Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/387f21-101b-487e-8a0f-0b838a599662/1/8GWjqA5OEpoBCcLLgu65JKKwBBo.roa
File: 8GWjqA5OEpoBCcLLgu65JKKwBBo.roa (raw, json)
Hash identifier: 5KPGejlg5i4ITOlihb4UawbJ+e8rJ5vnZBsvIa3O9PM=
Subject key identifier: F0:65:A3:A8:0E:4E:12:9A:01:09:C2:CB:82:EE:B9:24:A2:B0:04:1A
Certificate issuer: /CN=c1a190504b6d9ed9c18096840425b11d7b22dff4
Certificate serial: 0182E86241347D9B56394B97D49ACA7CCD74
Authority key identifier: C1:A1:90:50:4B:6D:9E:D9:C1:80:96:84:04:25:B1:1D:7B:22:DF:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/waGQUEttntnBgJaEBCWxHXsi3_Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/387f21-101b-487e-8a0f-0b838a599662/1/8GWjqA5OEpoBCcLLgu65JKKwBBo.roa
Signing time: Mon 29 Aug 2022 06:55:29 +0000
ROA not before: Mon 29 Aug 2022 06:55:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42707
IP address blocks: 185.236.4.0/22 maxlen: 22
185.245.88.0/22 maxlen: 22
185.231.24.0/22 maxlen: 22
91.189.224.0/21 maxlen: 21
83.143.76.0/22 maxlen: 22
109.207.72.0/22 maxlen: 22
193.33.134.0/23 maxlen: 23
185.252.124.0/22 maxlen: 22
5.57.248.0/21 maxlen: 21
185.254.48.0/22 maxlen: 22
185.148.28.0/22 maxlen: 22
195.42.224.0/22 maxlen: 22
195.42.228.0/23 maxlen: 23
185.250.136.0/22 maxlen: 22
185.247.48.0/22 maxlen: 22
185.248.228.0/22 maxlen: 22
5.45.32.0/22 maxlen: 22
5.206.208.0/20 maxlen: 20
185.233.212.0/22 maxlen: 22
2a00:5140::/32 maxlen: 32
2a00:5141::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:e8:62:41:34:7d:9b:56:39:4b:97:d4:9a:ca:7c:cd:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1a190504b6d9ed9c18096840425b11d7b22dff4
Validity
Not Before: Aug 29 06:55:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f065a3a80e4e129a0109c2cb82eeb924a2b0041a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:ae:ca:ef:9d:59:dc:92:d1:e1:a5:63:d3:e5:
c7:a9:e0:ab:1e:19:30:18:3f:c6:f0:b9:5c:e9:32:
06:50:87:14:a3:48:51:24:40:ff:f6:ee:85:81:18:
47:d2:ac:a9:2a:5e:0a:3b:a6:b7:39:33:0c:c9:fe:
c9:56:42:1c:d5:64:41:64:33:d0:f6:1a:ed:21:9a:
fc:4c:69:7c:4e:ee:47:6c:4f:1c:21:e9:d6:fa:f5:
62:bd:24:6d:51:1c:94:ec:6b:bf:d7:19:36:07:0b:
85:ce:da:10:63:80:f3:e4:24:38:df:ec:b0:09:f5:
95:bf:3e:43:c5:bc:3b:09:c8:c0:28:a9:00:d0:97:
5d:e7:aa:1f:fb:12:b8:82:21:b5:a1:c2:76:5d:49:
dd:d0:96:74:fe:de:3b:27:db:99:55:d0:7a:cb:2d:
69:c4:9d:ff:40:fb:84:ed:ff:58:31:94:02:22:86:
9e:73:d3:17:8f:ed:83:62:65:16:a0:e0:19:b1:e7:
89:2e:c0:dc:9e:86:72:76:09:38:fc:0d:a1:98:7f:
31:5f:58:1b:af:b1:06:4b:2b:63:59:43:46:85:45:
51:2c:32:a3:97:8d:7f:9d:8e:ee:41:62:fe:30:11:
88:a7:4b:be:00:99:fb:d3:8c:fc:e8:79:3c:9c:43:
9c:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:65:A3:A8:0E:4E:12:9A:01:09:C2:CB:82:EE:B9:24:A2:B0:04:1A
X509v3 Authority Key Identifier:
keyid:C1:A1:90:50:4B:6D:9E:D9:C1:80:96:84:04:25:B1:1D:7B:22:DF:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/waGQUEttntnBgJaEBCWxHXsi3_Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/387f21-101b-487e-8a0f-0b838a599662/1/8GWjqA5OEpoBCcLLgu65JKKwBBo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/387f21-101b-487e-8a0f-0b838a599662/1/waGQUEttntnBgJaEBCWxHXsi3_Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.45.32.0/22
5.57.248.0/21
5.206.208.0/20
83.143.76.0/22
91.189.224.0/21
109.207.72.0/22
185.148.28.0/22
185.231.24.0/22
185.233.212.0/22
185.236.4.0/22
185.245.88.0/22
185.247.48.0/22
185.248.228.0/22
185.250.136.0/22
185.252.124.0/22
185.254.48.0/22
193.33.134.0/23
195.42.224.0-195.42.229.255
IPv6:
2a00:5140::/31
Signature Algorithm: sha256WithRSAEncryption
ac:c9:d8:9e:b8:e3:88:29:77:36:71:c8:72:64:26:fb:b7:e0:
42:09:6f:2d:d7:de:25:56:39:13:ed:cf:6f:26:d5:03:c2:07:
87:d6:55:9f:e1:c6:bb:3a:3a:a7:e3:95:df:a5:64:8d:2f:73:
0e:ce:a9:d1:89:1a:41:13:d9:65:c3:1b:33:bf:ca:83:95:f7:
b8:dc:d6:59:54:65:2a:fa:d8:61:ee:2f:da:1b:44:6e:50:79:
12:d2:a6:21:2a:6a:42:cf:94:c9:95:19:46:9e:b3:1c:0a:9e:
8e:a6:5d:73:b6:2d:e4:92:3e:85:9f:47:1b:5f:ff:1f:42:90:
a7:a5:e3:b3:86:b4:94:83:35:6a:1c:5e:b9:af:44:cf:bd:9c:
b7:a1:73:cd:f7:3b:07:2b:ac:2b:87:3c:ae:24:ac:ad:5b:cc:
54:f6:a5:48:92:f5:c5:db:40:bf:4d:25:cb:1c:9d:60:f6:5d:
58:52:2c:7c:9f:a7:7a:11:b1:7e:72:b1:78:78:6a:60:eb:b8:
22:0f:30:98:7f:93:29:e5:d8:9c:b8:cc:ab:ad:cf:8b:71:e3:
17:b9:54:d4:c0:c1:30:97:38:17:3b:54:63:d6:37:dc:d9:75:
dc:4b:00:5c:f5:3d:73:53:70:e2:42:c1:29:52:16:99:01:ee:
b5:8b:6b:d9
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgISAYLoYkE0fZtWOUuX1JrKfM10MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxYTE5MDUwNGI2ZDllZDljMTgwOTY4NDA0MjViMTFkN2Iy
MmRmZjQwHhcNMjIwODI5MDY1NTI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDY1YTNhODBlNGUxMjlhMDEwOWMyY2I4MmVlYjkyNGEyYjAwNDFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn67K751Z3JLR4aVj0+XHqeCrHhkw
GD/G8Llc6TIGUIcUo0hRJED/9u6FgRhH0qypKl4KO6a3OTMMyf7JVkIc1WRBZDPQ
9hrtIZr8TGl8Tu5HbE8cIenW+vVivSRtURyU7Gu/1xk2BwuFztoQY4Dz5CQ43+yw
CfWVvz5Dxbw7CcjAKKkA0Jdd56of+xK4giG1ocJ2XUnd0JZ0/t47J9uZVdB6yy1p
xJ3/QPuE7f9YMZQCIoaec9MXj+2DYmUWoOAZseeJLsDcnoZydgk4/A2hmH8xX1gb
r7EGSytjWUNGhUVRLDKjl41/nY7uQWL+MBGIp0u+AJn704z86Hk8nEOc0wIDAQAB
o4ICiTCCAoUwHQYDVR0OBBYEFPBlo6gOThKaAQnCy4LuuSSisAQaMB8GA1UdIwQY
MBaAFMGhkFBLbZ7ZwYCWhAQlsR17It/0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2FHUVVFdHRudG5CZ0phRUJDV3hIWHNpM19RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8zODdmMjEtMTAxYi00ODdlLThhMGYt
MGI4MzhhNTk5NjYyLzEvOEdXanFBNU9FcG9CQ2NMTGd1NjVKS0t3QkJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8zODdmMjEtMTAxYi00ODdlLThhMGYtMGI4MzhhNTk5NjYy
LzEvd2FHUVVFdHRudG5CZ0phRUJDV3hIWHNpM19RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGeBggrBgEFBQcBBwEB/wSBjjCBizB6BAIAATB0AwQCBS0g
AwQDBTn4AwQEBc7QAwQCU49MAwQDW73gAwQCbc9IAwQCuZQcAwQCuecYAwQCuenU
AwQCuewEAwQCufVYAwQCufcwAwQCufjkAwQCufqIAwQCufx8AwQCuf4wAwQBwSGG
MAwDBAXDKuADBAHDKuQwDQQCAAIwBwMFASoAUUAwDQYJKoZIhvcNAQELBQADggEB
AKzJ2J6444gpdzZxyHJkJvu34EIJby3X3iVWORPtz28m1QPCB4fWVZ/hxrs6Oqfj
ld+lZI0vcw7OqdGJGkET2WXDGzO/yoOV97jc1llUZSr62GHuL9obRG5QeRLSpiEq
akLPlMmVGUaesxwKno6mXXO2LeSSPoWfRxtf/x9CkKel47OGtJSDNWocXrmvRM+9
nLehc833OwcrrCuHPK4krK1bzFT2pUiS9cXbQL9NJcscnWD2XVhSLHyfp3oRsX5y
sXh4amDruCIPMJh/kynl2Jy4zKutz4tx4xe5VNTAwTCXOBc7VGPWN9zZddxLAFz1
PXNTcOJCwSlSFpkB7rWLa9k=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:13 2024 by rpki-client on console-ams.rpki-client.org