Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/f2478f-c503-42c2-94b2-b166ae2ef287/1/8cmJ7ADsvVfnWkDQqbbMvk4qICs.roa
File: 8cmJ7ADsvVfnWkDQqbbMvk4qICs.roa (raw, json)
Hash identifier: /SD7ZF9icY7PweUVez86+JKjHGkkoD6hY2y3yloO2+Y=
Subject key identifier: F1:C9:89:EC:00:EC:BD:57:E7:5A:40:D0:A9:B6:CC:BE:4E:2A:20:2B
Certificate issuer: /CN=d31dd1a514d3a7e3dfdb8bfb75d7d24ed98d479f
Certificate serial: 388B1192
Authority key identifier: D3:1D:D1:A5:14:D3:A7:E3:DF:DB:8B:FB:75:D7:D2:4E:D9:8D:47:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0x3RpRTTp-Pf24v7ddfSTtmNR58.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/f2478f-c503-42c2-94b2-b166ae2ef287/1/8cmJ7ADsvVfnWkDQqbbMvk4qICs.roa
Signing time: Tue 11 Jan 2022 08:13:14 +0000
ROA not before: Tue 11 Jan 2022 08:13:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8360
IP address blocks: 193.194.8.0/23 maxlen: 23
194.127.71.0/24 maxlen: 24
194.127.68.0/24 maxlen: 24
194.127.70.0/24 maxlen: 24
194.127.69.0/24 maxlen: 24
194.127.72.0/24 maxlen: 24
194.127.73.0/24 maxlen: 24
194.127.75.0/24 maxlen: 24
194.127.74.0/24 maxlen: 24
193.58.218.0/23 maxlen: 23
193.58.220.0/23 maxlen: 23
193.58.220.0/24 maxlen: 24
194.127.30.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 948638098 (0x388b1192)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d31dd1a514d3a7e3dfdb8bfb75d7d24ed98d479f
Validity
Not Before: Jan 11 08:13:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f1c989ec00ecbd57e75a40d0a9b6ccbe4e2a202b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:a5:18:54:e4:cc:e6:ab:66:74:4b:f5:62:2b:
6c:66:b6:c4:36:8e:ab:09:eb:74:8f:17:ab:95:90:
25:6e:d0:3d:01:88:07:57:2d:07:c4:4e:bc:08:47:
0f:f9:54:f0:87:10:4b:c0:16:6b:48:18:e5:9a:aa:
f8:81:c2:66:4b:9e:be:ec:06:1d:f4:c9:c5:d3:11:
a6:6e:4f:7e:c6:90:8d:ce:89:3e:8a:ce:fd:49:eb:
f4:c3:78:dc:c5:fe:9e:df:60:21:e8:fd:9f:11:bc:
92:a1:28:1a:21:97:60:35:86:c7:1e:ee:21:4f:af:
d8:a0:73:19:0d:28:25:fb:79:46:00:44:39:8b:62:
69:c1:db:eb:9d:4a:59:fd:ef:8f:56:18:e6:52:a6:
51:6b:9f:28:94:28:09:71:1b:7a:3f:3c:ff:0e:a6:
38:f9:f6:2d:58:b8:34:b7:6b:77:5b:95:54:b9:0b:
e8:d6:71:ab:cd:85:da:92:e5:18:59:84:29:8d:71:
30:12:20:be:ff:4f:42:14:3f:7d:db:d9:fb:79:40:
06:e1:e7:27:64:72:3d:b7:4a:03:af:fc:83:21:92:
9a:d9:14:b4:13:78:7e:b4:cb:e5:ab:1e:8a:b3:26:
71:23:0a:23:e5:6a:a5:95:79:ac:8b:64:6a:f3:bd:
9c:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:C9:89:EC:00:EC:BD:57:E7:5A:40:D0:A9:B6:CC:BE:4E:2A:20:2B
X509v3 Authority Key Identifier:
keyid:D3:1D:D1:A5:14:D3:A7:E3:DF:DB:8B:FB:75:D7:D2:4E:D9:8D:47:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0x3RpRTTp-Pf24v7ddfSTtmNR58.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/f2478f-c503-42c2-94b2-b166ae2ef287/1/8cmJ7ADsvVfnWkDQqbbMvk4qICs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/f2478f-c503-42c2-94b2-b166ae2ef287/1/0x3RpRTTp-Pf24v7ddfSTtmNR58.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.58.218.0-193.58.221.255
193.194.8.0/23
194.127.30.0/24
194.127.68.0-194.127.75.255
Signature Algorithm: sha256WithRSAEncryption
7d:71:8b:0c:18:d4:cb:4f:2a:9a:0f:67:42:5a:00:e5:6f:47:
e0:bc:4d:70:90:ff:57:0f:cd:49:fe:fc:8c:5f:04:e7:39:63:
ca:31:31:e1:14:e9:e9:45:59:86:99:e1:3c:bd:44:f7:b4:91:
8b:0a:a8:08:8e:3e:c1:e6:21:b4:f3:7e:d6:72:66:f6:d2:a4:
22:1f:d0:d4:6f:ef:b0:f9:5d:23:c7:a2:06:d1:fb:dc:5e:8d:
9f:fa:c4:59:cc:13:14:fb:c3:c7:77:ad:51:8e:6f:cb:10:f6:
08:75:63:ea:22:63:dd:27:2d:4e:d3:17:eb:09:72:d0:83:e7:
f5:63:88:44:51:8d:54:71:ba:24:5e:eb:37:35:6c:d0:50:f2:
85:a8:dd:8f:ed:96:fd:a0:95:85:34:09:27:be:a2:06:39:7f:
e1:58:bc:0e:25:ee:ee:26:3e:0f:88:16:8d:93:62:b1:67:5d:
c2:70:d9:ee:33:de:e2:4e:51:28:0d:ba:40:03:7d:37:c1:f3:
64:38:5c:1d:f1:fd:87:bb:ba:ee:be:30:f2:8c:9a:be:ce:ec:
81:80:6b:36:60:be:c1:36:99:18:4d:ad:c6:23:56:92:79:8f:
2e:06:12:a7:c2:97:44:65:04:e0:f8:99:61:13:1d:8a:ae:29:
91:2b:ef:fc
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIEOIsRkjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MzFkZDFhNTE0ZDNhN2UzZGZkYjhiZmI3NWQ3ZDI0ZWQ5OGQ0NzlmMB4XDTIyMDEx
MTA4MTMxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjFjOTg5ZWMwMGVj
YmQ1N2U3NWE0MGQwYTliNmNjYmU0ZTJhMjAyYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMqlGFTkzOarZnRL9WIrbGa2xDaOqwnrdI8Xq5WQJW7QPQGI
B1ctB8ROvAhHD/lU8IcQS8AWa0gY5Zqq+IHCZkuevuwGHfTJxdMRpm5PfsaQjc6J
PorO/Unr9MN43MX+nt9gIej9nxG8kqEoGiGXYDWGxx7uIU+v2KBzGQ0oJft5RgBE
OYtiacHb651KWf3vj1YY5lKmUWufKJQoCXEbej88/w6mOPn2LVi4NLdrd1uVVLkL
6NZxq82F2pLlGFmEKY1xMBIgvv9PQhQ/fdvZ+3lABuHnJ2RyPbdKA6/8gyGSmtkU
tBN4frTL5aseirMmcSMKI+VqpZV5rItkavO9nDcCAwEAAaOCAiswggInMB0GA1Ud
DgQWBBTxyYnsAOy9V+daQNCptsy+TiogKzAfBgNVHSMEGDAWgBTTHdGlFNOn49/b
i/t119JO2Y1HnzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzB4M1JwUlRUcC1QZjI0djdkZGZTVHRtTlI1OC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWUvZjI0NzhmLWM1MDMtNDJjMi05NGIyLWIxNjZhZTJlZjI4Ny8x
LzhjbUo3QURzdlZmbldrRFFxYmJNdms0cUlDcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWUv
ZjI0NzhmLWM1MDMtNDJjMi05NGIyLWIxNjZhZTJlZjI4Ny8xLzB4M1JwUlRUcC1Q
ZjI0djdkZGZTVHRtTlI1OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBB
BggrBgEFBQcBBwEB/wQyMDAwLgQCAAEwKDAMAwQBwTraAwQBwTrcAwQBwcIIAwQA
wn8eMAwDBALCf0QDBALCf0gwDQYJKoZIhvcNAQELBQADggEBAH1xiwwY1MtPKpoP
Z0JaAOVvR+C8TXCQ/1cPzUn+/IxfBOc5Y8oxMeEU6elFWYaZ4Ty9RPe0kYsKqAiO
PsHmIbTzftZyZvbSpCIf0NRv77D5XSPHogbR+9xejZ/6xFnMExT7w8d3rVGOb8sQ
9gh1Y+oiY90nLU7TF+sJctCD5/VjiERRjVRxuiRe6zc1bNBQ8oWo3Y/tlv2glYU0
CSe+ogY5f+FYvA4l7u4mPg+IFo2TYrFnXcJw2e4z3uJOUSgNukADfTfB82Q4XB3x
/Ye7uu6+MPKMmr7O7IGAazZgvsE2mRhNrcYjVpJ5jy4GEqfCl0RlBOD4mWETHYqu
KZEr7/w=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:09 2023 by rpki-client on console-fra.rpki-client.org