Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/14c1ca-1874-47ac-a18e-3a144c70e0b0/1/8ggHHls6Udb21CuNsDQGRU7FODI.roa
File: 8ggHHls6Udb21CuNsDQGRU7FODI.roa (raw, json)
Hash identifier: x+PBfki/0Wq1FnPxZ9trfkLAvA3DJBxkAIwCcgCLthY=
Subject key identifier: F2:08:07:1E:5B:3A:51:D6:F6:D4:2B:8D:B0:34:06:45:4E:C5:38:32
Certificate issuer: /CN=1534838bb317b8186699f0a4485db6d9da1908d2
Certificate serial: 3D33AFFE
Authority key identifier: 15:34:83:8B:B3:17:B8:18:66:99:F0:A4:48:5D:B6:D9:DA:19:08:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FTSDi7MXuBhmmfCkSF222doZCNI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/14c1ca-1874-47ac-a18e-3a144c70e0b0/1/8ggHHls6Udb21CuNsDQGRU7FODI.roa
Signing time: Sat 01 Jan 2022 14:56:08 +0000
ROA not before: Sat 01 Jan 2022 14:56:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2602
IP address blocks: 193.168.64.0/18 maxlen: 24
158.64.0.0/16 maxlen: 24
185.149.136.0/22 maxlen: 22
2001:a18::/29 maxlen: 32
2001:a18:ff00::/40 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1026797566 (0x3d33affe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1534838bb317b8186699f0a4485db6d9da1908d2
Validity
Not Before: Jan 1 14:56:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f208071e5b3a51d6f6d42b8db03406454ec53832
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:95:a2:03:fb:02:5f:75:78:29:74:69:50:5d:
74:70:dd:00:4d:fd:91:3a:11:64:73:2f:83:5d:8a:
06:42:7a:8a:51:39:6b:b7:df:ba:29:d4:7e:ff:a4:
3e:a3:20:da:83:1c:de:03:87:5f:b4:cc:a9:7d:3f:
ab:24:44:88:1b:11:38:73:e9:5c:43:95:89:33:6f:
07:ea:57:d2:96:2f:4c:50:dd:cd:af:31:f4:0b:4c:
3d:2e:27:20:38:97:fc:9e:d8:7e:71:ac:9c:0b:04:
72:8b:63:6b:7e:68:b5:28:4d:f3:63:30:66:63:2a:
8f:21:58:75:c0:1c:8d:26:2b:98:3f:23:69:a4:0f:
65:80:1b:9f:f2:e5:8f:e4:76:aa:2b:e3:0f:66:6d:
0e:dd:65:de:79:0c:05:48:64:cc:9b:a8:b1:7a:2b:
77:a6:1f:bc:9a:3c:4f:63:2d:92:4a:76:62:6b:d0:
0c:fa:ce:54:99:dc:ac:f6:f6:aa:a8:2b:dd:ac:c9:
81:a7:f4:7e:3c:ff:f9:ab:0e:2e:66:5a:3d:8e:25:
e9:c5:44:3f:fd:a9:72:78:d2:72:c0:94:24:69:4d:
5d:0b:06:ea:a1:19:13:cf:6c:1b:bd:73:35:57:af:
44:ac:6d:3e:45:64:2e:21:1b:8a:94:ba:0a:94:23:
03:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:08:07:1E:5B:3A:51:D6:F6:D4:2B:8D:B0:34:06:45:4E:C5:38:32
X509v3 Authority Key Identifier:
keyid:15:34:83:8B:B3:17:B8:18:66:99:F0:A4:48:5D:B6:D9:DA:19:08:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FTSDi7MXuBhmmfCkSF222doZCNI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/14c1ca-1874-47ac-a18e-3a144c70e0b0/1/8ggHHls6Udb21CuNsDQGRU7FODI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/14c1ca-1874-47ac-a18e-3a144c70e0b0/1/FTSDi7MXuBhmmfCkSF222doZCNI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.64.0.0/16
185.149.136.0/22
193.168.64.0/18
IPv6:
2001:a18::/29
Signature Algorithm: sha256WithRSAEncryption
a6:e5:7d:a3:50:cd:48:98:a1:73:e1:98:80:b5:d7:fe:59:53:
7a:e1:cb:08:17:1c:db:8d:f8:9d:e8:65:2a:1b:7c:ce:cf:06:
3e:1e:62:b4:c6:70:93:c4:06:eb:56:52:9b:75:cc:fc:84:fe:
48:4a:2e:a0:be:93:d5:99:91:3c:16:80:bd:67:30:57:a8:f0:
2e:4b:e4:0a:0a:07:c0:03:d8:d1:95:0b:bb:eb:b9:f5:37:04:
e9:e9:43:0c:75:59:e2:de:c3:da:46:6a:24:f2:cb:8e:7b:6b:
d7:af:ba:db:c3:0c:72:a3:e1:f0:d6:3f:1a:ac:bd:4d:81:52:
4c:7d:78:40:ff:98:38:e2:d9:54:e8:87:88:c0:59:24:9c:87:
96:9f:2c:11:4e:d6:15:3e:55:e5:df:1e:db:89:af:f6:ce:85:
cc:47:95:12:6c:e2:5a:31:a3:47:85:cd:2e:7e:c3:bf:e3:42:
17:9d:4c:c8:ab:00:80:da:99:8a:dc:41:41:78:d8:d2:27:30:
d4:da:b9:6a:08:d5:6c:a8:f3:5b:da:5e:ce:e9:68:2f:78:d5:
ac:87:1f:2c:eb:8a:24:de:e7:15:c4:81:90:56:46:ae:1a:8c:
41:df:44:91:64:77:ef:f1:e4:b9:5e:3d:b0:bb:07:bd:db:42:
b8:75:e7:5f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIEPTOv/jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
NTM0ODM4YmIzMTdiODE4NjY5OWYwYTQ0ODVkYjZkOWRhMTkwOGQyMB4XDTIyMDEw
MTE0NTYwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjIwODA3MWU1YjNh
NTFkNmY2ZDQyYjhkYjAzNDA2NDU0ZWM1MzgzMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANSVogP7Al91eCl0aVBddHDdAE39kToRZHMvg12KBkJ6ilE5
a7ffuinUfv+kPqMg2oMc3gOHX7TMqX0/qyREiBsROHPpXEOViTNvB+pX0pYvTFDd
za8x9AtMPS4nIDiX/J7YfnGsnAsEcotja35otShN82MwZmMqjyFYdcAcjSYrmD8j
aaQPZYAbn/Llj+R2qivjD2ZtDt1l3nkMBUhkzJuosXord6YfvJo8T2Mtkkp2YmvQ
DPrOVJncrPb2qqgr3azJgaf0fjz/+asOLmZaPY4l6cVEP/2pcnjScsCUJGlNXQsG
6qEZE89sG71zNVevRKxtPkVkLiEbipS6CpQjA6kCAwEAAaOCAiMwggIfMB0GA1Ud
DgQWBBTyCAceWzpR1vbUK42wNAZFTsU4MjAfBgNVHSMEGDAWgBQVNIOLsxe4GGaZ
8KRIXbbZ2hkI0jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0ZUU0RpN01YdUJobW1mQ2tTRjIyMmRvWkNOSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWUvMTRjMWNhLTE4NzQtNDdhYy1hMThlLTNhMTQ0YzcwZTBiMC8x
LzhnZ0hIbHM2VWRiMjFDdU5zRFFHUlU3Rk9ESS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWUv
MTRjMWNhLTE4NzQtNDdhYy1hMThlLTNhMTQ0YzcwZTBiMC8xL0ZUU0RpN01YdUJo
bW1mQ2tTRjIyMmRvWkNOSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5
BggrBgEFBQcBBwEB/wQqMCgwFwQCAAEwEQMDAJ5AAwQCuZWIAwQGwahAMA0EAgAC
MAcDBQMgAQoYMA0GCSqGSIb3DQEBCwUAA4IBAQCm5X2jUM1ImKFz4ZiAtdf+WVN6
4csIFxzbjfid6GUqG3zOzwY+HmK0xnCTxAbrVlKbdcz8hP5ISi6gvpPVmZE8FoC9
ZzBXqPAuS+QKCgfAA9jRlQu767n1NwTp6UMMdVni3sPaRmok8suOe2vXr7rbwwxy
o+Hw1j8arL1NgVJMfXhA/5g44tlU6IeIwFkknIeWnywRTtYVPlXl3x7bia/2zoXM
R5USbOJaMaNHhc0ufsO/40IXnUzIqwCA2pmK3EFBeNjSJzDU2rlqCNVsqPNb2l7O
6WgveNWshx8s64ok3ucVxIGQVkauGoxB30SRZHfv8eS5Xj2wuwe920K4dedf
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:06 2023 by rpki-client on console-fra.rpki-client.org