Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/39a5fc-d26e-4d53-91e3-493d774aa1ff/1/4H6NJWt44udLDcmdyLUcemiS5Ws.roa
File: 4H6NJWt44udLDcmdyLUcemiS5Ws.roa (raw, json)
Hash identifier: Xl6bVxL2Ris/Pw248E3ajvsKbRXCJeyGI7pCZvb0o2E=
Subject key identifier: E0:7E:8D:25:6B:78:E2:E7:4B:0D:C9:9D:C8:B5:1C:7A:68:92:E5:6B
Certificate issuer: /CN=3e24c7ecfa37d2487152fb9bbbab50be79de2619
Certificate serial: 111FB2BF
Authority key identifier: 3E:24:C7:EC:FA:37:D2:48:71:52:FB:9B:BB:AB:50:BE:79:DE:26:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PiTH7Po30khxUvubu6tQvnneJhk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/39a5fc-d26e-4d53-91e3-493d774aa1ff/1/4H6NJWt44udLDcmdyLUcemiS5Ws.roa
Signing time: Mon 14 Feb 2022 18:49:05 +0000
ROA not before: Mon 14 Feb 2022 18:49:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 134433
IP address blocks: 185.71.229.0/24 maxlen: 24
185.71.230.0/24 maxlen: 24
185.71.228.0/24 maxlen: 24
193.0.180.0/24 maxlen: 24
185.125.86.0/24 maxlen: 24
193.0.182.0/24 maxlen: 24
193.0.183.0/24 maxlen: 24
2a05:3343:4::/48 maxlen: 48
2a05:3340::/42 maxlen: 42
2a05:3340:140::/42 maxlen: 42
2a05:3343:5::/48 maxlen: 48
2a05:3343:a::/48 maxlen: 48
2a05:3340::/29 maxlen: 64
2a05:3343:c::/48 maxlen: 48
2a05:3343:6::/48 maxlen: 48
2a05:3343:b::/48 maxlen: 48
2a05:3343:7::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 287290047 (0x111fb2bf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e24c7ecfa37d2487152fb9bbbab50be79de2619
Validity
Not Before: Feb 14 18:49:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e07e8d256b78e2e74b0dc99dc8b51c7a6892e56b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:1f:1d:3d:73:25:d6:4e:12:13:4f:f5:06:c7:
0d:a5:1b:bd:3f:a8:26:5c:fc:a3:8e:9c:a1:64:6c:
5e:9b:04:f5:7f:a3:70:27:6a:bd:46:0d:71:21:90:
04:e1:6b:6c:ef:ae:e6:94:a0:8a:dd:28:7d:43:fe:
5d:39:69:70:8a:c3:a2:98:b4:bd:1f:48:1f:a4:48:
35:e0:ea:86:f2:34:a7:1b:da:54:ac:20:be:44:e5:
f5:aa:dc:4a:b1:c8:c5:39:b8:9a:b5:7b:6b:08:1c:
12:69:a6:95:4e:98:5f:ba:de:67:44:de:98:f7:87:
9c:96:cd:fb:e4:97:cd:44:84:01:c6:03:5f:7e:79:
d0:d0:54:45:d9:d0:85:d9:ab:0c:88:b3:b4:f8:e7:
9c:c7:a3:2e:8b:42:8d:78:f6:b9:cc:75:24:a2:0a:
0b:03:5a:6f:9b:fc:4f:63:a3:2c:d1:a6:27:9c:cd:
91:42:56:98:9f:d3:af:37:51:4f:15:19:76:5a:d9:
cc:59:84:54:14:0e:0a:c8:31:fe:ce:2b:a4:8d:9c:
39:6b:47:33:3e:c1:ac:08:6d:29:4a:0d:be:0c:b6:
3f:9a:a7:2c:0c:bb:24:5f:1d:70:82:18:9f:c7:89:
4d:ec:c0:11:1d:93:96:69:4f:1a:93:22:53:e4:41:
bc:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:7E:8D:25:6B:78:E2:E7:4B:0D:C9:9D:C8:B5:1C:7A:68:92:E5:6B
X509v3 Authority Key Identifier:
keyid:3E:24:C7:EC:FA:37:D2:48:71:52:FB:9B:BB:AB:50:BE:79:DE:26:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PiTH7Po30khxUvubu6tQvnneJhk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/39a5fc-d26e-4d53-91e3-493d774aa1ff/1/4H6NJWt44udLDcmdyLUcemiS5Ws.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/39a5fc-d26e-4d53-91e3-493d774aa1ff/1/PiTH7Po30khxUvubu6tQvnneJhk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.71.228.0-185.71.230.255
185.125.86.0/24
193.0.180.0/24
193.0.182.0/23
IPv6:
2a05:3340::/29
Signature Algorithm: sha256WithRSAEncryption
99:28:4d:7d:ff:63:e7:39:f2:c5:f3:5b:66:cc:f5:51:04:a4:
f9:40:8b:11:b6:6f:a0:8f:4e:72:4f:8c:c0:4f:9b:8c:d0:11:
22:05:fc:cd:57:3f:a4:f7:bd:b2:ee:c5:ea:33:7e:de:f4:b0:
34:cd:dc:9c:09:c3:6e:89:1f:8c:c9:ce:38:44:f2:f7:37:8d:
04:f1:15:bf:d5:bf:db:5b:c1:bc:ef:d3:58:94:d5:c8:14:6a:
d7:de:75:ef:b1:1a:f3:fa:81:da:a7:68:e6:1a:da:4a:43:84:
7e:f4:da:d9:a6:a4:75:3c:da:a2:8b:20:f7:07:06:f0:eb:17:
33:a7:f6:05:76:94:2a:e6:f9:ba:c0:ea:25:96:8f:5f:2a:a6:
40:31:be:3b:58:cc:94:7e:1c:fb:c8:8e:41:1a:08:23:f9:4f:
75:54:d0:6a:fa:85:51:e9:72:33:88:19:e1:6e:9e:42:65:da:
d8:17:82:d6:4c:61:fc:98:1a:96:05:b5:8e:98:ba:a2:4d:75:
ff:2a:8d:42:69:07:e1:4d:40:c3:ad:89:ed:1e:c4:99:83:a0:
50:bd:bf:59:0c:d2:70:66:52:2e:54:d8:cc:23:6f:d6:49:d2:
3d:7a:db:81:88:f2:36:cf:1a:9f:e6:87:a5:e6:6e:c9:c8:86:
f6:84:ff:36
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgIEER+yvzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
ZTI0YzdlY2ZhMzdkMjQ4NzE1MmZiOWJiYmFiNTBiZTc5ZGUyNjE5MB4XDTIyMDIx
NDE4NDkwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTA3ZThkMjU2Yjc4
ZTJlNzRiMGRjOTlkYzhiNTFjN2E2ODkyZTU2YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJAfHT1zJdZOEhNP9QbHDaUbvT+oJlz8o46coWRsXpsE9X+j
cCdqvUYNcSGQBOFrbO+u5pSgit0ofUP+XTlpcIrDopi0vR9IH6RINeDqhvI0pxva
VKwgvkTl9arcSrHIxTm4mrV7awgcEmmmlU6YX7reZ0TemPeHnJbN++SXzUSEAcYD
X3550NBURdnQhdmrDIiztPjnnMejLotCjXj2ucx1JKIKCwNab5v8T2OjLNGmJ5zN
kUJWmJ/TrzdRTxUZdlrZzFmEVBQOCsgx/s4rpI2cOWtHMz7BrAhtKUoNvgy2P5qn
LAy7JF8dcIIYn8eJTezAER2TlmlPGpMiU+RBvCMCAwEAAaOCAjIwggIuMB0GA1Ud
DgQWBBTgfo0la3ji50sNyZ3ItRx6aJLlazAfBgNVHSMEGDAWgBQ+JMfs+jfSSHFS
+5u7q1C+ed4mGTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1BpVEg3UG8zMGtoeFV2dWJ1NnRRdm5uZUpoay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2EvMzlhNWZjLWQyNmUtNGQ1My05MWUzLTQ5M2Q3NzRhYTFmZi8x
LzRINk5KV3Q0NHVkTERjbWR5TFVjZW1pUzVXcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Ev
MzlhNWZjLWQyNmUtNGQ1My05MWUzLTQ5M2Q3NzRhYTFmZi8xL1BpVEg3UG8zMGto
eFV2dWJ1NnRRdm5uZUpoay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBI
BggrBgEFBQcBBwEB/wQ5MDcwJgQCAAEwIDAMAwQCuUfkAwQAuUfmAwQAuX1WAwQA
wQC0AwQBwQC2MA0EAgACMAcDBQMqBTNAMA0GCSqGSIb3DQEBCwUAA4IBAQCZKE19
/2PnOfLF81tmzPVRBKT5QIsRtm+gj05yT4zAT5uM0BEiBfzNVz+k972y7sXqM37e
9LA0zdycCcNuiR+Myc44RPL3N40E8RW/1b/bW8G879NYlNXIFGrX3nXvsRrz+oHa
p2jmGtpKQ4R+9NrZpqR1PNqiiyD3Bwbw6xczp/YFdpQq5vm6wOollo9fKqZAMb47
WMyUfhz7yI5BGggj+U91VNBq+oVR6XIziBnhbp5CZdrYF4LWTGH8mBqWBbWOmLqi
TXX/Ko1CaQfhTUDDrYntHsSZg6BQvb9ZDNJwZlIuVNjMI2/WSdI9etuBiPI2zxqf
5oel5m7JyIb2hP82
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:53 2023 by rpki-client on console-ams.rpki-client.org