Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/824f78-dee2-47bc-af2f-38cb6e416f3a/1/G89Sl9j4BoEX2VEui0EehPWw-yI.roa
File: G89Sl9j4BoEX2VEui0EehPWw-yI.roa (raw, json)
Hash identifier: aeB3rvC3M6/Mrx8Bzm0pOOeBXs4FKqFLjxDWpNMObC4=
Subject key identifier: 1B:CF:52:97:D8:F8:06:81:17:D9:51:2E:8B:41:1E:84:F5:B0:FB:22
Certificate issuer: /CN=c87b594e5e6713a5b80a5481a5ce71e652d84573
Certificate serial: 018480DAA6C5F729FE4AA49F80CB233F7BD4
Authority key identifier: C8:7B:59:4E:5E:67:13:A5:B8:0A:54:81:A5:CE:71:E6:52:D8:45:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yHtZTl5nE6W4ClSBpc5x5lLYRXM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/824f78-dee2-47bc-af2f-38cb6e416f3a/1/G89Sl9j4BoEX2VEui0EehPWw-yI.roa
Signing time: Wed 16 Nov 2022 14:32:03 +0000
ROA not before: Wed 16 Nov 2022 14:32:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47285
IP address blocks: 194.147.150.0/24 maxlen: 24
185.105.236.0/24 maxlen: 24
185.105.238.0/24 maxlen: 24
194.147.170.0/24 maxlen: 24
45.139.8.0/24 maxlen: 24
194.180.209.0/24 maxlen: 24
2a12:2600::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:80:da:a6:c5:f7:29:fe:4a:a4:9f:80:cb:23:3f:7b:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c87b594e5e6713a5b80a5481a5ce71e652d84573
Validity
Not Before: Nov 16 14:32:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1bcf5297d8f8068117d9512e8b411e84f5b0fb22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:18:95:6f:46:19:c6:42:55:27:96:ec:34:0e:
60:22:80:76:15:09:0d:f0:85:26:60:40:48:2a:8c:
17:4f:3b:b8:28:c9:6d:9e:d0:46:1c:97:f5:06:6b:
5c:21:ac:21:8d:34:01:85:62:80:d1:37:60:60:00:
11:a8:c4:9c:7d:23:2a:eb:de:7c:68:ef:f2:b1:23:
a0:ab:b7:60:0c:e6:f0:5b:3b:21:09:1d:d0:7a:f5:
3a:9f:9e:95:50:55:1e:30:0b:38:62:52:86:c6:e3:
9d:a8:5c:de:30:d2:e4:b7:9b:8c:47:92:87:1e:8f:
85:01:37:16:6f:3c:59:d7:f6:f1:dd:02:2b:6f:2b:
b5:c0:4b:dd:06:54:3d:77:11:4c:f3:33:dd:5f:db:
08:88:24:38:c6:ce:82:33:05:63:aa:b1:fe:ba:17:
29:03:cf:93:ec:3d:cf:e5:34:61:c0:08:34:d7:e9:
09:9a:7e:dd:c6:ce:83:cf:a0:37:3b:81:36:a3:5a:
e7:77:fd:1d:af:a6:5e:ae:d2:a0:21:02:cc:62:e5:
87:f6:cc:2b:ef:52:51:fb:71:a2:58:c9:7e:06:26:
b2:0a:ed:9b:f4:fd:17:a8:08:85:ec:e1:ae:dd:6b:
d9:6d:db:b0:2e:16:a9:6b:e0:4f:2e:5b:6e:98:85:
04:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:CF:52:97:D8:F8:06:81:17:D9:51:2E:8B:41:1E:84:F5:B0:FB:22
X509v3 Authority Key Identifier:
keyid:C8:7B:59:4E:5E:67:13:A5:B8:0A:54:81:A5:CE:71:E6:52:D8:45:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yHtZTl5nE6W4ClSBpc5x5lLYRXM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/824f78-dee2-47bc-af2f-38cb6e416f3a/1/G89Sl9j4BoEX2VEui0EehPWw-yI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/824f78-dee2-47bc-af2f-38cb6e416f3a/1/yHtZTl5nE6W4ClSBpc5x5lLYRXM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.8.0/24
185.105.236.0/24
185.105.238.0/24
194.147.150.0/24
194.147.170.0/24
194.180.209.0/24
IPv6:
2a12:2600::/29
Signature Algorithm: sha256WithRSAEncryption
8b:41:ad:44:a5:e7:8a:94:c1:fe:c8:71:42:50:f1:04:a4:50:
21:ac:0e:07:be:f0:6b:10:a9:67:ed:dc:52:40:22:04:f6:07:
06:ff:36:a9:a9:50:8e:4d:c3:53:3a:43:cc:35:78:3f:39:51:
69:21:13:81:0f:94:c4:b0:26:72:38:c8:d8:c5:1c:72:a8:1c:
ed:8e:b8:e2:dd:cb:34:e7:05:2d:ca:17:f3:23:e3:a3:7a:5d:
71:ed:b6:70:88:f0:64:97:86:06:3c:ce:d4:29:6f:40:99:5b:
44:55:f6:1c:df:8a:6f:ee:18:b6:bd:2a:df:58:2d:29:79:b6:
e3:27:a8:ad:89:e9:37:fd:98:56:d0:a1:8c:6f:9a:fe:bf:8c:
c3:0a:41:58:07:96:07:e7:da:e8:13:71:45:cc:c4:6d:6c:60:
5f:e9:64:9e:72:2f:cb:b3:80:89:98:43:7c:15:67:e0:7f:df:
a8:b1:de:c3:49:72:22:dc:e3:18:92:b3:6d:a8:8c:0a:b9:86:
fd:92:9b:1d:58:17:5a:c2:8a:9b:c1:52:0a:52:d4:c3:ec:02:
c7:78:cd:a6:31:98:75:0a:94:1d:8f:a9:f0:3b:46:04:2f:76:
5e:81:39:65:92:69:61:5c:03:ad:4c:da:3a:f6:1a:f7:0f:59:
8a:83:49:d1
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYSA2qbF9yn+SqSfgMsjP3vUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4N2I1OTRlNWU2NzEzYTViODBhNTQ4MWE1Y2U3MWU2NTJk
ODQ1NzMwHhcNMjIxMTE2MTQzMjAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmNmNTI5N2Q4ZjgwNjgxMTdkOTUxMmU4YjQxMWU4NGY1YjBmYjIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuBiVb0YZxkJVJ5bsNA5gIoB2FQkN
8IUmYEBIKowXTzu4KMltntBGHJf1BmtcIawhjTQBhWKA0TdgYAARqMScfSMq6958
aO/ysSOgq7dgDObwWzshCR3QevU6n56VUFUeMAs4YlKGxuOdqFzeMNLkt5uMR5KH
Ho+FATcWbzxZ1/bx3QIrbyu1wEvdBlQ9dxFM8zPdX9sIiCQ4xs6CMwVjqrH+uhcp
A8+T7D3P5TRhwAg01+kJmn7dxs6Dz6A3O4E2o1rnd/0dr6ZertKgIQLMYuWH9swr
71JR+3GiWMl+BiayCu2b9P0XqAiF7OGu3WvZbduwLhapa+BPLltumIUEjwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFBvPUpfY+AaBF9lRLotBHoT1sPsiMB8GA1UdIwQY
MBaAFMh7WU5eZxOluApUgaXOceZS2EVzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUh0WlRsNW5FNlc0Q2xTQnBjNXg1bExZUlhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi84MjRmNzgtZGVlMi00N2JjLWFmMmYt
MzhjYjZlNDE2ZjNhLzEvRzg5U2w5ajRCb0VYMlZFdWkwRWVoUFd3LXlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi84MjRmNzgtZGVlMi00N2JjLWFmMmYtMzhjYjZlNDE2ZjNh
LzEveUh0WlRsNW5FNlc0Q2xTQnBjNXg1bExZUlhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQALYsIAwQA
uWnsAwQAuWnuAwQAwpOWAwQAwpOqAwQAwrTRMA0EAgACMAcDBQMqEiYAMA0GCSqG
SIb3DQEBCwUAA4IBAQCLQa1EpeeKlMH+yHFCUPEEpFAhrA4HvvBrEKln7dxSQCIE
9gcG/zapqVCOTcNTOkPMNXg/OVFpIROBD5TEsCZyOMjYxRxyqBztjrji3cs05wUt
yhfzI+Ojel1x7bZwiPBkl4YGPM7UKW9AmVtEVfYc34pv7hi2vSrfWC0pebbjJ6it
iek3/ZhW0KGMb5r+v4zDCkFYB5YH59roE3FFzMRtbGBf6WSeci/Ls4CJmEN8FWfg
f9+osd7DSXIi3OMYkrNtqIwKuYb9kpsdWBdawoqbwVIKUtTD7ALHeM2mMZh1CpQd
j6nwO0YEL3ZegTllkmlhXAOtTNo69hr3D1mKg0nR
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:20 2023 by rpki-client on console-fra.rpki-client.org