Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/b34a33-062b-4b70-ba51-02a12b86180d/1/a7yozQfEHXKlZrnzsQZCVr6AKeU.roa
File: a7yozQfEHXKlZrnzsQZCVr6AKeU.roa (raw, json)
Hash identifier: 5wSnk+jXTsslE1e6Dh3Bk2vMl6qW9hZKlwF117FbJvo=
Subject key identifier: 6B:BC:A8:CD:07:C4:1D:72:A5:66:B9:F3:B1:06:42:56:BE:80:29:E5
Certificate issuer: /CN=b944ca2d992d7785800bdd5524d3e11383d9f1de
Certificate serial: 0307CB75
Authority key identifier: B9:44:CA:2D:99:2D:77:85:80:0B:DD:55:24:D3:E1:13:83:D9:F1:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uUTKLZktd4WAC91VJNPhE4PZ8d4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/b34a33-062b-4b70-ba51-02a12b86180d/1/a7yozQfEHXKlZrnzsQZCVr6AKeU.roa
Signing time: Sat 01 Jan 2022 11:01:47 +0000
ROA not before: Sat 01 Jan 2022 11:01:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25353
IP address blocks: 46.235.56.0/21 maxlen: 21
81.201.192.0/20 maxlen: 20
185.183.188.0/22 maxlen: 22
2a03:2600::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 50842485 (0x307cb75)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b944ca2d992d7785800bdd5524d3e11383d9f1de
Validity
Not Before: Jan 1 11:01:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6bbca8cd07c41d72a566b9f3b1064256be8029e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:3f:4e:f4:70:5f:1a:cd:21:c2:ae:52:cc:7b:
99:a9:7a:9c:47:ea:ee:24:47:3f:e0:cd:a3:67:f5:
a3:81:bf:5a:45:31:26:df:be:ff:0a:c8:4e:af:3c:
c4:59:80:c1:e4:b0:a4:1c:38:35:c7:1e:5c:7e:c4:
00:d5:14:65:f6:56:58:12:9b:9f:22:e5:a8:af:13:
3d:2b:1c:9b:97:ff:a0:1a:27:cc:bf:b5:e8:07:5b:
46:fb:08:38:6f:04:bf:f0:c7:50:9d:e8:33:c4:ef:
17:43:65:f2:c7:d7:25:5f:bd:dd:41:b5:13:df:b9:
14:cb:d8:7b:1b:fa:cd:a7:09:45:cb:c1:b5:bf:46:
db:6b:a5:4a:7f:b1:57:54:67:56:77:10:d6:8f:f0:
e0:93:0a:5e:7c:01:eb:f0:ed:cc:12:ea:ce:bd:5b:
3c:b3:27:cf:6f:50:dc:67:8e:ca:1f:16:c7:6b:1f:
8e:0c:d0:55:ba:92:c7:10:ac:81:8f:20:0d:c5:c5:
18:04:d9:44:77:31:3c:74:60:0f:9a:1d:eb:04:2b:
10:89:62:2e:56:65:1a:97:2c:8c:00:2b:e4:15:b6:
d8:57:90:3e:83:ef:e0:00:7e:a6:9d:21:4a:8c:43:
a5:35:76:73:19:11:4c:1b:51:8d:81:bb:8a:94:3c:
83:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:BC:A8:CD:07:C4:1D:72:A5:66:B9:F3:B1:06:42:56:BE:80:29:E5
X509v3 Authority Key Identifier:
keyid:B9:44:CA:2D:99:2D:77:85:80:0B:DD:55:24:D3:E1:13:83:D9:F1:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uUTKLZktd4WAC91VJNPhE4PZ8d4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/b34a33-062b-4b70-ba51-02a12b86180d/1/a7yozQfEHXKlZrnzsQZCVr6AKeU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/b34a33-062b-4b70-ba51-02a12b86180d/1/uUTKLZktd4WAC91VJNPhE4PZ8d4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.235.56.0/21
81.201.192.0/20
185.183.188.0/22
IPv6:
2a03:2600::/32
Signature Algorithm: sha256WithRSAEncryption
1b:28:9d:df:25:73:cc:0a:26:a2:24:42:90:eb:51:43:7b:a2:
23:66:69:9f:13:bb:d0:fe:4e:77:ed:29:c5:32:79:e1:1d:d3:
84:72:9a:cc:b7:97:b8:5c:c6:95:a1:51:ab:de:26:78:a5:4b:
3b:6e:dc:33:ab:b5:81:58:e9:de:8a:4e:4f:ad:b5:52:00:f2:
34:dd:50:52:38:93:66:f6:1b:5d:42:1e:71:d2:e0:db:45:24:
95:ca:bd:bd:f8:8e:fe:83:e7:a6:37:49:82:11:08:1a:80:e2:
d9:34:17:0c:ab:ca:13:38:ba:87:23:97:44:6c:f7:0a:cc:45:
10:2c:dc:31:d7:a5:c6:df:54:5f:8e:f8:2a:03:73:db:e8:24:
a7:ad:4a:09:69:e4:08:fc:d2:5c:07:16:3f:3c:4b:10:81:3a:
2d:e1:fa:4a:84:17:9e:57:3e:b8:5d:b6:17:d2:6b:e0:66:d6:
f8:9b:f7:60:e7:c9:b4:b0:c3:9c:34:10:bf:d9:7c:3f:82:df:
f8:e9:22:d2:79:d1:24:29:00:5c:25:f4:ea:83:a4:5e:ef:1c:
3e:22:19:fd:e3:0b:48:bf:d8:71:74:2b:8b:4b:ee:ba:30:a3:
b0:50:b6:2e:af:ee:37:cf:57:69:91:80:fd:3e:ce:26:a2:7d:
56:1d:1b:66
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEAwfLdTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
OTQ0Y2EyZDk5MmQ3Nzg1ODAwYmRkNTUyNGQzZTExMzgzZDlmMWRlMB4XDTIyMDEw
MTExMDE0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmJiY2E4Y2QwN2M0
MWQ3MmE1NjZiOWYzYjEwNjQyNTZiZTgwMjllNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJw/TvRwXxrNIcKuUsx7mal6nEfq7iRHP+DNo2f1o4G/WkUx
Jt++/wrITq88xFmAweSwpBw4NcceXH7EANUUZfZWWBKbnyLlqK8TPSscm5f/oBon
zL+16AdbRvsIOG8Ev/DHUJ3oM8TvF0Nl8sfXJV+93UG1E9+5FMvYexv6zacJRcvB
tb9G22ulSn+xV1RnVncQ1o/w4JMKXnwB6/DtzBLqzr1bPLMnz29Q3GeOyh8Wx2sf
jgzQVbqSxxCsgY8gDcXFGATZRHcxPHRgD5od6wQrEIliLlZlGpcsjAAr5BW22FeQ
PoPv4AB+pp0hSoxDpTV2cxkRTBtRjYG7ipQ8g4UCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBRrvKjNB8QdcqVmufOxBkJWvoAp5TAfBgNVHSMEGDAWgBS5RMotmS13hYAL
3VUk0+ETg9nx3jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3VVVEtMWmt0ZDRXQUM5MVZKTlBoRTRQWjhkNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjgvYjM0YTMzLTA2MmItNGI3MC1iYTUxLTAyYTEyYjg2MTgwZC8x
L2E3eW96UWZFSFhLbFpybnpzUVpDVnI2QUtlVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjgv
YjM0YTMzLTA2MmItNGI3MC1iYTUxLTAyYTEyYjg2MTgwZC8xL3VVVEtMWmt0ZDRX
QUM5MVZKTlBoRTRQWjhkNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEAy7rOAMEBFHJwAMEArm3vDANBAIA
AjAHAwUAKgMmADANBgkqhkiG9w0BAQsFAAOCAQEAGyid3yVzzAomoiRCkOtRQ3ui
I2ZpnxO70P5Od+0pxTJ54R3ThHKazLeXuFzGlaFRq94meKVLO27cM6u1gVjp3opO
T621UgDyNN1QUjiTZvYbXUIecdLg20Uklcq9vfiO/oPnpjdJghEIGoDi2TQXDKvK
Ezi6hyOXRGz3CsxFECzcMdelxt9UX474KgNz2+gkp61KCWnkCPzSXAcWPzxLEIE6
LeH6SoQXnlc+uF22F9Jr4GbW+Jv3YOfJtLDDnDQQv9l8P4Lf+Oki0nnRJCkAXCX0
6oOkXu8cPiIZ/eMLSL/YcXQri0vuujCjsFC2Lq/uN89XaZGA/T7OJqJ9Vh0bZg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:13 2024 by rpki-client on console-fra.rpki-client.org