Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/9ccf72-f2df-45b6-937b-6e079069b65b/1/8rg87xBDlvvkRHT26QMnvUGoyPs.roa
File: 8rg87xBDlvvkRHT26QMnvUGoyPs.roa (raw, json)
Hash identifier: HTERBs3wo2WDouTYAReDCJ+kwmZzJadHjHXVPpVpt7k=
Subject key identifier: F2:B8:3C:EF:10:43:96:FB:E4:44:74:F6:E9:03:27:BD:41:A8:C8:FB
Certificate issuer: /CN=f6a1722e8baddc358a15874265b466743e703656
Certificate serial: 201C579F
Authority key identifier: F6:A1:72:2E:8B:AD:DC:35:8A:15:87:42:65:B4:66:74:3E:70:36:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9qFyLout3DWKFYdCZbRmdD5wNlY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/9ccf72-f2df-45b6-937b-6e079069b65b/1/8rg87xBDlvvkRHT26QMnvUGoyPs.roa
Signing time: Sat 01 Jan 2022 11:59:00 +0000
ROA not before: Sat 01 Jan 2022 11:59:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206217
IP address blocks: 146.66.128.0/24 maxlen: 24
146.66.128.0/21 maxlen: 21
185.110.230.0/24 maxlen: 24
185.110.231.0/24 maxlen: 24
185.110.228.0/23 maxlen: 23
185.110.228.0/22 maxlen: 22
185.110.228.0/24 maxlen: 24
185.110.230.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 538728351 (0x201c579f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f6a1722e8baddc358a15874265b466743e703656
Validity
Not Before: Jan 1 11:59:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f2b83cef104396fbe44474f6e90327bd41a8c8fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:93:fe:70:3c:01:dc:9d:66:31:6d:13:35:e5:
43:02:d0:e9:94:15:7e:e6:ae:9c:71:bd:5d:d0:8b:
d6:f7:a9:ea:7b:28:38:cc:7a:ba:3e:7f:0e:d5:d7:
da:7b:44:d4:82:b4:09:6b:6e:cf:1d:03:dd:9f:5a:
6c:a2:41:5c:06:57:6c:05:94:10:13:c5:9f:51:9a:
ea:09:6b:05:d2:fd:86:bd:a2:13:80:90:1a:b1:c4:
29:97:27:c2:0d:a4:7e:2d:40:cf:28:ae:85:08:66:
ec:2c:68:b6:3e:78:d8:43:74:1e:4e:78:6c:02:48:
29:d4:4f:c2:f6:26:af:8b:12:c6:30:ab:c2:81:ee:
44:a2:5a:09:19:51:b3:20:dc:12:f2:31:46:4b:8c:
d9:9f:21:1d:ed:78:71:ec:74:21:69:3d:69:f9:1c:
7d:32:c8:15:e6:57:dd:2a:3e:43:3a:6d:f1:3b:ca:
c0:14:72:b4:e3:c2:54:54:a8:ef:77:80:05:35:f5:
2d:d6:0d:59:fc:a2:b0:59:76:e1:fd:a3:07:1d:c8:
dc:7c:ab:15:11:a8:35:d5:83:e1:db:fe:80:61:cf:
9d:f3:12:74:24:cc:d8:f4:db:70:de:e6:c9:85:dd:
a3:28:bc:53:5a:a7:99:0b:9a:f0:57:1f:f0:da:6d:
a5:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:B8:3C:EF:10:43:96:FB:E4:44:74:F6:E9:03:27:BD:41:A8:C8:FB
X509v3 Authority Key Identifier:
keyid:F6:A1:72:2E:8B:AD:DC:35:8A:15:87:42:65:B4:66:74:3E:70:36:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9qFyLout3DWKFYdCZbRmdD5wNlY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/9ccf72-f2df-45b6-937b-6e079069b65b/1/8rg87xBDlvvkRHT26QMnvUGoyPs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/9ccf72-f2df-45b6-937b-6e079069b65b/1/9qFyLout3DWKFYdCZbRmdD5wNlY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.66.128.0/21
185.110.228.0/22
Signature Algorithm: sha256WithRSAEncryption
27:b8:44:3a:d1:81:ca:b1:1b:cb:46:0d:32:8f:6c:07:af:11:
13:74:cc:32:34:75:cd:52:32:ad:c0:c9:39:71:ec:01:d4:3c:
02:11:05:15:1f:83:43:19:8c:33:cd:76:82:86:3c:18:57:46:
16:f9:d5:26:3d:99:d9:88:13:57:ee:b9:22:6d:c7:fb:96:d2:
7d:4c:f2:67:c7:2c:50:09:52:60:56:a2:98:15:d3:56:ed:ce:
2d:c7:d6:b3:ee:66:4e:6e:c0:fe:b1:f8:0c:fe:a7:d0:7c:00:
7c:4a:4a:5b:63:8d:30:af:ce:4c:c0:d9:ff:b8:92:2d:77:42:
d5:fe:78:ef:0e:f9:08:a9:51:5f:a2:6a:1b:2a:49:ae:12:86:
c3:23:07:5e:f4:a0:aa:9f:0b:e9:7e:2f:47:91:81:c5:b0:43:
e5:6e:19:fb:26:8e:d2:1b:1f:42:da:96:91:77:ec:2d:a3:4c:
15:72:b2:66:51:19:66:4f:9d:55:ae:ab:93:a0:77:fb:9d:02:
9c:2e:06:b0:b8:fb:0d:ee:8e:8b:be:ae:ef:28:3b:80:0e:06:
8e:11:5c:55:5b:03:25:21:ba:11:00:e8:4e:8f:de:19:3f:b8:
77:52:99:bc:63:50:81:d2:4c:f2:b1:85:25:a8:b0:4d:da:2b:
4f:73:5f:37
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEIBxXnzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
NmExNzIyZThiYWRkYzM1OGExNTg3NDI2NWI0NjY3NDNlNzAzNjU2MB4XDTIyMDEw
MTExNTkwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjJiODNjZWYxMDQz
OTZmYmU0NDQ3NGY2ZTkwMzI3YmQ0MWE4YzhmYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM6T/nA8AdydZjFtEzXlQwLQ6ZQVfuaunHG9XdCL1vep6nso
OMx6uj5/DtXX2ntE1IK0CWtuzx0D3Z9abKJBXAZXbAWUEBPFn1Ga6glrBdL9hr2i
E4CQGrHEKZcnwg2kfi1AzyiuhQhm7Cxotj542EN0Hk54bAJIKdRPwvYmr4sSxjCr
woHuRKJaCRlRsyDcEvIxRkuM2Z8hHe14cex0IWk9afkcfTLIFeZX3So+Qzpt8TvK
wBRytOPCVFSo73eABTX1LdYNWfyisFl24f2jBx3I3HyrFRGoNdWD4dv+gGHPnfMS
dCTM2PTbcN7myYXdoyi8U1qnmQua8Fcf8NptpdkCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTyuDzvEEOW++REdPbpAye9QajI+zAfBgNVHSMEGDAWgBT2oXIui63cNYoV
h0JltGZ0PnA2VjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzlxRnlMb3V0M0RXS0ZZZENaYlJtZEQ1d05sWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmMvOWNjZjcyLWYyZGYtNDViNi05MzdiLTZlMDc5MDY5YjY1Yi8x
LzhyZzg3eEJEbHZ2a1JIVDI2UU1udlVHb3lQcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmMv
OWNjZjcyLWYyZGYtNDViNi05MzdiLTZlMDc5MDY5YjY1Yi8xLzlxRnlMb3V0M0RX
S0ZZZENaYlJtZEQ1d05sWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEA5JCgAMEArlu5DANBgkqhkiG9w0B
AQsFAAOCAQEAJ7hEOtGByrEby0YNMo9sB68RE3TMMjR1zVIyrcDJOXHsAdQ8AhEF
FR+DQxmMM812goY8GFdGFvnVJj2Z2YgTV+65Im3H+5bSfUzyZ8csUAlSYFaimBXT
Vu3OLcfWs+5mTm7A/rH4DP6n0HwAfEpKW2ONMK/OTMDZ/7iSLXdC1f547w75CKlR
X6JqGypJrhKGwyMHXvSgqp8L6X4vR5GBxbBD5W4Z+yaO0hsfQtqWkXfsLaNMFXKy
ZlEZZk+dVa6rk6B3+50CnC4GsLj7De6Oi76u7yg7gA4GjhFcVVsDJSG6EQDoTo/e
GT+4d1KZvGNQgdJM8rGFJaiwTdorT3NfNw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:45 2023 by rpki-client on console-ams.rpki-client.org