Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/b8bce4-3142-46d8-bf8d-4ca7b4c02be9/1/t9Yz-_9mUcrZxNzxOzYMnLAqkk8.roa
File: t9Yz-_9mUcrZxNzxOzYMnLAqkk8.roa (raw, json)
Hash identifier: TQq2iK53H/3uad4o/aU4CwhV1F0bwY34SwtwDIEmx8E=
Subject key identifier: B7:D6:33:FB:FF:66:51:CA:D9:C4:DC:F1:3B:36:0C:9C:B0:2A:92:4F
Certificate issuer: /CN=afe79e8f63e991ddf13e6def27e008999d4d4ad9
Certificate serial: 0ACBCA27
Authority key identifier: AF:E7:9E:8F:63:E9:91:DD:F1:3E:6D:EF:27:E0:08:99:9D:4D:4A:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r-eej2Ppkd3xPm3vJ-AImZ1NStk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/b8bce4-3142-46d8-bf8d-4ca7b4c02be9/1/t9Yz-_9mUcrZxNzxOzYMnLAqkk8.roa
Signing time: Sat 01 Jan 2022 03:01:29 +0000
ROA not before: Sat 01 Jan 2022 03:01:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 5484
IP address blocks: 185.46.216.0/24 maxlen: 24
185.46.217.0/24 maxlen: 24
185.46.218.0/24 maxlen: 24
185.46.219.0/24 maxlen: 24
185.128.152.0/24 maxlen: 24
185.128.153.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 181127719 (0xacbca27)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=afe79e8f63e991ddf13e6def27e008999d4d4ad9
Validity
Not Before: Jan 1 03:01:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b7d633fbff6651cad9c4dcf13b360c9cb02a924f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:cc:b2:34:ad:e7:53:53:e5:82:8f:ce:8a:e2:
b0:d1:93:39:7f:22:86:ad:88:c7:b8:d1:42:3c:45:
19:f8:af:5b:92:8c:a6:1c:6c:62:5c:d2:5b:bc:a6:
0d:12:42:44:bd:3a:2d:30:ec:2b:f4:ca:dd:43:69:
56:57:5d:d8:6e:37:78:09:e0:2f:8f:15:4b:47:d9:
9d:e0:44:67:f2:d6:23:46:35:36:85:31:ba:3b:88:
f3:77:0a:15:92:c7:4d:37:cf:1c:b0:84:a4:ce:98:
e5:7b:c5:5a:8a:d8:f8:3c:1c:39:a5:2d:20:20:52:
61:4e:ef:23:98:37:98:b5:73:0a:c9:7b:86:36:c9:
d6:78:eb:85:c6:33:17:97:cf:30:c3:97:2b:84:37:
5f:d5:5f:b5:f3:98:fc:11:c5:94:cf:f7:cb:75:41:
2a:f1:87:fb:d3:20:41:17:bf:84:d1:97:7c:78:fb:
f0:64:85:00:ad:fd:3d:d6:4f:1f:cf:38:74:d8:a0:
c8:35:7c:d9:42:71:0b:bf:c0:bd:f6:57:3b:80:20:
22:b9:70:2f:c0:e8:c0:c6:03:aa:78:87:f3:34:36:
d2:19:56:77:43:22:ed:48:0b:86:2c:d4:00:74:d2:
b4:32:af:fe:b4:85:80:04:fd:82:07:4b:3b:76:e2:
f0:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:D6:33:FB:FF:66:51:CA:D9:C4:DC:F1:3B:36:0C:9C:B0:2A:92:4F
X509v3 Authority Key Identifier:
keyid:AF:E7:9E:8F:63:E9:91:DD:F1:3E:6D:EF:27:E0:08:99:9D:4D:4A:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r-eej2Ppkd3xPm3vJ-AImZ1NStk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/b8bce4-3142-46d8-bf8d-4ca7b4c02be9/1/t9Yz-_9mUcrZxNzxOzYMnLAqkk8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/b8bce4-3142-46d8-bf8d-4ca7b4c02be9/1/r-eej2Ppkd3xPm3vJ-AImZ1NStk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.46.216.0/22
185.128.152.0/23
Signature Algorithm: sha256WithRSAEncryption
9f:41:3a:f8:c0:0f:db:ec:b7:ad:8d:ae:88:93:16:3a:13:78:
35:3c:da:30:9f:12:27:ca:b0:26:0c:db:32:43:9d:4f:af:d1:
4a:c5:ef:a2:a2:08:6c:d5:3f:64:a3:57:9b:97:66:12:27:cc:
92:d4:23:c8:c3:38:53:0c:87:a9:2f:c8:57:89:6d:c1:bd:81:
50:dd:09:73:63:5c:02:9b:e4:5f:ba:06:30:0d:50:49:89:2e:
2d:2e:64:7e:66:c3:34:55:63:76:a8:04:60:72:16:76:af:8c:
08:18:a3:4e:3c:24:9e:62:f1:72:cd:c5:00:38:c2:c2:c1:64:
22:7e:08:a5:46:ab:57:aa:a3:f8:c1:16:27:5b:1f:2e:cd:58:
6f:87:f5:6b:91:5a:90:f8:c6:c0:f5:78:ed:9f:4b:f0:77:d1:
00:7b:dc:54:d0:18:78:c3:29:79:37:98:6e:df:94:35:66:98:
38:d8:5c:e9:04:99:e8:e2:69:80:f6:3e:dd:8c:49:b4:e9:9d:
83:a7:21:ef:2a:64:b4:1c:b7:0e:3b:c4:a3:e4:ce:af:82:e7:
56:f0:ec:37:48:b8:4c:cc:da:40:21:ce:1f:0b:93:51:ff:82:
07:42:16:16:74:74:13:93:45:76:63:d7:45:66:a9:ae:c9:b4:
b0:8d:62:5a
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIECsvKJzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZmU3OWU4ZjYzZTk5MWRkZjEzZTZkZWYyN2UwMDg5OTlkNGQ0YWQ5MB4XDTIyMDEw
MTAzMDEyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjdkNjMzZmJmZjY2
NTFjYWQ5YzRkY2YxM2IzNjBjOWNiMDJhOTI0ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPHMsjSt51NT5YKPzorisNGTOX8ihq2Ix7jRQjxFGfivW5KM
phxsYlzSW7ymDRJCRL06LTDsK/TK3UNpVldd2G43eAngL48VS0fZneBEZ/LWI0Y1
NoUxujuI83cKFZLHTTfPHLCEpM6Y5XvFWorY+DwcOaUtICBSYU7vI5g3mLVzCsl7
hjbJ1njrhcYzF5fPMMOXK4Q3X9VftfOY/BHFlM/3y3VBKvGH+9MgQRe/hNGXfHj7
8GSFAK39PdZPH884dNigyDV82UJxC7/AvfZXO4AgIrlwL8DowMYDqniH8zQ20hlW
d0Mi7UgLhizUAHTStDKv/rSFgAT9ggdLO3bi8MsCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBS31jP7/2ZRytnE3PE7NgycsCqSTzAfBgNVHSMEGDAWgBSv556PY+mR3fE+
be8n4AiZnU1K2TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3ItZWVqMlBwa2QzeFBtM3ZKLUFJbVoxTlN0ay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDAvYjhiY2U0LTMxNDItNDZkOC1iZjhkLTRjYTdiNGMwMmJlOS8x
L3Q5WXotXzltVWNyWnhOenhPellNbkxBcWtrOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDAv
YjhiY2U0LTMxNDItNDZkOC1iZjhkLTRjYTdiNGMwMmJlOS8xL3ItZWVqMlBwa2Qz
eFBtM3ZKLUFJbVoxTlN0ay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEArku2AMEAbmAmDANBgkqhkiG9w0B
AQsFAAOCAQEAn0E6+MAP2+y3rY2uiJMWOhN4NTzaMJ8SJ8qwJgzbMkOdT6/RSsXv
oqIIbNU/ZKNXm5dmEifMktQjyMM4UwyHqS/IV4ltwb2BUN0Jc2NcApvkX7oGMA1Q
SYkuLS5kfmbDNFVjdqgEYHIWdq+MCBijTjwknmLxcs3FADjCwsFkIn4IpUarV6qj
+MEWJ1sfLs1Yb4f1a5FakPjGwPV47Z9L8HfRAHvcVNAYeMMpeTeYbt+UNWaYONhc
6QSZ6OJpgPY+3YxJtOmdg6ch7ypktBy3DjvEo+TOr4LnVvDsN0i4TMzaQCHOHwuT
Uf+CB0IWFnR0E5NFdmPXRWaprsm0sI1iWg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:41:52 2023 by rpki-client on console-fra.rpki-client.org