Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/a3383a-04eb-43f8-a953-3bf04a2a93d8/1/8j_sZRGjgkSbQXYQ7KaGgFXb7jI.roa
File: 8j_sZRGjgkSbQXYQ7KaGgFXb7jI.roa (raw, json)
Hash identifier: ht7Ol0k9ecE3v59Oms7OcRckDeeYCyba15GWs/YkVzU=
Subject key identifier: F2:3F:EC:65:11:A3:82:44:9B:41:76:10:EC:A6:86:80:55:DB:EE:32
Certificate issuer: /CN=0526b03c717184c3680817e55e2455f85d73a413
Certificate serial: 01AB70EF
Authority key identifier: 05:26:B0:3C:71:71:84:C3:68:08:17:E5:5E:24:55:F8:5D:73:A4:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BSawPHFxhMNoCBflXiRV-F1zpBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/a3383a-04eb-43f8-a953-3bf04a2a93d8/1/8j_sZRGjgkSbQXYQ7KaGgFXb7jI.roa
Signing time: Thu 20 Jan 2022 14:31:15 +0000
ROA not before: Thu 20 Jan 2022 14:31:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57172
IP address blocks: 213.152.160.0/19 maxlen: 19
109.202.96.0/21 maxlen: 21
109.232.224.0/21 maxlen: 21
188.95.48.0/21 maxlen: 21
37.123.208.0/23 maxlen: 23
188.95.54.0/24 maxlen: 24
188.95.55.0/24 maxlen: 24
2a00:1678::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 28012783 (0x1ab70ef)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0526b03c717184c3680817e55e2455f85d73a413
Validity
Not Before: Jan 20 14:31:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f23fec6511a382449b417610eca6868055dbee32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:3a:3c:15:82:27:d6:1c:1f:0f:04:de:7e:04:
1f:c9:84:ec:45:b6:2a:9b:28:55:e1:95:77:18:f4:
b8:12:d3:d9:c4:6e:8f:eb:d7:33:d9:e4:3a:ed:64:
3e:0c:85:fb:7b:a1:c5:ba:c7:95:02:0e:4c:58:31:
7b:cd:fc:99:af:df:e2:15:af:29:65:6d:d7:e3:6f:
60:f6:8f:e7:cc:d0:ac:da:5a:d4:8a:e2:18:8f:e7:
c3:8f:0b:94:9a:17:28:fc:d7:58:64:5b:dc:23:06:
65:15:b4:2e:5d:9b:c3:75:7d:69:b5:3f:8b:6d:38:
18:90:77:2c:75:35:42:80:44:80:51:14:f2:23:2f:
67:21:06:51:c0:ba:4c:46:16:62:a8:07:fc:8a:3e:
a6:3c:a6:5c:47:77:d6:db:7b:39:c1:91:58:3a:75:
84:55:77:a6:41:89:76:d1:d7:7f:3f:c1:11:66:e5:
8d:d0:e8:28:79:bf:06:2a:c9:4c:56:31:79:b1:91:
18:1d:4f:a6:56:63:36:97:16:e0:33:6d:ae:d6:10:
80:6d:5a:df:20:4f:74:0e:d1:ec:fa:56:df:e3:6a:
a4:b0:e9:c6:df:74:40:42:a2:43:89:9a:ab:d0:5d:
54:21:e8:fe:24:52:11:be:8a:42:4c:27:c2:ce:cc:
49:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:3F:EC:65:11:A3:82:44:9B:41:76:10:EC:A6:86:80:55:DB:EE:32
X509v3 Authority Key Identifier:
keyid:05:26:B0:3C:71:71:84:C3:68:08:17:E5:5E:24:55:F8:5D:73:A4:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BSawPHFxhMNoCBflXiRV-F1zpBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/a3383a-04eb-43f8-a953-3bf04a2a93d8/1/8j_sZRGjgkSbQXYQ7KaGgFXb7jI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/a3383a-04eb-43f8-a953-3bf04a2a93d8/1/BSawPHFxhMNoCBflXiRV-F1zpBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.123.208.0/23
109.202.96.0/21
109.232.224.0/21
188.95.48.0/21
213.152.160.0/19
IPv6:
2a00:1678::/32
Signature Algorithm: sha256WithRSAEncryption
8d:69:64:d1:c1:3d:07:9f:1d:8c:46:12:db:9c:dc:4e:0b:23:
ec:23:5c:3b:67:e0:f9:fe:3b:f8:55:6d:5a:93:9d:73:82:e7:
10:80:9d:e8:60:e1:f0:5f:b3:45:5c:b9:3e:b8:0e:50:6e:5e:
67:89:62:76:3d:17:b1:03:b2:9c:74:b1:23:4e:de:d9:53:02:
79:b8:a5:14:25:b5:53:16:1f:a2:db:a3:b8:92:57:25:d8:e9:
af:02:9f:30:25:79:ea:9f:00:d9:8e:03:ea:de:77:92:83:43:
fc:39:ca:1a:c3:e7:69:37:78:cf:39:72:be:78:e0:3c:42:de:
44:5e:88:12:d4:93:96:44:90:25:13:68:07:df:30:c0:03:95:
9f:60:14:ba:14:6c:15:d3:d3:f9:04:3b:a5:32:45:cf:f0:4d:
48:18:aa:1a:35:8d:de:3b:ef:a1:48:75:76:d2:46:9d:ce:d4:
f4:da:e1:ab:8a:c9:ea:5b:66:4c:7f:b1:85:cf:f6:9e:70:a8:
15:95:11:f3:b8:30:e8:67:7d:90:cb:39:37:58:c4:7d:61:ff:
10:62:2f:53:90:09:e9:d4:af:c3:6d:4d:bd:69:7f:e6:59:da:
73:93:5c:32:34:d3:92:a8:58:de:5a:25:d7:50:e8:e0:63:b9:
5e:9f:b0:aa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIEAatw7zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NTI2YjAzYzcxNzE4NGMzNjgwODE3ZTU1ZTI0NTVmODVkNzNhNDEzMB4XDTIyMDEy
MDE0MzExNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjIzZmVjNjUxMWEz
ODI0NDliNDE3NjEwZWNhNjg2ODA1NWRiZWUzMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANA6PBWCJ9YcHw8E3n4EH8mE7EW2KpsoVeGVdxj0uBLT2cRu
j+vXM9nkOu1kPgyF+3uhxbrHlQIOTFgxe838ma/f4hWvKWVt1+NvYPaP58zQrNpa
1IriGI/nw48LlJoXKPzXWGRb3CMGZRW0Ll2bw3V9abU/i204GJB3LHU1QoBEgFEU
8iMvZyEGUcC6TEYWYqgH/Io+pjymXEd31tt7OcGRWDp1hFV3pkGJdtHXfz/BEWbl
jdDoKHm/BirJTFYxebGRGB1PplZjNpcW4DNtrtYQgG1a3yBPdA7R7PpW3+NqpLDp
xt90QEKiQ4maq9BdVCHo/iRSEb6KQkwnws7MST8CAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBTyP+xlEaOCRJtBdhDspoaAVdvuMjAfBgNVHSMEGDAWgBQFJrA8cXGEw2gI
F+VeJFX4XXOkEzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JTYXdQSEZ4aE1Ob0NCZmxYaVJWLUYxenBCTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDEvYTMzODNhLTA0ZWItNDNmOC1hOTUzLTNiZjA0YTJhOTNkOC8x
LzhqX3NaUkdqZ2tTYlFYWVE3S2FHZ0ZYYjdqSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDEv
YTMzODNhLTA0ZWItNDNmOC1hOTUzLTNiZjA0YTJhOTNkOC8xL0JTYXdQSEZ4aE1O
b0NCZmxYaVJWLUYxenBCTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBG
BggrBgEFBQcBBwEB/wQ3MDUwJAQCAAEwHgMEASV70AMEA23KYAMEA23o4AMEA7xf
MAMEBdWYoDANBAIAAjAHAwUAKgAWeDANBgkqhkiG9w0BAQsFAAOCAQEAjWlk0cE9
B58djEYS25zcTgsj7CNcO2fg+f47+FVtWpOdc4LnEICd6GDh8F+zRVy5PrgOUG5e
Z4lidj0XsQOynHSxI07e2VMCebilFCW1UxYfotujuJJXJdjprwKfMCV56p8A2Y4D
6t53koND/DnKGsPnaTd4zzlyvnjgPELeRF6IEtSTlkSQJRNoB98wwAOVn2AUuhRs
FdPT+QQ7pTJFz/BNSBiqGjWN3jvvoUh1dtJGnc7U9Nrhq4rJ6ltmTH+xhc/2nnCo
FZUR87gw6Gd9kMs5N1jEfWH/EGIvU5AJ6dSvw21NvWl/5lnac5NcMjTTkqhY3lol
11Do4GO5Xp+wqg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:46 2024 by rpki-client on console-ams.rpki-client.org