7:8c:4c:7a:22:75:21:c5:96:f5:e0:
0b:a6:fe:11:20:8b:b7:b2:4d:ba:3e:39:e7:28:7b:0f:ee:b8:
0f:c5:36:c7:e4:05:c3:e6:56:df:88:7e:f7:65:4c:50:04:7b:
78:5e:51:26:01:fc:f2:ab:b3:e3:79:96:64:e6:84:b2:13:91:
10:27:11:2b:3e:2f:0f:88:c1:65:2a:8a:a4:0a:f1:87:d3:c9:
0f:4c:dc:28:a1:d6:35:c1:82:59:ae:2e:4c:67:48:9e:a0:db:
ca:9f:57:53:a8:93:62:20:c4:dd:6d:95:f0:f3:0a:69:76:34:
92:94:81:9d:4b:c0:71:aa:8a:3a:e6:14:c7:78:19:6c:08:86:
8e:21:52:00:b3:4b:5d:5d:72:fb:b9:d9:b7:f5:ad:9f:0d:68:
0b:59:dc:94:64:b9:fc:cf:15:c4:6d:64:c9:78:fc:1b:1b:14:
aa:dd:32:4b:ba:4e:08:53:97:e5:71:d9:87:97:92:f5:a9:34:
88:d9:78:82:6f:e3:67:7f:b8:9b:b5:52:99:c0:8b:c7:1d:af:
8a:14:94:73:59:24:e7:24:a7:5a:ef:c4:75:71:40:4e:e0:b9:
fd:0c:3d:8e
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIECbEz3DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NTFlM2Y2YmViY2QwNTI5MWRjNTI2NWUwOGIxY2Q2YzQwMWI5Y2ZkMB4XDTIyMDEw
MTA0NTg0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjFhMGZmZmZjNGNl
YjRjYzI0ZDYxMzk0NGY1YjJjMWZiOTlkYWZiYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN3A8BwM1dFMCL161stQJ4uvYWuRNqH8QPguO0aXJygH2A1O
Nz4Dgxg2rG3/eD+2ZUephxdD8ZQoL8ucoybF2G15zwpNZ2Gpmbwr8aI3zYQ4vX5M
b4Hi8lVJAXayVOACgdbRzyCtpJRZC88EXZT7Gd7K8U+0EE31r4gDCJ8DSmQNaLG9
qCy70Iov5yvYUyIe5Att/Ltwvnz0NXveLE6IzEnc3bEbO3zlvQpIEwFoW+z9doTd
QB9rEyo2kMj1N+T4nJkMz95pibTiwRG8XjnZmLpaTx4iH5jzHfrS6RV3ZQNCE91Z
1X54VmE6udfsGylKW6DZ1EVuYH64CoGHVPIV4csCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBTxoP//xM60zCTWE5RPWywfuZ2vuzAfBgNVHSMEGDAWgBS1Hj9r680FKR3F
Jl4Isc1sQBuc/TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RSNF9hLXZOQlNrZHhTWmVDTEhOYkVBYm5QMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvMDJmZGZkLTdhYzgtNDMyMS1iOTMwLThmYTU1MWU2YWU3NS8x
LzhhRF9fOFRPdE13azFoT1VUMXNzSDdtZHI3cy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
MDJmZGZkLTdhYzgtNDMyMS1iOTMwLThmYTU1MWU2YWU3NS8xL3RSNF9hLXZOQlNr
ZHhTWmVDTEhOYkVBYm5QMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEAlXRyAMEBlmSwAMEBcMioDANBAIA
AjAHAwUAKgEBMDANBgkqhkiG9w0BAQsFAAOCAQEAJZHWDAcD79gtmnXq0TVFsD8P
SRWMTnD3h9eMTHoidSHFlvXgC6b+ESCLt7JNuj455yh7D+64D8U2x+QFw+ZW34h+
92VMUAR7eF5RJgH88quz43mWZOaEshORECcRKz4vD4jBZSqKpArxh9PJD0zcKKHW
NcGCWa4uTGdInqDbyp9XU6iTYiDE3W2V8PMKaXY0kpSBnUvAcaqKOuYUx3gZbAiG
jiFSALNLXV1y+7nZt/Wtnw1oC1nclGS5/M8VxG1kyXj8GxsUqt0yS7pOCFOX5XHZ
h5eS9ak0iNl4gm/jZ3+4m7VSmcCLxx2vihSUc1kk5ySnWu/EdXFATuC5/Qw9jg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:17 2024 by rpki-client on console-ams.rpki-client.org