Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/0330fb-95d1-4302-bea1-f54577f7cc0f/1/6K_FZIzVs2YqLTTM4nAvvOwbHDE.roa
File: 6K_FZIzVs2YqLTTM4nAvvOwbHDE.roa (raw, json)
Hash identifier: lcbnYfhAdusPNnOxEl1gVKcsyalmivRTGWdPmVrzfPQ=
Subject key identifier: E8:AF:C5:64:8C:D5:B3:66:2A:2D:34:CC:E2:70:2F:BC:EC:1B:1C:31
Certificate issuer: /CN=60ea8385a14fd9967978ae7f06ec4dd52229a44a
Certificate serial: 26E5D5FE
Authority key identifier: 60:EA:83:85:A1:4F:D9:96:79:78:AE:7F:06:EC:4D:D5:22:29:A4:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YOqDhaFP2ZZ5eK5_BuxN1SIppEo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/0330fb-95d1-4302-bea1-f54577f7cc0f/1/6K_FZIzVs2YqLTTM4nAvvOwbHDE.roa
Signing time: Sat 01 Jan 2022 06:02:48 +0000
ROA not before: Sat 01 Jan 2022 06:02:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 196714
IP address blocks: 109.73.16.0/20 maxlen: 20
31.3.80.0/21 maxlen: 24
171.33.184.0/21 maxlen: 22
185.38.8.0/22 maxlen: 24
91.137.0.0/18 maxlen: 18
2a02:2250::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 652596734 (0x26e5d5fe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60ea8385a14fd9967978ae7f06ec4dd52229a44a
Validity
Not Before: Jan 1 06:02:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e8afc5648cd5b3662a2d34cce2702fbcec1b1c31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:31:8a:a4:33:a2:e0:fc:90:6f:39:50:2f:3c:
4f:37:ed:a8:fd:bb:14:6f:ac:72:ed:56:0d:6a:49:
9d:71:29:e5:f6:79:c0:7b:27:1a:49:3f:ac:d2:f5:
5b:00:d1:c5:6e:f5:f1:91:db:51:f6:81:91:e8:1f:
25:43:b2:8d:95:2a:83:e5:9b:0d:21:ad:98:81:7d:
92:6f:41:0b:4a:f3:75:32:d0:06:26:42:42:7c:ea:
0b:dd:95:a7:28:7f:46:c3:65:fd:56:28:70:4a:e9:
46:2c:3c:0e:fb:5b:d5:88:93:11:33:7c:99:fc:97:
18:7c:79:bd:5b:a1:08:57:57:47:d6:37:5f:7e:e0:
9a:1d:37:06:91:32:0c:8c:73:5d:7f:2c:81:97:1b:
a4:ad:3e:61:6b:f5:a6:64:b5:65:80:62:89:c5:8b:
25:7c:ac:be:82:5f:1b:97:2a:c4:e3:5f:92:3f:07:
7b:7e:c9:88:6f:5d:d5:ba:6e:50:fa:d8:73:26:de:
4e:1e:ca:39:b2:d9:09:18:0f:2e:7f:3d:c0:a7:40:
30:90:0f:78:8a:9b:55:6f:e1:59:c3:f0:08:d6:08:
e5:7a:ff:51:92:e8:99:e6:91:a5:82:c3:58:dc:28:
a0:af:c0:6d:92:b6:4d:5b:3b:d0:e3:bf:8f:f6:7f:
fb:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:AF:C5:64:8C:D5:B3:66:2A:2D:34:CC:E2:70:2F:BC:EC:1B:1C:31
X509v3 Authority Key Identifier:
keyid:60:EA:83:85:A1:4F:D9:96:79:78:AE:7F:06:EC:4D:D5:22:29:A4:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YOqDhaFP2ZZ5eK5_BuxN1SIppEo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/0330fb-95d1-4302-bea1-f54577f7cc0f/1/6K_FZIzVs2YqLTTM4nAvvOwbHDE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/0330fb-95d1-4302-bea1-f54577f7cc0f/1/YOqDhaFP2ZZ5eK5_BuxN1SIppEo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.3.80.0/21
91.137.0.0/18
109.73.16.0/20
171.33.184.0/21
185.38.8.0/22
IPv6:
2a02:2250::/32
Signature Algorithm: sha256WithRSAEncryption
80:43:51:28:96:d8:5f:d0:53:8c:19:4a:f9:2f:72:f5:0a:9e:
04:53:a5:f1:e7:3d:35:11:72:aa:1a:29:0a:a1:2c:aa:c5:cd:
84:1c:23:a5:ed:09:ab:ac:9a:c3:3f:01:83:d4:0e:bf:a6:e2:
9d:51:44:cd:00:94:7c:a9:0a:59:1c:68:03:d2:1a:89:cf:4f:
c0:02:e0:96:5c:55:3f:82:95:f3:fb:85:9a:97:97:08:2d:6a:
2b:e7:f5:1d:c5:0b:41:b5:01:db:15:34:7b:1e:d1:c3:17:32:
86:e5:24:df:62:4b:f4:cd:a0:a6:9a:96:1a:3c:5b:bd:d2:64:
f8:8b:0e:94:af:e0:72:99:83:d0:08:c4:5b:58:9c:f3:7c:03:
a7:14:30:17:bd:3d:5f:f2:34:80:9e:57:ba:11:34:45:52:b1:
95:90:94:d4:fc:50:59:c9:13:3e:91:36:57:d8:b5:05:17:65:
eb:e1:1a:5a:b6:09:2f:9c:c4:d9:af:af:ed:b1:c9:f3:c5:ec:
e7:d5:4d:91:01:cf:04:de:d3:70:0d:95:90:0f:d7:e2:c9:9c:
90:6a:25:29:19:6f:14:0e:ec:f7:81:d4:96:97:89:7c:d5:04:
af:0f:ad:d8:79:ea:42:4d:2d:57:d1:3d:f3:b0:8b:89:7e:bc:
a5:3b:9f:7f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIEJuXV/jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
MGVhODM4NWExNGZkOTk2Nzk3OGFlN2YwNmVjNGRkNTIyMjlhNDRhMB4XDTIyMDEw
MTA2MDI0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZThhZmM1NjQ4Y2Q1
YjM2NjJhMmQzNGNjZTI3MDJmYmNlYzFiMWMzMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALMxiqQzouD8kG85UC88TzftqP27FG+scu1WDWpJnXEp5fZ5
wHsnGkk/rNL1WwDRxW718ZHbUfaBkegfJUOyjZUqg+WbDSGtmIF9km9BC0rzdTLQ
BiZCQnzqC92Vpyh/RsNl/VYocErpRiw8Dvtb1YiTETN8mfyXGHx5vVuhCFdXR9Y3
X37gmh03BpEyDIxzXX8sgZcbpK0+YWv1pmS1ZYBiicWLJXysvoJfG5cqxONfkj8H
e37JiG9d1bpuUPrYcybeTh7KObLZCRgPLn89wKdAMJAPeIqbVW/hWcPwCNYI5Xr/
UZLomeaRpYLDWNwooK/AbZK2TVs70OO/j/Z/+6cCAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBTor8VkjNWzZiotNMzicC+87BscMTAfBgNVHSMEGDAWgBRg6oOFoU/Zlnl4
rn8G7E3VIimkSjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1lPcURoYUZQMlpaNWVLNV9CdXhOMVNJcHBFby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWIvMDMzMGZiLTk1ZDEtNDMwMi1iZWExLWY1NDU3N2Y3Y2MwZi8x
LzZLX0ZaSXpWczJZcUxUVE00bkF2dk93YkhERS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWIv
MDMzMGZiLTk1ZDEtNDMwMi1iZWExLWY1NDU3N2Y3Y2MwZi8xL1lPcURoYUZQMlpa
NWVLNV9CdXhOMVNJcHBFby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBG
BggrBgEFBQcBBwEB/wQ3MDUwJAQCAAEwHgMEAx8DUAMEBluJAAMEBG1JEAMEA6sh
uAMEArkmCDANBAIAAjAHAwUAKgIiUDANBgkqhkiG9w0BAQsFAAOCAQEAgENRKJbY
X9BTjBlK+S9y9QqeBFOl8ec9NRFyqhopCqEsqsXNhBwjpe0Jq6yawz8Bg9QOv6bi
nVFEzQCUfKkKWRxoA9Iaic9PwALgllxVP4KV8/uFmpeXCC1qK+f1HcULQbUB2xU0
ex7RwxcyhuUk32JL9M2gppqWGjxbvdJk+IsOlK/gcpmD0AjEW1ic83wDpxQwF709
X/I0gJ5XuhE0RVKxlZCU1PxQWckTPpE2V9i1BRdl6+EaWrYJL5zE2a+v7bHJ88Xs
59VNkQHPBN7TcA2VkA/X4smckGolKRlvFA7s94HUlpeJfNUErw+t2HnqQk0tV9E9
87CLiX68pTuffw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:39 2024 by rpki-client on console-ams.rpki-client.org