Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/6op-FixUlGe11aUNAYEtwtdcF4I.roa
File: 6op-FixUlGe11aUNAYEtwtdcF4I.roa (raw, json)
Hash identifier: 3KtCFffcM7n+zHLBocL8oxTXDBbYMK6TPAKXPoEZljA=
Subject key identifier: EA:8A:7E:16:2C:54:94:67:B5:D5:A5:0D:01:81:2D:C2:D7:5C:17:82
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 0184E8EA9BE2B94A9149E6C73A287F433887
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/6op-FixUlGe11aUNAYEtwtdcF4I.roa
Signing time: Tue 06 Dec 2022 19:30:00 +0000
ROA not before: Tue 06 Dec 2022 19:30:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62206
IP address blocks: 5.181.87.0/24 maxlen: 24
195.211.188.0/22 maxlen: 24
195.211.190.0/24 maxlen: 24
2.56.108.0/22 maxlen: 22
45.88.139.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
194.242.96.0/22 maxlen: 22
194.242.97.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
45.144.213.0/24 maxlen: 24
45.144.212.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
45.132.181.0/24 maxlen: 24
195.62.24.0/24 maxlen: 24
45.13.188.0/24 maxlen: 24
45.13.189.0/24 maxlen: 24
45.94.168.0/22 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
85.209.120.0/23 maxlen: 24
85.209.120.0/22 maxlen: 24
85.209.123.0/24 maxlen: 24
85.209.122.0/24 maxlen: 24
193.30.241.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
195.177.92.0/24 maxlen: 24
195.177.95.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
45.81.112.0/22 maxlen: 24
77.83.38.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
2a10:dfc0::/29 maxlen: 29
2a07:9200::/29 maxlen: 29
2a11:580::/29 maxlen: 29
2a0c:a580::/29 maxlen: 29
2a01:7120::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e8:ea:9b:e2:b9:4a:91:49:e6:c7:3a:28:7f:43:38:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Dec 6 19:30:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ea8a7e162c549467b5d5a50d01812dc2d75c1782
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:e9:04:fc:a8:93:ef:04:1e:fa:a1:14:68:05:
60:41:82:4c:ef:17:70:17:91:e7:4c:b1:42:82:a0:
b0:d2:a0:30:26:c9:c9:5b:e4:c3:5e:83:6b:ca:bf:
96:0e:65:d0:cf:5c:9e:bb:e5:3c:5e:cd:74:a3:b4:
51:f7:52:bf:53:0d:f3:e6:5d:f8:f8:a0:2d:69:09:
1e:0a:30:6a:b2:25:cf:d5:40:2a:fc:16:f9:e4:20:
14:90:b3:6b:de:1f:a1:84:5b:b0:59:c8:6c:a0:95:
0e:82:e8:49:d1:cd:81:cb:65:76:b4:72:a3:1d:36:
4f:6c:54:d2:ca:83:1a:54:cd:a7:0c:29:98:6c:fd:
2f:ab:2a:74:94:7a:bd:b4:5d:84:14:af:9c:f9:33:
2b:70:ee:8f:4d:31:04:a2:20:ea:26:9b:88:ae:56:
b6:21:5a:4b:a7:01:7e:5d:ac:16:11:df:4f:1b:b1:
cf:c4:81:45:75:88:c0:aa:39:9c:42:52:2f:cb:8d:
3e:7a:d6:16:d0:1d:b2:5b:71:b6:ab:ec:2b:5e:6b:
e5:a4:f9:55:61:00:03:ca:de:91:ae:25:ea:49:6d:
ae:ae:7a:ba:24:c0:b8:32:fc:d4:63:13:37:06:f9:
69:bb:5d:bb:8d:06:ea:5c:f3:3a:4c:fc:60:ae:d6:
45:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:8A:7E:16:2C:54:94:67:B5:D5:A5:0D:01:81:2D:C2:D7:5C:17:82
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/6op-FixUlGe11aUNAYEtwtdcF4I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.108.0/22
5.181.87.0/24
45.9.29.0/24
45.13.188.0/23
45.81.112.0/22
45.88.136.0/24
45.88.139.0/24
45.94.168.0/22
45.132.181.0-45.132.183.255
45.144.212.0/23
77.83.38.0/24
85.209.120.0/22
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/22
193.57.43.0/24
194.242.96.0/22
195.62.24.0/24
195.177.92.0/22
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a0c:a580::/29
2a10:dfc0::/29
2a11:580::/29
Signature Algorithm: sha256WithRSAEncryption
7e:84:ab:bb:80:20:f4:25:11:f2:09:d8:98:87:d7:26:b0:18:
b8:82:c1:ae:5b:5d:23:a8:26:fc:64:d2:a5:df:82:cf:c2:6a:
c8:42:27:75:70:81:4f:d8:e2:e5:95:54:9e:2a:d4:b3:13:b9:
8a:df:b7:77:f6:0c:40:51:fb:be:b6:44:14:27:c1:1b:32:d5:
22:f8:85:de:cc:b9:e0:ad:e6:00:b6:0c:42:64:ba:ce:a1:b4:
4d:99:0e:67:cf:c7:31:79:39:81:e2:56:cd:46:dc:91:42:21:
fd:a9:71:fc:76:28:48:2b:53:b3:b4:12:f7:7a:9b:07:ae:89:
7b:2b:44:0b:92:a7:dc:23:c8:ea:2d:85:e0:41:bc:bb:82:ac:
60:c5:df:be:73:ad:b2:35:39:26:7f:47:bb:d6:b4:ab:af:ee:
5d:85:93:6e:3e:ce:e8:82:ce:1c:99:ad:0c:b7:5c:30:b7:3a:
3b:90:f7:4e:f9:4f:1c:cf:13:d4:b6:cd:4f:d9:11:57:6b:44:
18:35:a8:bf:25:ca:74:44:84:91:43:9b:5a:5f:ed:50:96:4c:
ee:1a:6d:64:48:e8:8b:4a:c7:63:cf:98:de:b7:a9:1d:59:d5:
36:d4:24:d3:ef:ef:86:68:d5:42:cd:c6:0c:8f:4b:08:57:6d:
55:08:b4:58
-----BEGIN CERTIFICATE-----
MIIFrTCCBJWgAwIBAgISAYTo6pviuUqRSebHOih/QziHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjIxMjA2MTkzMDAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYThhN2UxNjJjNTQ5NDY3YjVkNWE1MGQwMTgxMmRjMmQ3NWMxNzgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjukE/KiT7wQe+qEUaAVgQYJM7xdw
F5HnTLFCgqCw0qAwJsnJW+TDXoNryr+WDmXQz1yeu+U8Xs10o7RR91K/Uw3z5l34
+KAtaQkeCjBqsiXP1UAq/Bb55CAUkLNr3h+hhFuwWchsoJUOguhJ0c2By2V2tHKj
HTZPbFTSyoMaVM2nDCmYbP0vqyp0lHq9tF2EFK+c+TMrcO6PTTEEoiDqJpuIrla2
IVpLpwF+XawWEd9PG7HPxIFFdYjAqjmcQlIvy40+etYW0B2yW3G2q+wrXmvlpPlV
YQADyt6RriXqSW2urnq6JMC4MvzUYxM3Bvlpu127jQbqXPM6TPxgrtZFGwIDAQAB
o4ICuTCCArUwHQYDVR0OBBYEFOqKfhYsVJRntdWlDQGBLcLXXBeCMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvNm9wLUZpeFVsR2UxMWFVTkFZRXR3dGRjRjRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHOBggrBgEFBQcBBwEB/wSBvjCBuzCBjQQCAAEwgYYDBAIC
OGwDBAAFtVcDBAAtCR0DBAEtDbwDBAItUXADBAAtWIgDBAAtWIsDBAItXqgwDAME
AC2EtQMEAy2EsAMEAS2Q1AMEAE1TJgMEAlXReAMEAbkr+AMEALkr+wMEAbnIPgME
AsEe8AMEAME5KwMEAsLyYAMEAMM+GAMEAsOxXAMEAsPTvDApBAIAAjAjAwUAKgFx
IAMFAyoHkgADBQMqDKWAAwUDKhDfwAMFAyoRBYAwDQYJKoZIhvcNAQELBQADggEB
AH6Eq7uAIPQlEfIJ2JiH1yawGLiCwa5bXSOoJvxk0qXfgs/CashCJ3VwgU/Y4uWV
VJ4q1LMTuYrft3f2DEBR+762RBQnwRsy1SL4hd7MueCt5gC2DEJkus6htE2ZDmfP
xzF5OYHiVs1G3JFCIf2pcfx2KEgrU7O0Evd6mweuiXsrRAuSp9wjyOotheBBvLuC
rGDF375zrbI1OSZ/R7vWtKuv7l2Fk24+zuiCzhyZrQy3XDC3OjuQ9075TxzPE9S2
zU/ZEVdrRBg1qL8lynREhJFDm1pf7VCWTO4abWRI6ItKx2PPmN63qR1Z1TbUJNPv
74Zo1ULNxgyPSwhXbVUItFg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:31 2024 by rpki-client on console-fra.rpki-client.org