Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/3e9916-4f8a-4b08-89c9-b0c74b76e182/1/R83TkfWbt6piVNexedYAiNb-lPo.roa
File: R83TkfWbt6piVNexedYAiNb-lPo.roa (raw, json)
Hash identifier: BdX84z4jAbLRms5lnvsuJoz7CGaPQGqks9SqMv97C/A=
Subject key identifier: 47:CD:D3:91:F5:9B:B7:AA:62:54:D7:B1:79:D6:00:88:D6:FE:94:FA
Certificate issuer: /CN=3474210c28413e26284822abe83ad6d7c0f764fa
Certificate serial: 0EE77720
Authority key identifier: 34:74:21:0C:28:41:3E:26:28:48:22:AB:E8:3A:D6:D7:C0:F7:64:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NHQhDChBPiYoSCKr6DrW18D3ZPo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/3e9916-4f8a-4b08-89c9-b0c74b76e182/1/R83TkfWbt6piVNexedYAiNb-lPo.roa
Signing time: Sat 01 Jan 2022 13:56:03 +0000
ROA not before: Sat 01 Jan 2022 13:56:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207249
IP address blocks: 185.161.232.0/22 maxlen: 24
185.68.44.0/22 maxlen: 22
185.68.44.0/24 maxlen: 24
185.68.46.0/24 maxlen: 24
185.68.47.0/24 maxlen: 24
91.206.20.0/24 maxlen: 24
91.206.20.0/23 maxlen: 23
2a05:1600::/32 maxlen: 32
2a07:c880::/29 maxlen: 32
2a07:c883::/32 maxlen: 32
2a05:1600::/29 maxlen: 29
2a07:c881::/32 maxlen: 32
2a07:c884::/32 maxlen: 32
2a07:c880::/32 maxlen: 32
2a05:1602::/32 maxlen: 32
2a05:1601::/32 maxlen: 32
2a07:c882::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 250050336 (0xee77720)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3474210c28413e26284822abe83ad6d7c0f764fa
Validity
Not Before: Jan 1 13:56:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=47cdd391f59bb7aa6254d7b179d60088d6fe94fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:33:16:78:fb:8b:a2:3d:5c:d1:c1:18:75:61:
fa:fc:0a:6c:57:23:97:69:0f:4d:25:b4:7e:e8:b0:
97:44:52:6b:57:45:1f:b3:e5:07:5b:48:62:e8:d4:
23:55:74:d6:20:dd:b0:20:0a:19:14:75:2f:81:34:
9f:cc:63:3e:5d:c4:5f:6e:43:67:71:47:98:6e:f4:
8b:29:6d:49:0c:0b:6f:cb:ef:d9:25:f1:e7:5c:3d:
4e:20:92:19:d1:8d:b3:11:db:e6:d0:0a:48:d9:80:
c5:f8:bc:1e:4b:16:5e:9d:c1:c1:bc:47:5f:12:3b:
5f:c6:38:d5:8d:ed:b1:0f:85:17:66:a7:36:a3:a6:
14:d4:23:84:9e:3e:3f:31:ff:c0:a1:8f:d4:b9:78:
e2:7c:c4:c1:67:32:11:b6:bf:ab:1e:28:b2:f1:0f:
08:0a:7c:da:88:2d:53:60:2f:6d:de:61:bf:87:54:
c0:42:40:c7:01:cc:72:0f:2e:50:ac:0b:56:13:5b:
ef:07:e0:59:c1:b5:39:ba:be:03:75:69:fd:a1:d8:
82:9f:fb:aa:f6:a7:13:ad:53:6d:1c:61:b9:89:4e:
94:ca:83:51:70:bd:a3:64:b9:1a:15:8c:a8:46:ce:
9b:9c:be:7c:14:a2:04:10:0e:8e:6b:d6:4f:4c:f0:
82:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:CD:D3:91:F5:9B:B7:AA:62:54:D7:B1:79:D6:00:88:D6:FE:94:FA
X509v3 Authority Key Identifier:
keyid:34:74:21:0C:28:41:3E:26:28:48:22:AB:E8:3A:D6:D7:C0:F7:64:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NHQhDChBPiYoSCKr6DrW18D3ZPo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/3e9916-4f8a-4b08-89c9-b0c74b76e182/1/R83TkfWbt6piVNexedYAiNb-lPo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/3e9916-4f8a-4b08-89c9-b0c74b76e182/1/NHQhDChBPiYoSCKr6DrW18D3ZPo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.206.20.0/23
185.68.44.0/22
185.161.232.0/22
IPv6:
2a05:1600::/29
2a07:c880::/29
Signature Algorithm: sha256WithRSAEncryption
15:29:e0:c4:e3:7b:23:96:fa:82:9c:ff:44:71:4a:01:fc:04:
b6:a5:ad:89:65:31:38:40:b3:e6:78:e7:20:04:f0:84:43:bf:
dc:e0:5c:7d:1d:dc:8e:ab:ad:c8:36:00:c3:21:b6:dd:6a:b4:
fb:4d:2f:34:74:e0:65:a5:89:6c:0d:17:bf:41:56:be:5d:7e:
89:5d:43:04:28:b8:0a:4a:21:a8:83:27:f4:b5:9a:31:b6:15:
9a:f0:8d:de:d4:c4:ea:10:28:92:cd:14:82:96:ba:9e:41:a2:
b8:32:44:78:3b:30:9c:69:5a:44:7f:49:4e:9c:82:80:20:e4:
3e:9c:06:f7:c7:2f:50:98:0c:36:b3:f2:b1:be:9c:c1:bd:dc:
21:a8:f8:2e:30:51:98:97:05:22:9d:f4:e0:72:43:16:1b:2c:
df:dd:2f:5c:27:91:8c:a1:26:42:94:2f:ba:8a:b9:e8:01:92:
fb:ea:8b:ec:08:03:74:f9:d7:49:7b:04:73:f0:5b:50:28:2d:
46:d0:e2:d8:f7:7b:4a:fc:2b:83:88:a8:d9:0c:4d:97:af:df:
2e:20:15:aa:70:a8:82:c7:43:00:da:03:a9:54:88:d0:a1:f4:
09:af:2a:13:58:d5:6e:9e:62:2b:40:f5:31:f8:c4:67:93:57:
a2:56:6d:73
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIEDud3IDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NDc0MjEwYzI4NDEzZTI2Mjg0ODIyYWJlODNhZDZkN2MwZjc2NGZhMB4XDTIyMDEw
MTEzNTYwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDdjZGQzOTFmNTli
YjdhYTYyNTRkN2IxNzlkNjAwODhkNmZlOTRmYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOQzFnj7i6I9XNHBGHVh+vwKbFcjl2kPTSW0fuiwl0RSa1dF
H7PlB1tIYujUI1V01iDdsCAKGRR1L4E0n8xjPl3EX25DZ3FHmG70iyltSQwLb8vv
2SXx51w9TiCSGdGNsxHb5tAKSNmAxfi8HksWXp3BwbxHXxI7X8Y41Y3tsQ+FF2an
NqOmFNQjhJ4+PzH/wKGP1Ll44nzEwWcyEba/qx4osvEPCAp82ogtU2Avbd5hv4dU
wEJAxwHMcg8uUKwLVhNb7wfgWcG1Obq+A3Vp/aHYgp/7qvanE61TbRxhuYlOlMqD
UXC9o2S5GhWMqEbOm5y+fBSiBBAOjmvWT0zwglUCAwEAAaOCAiswggInMB0GA1Ud
DgQWBBRHzdOR9Zu3qmJU17F51gCI1v6U+jAfBgNVHSMEGDAWgBQ0dCEMKEE+JihI
IqvoOtbXwPdk+jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05IUWhEQ2hCUGlZb1NDS3I2RHJXMThEM1pQby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjMvM2U5OTE2LTRmOGEtNGIwOC04OWM5LWIwYzc0Yjc2ZTE4Mi8x
L1I4M1RrZldidDZwaVZOZXhlZFlBaU5iLWxQby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjMv
M2U5OTE2LTRmOGEtNGIwOC04OWM5LWIwYzc0Yjc2ZTE4Mi8xL05IUWhEQ2hCUGlZ
b1NDS3I2RHJXMThEM1pQby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBB
BggrBgEFBQcBBwEB/wQyMDAwGAQCAAEwEgMEAVvOFAMEArlELAMEArmh6DAUBAIA
AjAOAwUDKgUWAAMFAyoHyIAwDQYJKoZIhvcNAQELBQADggEBABUp4MTjeyOW+oKc
/0RxSgH8BLalrYllMThAs+Z45yAE8IRDv9zgXH0d3I6rrcg2AMMhtt1qtPtNLzR0
4GWliWwNF79BVr5dfoldQwQouApKIaiDJ/S1mjG2FZrwjd7UxOoQKJLNFIKWup5B
orgyRHg7MJxpWkR/SU6cgoAg5D6cBvfHL1CYDDaz8rG+nMG93CGo+C4wUZiXBSKd
9OByQxYbLN/dL1wnkYyhJkKUL7qKuegBkvvqi+wIA3T510l7BHPwW1AoLUbQ4tj3
e0r8K4OIqNkMTZev3y4gFapwqILHQwDaA6lUiNCh9AmvKhNY1W6eYitA9TH4xGeT
V6JWbXM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:39 2024 by rpki-client on console-fra.rpki-client.org