Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/306adb-7aa7-4b82-b05a-2a6b9a0ccabd/1/1-gK-7iyma5cYjr3CMJi9HC__8g.roa
File: 1-gK-7iyma5cYjr3CMJi9HC__8g.roa (raw, json)
Hash identifier: 8PQ0kup/bgEKWDwVj6xHprCH9YoUvZEPUF3jPcLZWN4=
Subject key identifier: D7:E8:0A:FB:B8:B2:99:AE:5C:62:3A:F7:08:C2:62:F4:70:BF:FF:C8
Certificate issuer: /CN=8c856557c4146a8b50dc4d94424b06680cef755b
Certificate serial: 35B39002
Authority key identifier: 8C:85:65:57:C4:14:6A:8B:50:DC:4D:94:42:4B:06:68:0C:EF:75:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jIVlV8QUaotQ3E2UQksGaAzvdVs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/306adb-7aa7-4b82-b05a-2a6b9a0ccabd/1/1-gK-7iyma5cYjr3CMJi9HC__8g.roa
Signing time: Sat 01 Jan 2022 06:58:47 +0000
ROA not before: Sat 01 Jan 2022 06:58:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39326
IP address blocks: 80.71.0.0/19 maxlen: 19
194.0.77.0/24 maxlen: 24
194.0.78.0/23 maxlen: 23
46.17.56.0/21 maxlen: 21
195.90.121.0/24 maxlen: 24
80.71.27.0/24 maxlen: 24
195.90.120.0/23 maxlen: 23
93.89.80.0/20 maxlen: 20
185.75.28.0/22 maxlen: 22
185.75.30.0/24 maxlen: 24
217.196.224.0/19 maxlen: 19
77.75.104.0/21 maxlen: 21
89.248.16.0/20 maxlen: 20
37.46.200.0/21 maxlen: 21
195.238.232.0/24 maxlen: 24
2a01:348:62::/48 maxlen: 48
2a01:348::/32 maxlen: 32
2001:a08::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 900960258 (0x35b39002)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8c856557c4146a8b50dc4d94424b06680cef755b
Validity
Not Before: Jan 1 06:58:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d7e80afbb8b299ae5c623af708c262f470bfffc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:c6:ef:3b:41:a4:af:c3:4f:40:6d:9c:c5:1c:
98:0c:53:6e:79:7b:f9:77:23:8d:bb:93:8b:39:3c:
07:ad:fe:b9:7f:df:c1:f6:ff:7b:ec:b8:ec:43:2a:
5f:70:96:e8:b8:ef:40:f0:34:63:87:e8:ac:51:d8:
5b:53:bb:82:51:46:98:18:5c:77:6b:a3:a1:5a:c3:
82:9c:dc:35:b4:11:84:04:a5:ea:21:46:f0:21:d8:
59:71:95:92:f9:96:56:22:f2:b2:b4:d4:3e:be:7b:
4b:27:17:20:90:7d:01:0a:d7:df:13:9c:bb:12:e3:
8b:c9:9f:ba:39:64:72:83:a3:20:17:72:f9:91:a3:
ae:87:5e:9e:e6:75:de:f9:50:0f:6f:e9:18:e8:81:
0b:cd:71:b1:fa:38:90:0e:e8:08:06:4c:4b:ed:b2:
f5:47:3e:b8:c9:8c:0c:90:40:44:4a:16:db:a1:3d:
0b:b2:7f:f7:f9:85:17:43:fd:30:3b:b2:c8:c3:94:
1b:96:15:02:6f:d0:17:6e:b5:75:3e:b3:9b:40:7a:
2d:88:c1:34:dd:23:69:14:7f:47:20:18:c4:48:af:
87:f1:ab:f1:e5:fe:74:a9:8f:d9:07:66:f0:bc:85:
2f:1f:00:f6:d3:33:c7:4c:b3:ce:c9:67:bf:68:25:
bd:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:E8:0A:FB:B8:B2:99:AE:5C:62:3A:F7:08:C2:62:F4:70:BF:FF:C8
X509v3 Authority Key Identifier:
keyid:8C:85:65:57:C4:14:6A:8B:50:DC:4D:94:42:4B:06:68:0C:EF:75:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jIVlV8QUaotQ3E2UQksGaAzvdVs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/306adb-7aa7-4b82-b05a-2a6b9a0ccabd/1/1-gK-7iyma5cYjr3CMJi9HC__8g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/306adb-7aa7-4b82-b05a-2a6b9a0ccabd/1/jIVlV8QUaotQ3E2UQksGaAzvdVs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.46.200.0/21
46.17.56.0/21
77.75.104.0/21
80.71.0.0/19
89.248.16.0/20
93.89.80.0/20
185.75.28.0/22
194.0.77.0-194.0.79.255
195.90.120.0/23
195.238.232.0/24
217.196.224.0/19
IPv6:
2001:a08::/32
2a01:348::/32
Signature Algorithm: sha256WithRSAEncryption
bc:15:86:15:0c:3c:7f:7c:d3:8c:76:dd:c8:e4:e6:bd:42:8a:
19:13:74:35:e5:f9:59:98:19:0b:ed:4a:e7:9f:ca:e8:59:57:
d5:3c:bd:df:5c:82:49:76:12:40:61:e4:67:f3:f9:3b:1c:99:
2e:3c:44:b0:40:e4:f2:2e:fa:a1:c7:ce:a0:be:ed:4c:d1:77:
c9:69:3b:c2:1f:03:92:e7:ae:d5:2c:e2:7a:dd:55:24:7f:5c:
08:91:8f:9c:b6:d7:da:c3:f8:b8:62:14:d6:79:c6:a3:02:9a:
50:69:0d:44:e4:ad:63:96:bb:c2:0c:1e:f2:a4:8c:b1:85:c0:
76:2d:e4:f9:5f:fd:76:f8:0e:b4:a9:ca:3e:2a:b1:0d:4a:0f:
81:c5:0f:f4:6a:8d:7e:5a:a6:23:f2:72:d1:33:5e:46:2c:33:
2a:e0:f9:27:62:1f:70:9f:3d:08:f6:83:cc:37:7b:d6:e4:8e:
42:b2:e3:9a:be:7b:13:74:3a:9f:70:eb:d7:96:c7:ae:c2:66:
d4:11:6b:7a:da:a8:06:13:15:61:46:ee:fc:5f:ce:fb:0e:d2:
4e:65:a0:30:e1:e8:75:8d:fb:7e:bd:81:b5:e5:a6:be:7d:5d:
4b:e1:b3:05:b0:c2:69:1c:ef:81:91:6b:34:f6:23:f3:ed:7e:
5f:1d:8b:f4
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgIENbOQAjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
Yzg1NjU1N2M0MTQ2YThiNTBkYzRkOTQ0MjRiMDY2ODBjZWY3NTViMB4XDTIyMDEw
MTA2NTg0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDdlODBhZmJiOGIy
OTlhZTVjNjIzYWY3MDhjMjYyZjQ3MGJmZmZjODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJTG7ztBpK/DT0BtnMUcmAxTbnl7+XcjjbuTizk8B63+uX/f
wfb/e+y47EMqX3CW6LjvQPA0Y4forFHYW1O7glFGmBhcd2ujoVrDgpzcNbQRhASl
6iFG8CHYWXGVkvmWViLysrTUPr57SycXIJB9AQrX3xOcuxLji8mfujlkcoOjIBdy
+ZGjrodenuZ13vlQD2/pGOiBC81xsfo4kA7oCAZMS+2y9Uc+uMmMDJBAREoW26E9
C7J/9/mFF0P9MDuyyMOUG5YVAm/QF261dT6zm0B6LYjBNN0jaRR/RyAYxEivh/Gr
8eX+dKmP2Qdm8LyFLx8A9tMzx0yzzslnv2glvY8CAwEAAaOCAmMwggJfMB0GA1Ud
DgQWBBTX6Ar7uLKZrlxiOvcIwmL0cL//yDAfBgNVHSMEGDAWgBSMhWVXxBRqi1Dc
TZRCSwZoDO91WzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2pJVmxWOFFVYW90UTNFMlVRa3NHYUF6dmRWcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGQvMzA2YWRiLTdhYTctNGI4Mi1iMDVhLTJhNmI5YTBjY2FiZC8x
LzEtZ0stN2l5bWE1Y1lqcjNDTUppOUhDX184Zy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGQv
MzA2YWRiLTdhYTctNGI4Mi1iMDVhLTJhNmI5YTBjY2FiZC8xL2pJVmxWOFFVYW90
UTNFMlVRa3NHYUF6dmRWcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB5
BggrBgEFBQcBBwEB/wRqMGgwUAQCAAEwSgMEAyUuyAMEAy4ROAMEA01LaAMEBVBH
AAMEBFn4EAMEBF1ZUAMEArlLHDAMAwQAwgBNAwQEwgBAAwQBw1p4AwQAw+7oAwQF
2cTgMBQEAgACMA4DBQAgAQoIAwUAKgEDSDANBgkqhkiG9w0BAQsFAAOCAQEAvBWG
FQw8f3zTjHbdyOTmvUKKGRN0NeX5WZgZC+1K55/K6FlX1Ty931yCSXYSQGHkZ/P5
OxyZLjxEsEDk8i76ocfOoL7tTNF3yWk7wh8Dkueu1Sziet1VJH9cCJGPnLbX2sP4
uGIU1nnGowKaUGkNROStY5a7wgwe8qSMsYXAdi3k+V/9dvgOtKnKPiqxDUoPgcUP
9GqNflqmI/Jy0TNeRiwzKuD5J2IfcJ89CPaDzDd71uSOQrLjmr57E3Q6n3Dr15bH
rsJm1BFretqoBhMVYUbu/F/O+w7STmWgMOHodY37fr2BteWmvn1dS+GzBbDCaRzv
gZFrNPYj8+1+Xx2L9A==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:48:03 2025 by rpki-client