Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/55229c-e282-4a85-b7a4-8acbfea2ecfa/1/8MHb4032QwJYau-C0Iej3BDz9ec.roa
File: 8MHb4032QwJYau-C0Iej3BDz9ec.roa (raw, json)
Hash identifier: 5MVwO5t6aMyYQ7KMESYEiTUpN66eFlb6h1fC4kHdgy8=
Subject key identifier: F0:C1:DB:E3:4D:F6:43:02:58:6A:EF:82:D0:87:A3:DC:10:F3:F5:E7
Certificate issuer: /CN=8d4f3f8ba7dcf5894f2f611d7dfab53d4a63c0a9
Certificate serial: 03D88512
Authority key identifier: 8D:4F:3F:8B:A7:DC:F5:89:4F:2F:61:1D:7D:FA:B5:3D:4A:63:C0:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jU8_i6fc9YlPL2Edffq1PUpjwKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/55229c-e282-4a85-b7a4-8acbfea2ecfa/1/8MHb4032QwJYau-C0Iej3BDz9ec.roa
Signing time: Sat 01 Jan 2022 08:59:01 +0000
ROA not before: Sat 01 Jan 2022 08:59:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12324
IP address blocks: 87.246.240.0/20 maxlen: 20
212.182.64.0/20 maxlen: 20
87.246.192.0/19 maxlen: 19
212.182.0.0/18 maxlen: 18
5.201.0.0/17 maxlen: 17
2a04:440::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64521490 (0x3d88512)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d4f3f8ba7dcf5894f2f611d7dfab53d4a63c0a9
Validity
Not Before: Jan 1 08:59:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f0c1dbe34df64302586aef82d087a3dc10f3f5e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:79:f8:8b:bd:70:3b:05:25:7b:06:83:d0:13:
bc:1f:d3:11:b9:95:de:50:70:12:2b:3d:c6:af:df:
60:70:bf:db:68:8f:92:ad:35:55:08:c6:eb:7a:f9:
e0:99:16:a9:b2:55:99:cf:02:6e:03:0a:f7:9a:20:
91:bf:ef:6d:c7:57:f6:3d:e2:77:81:aa:b8:20:e3:
af:1d:c0:5f:a8:96:18:75:aa:cc:33:e7:4c:c7:10:
7e:e7:40:13:f3:f7:af:33:f1:3b:bb:47:15:be:8f:
9a:d1:ab:24:fd:1f:53:5f:0e:33:2f:bb:c4:ea:75:
27:88:cd:cb:1f:11:cf:55:6a:c6:0a:7e:46:d2:7b:
f4:d7:a0:1b:ce:38:db:cd:90:84:c4:ab:a3:80:07:
3e:ff:8c:f5:b0:86:56:15:b3:79:53:82:64:28:0d:
5e:74:81:3a:35:4b:09:d1:a5:2a:c1:02:03:bb:5f:
60:4b:2f:d4:23:91:02:1d:7b:ab:7d:fe:43:10:28:
cb:10:55:9b:b2:0e:ba:44:39:9f:e7:b0:6e:7d:79:
7f:6b:fd:c1:26:3f:a3:59:2f:d4:c2:97:32:3c:1a:
cf:b9:79:0e:7b:cc:f2:5d:ee:8b:98:23:5b:06:df:
c0:47:df:44:4b:89:71:64:9c:39:c2:75:b0:8b:8b:
18:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:C1:DB:E3:4D:F6:43:02:58:6A:EF:82:D0:87:A3:DC:10:F3:F5:E7
X509v3 Authority Key Identifier:
keyid:8D:4F:3F:8B:A7:DC:F5:89:4F:2F:61:1D:7D:FA:B5:3D:4A:63:C0:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jU8_i6fc9YlPL2Edffq1PUpjwKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/55229c-e282-4a85-b7a4-8acbfea2ecfa/1/8MHb4032QwJYau-C0Iej3BDz9ec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/55229c-e282-4a85-b7a4-8acbfea2ecfa/1/jU8_i6fc9YlPL2Edffq1PUpjwKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.201.0.0/17
87.246.192.0/19
87.246.240.0/20
212.182.0.0-212.182.79.255
IPv6:
2a04:440::/32
Signature Algorithm: sha256WithRSAEncryption
1c:2e:27:d2:31:68:71:30:52:10:b6:cb:04:73:49:e0:8b:50:
1a:c1:4d:75:cb:a9:69:9a:c3:79:bb:b2:59:64:c0:bd:73:e2:
10:d4:00:e7:fe:7d:0c:7f:ab:07:fe:c8:2a:a7:7a:80:a9:14:
9d:17:fa:69:18:af:a3:aa:9d:e1:95:30:50:db:0e:6b:69:14:
d2:fb:b1:01:f8:0f:7b:b8:ed:b1:e9:a0:7a:48:97:8e:d4:78:
15:34:2d:f7:7b:0e:2e:f8:65:af:11:df:89:52:5d:92:28:56:
0d:42:f3:62:da:d9:f0:91:03:5c:1f:67:16:60:ad:13:65:3a:
f3:c0:1e:1a:dd:99:a4:69:15:bd:20:5a:53:17:3d:48:fc:e6:
62:9c:c5:e5:2f:f6:05:3c:98:d2:98:e3:c4:56:2f:c4:61:53:
b4:86:23:89:ec:fa:0b:17:92:e2:60:99:c3:78:18:dd:4e:d6:
45:be:ef:a1:90:18:78:e0:1e:9a:c8:17:87:0c:0f:91:57:1a:
af:fe:ea:f6:f3:8d:8e:40:a4:50:ac:3a:5d:38:12:28:d8:6b:
70:e9:34:d8:c6:5f:52:2f:6a:f6:de:20:92:bb:cb:4b:82:e3:
16:cd:33:7a:1a:79:b0:81:2a:f2:00:61:c9:a8:3f:c2:7d:1f:
9b:f4:0e:3e
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgIEA9iFEjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ZDRmM2Y4YmE3ZGNmNTg5NGYyZjYxMWQ3ZGZhYjUzZDRhNjNjMGE5MB4XDTIyMDEw
MTA4NTkwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjBjMWRiZTM0ZGY2
NDMwMjU4NmFlZjgyZDA4N2EzZGMxMGYzZjVlNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALx5+Iu9cDsFJXsGg9ATvB/TEbmV3lBwEis9xq/fYHC/22iP
kq01VQjG63r54JkWqbJVmc8CbgMK95ogkb/vbcdX9j3id4GquCDjrx3AX6iWGHWq
zDPnTMcQfudAE/P3rzPxO7tHFb6PmtGrJP0fU18OMy+7xOp1J4jNyx8Rz1Vqxgp+
RtJ79NegG844282QhMSro4AHPv+M9bCGVhWzeVOCZCgNXnSBOjVLCdGlKsECA7tf
YEsv1CORAh17q33+QxAoyxBVm7IOukQ5n+ewbn15f2v9wSY/o1kv1MKXMjwaz7l5
DnvM8l3ui5gjWwbfwEffREuJcWScOcJ1sIuLGD8CAwEAAaOCAjEwggItMB0GA1Ud
DgQWBBTwwdvjTfZDAlhq74LQh6PcEPP15zAfBgNVHSMEGDAWgBSNTz+Lp9z1iU8v
YR19+rU9SmPAqTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2pVOF9pNmZjOVlsUEwyRWRmZnExUFVwandLay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDcvNTUyMjljLWUyODItNGE4NS1iN2E0LThhY2JmZWEyZWNmYS8x
LzhNSGI0MDMyUXdKWWF1LUMwSWVqM0JEejllYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDcv
NTUyMjljLWUyODItNGE4NS1iN2E0LThhY2JmZWEyZWNmYS8xL2pVOF9pNmZjOVls
UEwyRWRmZnExUFVwandLay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBH
BggrBgEFBQcBBwEB/wQ4MDYwJQQCAAEwHwMEBwXJAAMEBVf2wAMEBFf28DALAwMB
1LYDBATUtkAwDQQCAAIwBwMFACoEBEAwDQYJKoZIhvcNAQELBQADggEBABwuJ9Ix
aHEwUhC2ywRzSeCLUBrBTXXLqWmaw3m7sllkwL1z4hDUAOf+fQx/qwf+yCqneoCp
FJ0X+mkYr6OqneGVMFDbDmtpFNL7sQH4D3u47bHpoHpIl47UeBU0Lfd7Di74Za8R
34lSXZIoVg1C82La2fCRA1wfZxZgrRNlOvPAHhrdmaRpFb0gWlMXPUj85mKcxeUv
9gU8mNKY48RWL8RhU7SGI4ns+gsXkuJgmcN4GN1O1kW+76GQGHjgHprIF4cMD5FX
Gq/+6vbzjY5ApFCsOl04EijYa3DpNNjGX1IvavbeIJK7y0uC4xbNM3oaebCBKvIA
YcmoP8J9H5v0Dj4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:49 2024 by rpki-client on console-ams.rpki-client.org