Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/8-FNwKlKSSoCeZSpTYLaISuKT0Q.roa
File: 8-FNwKlKSSoCeZSpTYLaISuKT0Q.roa (raw, json)
Hash identifier: iBAj3nXJ9basNLvZKDb/dQTEhNQEB2gzDj/v/kWhhW0=
Subject key identifier: F3:E1:4D:C0:A9:4A:49:2A:02:79:94:A9:4D:82:DA:21:2B:8A:4F:44
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 018A4B00E63F9E322425CCD086A9577ACCB3
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/8-FNwKlKSSoCeZSpTYLaISuKT0Q.roa
Signing time: Thu 31 Aug 2023 09:51:04 +0000
ROA not before: Thu 31 Aug 2023 09:51:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42649
IP address blocks: 193.234.83.0/24 maxlen: 24
193.234.86.0/24 maxlen: 24
193.180.121.0/24 maxlen: 24
194.103.4.0/24 maxlen: 24
193.235.73.0/24 maxlen: 24
193.183.239.0/24 maxlen: 24
194.68.159.0/24 maxlen: 24
193.234.255.0/24 maxlen: 24
193.180.20.0/24 maxlen: 24
194.68.43.0/24 maxlen: 24
194.68.160.0/24 maxlen: 24
192.165.127.0/24 maxlen: 24
192.165.138.0/23 maxlen: 24
193.235.130.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:4b:00:e6:3f:9e:32:24:25:cc:d0:86:a9:57:7a:cc:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Aug 31 09:51:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f3e14dc0a94a492a027994a94d82da212b8a4f44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:cc:0c:71:33:16:b1:62:1c:02:3e:9d:5d:8b:
bf:25:61:cc:43:ed:a9:07:d1:74:55:81:11:03:72:
92:3b:dd:78:5f:8f:fe:d9:c9:15:a3:e4:63:f3:fe:
cd:d2:80:a7:86:5f:9d:04:7b:2f:b3:1c:07:dc:dc:
90:7f:0f:c9:28:48:e1:ea:02:08:5f:72:14:6a:55:
82:66:c9:d9:2d:30:de:f5:0c:3e:01:3b:b2:20:30:
41:74:90:31:50:38:5c:15:03:7c:8b:1d:ae:93:3f:
ab:48:15:70:11:56:88:c6:f6:5a:fd:92:f4:d1:53:
cf:74:f3:c7:0d:25:84:b2:91:b0:a4:42:57:7e:d7:
1c:98:47:79:0a:24:42:37:8d:4e:5b:a5:5f:73:ca:
c5:6b:98:67:f0:98:de:09:35:47:90:cb:f6:5a:d0:
35:8e:9f:6a:6b:df:e9:e7:1d:c2:f2:aa:78:1d:79:
5d:17:e7:5f:81:d5:42:ce:b9:70:7e:05:ff:c7:9d:
02:f9:bc:c2:f1:f4:e0:2d:c3:b9:20:3c:3e:ee:48:
54:28:16:5a:61:1c:b3:fa:51:5d:8f:cf:68:35:6b:
2a:56:d8:1e:0a:04:64:f6:30:ad:38:d7:37:00:75:
d0:0d:86:c1:da:30:77:e2:7b:f7:f1:7a:9f:ff:50:
9c:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:E1:4D:C0:A9:4A:49:2A:02:79:94:A9:4D:82:DA:21:2B:8A:4F:44
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/8-FNwKlKSSoCeZSpTYLaISuKT0Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.165.127.0/24
192.165.138.0/23
193.180.20.0/24
193.180.121.0/24
193.183.239.0/24
193.234.83.0/24
193.234.86.0/24
193.234.255.0/24
193.235.73.0/24
193.235.130.0/24
194.68.43.0/24
194.68.159.0-194.68.160.255
194.103.4.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:13:89:61:88:8c:e3:56:c7:62:6f:53:44:1c:84:65:ae:61:
66:74:70:5f:34:e5:4d:82:bf:3e:ef:a3:6d:f1:f8:28:3e:e2:
92:56:dd:95:96:43:27:b9:0e:db:42:72:55:a1:bb:a4:38:a1:
1b:7e:45:02:45:ef:0c:d3:42:9a:08:eb:92:97:43:9c:6a:e6:
19:9b:c3:d2:1c:c1:d6:b2:2d:8d:ba:9e:97:8e:0b:9f:f0:d2:
17:74:73:62:8d:a6:d8:a5:17:69:07:34:20:a6:17:fa:c5:04:
66:77:cb:14:b6:4f:db:37:f0:b3:33:3c:ac:7d:19:03:d0:3a:
86:9f:a1:3b:4e:ae:e3:a7:dc:49:c8:49:d3:6c:44:fa:29:65:
a2:1e:31:e0:4c:19:06:44:4b:06:87:6d:0b:26:5a:36:e5:5a:
3e:07:37:ca:a1:70:c6:37:bc:f2:f1:9f:59:19:1a:76:d3:1d:
11:bd:3a:a5:da:04:a6:02:86:97:f7:93:32:bf:cb:80:0e:e3:
4c:8f:e3:e8:73:cf:d6:5f:ee:df:16:d3:51:76:95:4c:22:42:
2a:88:40:1e:c6:bd:a0:85:12:8a:03:96:97:46:a0:46:62:95:
f5:49:1e:1d:ff:1a:3b:af:ac:76:2d:dd:e9:bc:90:c2:ee:1c:
2c:fb:6f:02
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAYpLAOY/njIkJczQhqlXesyzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjMwODMxMDk1MTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2UxNGRjMGE5NGE0OTJhMDI3OTk0YTk0ZDgyZGEyMTJiOGE0ZjQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkswMcTMWsWIcAj6dXYu/JWHMQ+2p
B9F0VYERA3KSO914X4/+2ckVo+Rj8/7N0oCnhl+dBHsvsxwH3NyQfw/JKEjh6gII
X3IUalWCZsnZLTDe9Qw+ATuyIDBBdJAxUDhcFQN8ix2ukz+rSBVwEVaIxvZa/ZL0
0VPPdPPHDSWEspGwpEJXftccmEd5CiRCN41OW6Vfc8rFa5hn8JjeCTVHkMv2WtA1
jp9qa9/p5x3C8qp4HXldF+dfgdVCzrlwfgX/x50C+bzC8fTgLcO5IDw+7khUKBZa
YRyz+lFdj89oNWsqVtgeCgRk9jCtONc3AHXQDYbB2jB34nv38Xqf/1CcZQIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFPPhTcCpSkkqAnmUqU2C2iErik9EMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvOC1GTndLbEtTU29DZVpTcFRZTGFJU3VLVDBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBcBAIAATBWAwQAwKV/AwQB
wKWKAwQAwbQUAwQAwbR5AwQAwbfvAwQAwepTAwQAwepWAwQAwer/AwQAwetJAwQA
weuCAwQAwkQrMAwDBADCRJ8DBADCRKADBADCZwQwDQYJKoZIhvcNAQELBQADggEB
ACsTiWGIjONWx2JvU0QchGWuYWZ0cF805U2Cvz7vo23x+Cg+4pJW3ZWWQye5DttC
clWhu6Q4oRt+RQJF7wzTQpoI65KXQ5xq5hmbw9IcwdayLY26npeOC5/w0hd0c2KN
ptilF2kHNCCmF/rFBGZ3yxS2T9s38LMzPKx9GQPQOoafoTtOruOn3EnISdNsRPop
ZaIeMeBMGQZESwaHbQsmWjblWj4HN8qhcMY3vPLxn1kZGnbTHRG9OqXaBKYChpf3
kzK/y4AO40yP4+hzz9Zf7t8W01F2lUwiQiqIQB7GvaCFEooDlpdGoEZilfVJHh3/
GjuvrHYt3em8kMLuHCz7bwI=
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:56:33 2025 by rpki-client