Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/62a3b1-117d-4b17-9662-45eb738cb9c8/1/tW6FtY91V4ZB8e0fVz_etAk_O2w.roa
File: tW6FtY91V4ZB8e0fVz_etAk_O2w.roa (raw, json)
Hash identifier: LXnBomEczPZo2rKMNE72KMB6MMAjd4TyFzIJogsGSKE=
Subject key identifier: B5:6E:85:B5:8F:75:57:86:41:F1:ED:1F:57:3F:DE:B4:09:3F:3B:6C
Certificate issuer: /CN=06da1c6b1a65f7a3d97f9bd75e7cac3135246fa5
Certificate serial: 1CC3E0D5
Authority key identifier: 06:DA:1C:6B:1A:65:F7:A3:D9:7F:9B:D7:5E:7C:AC:31:35:24:6F:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Btocaxpl96PZf5vXXnysMTUkb6U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/62a3b1-117d-4b17-9662-45eb738cb9c8/1/tW6FtY91V4ZB8e0fVz_etAk_O2w.roa
Signing time: Wed 02 Feb 2022 16:05:50 +0000
ROA not before: Wed 02 Feb 2022 16:05:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51395
IP address blocks: 176.10.99.200/32 maxlen: 32
176.10.96.0/19 maxlen: 19
185.85.108.0/22 maxlen: 22
91.192.100.0/22 maxlen: 22
185.32.220.0/22 maxlen: 22
185.32.221.0/24 maxlen: 24
185.32.223.0/24 maxlen: 24
185.189.148.0/22 maxlen: 22
185.195.68.0/23 maxlen: 23
91.201.56.0/22 maxlen: 22
176.10.104.240/32 maxlen: 32
195.225.117.0/24 maxlen: 24
195.225.118.0/23 maxlen: 23
2a00:bd80::/32 maxlen: 32
2a0b:ee80::/29 maxlen: 29
2a0a:5dc0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 482599125 (0x1cc3e0d5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=06da1c6b1a65f7a3d97f9bd75e7cac3135246fa5
Validity
Not Before: Feb 2 16:05:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b56e85b58f75578641f1ed1f573fdeb4093f3b6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:d1:e0:68:de:78:b1:15:85:8c:a1:85:1e:8d:
9c:19:fc:a9:7d:e7:22:f1:86:82:7e:ca:b2:e4:22:
b2:17:b7:1a:d9:9e:15:c6:1d:a3:42:89:62:d9:a7:
5c:8d:6e:35:57:cb:85:bd:dd:4d:dd:37:aa:66:65:
72:87:ca:9e:54:b9:14:43:f0:36:a8:e8:80:43:c0:
c1:aa:89:c5:4b:b6:17:da:cf:fc:31:58:d4:f4:3f:
e2:c2:a7:33:f5:c7:24:9d:45:32:91:8b:41:7f:68:
21:0a:4d:b8:8b:2f:5e:d7:71:13:64:12:30:e2:63:
7e:c7:73:ba:cc:8f:30:c0:55:4c:3d:53:8a:d9:8c:
5b:91:75:f0:20:85:28:fc:9d:1f:ed:a6:7e:74:a9:
79:7d:5d:f6:75:71:fa:c1:a4:e7:52:41:fe:58:5c:
1f:70:38:d3:4f:87:ca:bf:c2:e4:0a:1d:24:78:2b:
e5:55:d5:f2:76:0a:d9:72:e8:25:b5:c5:fc:f1:7f:
ad:71:c1:08:b8:7d:d4:f9:aa:5e:65:b4:91:9b:4f:
62:05:76:7b:ef:bb:7a:8c:a6:6f:af:45:0a:aa:23:
6e:65:75:6f:3b:bc:dd:97:df:43:a2:49:41:90:3b:
57:cf:13:07:ee:e0:b4:a3:ca:71:18:94:a1:ab:3b:
a8:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:6E:85:B5:8F:75:57:86:41:F1:ED:1F:57:3F:DE:B4:09:3F:3B:6C
X509v3 Authority Key Identifier:
keyid:06:DA:1C:6B:1A:65:F7:A3:D9:7F:9B:D7:5E:7C:AC:31:35:24:6F:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Btocaxpl96PZf5vXXnysMTUkb6U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/62a3b1-117d-4b17-9662-45eb738cb9c8/1/tW6FtY91V4ZB8e0fVz_etAk_O2w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/62a3b1-117d-4b17-9662-45eb738cb9c8/1/Btocaxpl96PZf5vXXnysMTUkb6U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.192.100.0/22
91.201.56.0/22
176.10.96.0/19
185.32.220.0/22
185.85.108.0/22
185.189.148.0/22
185.195.68.0/23
195.225.117.0-195.225.119.255
IPv6:
2a00:bd80::/32
2a0a:5dc0::/29
2a0b:ee80::/29
Signature Algorithm: sha256WithRSAEncryption
75:c1:f5:80:a1:83:ab:56:e8:4b:26:f3:2f:bc:dd:cd:7b:4d:
c4:15:d8:4b:96:a9:4f:65:14:ea:6f:44:c2:4e:a8:73:7e:4f:
9e:61:70:e2:97:bb:32:5d:39:75:c0:2d:dd:fa:f5:1b:60:a4:
90:aa:a1:ed:8b:58:55:d0:33:7f:45:2c:ba:8e:83:f0:35:60:
a1:9e:4b:15:14:63:31:38:20:c4:23:b0:a1:5f:e9:4b:60:43:
71:3f:8b:14:9f:bc:c4:1f:04:4a:17:6e:ab:8a:67:70:5c:b5:
5f:29:07:f8:fc:cd:06:3c:2b:9f:95:50:15:84:ba:ba:ab:67:
09:da:14:15:c8:f4:96:12:03:4b:88:e7:01:b5:eb:39:f3:86:
18:e5:03:bf:4b:a7:79:d4:f0:7b:8b:3a:e0:15:f9:b2:cd:c8:
21:69:c3:16:a7:c0:d5:a2:bf:6c:0c:9c:c5:9a:95:e8:33:ef:
a2:c9:38:9b:1d:ea:50:a5:70:ec:37:92:52:ba:0f:e9:7b:99:
b8:ea:5a:50:67:e4:bc:09:0c:18:97:5d:35:f8:ce:9e:bf:cb:
8c:17:67:79:da:3c:2a:13:a4:da:14:27:9c:14:21:2c:40:64:
c7:dc:5f:a6:56:69:26:dd:eb:fb:dc:1a:38:19:74:a7:11:11:
a9:4d:e1:b5
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgIEHMPg1TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NmRhMWM2YjFhNjVmN2EzZDk3ZjliZDc1ZTdjYWMzMTM1MjQ2ZmE1MB4XDTIyMDIw
MjE2MDU1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjU2ZTg1YjU4Zjc1
NTc4NjQxZjFlZDFmNTczZmRlYjQwOTNmM2I2YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ/R4GjeeLEVhYyhhR6NnBn8qX3nIvGGgn7KsuQishe3Gtme
FcYdo0KJYtmnXI1uNVfLhb3dTd03qmZlcofKnlS5FEPwNqjogEPAwaqJxUu2F9rP
/DFY1PQ/4sKnM/XHJJ1FMpGLQX9oIQpNuIsvXtdxE2QSMOJjfsdzusyPMMBVTD1T
itmMW5F18CCFKPydH+2mfnSpeX1d9nVx+sGk51JB/lhcH3A400+Hyr/C5AodJHgr
5VXV8nYK2XLoJbXF/PF/rXHBCLh91PmqXmW0kZtPYgV2e++7eoymb69FCqojbmV1
bzu83ZffQ6JJQZA7V88TB+7gtKPKcRiUoas7qJsCAwEAAaOCAlgwggJUMB0GA1Ud
DgQWBBS1boW1j3VXhkHx7R9XP960CT87bDAfBgNVHSMEGDAWgBQG2hxrGmX3o9l/
m9defKwxNSRvpTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0J0b2NheHBsOTZQWmY1dlhYbnlzTVRVa2I2VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGUvNjJhM2IxLTExN2QtNGIxNy05NjYyLTQ1ZWI3MzhjYjljOC8x
L3RXNkZ0WTkxVjRaQjhlMGZWel9ldEFrX08ydy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGUv
NjJhM2IxLTExN2QtNGIxNy05NjYyLTQ1ZWI3MzhjYjljOC8xL0J0b2NheHBsOTZQ
WmY1dlhYbnlzTVRVa2I2VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBu
BggrBgEFBQcBBwEB/wRfMF0wPgQCAAEwOAMEAlvAZAMEAlvJOAMEBbAKYAMEArkg
3AMEArlVbAMEArm9lAMEAbnDRDAMAwQAw+F1AwQDw+FwMBsEAgACMBUDBQAqAL2A
AwUDKgpdwAMFAyoL7oAwDQYJKoZIhvcNAQELBQADggEBAHXB9YChg6tW6Esm8y+8
3c17TcQV2EuWqU9lFOpvRMJOqHN+T55hcOKXuzJdOXXALd369RtgpJCqoe2LWFXQ
M39FLLqOg/A1YKGeSxUUYzE4IMQjsKFf6UtgQ3E/ixSfvMQfBEoXbquKZ3BctV8p
B/j8zQY8K5+VUBWEurqrZwnaFBXI9JYSA0uI5wG16znzhhjlA79Lp3nU8HuLOuAV
+bLNyCFpwxanwNWiv2wMnMWalegz76LJOJsd6lClcOw3klK6D+l7mbjqWlBn5LwJ
DBiXXTX4zp6/y4wXZ3naPCoTpNoUJ5wUISxAZMfcX6ZWaSbd6/vcGjgZdKcREalN
4bU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:03 2024 by rpki-client on console-ams.rpki-client.org