Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/9098fd-7dc3-4e12-b893-fd22df3b57f6/1/8OcAH9s5Xi3KXZiQSkwZHWLynGU.roa
File: 8OcAH9s5Xi3KXZiQSkwZHWLynGU.roa (raw, json)
Hash identifier: GT04RqY4WNTCPViUlecVMixxPRAFjBhtRRSponqkgTs=
Subject key identifier: F0:E7:00:1F:DB:39:5E:2D:CA:5D:98:90:4A:4C:19:1D:62:F2:9C:65
Certificate issuer: /CN=cb952f9c339cabd14234d00c84a252d7ec71a2a2
Certificate serial: 12403793
Authority key identifier: CB:95:2F:9C:33:9C:AB:D1:42:34:D0:0C:84:A2:52:D7:EC:71:A2:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y5UvnDOcq9FCNNAMhKJS1-xxoqI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/9098fd-7dc3-4e12-b893-fd22df3b57f6/1/8OcAH9s5Xi3KXZiQSkwZHWLynGU.roa
Signing time: Sat 01 Jan 2022 05:58:54 +0000
ROA not before: Sat 01 Jan 2022 05:58:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47872
IP address blocks: 212.5.49.0/24 maxlen: 24
212.5.48.0/24 maxlen: 24
212.5.50.0/24 maxlen: 24
185.44.117.0/24 maxlen: 24
185.44.116.0/24 maxlen: 24
185.44.119.0/24 maxlen: 24
2a01:73e0:a000::/36 maxlen: 36
2a01:73e0:b000::/36 maxlen: 36
2a01:73e0:c000::/36 maxlen: 36
2a01:73e0:d000::/36 maxlen: 36
2a01:73e0:e000::/36 maxlen: 36
2a01:73e0::/36 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 306198419 (0x12403793)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb952f9c339cabd14234d00c84a252d7ec71a2a2
Validity
Not Before: Jan 1 05:58:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f0e7001fdb395e2dca5d98904a4c191d62f29c65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:6a:7d:bb:a0:c1:d8:37:3e:3f:1a:8d:91:9d:
45:02:69:32:0b:a7:99:d7:1b:8e:e6:33:e2:e9:49:
c9:2c:69:88:87:7d:49:50:ad:c8:9e:4c:c8:be:d8:
9d:38:2e:da:36:f1:fd:9b:06:fe:d5:45:31:c2:e6:
66:63:0e:08:cd:6d:ef:2b:6b:b3:9e:b3:36:0b:6d:
ab:c3:b7:8f:c2:c4:35:14:6e:1c:af:4c:5b:df:0a:
27:75:0f:f1:58:09:73:c4:6e:53:11:8a:2d:87:c1:
2e:82:97:94:e0:fb:06:3e:29:e7:43:cd:aa:aa:2e:
fc:de:5a:d2:e2:8f:3c:5f:4f:85:d6:94:1e:87:2d:
2a:8d:54:52:90:1d:a6:4d:25:8a:f7:2e:15:39:f1:
f9:c3:88:bc:af:6a:8d:87:57:65:73:93:a9:fe:7e:
07:6a:8e:eb:cc:1e:94:00:90:85:c6:7a:b6:2b:e3:
82:b7:84:18:51:94:dd:01:99:96:4a:cd:8f:3f:be:
c9:08:d2:30:26:d2:a2:5b:c9:06:2d:f6:49:01:94:
cd:18:b6:44:56:94:23:21:76:40:10:29:c4:7e:ac:
85:cb:93:18:20:f0:ea:d2:6b:a2:02:8f:47:1f:ae:
69:f3:ac:ea:59:9d:a1:77:0d:7c:bf:0f:ac:fc:4d:
fb:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:E7:00:1F:DB:39:5E:2D:CA:5D:98:90:4A:4C:19:1D:62:F2:9C:65
X509v3 Authority Key Identifier:
keyid:CB:95:2F:9C:33:9C:AB:D1:42:34:D0:0C:84:A2:52:D7:EC:71:A2:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y5UvnDOcq9FCNNAMhKJS1-xxoqI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/9098fd-7dc3-4e12-b893-fd22df3b57f6/1/8OcAH9s5Xi3KXZiQSkwZHWLynGU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/9098fd-7dc3-4e12-b893-fd22df3b57f6/1/y5UvnDOcq9FCNNAMhKJS1-xxoqI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.44.116.0/23
185.44.119.0/24
212.5.48.0-212.5.50.255
IPv6:
2a01:73e0::/36
2a01:73e0:a000::-2a01:73e0:efff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
0f:14:78:3c:b5:d6:6e:c6:1b:25:af:ba:7a:f0:57:a6:a5:7c:
c7:21:cd:90:3f:ee:5f:c6:f7:db:9f:f1:b8:29:79:a8:8f:89:
7c:e9:19:28:f3:8d:76:46:67:fa:dc:e4:06:53:92:14:16:00:
e9:b6:88:5a:5c:3d:c3:e5:a6:fb:6c:bf:bc:9b:91:4a:17:57:
ad:4c:0c:7d:25:0d:27:3f:7e:12:09:fb:a9:b8:3a:2f:69:3f:
47:9a:f1:ec:2f:62:5e:a8:c4:fb:bb:44:5f:aa:75:74:0b:fd:
f0:e4:7a:d4:c2:9c:7d:58:c8:ff:5f:29:df:db:e8:ee:3e:f2:
5e:cd:8e:04:f6:14:ce:f1:f6:8c:e3:88:21:53:4f:08:4c:c5:
bd:25:f6:fd:d9:fb:29:49:27:3d:a2:74:69:b8:c6:6c:ef:37:
42:b8:45:78:d0:cf:59:a9:77:39:03:12:ab:81:96:33:f2:b1:
b0:1a:e8:66:da:ad:0f:51:9a:59:bf:d8:d8:6a:f5:fd:59:91:
c6:f0:4f:ac:a0:80:37:1d:d2:01:33:9f:9f:70:e9:60:a1:e1:
4a:e4:df:1e:1d:af:d6:81:e2:54:11:7b:3e:e9:d5:65:1e:d7:
12:e8:1c:19:8d:22:f0:8f:5b:d5:1f:e9:17:c1:24:30:96:1e:
45:54:a8:a8
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgIEEkA3kzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
Yjk1MmY5YzMzOWNhYmQxNDIzNGQwMGM4NGEyNTJkN2VjNzFhMmEyMB4XDTIyMDEw
MTA1NTg1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjBlNzAwMWZkYjM5
NWUyZGNhNWQ5ODkwNGE0YzE5MWQ2MmYyOWM2NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ1qfbugwdg3Pj8ajZGdRQJpMgunmdcbjuYz4ulJySxpiId9
SVCtyJ5MyL7YnTgu2jbx/ZsG/tVFMcLmZmMOCM1t7ytrs56zNgttq8O3j8LENRRu
HK9MW98KJ3UP8VgJc8RuUxGKLYfBLoKXlOD7Bj4p50PNqqou/N5a0uKPPF9PhdaU
HoctKo1UUpAdpk0livcuFTnx+cOIvK9qjYdXZXOTqf5+B2qO68welACQhcZ6tivj
greEGFGU3QGZlkrNjz++yQjSMCbSolvJBi32SQGUzRi2RFaUIyF2QBApxH6shcuT
GCDw6tJrogKPRx+uafOs6lmdoXcNfL8PrPxN+6cCAwEAAaOCAj8wggI7MB0GA1Ud
DgQWBBTw5wAf2zleLcpdmJBKTBkdYvKcZTAfBgNVHSMEGDAWgBTLlS+cM5yr0UI0
0AyEolLX7HGiojAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3k1VXZuRE9jcTlGQ05OQU1oS0pTMS14eG9xSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTUvOTA5OGZkLTdkYzMtNGUxMi1iODkzLWZkMjJkZjNiNTdmNi8x
LzhPY0FIOXM1WGkzS1haaVFTa3daSFdMeW5HVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTUv
OTA5OGZkLTdkYzMtNGUxMi1iODkzLWZkMjJkZjNiNTdmNi8xL3k1VXZuRE9jcTlG
Q05OQU1oS0pTMS14eG9xSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBV
BggrBgEFBQcBBwEB/wRGMEQwIAQCAAEwGgMEAbksdAMEALksdzAMAwQE1AUwAwQA
1AUyMCAEAgACMBoDBgQqAXPgADAQAwYFKgFz4KADBgQqAXPg4DANBgkqhkiG9w0B
AQsFAAOCAQEADxR4PLXWbsYbJa+6evBXpqV8xyHNkD/uX8b325/xuCl5qI+JfOkZ
KPONdkZn+tzkBlOSFBYA6baIWlw9w+Wm+2y/vJuRShdXrUwMfSUNJz9+Egn7qbg6
L2k/R5rx7C9iXqjE+7tEX6p1dAv98OR61MKcfVjI/18p39vo7j7yXs2OBPYUzvH2
jOOIIVNPCEzFvSX2/dn7KUknPaJ0abjGbO83QrhFeNDPWal3OQMSq4GWM/KxsBro
ZtqtD1GaWb/Y2Gr1/VmRxvBPrKCANx3SATOfn3DpYKHhSuTfHh2v1oHiVBF7PunV
ZR7XEugcGY0i8I9b1R/pF8EkMJYeRVSoqA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:41 2024 by rpki-client on console-ams.rpki-client.org