Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/d4b5f9-af44-41d0-b5f1-a25e07cea2c0/1/6ywWngn8efTdw-JFsHqTporgG2g.roa
File: 6ywWngn8efTdw-JFsHqTporgG2g.roa (raw, json)
Hash identifier: 6puXAvkcmNHdEdkuSNs/ghj/Jh9i6ywOTBYOjj9BfNg=
Subject key identifier: EB:2C:16:9E:09:FC:79:F4:DD:C3:E2:45:B0:7A:93:A6:8A:E0:1B:68
Certificate issuer: /CN=046f364658b64e2bf150d20fc838c364207975e2
Certificate serial: 0A726D37
Authority key identifier: 04:6F:36:46:58:B6:4E:2B:F1:50:D2:0F:C8:38:C3:64:20:79:75:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BG82Rli2TivxUNIPyDjDZCB5deI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/d4b5f9-af44-41d0-b5f1-a25e07cea2c0/1/6ywWngn8efTdw-JFsHqTporgG2g.roa
Signing time: Sat 01 Jan 2022 10:01:43 +0000
ROA not before: Sat 01 Jan 2022 10:01:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31252
IP address blocks: 87.248.160.0/19 maxlen: 32
89.28.0.0/17 maxlen: 32
89.28.21.0/24 maxlen: 32
195.93.218.0/23 maxlen: 32
188.138.128.0/17 maxlen: 32
185.70.188.0/22 maxlen: 32
185.175.80.0/22 maxlen: 32
95.65.0.0/17 maxlen: 32
185.17.224.0/22 maxlen: 32
188.244.16.0/20 maxlen: 32
178.168.0.0/17 maxlen: 32
178.18.32.0/20 maxlen: 32
37.233.0.0/18 maxlen: 32
2a0b:dd00::/29 maxlen: 128
2a00:9900::/29 maxlen: 128
2a01:320::/29 maxlen: 128
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 175271223 (0xa726d37)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=046f364658b64e2bf150d20fc838c364207975e2
Validity
Not Before: Jan 1 10:01:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=eb2c169e09fc79f4ddc3e245b07a93a68ae01b68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:ea:f5:3f:af:4c:32:e5:b4:a0:f2:1c:db:7b:
82:93:ee:cc:fa:bf:94:af:90:7e:a9:88:59:52:00:
28:aa:0e:49:aa:79:57:0d:9d:22:ab:e9:e5:81:06:
f6:b3:1a:ed:70:4c:4f:38:87:31:1f:e9:14:75:6f:
69:0b:33:0f:87:eb:64:73:15:d8:e1:0e:c5:75:5a:
c0:ec:a3:10:71:d5:be:0d:b2:85:22:40:6e:b5:8f:
47:53:64:a0:bd:2a:36:ff:c2:21:de:d1:79:08:83:
65:4e:81:65:e9:fe:f2:6a:7e:cb:4b:f8:bc:47:ce:
28:ad:e3:b2:ad:11:2c:24:96:de:63:de:dc:db:01:
e7:e3:11:91:4e:fe:d9:e6:64:89:ce:ca:e8:93:d4:
be:92:09:9e:70:0d:96:56:82:70:fb:66:c6:38:d0:
2a:ec:b1:b1:01:af:22:54:dd:af:c6:e1:5c:f4:f9:
98:76:5b:8a:51:93:23:b7:8d:2e:8f:a9:d1:03:f3:
d5:20:93:23:f6:fc:89:04:64:3c:47:9a:ab:02:af:
76:d6:db:32:f7:85:51:4d:3d:59:b4:47:3e:8f:78:
28:fe:93:71:52:f4:d4:e4:09:58:73:bc:a3:a9:09:
0e:a7:e0:df:92:e3:34:69:30:b9:ef:c5:4e:0f:d9:
35:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:2C:16:9E:09:FC:79:F4:DD:C3:E2:45:B0:7A:93:A6:8A:E0:1B:68
X509v3 Authority Key Identifier:
keyid:04:6F:36:46:58:B6:4E:2B:F1:50:D2:0F:C8:38:C3:64:20:79:75:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BG82Rli2TivxUNIPyDjDZCB5deI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/d4b5f9-af44-41d0-b5f1-a25e07cea2c0/1/6ywWngn8efTdw-JFsHqTporgG2g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/d4b5f9-af44-41d0-b5f1-a25e07cea2c0/1/BG82Rli2TivxUNIPyDjDZCB5deI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.233.0.0/18
87.248.160.0/19
89.28.0.0/17
95.65.0.0/17
178.18.32.0/20
178.168.0.0/17
185.17.224.0/22
185.70.188.0/22
185.175.80.0/22
188.138.128.0/17
188.244.16.0/20
195.93.218.0/23
IPv6:
2a00:9900::/29
2a01:320::/29
2a0b:dd00::/29
Signature Algorithm: sha256WithRSAEncryption
17:6f:e5:c2:04:c8:6d:da:78:fa:26:a4:f4:b7:b7:2c:e8:e4:
26:6a:05:0a:7f:1f:08:c3:35:dc:b3:a7:07:e4:4f:a2:0d:bd:
b8:3f:39:97:3e:6c:66:84:59:c3:e5:5a:a4:10:4b:42:87:d2:
a6:0e:09:b3:76:f0:7a:fd:1e:48:b8:f7:4a:da:cf:5d:9a:7f:
cd:6a:87:34:16:f9:ce:b1:a9:b6:3f:01:1b:44:fe:b0:69:18:
13:2a:94:35:68:17:5c:c3:54:ac:d3:5a:8c:19:69:e0:e0:86:
f4:a0:ba:ed:99:8c:a9:0a:15:a0:7c:a7:4b:7a:58:24:a5:fa:
1f:26:f6:cd:41:1d:d7:77:ae:71:a6:fa:31:a7:08:c1:4f:50:
53:af:00:91:29:c7:e5:cc:8a:c3:c6:e0:38:46:37:84:67:bf:
36:76:0b:6f:21:55:69:0f:68:81:c9:f2:ef:a1:a5:7d:5e:b4:
a9:5a:93:49:9e:ab:5d:91:7a:ce:41:f0:67:e6:20:cc:b4:cf:
7b:37:df:06:59:b7:33:8d:96:dd:3f:f6:75:6f:9e:a2:73:86:
46:b3:92:1c:79:f1:e4:6d:9c:39:af:1e:2d:32:ca:6b:93:66:
63:55:b5:42:4c:18:01:76:2e:6f:b8:39:65:b2:03:23:a3:aa:
a3:d2:80:01
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgIECnJtNzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NDZmMzY0NjU4YjY0ZTJiZjE1MGQyMGZjODM4YzM2NDIwNzk3NWUyMB4XDTIyMDEw
MTEwMDE0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWIyYzE2OWUwOWZj
NzlmNGRkYzNlMjQ1YjA3YTkzYTY4YWUwMWI2ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOrq9T+vTDLltKDyHNt7gpPuzPq/lK+QfqmIWVIAKKoOSap5
Vw2dIqvp5YEG9rMa7XBMTziHMR/pFHVvaQszD4frZHMV2OEOxXVawOyjEHHVvg2y
hSJAbrWPR1NkoL0qNv/CId7ReQiDZU6BZen+8mp+y0v4vEfOKK3jsq0RLCSW3mPe
3NsB5+MRkU7+2eZkic7K6JPUvpIJnnANllaCcPtmxjjQKuyxsQGvIlTdr8bhXPT5
mHZbilGTI7eNLo+p0QPz1SCTI/b8iQRkPEeaqwKvdtbbMveFUU09WbRHPo94KP6T
cVL01OQJWHO8o6kJDqfg35LjNGkwue/FTg/ZNXUCAwEAAaOCAmgwggJkMB0GA1Ud
DgQWBBTrLBaeCfx59N3D4kWwepOmiuAbaDAfBgNVHSMEGDAWgBQEbzZGWLZOK/FQ
0g/IOMNkIHl14jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JHODJSbGkyVGl2eFVOSVB5RGpEWkNCNWRlSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzgvZDRiNWY5LWFmNDQtNDFkMC1iNWYxLWEyNWUwN2NlYTJjMC8x
LzZ5d1duZ244ZWZUZHctSkZzSHFUcG9yZ0cyZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzgv
ZDRiNWY5LWFmNDQtNDFkMC1iNWYxLWEyNWUwN2NlYTJjMC8xL0JHODJSbGkyVGl2
eFVOSVB5RGpEWkNCNWRlSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB+
BggrBgEFBQcBBwEB/wRvMG0wTgQCAAEwSAMEBiXpAAMEBVf4oAMEB1kcAAMEB19B
AAMEBLISIAMEB7KoAAMEArkR4AMEArlGvAMEArmvUAMEB7yKgAMEBLz0EAMEAcNd
2jAbBAIAAjAVAwUDKgCZAAMFAyoBAyADBQMqC90AMA0GCSqGSIb3DQEBCwUAA4IB
AQAXb+XCBMht2nj6JqT0t7cs6OQmagUKfx8IwzXcs6cH5E+iDb24PzmXPmxmhFnD
5VqkEEtCh9KmDgmzdvB6/R5IuPdK2s9dmn/Naoc0FvnOsam2PwEbRP6waRgTKpQ1
aBdcw1Ss01qMGWng4Ib0oLrtmYypChWgfKdLelgkpfofJvbNQR3Xd65xpvoxpwjB
T1BTrwCRKcflzIrDxuA4RjeEZ782dgtvIVVpD2iByfLvoaV9XrSpWpNJnqtdkXrO
QfBn5iDMtM97N98GWbczjZbdP/Z1b56ic4ZGs5IcefHkbZw5rx4tMsprk2ZjVbVC
TBgBdi5vuDllsgMjo6qj0oAB
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:38 2024 by rpki-client on console-fra.rpki-client.org