Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/1aa2d8-6106-4808-8c97-f46224b0d161/1/8CWYFS8Ht3hBttCgzC6-rE-basU.roa
File: 8CWYFS8Ht3hBttCgzC6-rE-basU.roa (raw, json)
Hash identifier: Rnz+Deb4Yy3e2QM8Bu8dRWL3GP+CuPxwkLeSM48DrWA=
Subject key identifier: F0:25:98:15:2F:07:B7:78:41:B6:D0:A0:CC:2E:BE:AC:4F:9B:6A:C5
Certificate issuer: /CN=9b3f29ff9ea71b3c3dc1f5af054b41647c91af98
Certificate serial: 1015FDD8
Authority key identifier: 9B:3F:29:FF:9E:A7:1B:3C:3D:C1:F5:AF:05:4B:41:64:7C:91:AF:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mz8p_56nGzw9wfWvBUtBZHyRr5g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/1aa2d8-6106-4808-8c97-f46224b0d161/1/8CWYFS8Ht3hBttCgzC6-rE-basU.roa
Signing time: Sat 01 Jan 2022 00:54:03 +0000
ROA not before: Sat 01 Jan 2022 00:54:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206698
IP address blocks: 194.33.41.0/24 maxlen: 24
194.33.42.0/24 maxlen: 24
194.33.43.0/24 maxlen: 24
194.33.40.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 269876696 (0x1015fdd8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b3f29ff9ea71b3c3dc1f5af054b41647c91af98
Validity
Not Before: Jan 1 00:54:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f02598152f07b77841b6d0a0cc2ebeac4f9b6ac5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:33:86:ef:af:9c:49:35:4a:6e:63:ea:d1:26:
48:c5:3a:c6:a9:1a:03:b0:fd:16:04:3f:5b:75:e3:
9b:00:5b:45:a1:98:ee:53:0d:3a:96:10:d6:77:a3:
94:9f:92:89:79:16:fb:3c:1d:18:d5:ca:76:cb:42:
aa:15:65:d9:69:b2:54:d4:ea:8a:90:85:ad:c0:0f:
f9:88:67:af:47:01:dc:2b:38:c2:d7:71:43:bb:82:
77:93:86:14:88:bd:10:31:1e:7d:dc:d5:da:55:ab:
5d:53:f5:98:1a:b8:54:f9:ce:13:93:76:92:0c:08:
53:a0:85:7f:03:b7:df:b9:99:f3:a3:70:30:71:10:
58:5f:f5:2c:77:e7:bc:3d:10:12:97:74:18:83:9a:
52:e6:7b:67:7c:13:bc:bd:e8:02:a3:a5:13:e7:46:
fb:70:e5:e4:91:da:8e:6d:de:0b:dd:04:bc:8a:21:
05:3d:9f:b5:cb:01:23:9c:56:06:19:ad:4e:44:d0:
b4:76:4f:f2:2f:be:9d:2a:fc:71:23:52:e3:b4:a9:
41:49:29:af:a1:28:89:7d:aa:cf:a4:82:be:e9:99:
be:7e:e0:83:7d:b8:03:b7:3b:41:c1:9f:ac:4d:cb:
05:10:00:33:5d:c9:03:56:67:b5:f6:96:74:e6:79:
c2:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:25:98:15:2F:07:B7:78:41:B6:D0:A0:CC:2E:BE:AC:4F:9B:6A:C5
X509v3 Authority Key Identifier:
keyid:9B:3F:29:FF:9E:A7:1B:3C:3D:C1:F5:AF:05:4B:41:64:7C:91:AF:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mz8p_56nGzw9wfWvBUtBZHyRr5g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/1aa2d8-6106-4808-8c97-f46224b0d161/1/8CWYFS8Ht3hBttCgzC6-rE-basU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/1aa2d8-6106-4808-8c97-f46224b0d161/1/mz8p_56nGzw9wfWvBUtBZHyRr5g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.33.40.0/22
Signature Algorithm: sha256WithRSAEncryption
3b:28:40:3b:56:c7:a9:7d:1e:ac:d3:e9:15:e1:c6:ca:11:b3:
eb:7d:ef:63:c4:41:a6:e8:ad:5b:1a:42:26:ba:0e:ea:e2:c1:
1e:51:05:13:e5:7e:7d:f5:c2:dc:64:aa:f4:66:77:ac:01:94:
8c:7e:87:33:c8:40:2d:b8:26:1c:2b:84:c6:44:84:24:97:8c:
fc:9f:01:5e:97:53:4a:ff:89:8f:d9:98:d5:18:7b:31:1e:f6:
97:81:d6:c1:8e:d3:12:7e:03:77:36:7d:14:38:37:7c:f4:17:
f6:df:5a:fc:ac:78:3f:72:cd:cf:d0:45:07:4b:38:4b:1a:07:
df:db:0b:ea:73:f6:e1:e0:97:1c:bd:6b:67:4a:53:e6:4e:43:
ce:d6:59:46:a8:19:38:3c:35:4b:3b:21:3a:50:0e:d4:29:72:
ae:77:b7:a7:3e:ef:de:87:21:cf:da:ea:fb:bf:7e:c9:06:db:
c9:5e:12:9b:e8:85:27:df:9a:6a:8e:bb:c5:25:1b:44:aa:54:
fc:21:13:c7:13:f1:51:dc:76:f7:83:4a:63:69:70:ad:ee:b3:
73:37:6e:5c:82:c6:4b:f5:77:07:fc:7f:af:7a:c1:f5:63:9a:
fc:99:8b:39:3b:40:e9:27:ca:fc:5f:92:3f:09:39:1e:3b:fb:
c2:69:f9:bc
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEEBX92DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
YjNmMjlmZjllYTcxYjNjM2RjMWY1YWYwNTRiNDE2NDdjOTFhZjk4MB4XDTIyMDEw
MTAwNTQwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjAyNTk4MTUyZjA3
Yjc3ODQxYjZkMGEwY2MyZWJlYWM0ZjliNmFjNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOUzhu+vnEk1Sm5j6tEmSMU6xqkaA7D9FgQ/W3XjmwBbRaGY
7lMNOpYQ1nejlJ+SiXkW+zwdGNXKdstCqhVl2WmyVNTqipCFrcAP+Yhnr0cB3Cs4
wtdxQ7uCd5OGFIi9EDEefdzV2lWrXVP1mBq4VPnOE5N2kgwIU6CFfwO337mZ86Nw
MHEQWF/1LHfnvD0QEpd0GIOaUuZ7Z3wTvL3oAqOlE+dG+3Dl5JHajm3eC90EvIoh
BT2ftcsBI5xWBhmtTkTQtHZP8i++nSr8cSNS47SpQUkpr6EoiX2qz6SCvumZvn7g
g324A7c7QcGfrE3LBRAAM13JA1ZntfaWdOZ5wpsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTwJZgVLwe3eEG20KDMLr6sT5tqxTAfBgNVHSMEGDAWgBSbPyn/nqcbPD3B
9a8FS0FkfJGvmDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L216OHBfNTZuR3p3OXdmV3ZCVXRCWkh5UnI1Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTUvMWFhMmQ4LTYxMDYtNDgwOC04Yzk3LWY0NjIyNGIwZDE2MS8x
LzhDV1lGUzhIdDNoQnR0Q2d6QzYtckUtYmFzVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTUv
MWFhMmQ4LTYxMDYtNDgwOC04Yzk3LWY0NjIyNGIwZDE2MS8xL216OHBfNTZuR3p3
OXdmV3ZCVXRCWkh5UnI1Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsIhKDANBgkqhkiG9w0BAQsFAAOC
AQEAOyhAO1bHqX0erNPpFeHGyhGz633vY8RBpuitWxpCJroO6uLBHlEFE+V+ffXC
3GSq9GZ3rAGUjH6HM8hALbgmHCuExkSEJJeM/J8BXpdTSv+Jj9mY1Rh7MR72l4HW
wY7TEn4DdzZ9FDg3fPQX9t9a/Kx4P3LNz9BFB0s4SxoH39sL6nP24eCXHL1rZ0pT
5k5DztZZRqgZODw1SzshOlAO1Clyrne3pz7v3ochz9rq+79+yQbbyV4Sm+iFJ9+a
ao67xSUbRKpU/CETxxPxUdx294NKY2lwre6zczduXILGS/V3B/x/r3rB9WOa/JmL
OTtA6SfK/F+SPwk5Hjv7wmn5vA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:35 2024 by rpki-client on console-ams.rpki-client.org