Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/da642a-a6ab-4705-9587-64945a4f8e12/1/8GfpEfHlnCC9qpXP4Fg6WcPhja0.roa
File: 8GfpEfHlnCC9qpXP4Fg6WcPhja0.roa (raw, json)
Hash identifier: QxQm+jygNJ2t/LVDykWhy0zCh/6/s8xNzm3SAHqlvkQ=
Subject key identifier: F0:67:E9:11:F1:E5:9C:20:BD:AA:95:CF:E0:58:3A:59:C3:E1:8D:AD
Certificate issuer: /CN=b307c87e7b6e294f2700790eef19e82939d85cd6
Certificate serial: 03B4A04C
Authority key identifier: B3:07:C8:7E:7B:6E:29:4F:27:00:79:0E:EF:19:E8:29:39:D8:5C:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/swfIfntuKU8nAHkO7xnoKTnYXNY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/da642a-a6ab-4705-9587-64945a4f8e12/1/8GfpEfHlnCC9qpXP4Fg6WcPhja0.roa
Signing time: Thu 20 Jan 2022 14:18:24 +0000
ROA not before: Thu 20 Jan 2022 14:18:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212330
IP address blocks: 86.111.150.0/24 maxlen: 24
86.111.151.0/24 maxlen: 24
185.16.25.0/24 maxlen: 24
185.113.104.0/24 maxlen: 24
31.223.185.0/24 maxlen: 24
193.3.137.0/24 maxlen: 24
185.113.106.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62169164 (0x3b4a04c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b307c87e7b6e294f2700790eef19e82939d85cd6
Validity
Not Before: Jan 20 14:18:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f067e911f1e59c20bdaa95cfe0583a59c3e18dad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:58:33:43:9c:2a:44:f0:3a:ce:8c:3e:f2:54:
97:1b:71:af:c8:bb:60:ef:47:6a:c0:7d:77:d8:1e:
28:a2:32:0d:48:7f:df:14:a8:22:7d:ec:2a:7d:52:
a0:c7:47:a9:cb:06:59:fa:6d:97:c3:79:2f:25:ae:
e8:af:c1:ef:a1:bd:d5:53:20:84:2b:df:6d:41:d5:
b8:cd:e4:73:5c:15:9c:3c:45:d5:4b:94:55:9b:fd:
3a:82:ba:43:6b:e0:c3:66:48:d9:90:c3:ba:c2:1c:
52:20:6a:98:82:f3:36:7b:98:32:2f:87:db:bb:11:
46:6d:8c:e5:f9:96:41:e0:a6:5c:55:83:91:b0:e9:
cd:95:f7:e4:c9:ea:12:2a:93:a6:65:b5:be:41:99:
40:5d:7e:ec:6b:ab:06:59:fc:69:4d:76:dc:cd:1f:
cc:0f:76:03:32:72:e8:ae:11:f7:90:25:0c:ad:69:
f2:ed:f1:63:b2:0c:1d:8a:38:53:6c:d0:db:9f:92:
21:66:7a:6b:27:24:bb:49:45:41:62:6c:61:7d:4d:
e0:98:2b:90:7d:da:81:65:36:6d:97:f3:1a:39:6b:
81:2e:e7:16:76:9a:6f:c4:03:f2:ea:b7:76:3b:f4:
d3:87:95:48:77:36:ee:12:3d:a7:89:b6:a9:10:2f:
f3:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:67:E9:11:F1:E5:9C:20:BD:AA:95:CF:E0:58:3A:59:C3:E1:8D:AD
X509v3 Authority Key Identifier:
keyid:B3:07:C8:7E:7B:6E:29:4F:27:00:79:0E:EF:19:E8:29:39:D8:5C:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/swfIfntuKU8nAHkO7xnoKTnYXNY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/da642a-a6ab-4705-9587-64945a4f8e12/1/8GfpEfHlnCC9qpXP4Fg6WcPhja0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/da642a-a6ab-4705-9587-64945a4f8e12/1/swfIfntuKU8nAHkO7xnoKTnYXNY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.223.185.0/24
86.111.150.0/23
185.16.25.0/24
185.113.104.0/24
185.113.106.0/24
193.3.137.0/24
Signature Algorithm: sha256WithRSAEncryption
87:b3:c0:74:0f:94:5b:98:dd:5c:c6:15:ed:b6:0c:cc:fe:08:
c9:1e:88:fc:db:a2:48:3c:8b:18:58:af:39:81:d1:a2:96:bc:
cd:fa:b3:a4:e5:eb:02:0d:97:35:17:98:14:84:a8:3a:6e:02:
b9:9b:74:42:da:f1:b8:4a:be:e6:c1:06:33:0e:0f:7d:66:7d:
b8:d2:c4:ee:1a:b1:be:52:12:a6:22:65:ab:ce:8a:e8:ec:72:
94:3f:20:9c:19:46:e8:2c:8c:7f:07:0f:bc:ed:e0:66:6b:7e:
1b:de:5f:ad:93:aa:6c:1e:97:a2:ce:6b:d5:47:bd:1f:35:3f:
db:a0:e2:31:2a:0e:a4:d3:4b:fa:b5:ff:d2:d6:63:eb:f7:aa:
1b:27:7d:d3:9e:fa:c7:6e:1f:9d:25:ec:bc:d9:1f:9d:28:72:
9a:4d:4e:70:ef:7a:1b:5e:27:9c:7f:57:a1:9c:bb:88:81:ca:
ab:9e:47:d2:c3:12:ea:cb:b0:39:1e:a4:47:21:b8:25:d7:20:
ac:ed:82:69:cf:1f:b1:fe:e6:a8:67:12:ab:8f:da:ad:ec:a9:
01:ad:47:f2:c1:20:44:96:1f:0f:70:5d:3f:a2:e6:68:4d:bc:
11:33:e3:80:d3:9a:d2:20:bd:77:1d:8b:33:0b:75:e7:c9:59:
21:ce:d6:f6
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIEA7SgTDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MzA3Yzg3ZTdiNmUyOTRmMjcwMDc5MGVlZjE5ZTgyOTM5ZDg1Y2Q2MB4XDTIyMDEy
MDE0MTgyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjA2N2U5MTFmMWU1
OWMyMGJkYWE5NWNmZTA1ODNhNTljM2UxOGRhZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANBYM0OcKkTwOs6MPvJUlxtxr8i7YO9HasB9d9geKKIyDUh/
3xSoIn3sKn1SoMdHqcsGWfptl8N5LyWu6K/B76G91VMghCvfbUHVuM3kc1wVnDxF
1UuUVZv9OoK6Q2vgw2ZI2ZDDusIcUiBqmILzNnuYMi+H27sRRm2M5fmWQeCmXFWD
kbDpzZX35MnqEiqTpmW1vkGZQF1+7GurBln8aU123M0fzA92AzJy6K4R95AlDK1p
8u3xY7IMHYo4U2zQ25+SIWZ6aycku0lFQWJsYX1N4JgrkH3agWU2bZfzGjlrgS7n
Fnaab8QD8uq3djv004eVSHc27hI9p4m2qRAv888CAwEAAaOCAicwggIjMB0GA1Ud
DgQWBBTwZ+kR8eWcIL2qlc/gWDpZw+GNrTAfBgNVHSMEGDAWgBSzB8h+e24pTycA
eQ7vGegpOdhc1jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3N3ZklmbnR1S1U4bkFIa083eG5vS1RuWVhOWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmUvZGE2NDJhLWE2YWItNDcwNS05NTg3LTY0OTQ1YTRmOGUxMi8x
LzhHZnBFZkhsbkNDOXFwWFA0Rmc2V2NQaGphMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmUv
ZGE2NDJhLWE2YWItNDcwNS05NTg3LTY0OTQ1YTRmOGUxMi8xL3N3ZklmbnR1S1U4
bkFIa083eG5vS1RuWVhOWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9
BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEAB/fuQMEAVZvlgMEALkQGQMEALlx
aAMEALlxagMEAMEDiTANBgkqhkiG9w0BAQsFAAOCAQEAh7PAdA+UW5jdXMYV7bYM
zP4IyR6I/NuiSDyLGFivOYHRopa8zfqzpOXrAg2XNReYFISoOm4CuZt0QtrxuEq+
5sEGMw4PfWZ9uNLE7hqxvlISpiJlq86K6OxylD8gnBlG6CyMfwcPvO3gZmt+G95f
rZOqbB6Xos5r1Ue9HzU/26DiMSoOpNNL+rX/0tZj6/eqGyd90576x24fnSXsvNkf
nShymk1OcO96G14nnH9XoZy7iIHKq55H0sMS6suwOR6kRyG4JdcgrO2Cac8fsf7m
qGcSq4/areypAa1H8sEgRJYfD3BdP6LmaE28ETPjgNOa0iC9dx2LMwt158lZIc7W
9g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:08 2024 by rpki-client on console-fra.rpki-client.org