Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/37a93b-87b5-4995-9e8c-6635debc395c/1/6wW6MCDdkSQjXOLpSsQvUCofwbQ.roa
File: 6wW6MCDdkSQjXOLpSsQvUCofwbQ.roa (raw, json)
Hash identifier: 1PGJuqUmaa1YhfokfFR3KlmRzyfG6kFXx1b4JPr9gYw=
Subject key identifier: EB:05:BA:30:20:DD:91:24:23:5C:E2:E9:4A:C4:2F:50:2A:1F:C1:B4
Certificate issuer: /CN=617252ebbb33484adcec7405adea4de08a0afb04
Certificate serial: 0183332FC16BE060569D85FC73BE415E64EB
Authority key identifier: 61:72:52:EB:BB:33:48:4A:DC:EC:74:05:AD:EA:4D:E0:8A:0A:FB:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YXJS67szSErc7HQFrepN4IoK-wQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/37a93b-87b5-4995-9e8c-6635debc395c/1/6wW6MCDdkSQjXOLpSsQvUCofwbQ.roa
Signing time: Mon 12 Sep 2022 19:31:50 +0000
ROA not before: Mon 12 Sep 2022 19:31:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41608
IP address blocks: 185.213.175.0/24 maxlen: 24
185.213.174.0/24 maxlen: 24
195.170.165.0/24 maxlen: 24
195.170.172.0/24 maxlen: 24
185.213.172.0/24 maxlen: 24
185.213.172.0/23 maxlen: 23
2a0b:8bc0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:33:2f:c1:6b:e0:60:56:9d:85:fc:73:be:41:5e:64:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=617252ebbb33484adcec7405adea4de08a0afb04
Validity
Not Before: Sep 12 19:31:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=eb05ba3020dd9124235ce2e94ac42f502a1fc1b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:9d:b0:56:f5:24:48:3b:1c:e4:17:f9:92:1d:
c7:e3:19:f3:9e:3d:90:78:64:b1:46:a4:41:2a:85:
f8:89:8e:a7:d3:96:ba:c6:db:84:15:50:d9:1e:ec:
42:20:1e:af:0e:17:cf:b9:6d:ad:6a:8e:44:c7:7c:
8c:ba:1f:8b:25:1d:e6:ce:54:78:6e:93:45:5c:3e:
19:fd:68:56:80:f4:e1:0c:0d:48:4f:ec:cc:9e:bc:
cf:69:21:72:6f:a5:95:fe:9d:83:d3:36:47:12:43:
76:d9:48:ca:7c:0a:bb:82:15:fd:f1:f1:5b:9f:15:
0a:4b:a0:e9:05:14:04:ae:dc:6f:ae:29:d9:81:42:
48:ae:ba:a6:f6:20:fa:60:6c:11:d4:5a:a1:9b:95:
5b:c1:9c:ef:be:e5:0a:f7:46:52:ae:d6:93:8d:4e:
21:1d:18:9f:21:d9:fc:ce:e6:db:3e:16:6e:97:1f:
f2:55:6d:c7:f2:2d:37:e2:bc:f6:bd:14:bd:8c:5e:
6e:84:2e:91:dd:4b:26:7e:09:3e:7d:9c:42:34:98:
cf:85:ef:15:a2:e1:3e:84:72:19:81:65:00:13:d2:
d1:05:3e:ea:4e:ca:eb:20:7d:41:77:82:d9:c6:5f:
f1:61:cf:b1:dc:02:dc:65:b6:ee:d4:c9:f2:33:04:
2a:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:05:BA:30:20:DD:91:24:23:5C:E2:E9:4A:C4:2F:50:2A:1F:C1:B4
X509v3 Authority Key Identifier:
keyid:61:72:52:EB:BB:33:48:4A:DC:EC:74:05:AD:EA:4D:E0:8A:0A:FB:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YXJS67szSErc7HQFrepN4IoK-wQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/37a93b-87b5-4995-9e8c-6635debc395c/1/6wW6MCDdkSQjXOLpSsQvUCofwbQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/37a93b-87b5-4995-9e8c-6635debc395c/1/YXJS67szSErc7HQFrepN4IoK-wQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.213.172.0/22
195.170.165.0/24
195.170.172.0/24
IPv6:
2a0b:8bc0::/29
Signature Algorithm: sha256WithRSAEncryption
79:e9:14:3b:ab:f6:e9:34:ca:df:6a:d2:e9:a5:f7:6b:05:86:
15:14:42:cd:9e:e5:2e:7c:2a:9a:be:d9:8b:b3:31:ab:c4:87:
07:7f:e0:36:c9:7f:d5:2f:10:cb:5c:52:40:8d:3f:85:d8:b2:
91:1f:45:e4:72:fa:a9:76:9f:08:b0:cb:0f:91:65:b0:e2:6a:
ce:af:1d:6d:f5:6c:59:b4:29:44:14:db:53:81:70:cc:d4:90:
e1:37:47:ff:2a:33:69:15:e2:ea:9e:fe:56:90:f0:49:f8:61:
40:a6:a6:6f:dd:49:42:81:b5:f8:07:ce:99:05:8e:58:40:d7:
7c:63:58:6c:00:2e:30:da:0f:e9:fd:09:29:cb:26:b2:d4:71:
2f:75:b9:27:42:4c:42:2e:9e:87:f7:04:a1:c2:1a:a2:c4:7b:
53:6d:f9:29:cc:b4:73:2c:df:ed:a6:8f:f0:a6:5c:4d:e6:bb:
e4:bb:83:df:1b:d2:07:3f:21:fd:ec:41:21:f8:ae:09:54:32:
5f:53:05:13:82:1c:ed:7e:f3:c1:39:fc:02:47:21:39:34:12:
ea:85:f5:44:0b:7c:15:7b:c5:66:b1:04:96:39:e6:19:d4:b0:
57:e1:69:c9:12:e0:d1:75:f9:de:29:ef:e3:30:8a:dc:e1:f6:
cb:a0:0e:3d
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYMzL8Fr4GBWnYX8c75BXmTrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxNzI1MmViYmIzMzQ4NGFkY2VjNzQwNWFkZWE0ZGUwOGEw
YWZiMDQwHhcNMjIwOTEyMTkzMTUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjA1YmEzMDIwZGQ5MTI0MjM1Y2UyZTk0YWM0MmY1MDJhMWZjMWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgZ2wVvUkSDsc5Bf5kh3H4xnznj2Q
eGSxRqRBKoX4iY6n05a6xtuEFVDZHuxCIB6vDhfPuW2tao5Ex3yMuh+LJR3mzlR4
bpNFXD4Z/WhWgPThDA1IT+zMnrzPaSFyb6WV/p2D0zZHEkN22UjKfAq7ghX98fFb
nxUKS6DpBRQErtxvrinZgUJIrrqm9iD6YGwR1Fqhm5VbwZzvvuUK90ZSrtaTjU4h
HRifIdn8zubbPhZulx/yVW3H8i034rz2vRS9jF5uhC6R3Usmfgk+fZxCNJjPhe8V
ouE+hHIZgWUAE9LRBT7qTsrrIH1Bd4LZxl/xYc+x3ALcZbbu1MnyMwQq7QIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFOsFujAg3ZEkI1zi6UrEL1AqH8G0MB8GA1UdIwQY
MBaAFGFyUuu7M0hK3Ox0Ba3qTeCKCvsEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVhKUzY3c3pTRXJjN0hRRnJlcE40SW9LLXdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy8zN2E5M2ItODdiNS00OTk1LTllOGMt
NjYzNWRlYmMzOTVjLzEvNndXNk1DRGRrU1FqWE9McFNzUXZVQ29md2JRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy8zN2E5M2ItODdiNS00OTk1LTllOGMtNjYzNWRlYmMzOTVj
LzEvWVhKUzY3c3pTRXJjN0hRRnJlcE40SW9LLXdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCudWsAwQA
w6qlAwQAw6qsMA0EAgACMAcDBQMqC4vAMA0GCSqGSIb3DQEBCwUAA4IBAQB56RQ7
q/bpNMrfatLppfdrBYYVFELNnuUufCqavtmLszGrxIcHf+A2yX/VLxDLXFJAjT+F
2LKRH0Xkcvqpdp8IsMsPkWWw4mrOrx1t9WxZtClEFNtTgXDM1JDhN0f/KjNpFeLq
nv5WkPBJ+GFApqZv3UlCgbX4B86ZBY5YQNd8Y1hsAC4w2g/p/Qkpyyay1HEvdbkn
QkxCLp6H9wShwhqixHtTbfkpzLRzLN/tpo/wplxN5rvku4PfG9IHPyH97EEh+K4J
VDJfUwUTghztfvPBOfwCRyE5NBLqhfVEC3wVe8VmsQSWOeYZ1LBX4WnJEuDRdfne
Ke/jMIrc4fbLoA49
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:02 2024 by rpki-client on console-ams.rpki-client.org