Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/88eae8-4b86-4389-aadb-c257792dadc4/1/8Y-2VMHtTxVTHx2R74CZxRWF4Kw.roa
File: 8Y-2VMHtTxVTHx2R74CZxRWF4Kw.roa (raw, json)
Hash identifier: DFGM5c8Xce9St/wZxVHAG3kFTmpqFtIyVjj9lzy1zDU=
Subject key identifier: F1:8F:B6:54:C1:ED:4F:15:53:1F:1D:91:EF:80:99:C5:15:85:E0:AC
Certificate issuer: /CN=c84d61cd17ed92e54bb3397f1e5a6b3904ac6f05
Certificate serial: 01851A8B01BE4F2F0409695B5C0757C28CC7
Authority key identifier: C8:4D:61:CD:17:ED:92:E5:4B:B3:39:7F:1E:5A:6B:39:04:AC:6F:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yE1hzRftkuVLszl_HlprOQSsbwU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/88eae8-4b86-4389-aadb-c257792dadc4/1/8Y-2VMHtTxVTHx2R74CZxRWF4Kw.roa
Signing time: Fri 16 Dec 2022 10:46:35 +0000
ROA not before: Fri 16 Dec 2022 10:46:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20860
IP address blocks: 185.49.236.0/22 maxlen: 24
109.69.80.0/21 maxlen: 24
185.71.24.0/22 maxlen: 24
185.33.184.0/22 maxlen: 24
195.94.112.0/20 maxlen: 24
94.199.184.0/21 maxlen: 24
151.236.208.0/21 maxlen: 24
185.68.0.0/22 maxlen: 24
94.190.240.0/21 maxlen: 24
93.95.8.0/21 maxlen: 24
185.122.216.0/22 maxlen: 24
31.210.128.0/21 maxlen: 24
37.35.88.0/21 maxlen: 24
87.237.64.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:1a:8b:01:be:4f:2f:04:09:69:5b:5c:07:57:c2:8c:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c84d61cd17ed92e54bb3397f1e5a6b3904ac6f05
Validity
Not Before: Dec 16 10:46:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f18fb654c1ed4f15531f1d91ef8099c51585e0ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:d8:eb:ec:38:ea:ec:f8:98:f9:79:4e:45:a7:
96:a7:4e:c2:41:60:b3:7f:ef:10:b3:5b:e7:34:b6:
c6:09:f2:07:ed:32:79:56:59:97:7a:7e:a9:7c:ea:
ea:b0:5c:a3:b5:6e:a1:d8:df:cc:ff:ae:34:97:c4:
00:b8:f1:4f:ab:b2:dc:dc:e9:9f:b2:83:30:e5:31:
09:4b:75:48:55:2d:65:86:1b:4b:55:7d:84:a3:bd:
c7:7d:5b:1f:85:08:c4:1c:81:f7:07:93:c3:4c:80:
98:6f:6e:6d:9a:91:b7:88:1d:16:46:82:81:b9:30:
17:ce:38:40:30:7b:4a:85:3d:79:65:01:26:fc:85:
18:d0:9d:13:02:be:ce:14:cf:00:0f:ee:bb:a9:4d:
9f:df:31:e7:62:da:21:f1:08:fa:dd:85:b5:dc:75:
e1:7d:cc:91:a9:2a:2e:54:01:04:aa:67:39:2e:f6:
3d:7d:c9:8f:11:b8:c6:d6:bc:f1:79:c5:c0:c0:c5:
5a:8a:05:69:96:37:3d:08:cf:c2:e4:c7:01:c7:c7:
18:8e:17:7c:cb:ab:99:88:80:1d:ad:da:00:72:92:
dc:d4:b0:15:b5:30:68:f3:f0:79:96:6a:86:01:cc:
22:8b:72:29:5d:08:b4:43:60:4b:4d:ba:97:8d:7a:
ef:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:8F:B6:54:C1:ED:4F:15:53:1F:1D:91:EF:80:99:C5:15:85:E0:AC
X509v3 Authority Key Identifier:
keyid:C8:4D:61:CD:17:ED:92:E5:4B:B3:39:7F:1E:5A:6B:39:04:AC:6F:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yE1hzRftkuVLszl_HlprOQSsbwU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/88eae8-4b86-4389-aadb-c257792dadc4/1/8Y-2VMHtTxVTHx2R74CZxRWF4Kw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/88eae8-4b86-4389-aadb-c257792dadc4/1/yE1hzRftkuVLszl_HlprOQSsbwU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.128.0/21
37.35.88.0/21
87.237.64.0/21
93.95.8.0/21
94.190.240.0/21
94.199.184.0/21
109.69.80.0/21
151.236.208.0/21
185.33.184.0/22
185.49.236.0/22
185.68.0.0/22
185.71.24.0/22
185.122.216.0/22
195.94.112.0/20
Signature Algorithm: sha256WithRSAEncryption
60:71:34:95:c8:d4:5e:5f:07:c1:61:f4:65:95:23:22:af:0a:
d7:00:48:1c:1b:46:2b:4d:18:9f:26:75:3a:5e:09:84:9e:7e:
48:45:94:cc:4b:1d:a8:1f:02:f8:f6:19:75:f9:5d:42:0b:70:
7a:9d:48:09:c9:0c:24:40:fd:63:b0:66:30:5b:d5:de:d1:68:
7c:a3:1f:85:66:9f:9d:65:35:48:48:51:14:f4:7b:20:12:5c:
30:31:2c:a3:fc:cf:a7:7c:ad:a0:3e:43:3d:48:9c:bb:47:e5:
f3:f2:94:39:0d:70:1e:d3:7f:8f:75:c6:67:7d:8a:05:d3:01:
7c:5c:6d:40:8f:04:f9:d7:14:ab:88:9f:f4:88:f8:8b:df:ed:
1f:dc:31:b4:3b:b9:60:36:01:af:a7:d3:9b:02:ed:bb:c0:34:
0c:4a:e2:a8:04:fb:40:f4:ba:40:82:a7:be:d4:20:5a:9f:4c:
19:82:a0:4d:4c:60:54:60:c7:ee:5c:1a:39:36:0d:f5:8a:90:
0a:5b:00:6a:a7:ae:ff:fc:c8:9d:df:bc:8f:2c:6d:ea:8e:72:
1d:6e:80:d3:5c:e5:d3:1a:dc:59:95:95:5e:da:bf:33:16:a3:
5a:7e:b5:71:6a:f2:2a:14:e9:59:c0:90:2d:df:8e:87:dc:36:
d1:e6:ff:78
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYUaiwG+Ty8ECWlbXAdXwozHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4NGQ2MWNkMTdlZDkyZTU0YmIzMzk3ZjFlNWE2YjM5MDRh
YzZmMDUwHhcNMjIxMjE2MTA0NjM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMThmYjY1NGMxZWQ0ZjE1NTMxZjFkOTFlZjgwOTljNTE1ODVlMGFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqdjr7Djq7PiY+XlORaeWp07CQWCz
f+8Qs1vnNLbGCfIH7TJ5VlmXen6pfOrqsFyjtW6h2N/M/640l8QAuPFPq7Lc3Omf
soMw5TEJS3VIVS1lhhtLVX2Eo73HfVsfhQjEHIH3B5PDTICYb25tmpG3iB0WRoKB
uTAXzjhAMHtKhT15ZQEm/IUY0J0TAr7OFM8AD+67qU2f3zHnYtoh8Qj63YW13HXh
fcyRqSouVAEEqmc5LvY9fcmPEbjG1rzxecXAwMVaigVpljc9CM/C5McBx8cYjhd8
y6uZiIAdrdoAcpLc1LAVtTBo8/B5lmqGAcwii3IpXQi0Q2BLTbqXjXrv9wIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFPGPtlTB7U8VUx8dke+AmcUVheCsMB8GA1UdIwQY
MBaAFMhNYc0X7ZLlS7M5fx5aazkErG8FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUUxaHpSZnRrdVZMc3psX0hscHJPUVNzYndVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS84OGVhZTgtNGI4Ni00Mzg5LWFhZGIt
YzI1Nzc5MmRhZGM0LzEvOFktMlZNSHRUeFZUSHgyUjc0Q1p4UldGNEt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS84OGVhZTgtNGI4Ni00Mzg5LWFhZGItYzI1Nzc5MmRhZGM0
LzEveUUxaHpSZnRrdVZMc3psX0hscHJPUVNzYndVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQDH9KAAwQD
JSNYAwQDV+1AAwQDXV8IAwQDXr7wAwQDXse4AwQDbUVQAwQDl+zQAwQCuSG4AwQC
uTHsAwQCuUQAAwQCuUcYAwQCuXrYAwQEw15wMA0GCSqGSIb3DQEBCwUAA4IBAQBg
cTSVyNReXwfBYfRllSMirwrXAEgcG0YrTRifJnU6XgmEnn5IRZTMSx2oHwL49hl1
+V1CC3B6nUgJyQwkQP1jsGYwW9Xe0Wh8ox+FZp+dZTVISFEU9HsgElwwMSyj/M+n
fK2gPkM9SJy7R+Xz8pQ5DXAe03+PdcZnfYoF0wF8XG1AjwT51xSriJ/0iPiL3+0f
3DG0O7lgNgGvp9ObAu27wDQMSuKoBPtA9LpAgqe+1CBan0wZgqBNTGBUYMfuXBo5
Ng31ipAKWwBqp67//Mid37yPLG3qjnIdboDTXOXTGtxZlZVe2r8zFqNafrVxavIq
FOlZwJAt346H3DbR5v94
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:36 2023 by rpki-client on console.sobornost.net