Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/8O5MA_ng_xA-3aQhh1H-CySO_yA.roa
File: 8O5MA_ng_xA-3aQhh1H-CySO_yA.roa (raw, json)
Hash identifier: IqdmtTzwUJuVJlubjiLUknE5y++moUI6jjtZTCH/lgk=
Subject key identifier: F0:EE:4C:03:F9:E0:FF:10:3E:DD:A4:21:87:51:FE:0B:24:8E:FF:20
Certificate issuer: /CN=e2d0c49a0e97e0d5f3ced3b7b6b9f72ca0cb53d6
Certificate serial: 04819ACD
Authority key identifier: E2:D0:C4:9A:0E:97:E0:D5:F3:CE:D3:B7:B6:B9:F7:2C:A0:CB:53:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4tDEmg6X4NXzztO3trn3LKDLU9Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/8O5MA_ng_xA-3aQhh1H-CySO_yA.roa
Signing time: Sun 27 Mar 2022 18:54:43 +0000
ROA not before: Sun 27 Mar 2022 18:54:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50495
IP address blocks: 176.119.202.0/24 maxlen: 24
91.223.99.0/24 maxlen: 24
91.223.102.0/24 maxlen: 24
195.234.99.0/24 maxlen: 24
91.223.126.0/24 maxlen: 24
194.39.32.0/22 maxlen: 22
83.136.221.0/24 maxlen: 24
91.223.163.0/24 maxlen: 24
91.239.64.0/24 maxlen: 24
77.83.232.0/22 maxlen: 22
2a06:ef40::/32 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 75602637 (0x4819acd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2d0c49a0e97e0d5f3ced3b7b6b9f72ca0cb53d6
Validity
Not Before: Mar 27 18:54:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f0ee4c03f9e0ff103edda4218751fe0b248eff20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:91:18:5c:32:c9:9f:e9:11:4c:db:6d:40:0c:
d8:09:cf:a4:4c:b9:2e:85:e1:c1:12:6b:61:3e:91:
78:91:da:a2:a8:1c:af:39:b2:c5:17:c0:42:28:a8:
37:63:1a:d9:b0:3f:57:8a:49:fb:a7:db:41:09:9f:
92:bb:46:e7:65:e6:3d:e4:73:e3:83:4e:fa:d5:6a:
b0:4c:07:a1:2b:3e:a3:16:be:59:e1:fd:b8:69:74:
68:36:e8:f1:74:13:85:73:47:27:c1:2c:94:cb:e8:
5e:6e:d0:1d:6b:d1:8c:65:b4:7e:da:cc:09:85:d6:
74:69:0f:73:cb:de:cf:27:f2:af:ba:35:9e:78:bd:
24:2a:fb:ca:42:2b:8f:04:6f:53:85:24:d5:de:df:
8f:44:1e:b9:dc:fb:26:5a:38:8d:5e:13:74:30:e4:
48:82:b4:39:c8:10:c0:27:02:9b:46:47:b3:a9:17:
52:ed:62:de:70:2b:57:d4:ef:32:12:b9:e9:91:ec:
54:85:c8:28:f5:51:28:9a:ca:9b:74:fa:04:cc:f6:
7a:5e:d2:bb:bf:df:b3:c9:fb:e5:f9:0b:cd:7b:82:
21:4b:10:f9:e6:3c:96:c0:b8:cd:fa:c7:0c:de:5c:
66:cd:86:30:7a:f7:2a:77:72:53:86:1a:21:84:f7:
74:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:EE:4C:03:F9:E0:FF:10:3E:DD:A4:21:87:51:FE:0B:24:8E:FF:20
X509v3 Authority Key Identifier:
keyid:E2:D0:C4:9A:0E:97:E0:D5:F3:CE:D3:B7:B6:B9:F7:2C:A0:CB:53:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4tDEmg6X4NXzztO3trn3LKDLU9Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/8O5MA_ng_xA-3aQhh1H-CySO_yA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/4tDEmg6X4NXzztO3trn3LKDLU9Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.83.232.0/22
83.136.221.0/24
91.223.99.0/24
91.223.102.0/24
91.223.126.0/24
91.223.163.0/24
91.239.64.0/24
176.119.202.0/24
194.39.32.0/22
195.234.99.0/24
IPv6:
2a06:ef40::/32
Signature Algorithm: sha256WithRSAEncryption
3e:5f:be:1f:f6:f4:d2:be:27:3b:8c:58:ff:53:c9:ab:9f:a5:
e5:5b:37:bd:d0:db:5b:c0:0c:10:d3:bb:ee:4b:16:98:92:fd:
b1:5e:c2:a6:ad:48:a7:83:2a:62:52:b7:d3:01:b3:b1:1b:24:
71:91:6d:5e:6c:f9:c4:a5:de:c2:f5:00:b0:31:34:fd:3c:26:
00:9d:61:4d:1f:e6:6a:87:db:4b:b1:7e:7a:53:a9:fd:6a:8c:
f4:5e:8e:1a:a8:03:c6:c1:8c:90:bc:a0:7a:62:81:50:b5:a7:
ce:e2:87:8f:1c:e8:ba:8d:af:ce:ed:ff:6c:2c:9d:38:61:88:
71:97:08:10:10:fe:12:29:46:fe:9d:16:79:f0:8c:fc:f4:ba:
ee:70:c6:57:6a:f7:72:e6:04:ea:0c:71:8c:b6:4e:19:2f:4d:
c6:c1:70:79:b9:36:42:8e:ae:d6:89:13:18:2f:dd:7c:e1:78:
fa:94:5b:b2:20:4e:01:0e:f3:a7:95:8b:f2:d0:7e:b5:23:ed:
18:3d:12:b7:c4:d0:1a:2b:f0:d3:b1:9f:d7:9a:89:91:35:44:
9b:24:60:bc:94:87:c3:1d:e5:1c:31:fb:5d:79:03:5d:b8:b4:
db:b9:88:f9:89:b4:63:8c:8d:c1:f4:df:b8:b4:a2:f5:45:16:
01:7b:89:5d
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIEBIGazTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
MmQwYzQ5YTBlOTdlMGQ1ZjNjZWQzYjdiNmI5ZjcyY2EwY2I1M2Q2MB4XDTIyMDMy
NzE4NTQ0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjBlZTRjMDNmOWUw
ZmYxMDNlZGRhNDIxODc1MWZlMGIyNDhlZmYyMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM6RGFwyyZ/pEUzbbUAM2AnPpEy5LoXhwRJrYT6ReJHaoqgc
rzmyxRfAQiioN2Ma2bA/V4pJ+6fbQQmfkrtG52XmPeRz44NO+tVqsEwHoSs+oxa+
WeH9uGl0aDbo8XQThXNHJ8EslMvoXm7QHWvRjGW0ftrMCYXWdGkPc8vezyfyr7o1
nni9JCr7ykIrjwRvU4Uk1d7fj0Qeudz7Jlo4jV4TdDDkSIK0OcgQwCcCm0ZHs6kX
Uu1i3nArV9TvMhK56ZHsVIXIKPVRKJrKm3T6BMz2el7Su7/fs8n75fkLzXuCIUsQ
+eY8lsC4zfrHDN5cZs2GMHr3KndyU4YaIYT3dPkCAwEAAaOCAk4wggJKMB0GA1Ud
DgQWBBTw7kwD+eD/ED7dpCGHUf4LJI7/IDAfBgNVHSMEGDAWgBTi0MSaDpfg1fPO
07e2ufcsoMtT1jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzR0REVtZzZYNE5Yenp0TzN0cm4zTEtETFU5WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvOWYwZjdhLTExZWItNDM4My1iYzZhLTQ2OTBhMDA3MTQxZi8x
LzhPNU1BX25nX3hBLTNhUWhoMUgtQ3lTT195QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
OWYwZjdhLTExZWItNDM4My1iYzZhLTQ2OTBhMDA3MTQxZi8xLzR0REVtZzZYNE5Y
enp0TzN0cm4zTEtETFU5WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBk
BggrBgEFBQcBBwEB/wRVMFMwQgQCAAEwPAMEAk1T6AMEAFOI3QMEAFvfYwMEAFvf
ZgMEAFvffgMEAFvfowMEAFvvQAMEALB3ygMEAsInIAMEAMPqYzANBAIAAjAHAwUA
KgbvQDANBgkqhkiG9w0BAQsFAAOCAQEAPl++H/b00r4nO4xY/1PJq5+l5Vs3vdDb
W8AMENO77ksWmJL9sV7Cpq1Ip4MqYlK30wGzsRskcZFtXmz5xKXewvUAsDE0/Twm
AJ1hTR/maofbS7F+elOp/WqM9F6OGqgDxsGMkLygemKBULWnzuKHjxzouo2vzu3/
bCydOGGIcZcIEBD+EilG/p0WefCM/PS67nDGV2r3cuYE6gxxjLZOGS9NxsFwebk2
Qo6u1okTGC/dfOF4+pRbsiBOAQ7zp5WL8tB+tSPtGD0St8TQGivw07Gf15qJkTVE
myRgvJSHwx3lHDH7XXkDXbi027mI+Ym0Y4yNwfTfuLSi9UUWAXuJXQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:48 2024 by rpki-client on console-fra.rpki-client.org