Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/af36e2-8318-45dd-a1b8-9a89f0afc9d9/1/bpkzwul4pFmQHstEZxuG-R5Iyao.roa
File: bpkzwul4pFmQHstEZxuG-R5Iyao.roa (raw, json)
Hash identifier: s+xBpsEthBCml0edntMNb0gKlgZUdDTGvz9k/sYtYTc=
Subject key identifier: 6E:99:33:C2:E9:78:A4:59:90:1E:CB:44:67:1B:86:F9:1E:48:C9:AA
Certificate issuer: /CN=1e86ef507ce1d76650297a15ce47e8baded46bb6
Certificate serial: 03FAB76E
Authority key identifier: 1E:86:EF:50:7C:E1:D7:66:50:29:7A:15:CE:47:E8:BA:DE:D4:6B:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HobvUHzh12ZQKXoVzkfout7Ua7Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/af36e2-8318-45dd-a1b8-9a89f0afc9d9/1/bpkzwul4pFmQHstEZxuG-R5Iyao.roa
Signing time: Sat 01 Jan 2022 12:55:33 +0000
ROA not before: Sat 01 Jan 2022 12:55:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34191
IP address blocks: 194.145.239.0/24 maxlen: 24
185.213.34.0/24 maxlen: 24
185.213.33.0/24 maxlen: 24
185.213.32.0/24 maxlen: 24
185.213.32.0/22 maxlen: 22
185.213.35.0/24 maxlen: 24
2a0c:ed80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66762606 (0x3fab76e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e86ef507ce1d76650297a15ce47e8baded46bb6
Validity
Not Before: Jan 1 12:55:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6e9933c2e978a459901ecb44671b86f91e48c9aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:65:e2:7a:29:6b:08:48:d3:1f:93:c7:86:49:
70:3a:5e:dd:21:9a:15:42:31:26:11:d3:ef:78:35:
cf:8e:e6:84:d7:1f:ff:7b:5a:ea:90:3d:d8:f9:2c:
e9:49:7a:8a:bb:e7:47:1a:06:23:f3:66:55:33:bd:
21:8f:9a:bf:f1:7a:e9:cf:11:64:a6:10:c2:5b:2a:
92:3a:eb:a3:db:6e:20:bd:de:3e:ca:42:27:68:4d:
04:84:ca:9e:f6:6d:6b:46:94:a7:c3:64:4b:d4:0f:
29:93:b3:96:7b:88:b5:ef:9e:f6:f8:af:39:8d:52:
c7:f6:eb:92:88:e0:8e:5b:ef:fc:f5:3e:7c:3b:66:
2d:36:ae:f3:72:36:88:82:fc:48:10:27:b7:ac:c9:
56:67:d9:a0:62:d7:b5:02:16:99:14:fd:90:55:ee:
a9:3b:49:b8:8d:60:4b:4e:56:de:d6:1d:b9:2b:78:
63:73:26:3b:64:eb:a0:71:9d:c9:c6:9e:9d:e6:4b:
9f:67:8a:ed:39:7a:0d:8d:bc:96:8b:b2:40:a3:1b:
a5:3c:23:c2:ac:d1:9d:a8:42:39:4d:03:df:d4:f9:
59:c3:71:58:ec:6d:fe:2e:71:9e:8a:fc:6c:dd:64:
4f:00:0c:a4:10:93:4d:9d:15:90:d5:46:73:7e:ce:
13:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:99:33:C2:E9:78:A4:59:90:1E:CB:44:67:1B:86:F9:1E:48:C9:AA
X509v3 Authority Key Identifier:
keyid:1E:86:EF:50:7C:E1:D7:66:50:29:7A:15:CE:47:E8:BA:DE:D4:6B:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HobvUHzh12ZQKXoVzkfout7Ua7Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/af36e2-8318-45dd-a1b8-9a89f0afc9d9/1/bpkzwul4pFmQHstEZxuG-R5Iyao.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/af36e2-8318-45dd-a1b8-9a89f0afc9d9/1/HobvUHzh12ZQKXoVzkfout7Ua7Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.213.32.0/22
194.145.239.0/24
IPv6:
2a0c:ed80::/29
Signature Algorithm: sha256WithRSAEncryption
76:61:ac:85:9b:c4:1a:c8:1a:3f:cc:5e:70:f7:4d:6b:60:94:
da:8c:25:45:18:70:66:be:c5:a6:93:9c:a8:df:70:a1:dc:b9:
23:1c:5c:52:aa:e4:d5:8b:05:d4:20:4f:39:e6:c0:4f:86:dc:
ed:43:c7:8e:5a:4d:4a:53:94:26:d0:ae:45:8f:74:9d:0d:e0:
c5:93:df:47:4a:b0:99:9f:3b:be:57:88:67:00:f6:7e:86:ff:
25:8f:2b:bf:5b:1f:b0:fa:06:43:e0:68:b8:4d:b8:ad:cf:c8:
0d:6e:74:4a:8c:c7:56:4b:d8:f3:39:69:56:84:b8:b6:11:7d:
64:a8:ea:d4:9c:25:ca:a5:c8:11:71:dd:b6:b3:2b:46:49:fa:
eb:46:7c:e8:8b:d4:77:37:f0:df:dc:4a:a8:1c:a7:51:93:89:
02:fd:9d:fa:95:cd:51:44:14:9d:6f:c1:09:ce:a1:14:be:b1:
e9:0e:2a:80:3a:6a:33:2f:ac:01:8a:2a:00:ad:24:a5:c2:00:
41:93:a8:1c:79:ae:8f:2a:8a:00:5f:f4:29:b4:21:90:c2:9f:
5e:7d:33:f4:55:09:d6:96:40:d1:6d:e9:c5:ce:9a:e3:f7:f3:
b4:12:49:2f:d9:20:b5:9a:85:fb:fe:d3:52:05:27:d0:1b:78:
fc:02:42:89
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEA/q3bjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ZTg2ZWY1MDdjZTFkNzY2NTAyOTdhMTVjZTQ3ZThiYWRlZDQ2YmI2MB4XDTIyMDEw
MTEyNTUzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmU5OTMzYzJlOTc4
YTQ1OTkwMWVjYjQ0NjcxYjg2ZjkxZTQ4YzlhYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI1l4nopawhI0x+Tx4ZJcDpe3SGaFUIxJhHT73g1z47mhNcf
/3ta6pA92Pks6Ul6irvnRxoGI/NmVTO9IY+av/F66c8RZKYQwlsqkjrro9tuIL3e
PspCJ2hNBITKnvZta0aUp8NkS9QPKZOzlnuIte+e9vivOY1Sx/brkojgjlvv/PU+
fDtmLTau83I2iIL8SBAnt6zJVmfZoGLXtQIWmRT9kFXuqTtJuI1gS05W3tYduSt4
Y3MmO2TroHGdycaeneZLn2eK7Tl6DY28louyQKMbpTwjwqzRnahCOU0D39T5WcNx
WOxt/i5xnor8bN1kTwAMpBCTTZ0VkNVGc37OE7cCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBRumTPC6XikWZAey0RnG4b5HkjJqjAfBgNVHSMEGDAWgBQehu9QfOHXZlAp
ehXOR+i63tRrtjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0hvYnZVSHpoMTJaUUtYb1Z6a2ZvdXQ3VWE3WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDMvYWYzNmUyLTgzMTgtNDVkZC1hMWI4LTlhODlmMGFmYzlkOS8x
L2Jwa3p3dWw0cEZtUUhzdEVaeHVHLVI1SXlhby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDMv
YWYzNmUyLTgzMTgtNDVkZC1hMWI4LTlhODlmMGFmYzlkOS8xL0hvYnZVSHpoMTJa
UUtYb1Z6a2ZvdXQ3VWE3WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEArnVIAMEAMKR7zANBAIAAjAHAwUD
KgztgDANBgkqhkiG9w0BAQsFAAOCAQEAdmGshZvEGsgaP8xecPdNa2CU2owlRRhw
Zr7FppOcqN9wody5IxxcUqrk1YsF1CBPOebAT4bc7UPHjlpNSlOUJtCuRY90nQ3g
xZPfR0qwmZ87vleIZwD2fob/JY8rv1sfsPoGQ+BouE24rc/IDW50SozHVkvY8zlp
VoS4thF9ZKjq1JwlyqXIEXHdtrMrRkn660Z86IvUdzfw39xKqBynUZOJAv2d+pXN
UUQUnW/BCc6hFL6x6Q4qgDpqMy+sAYoqAK0kpcIAQZOoHHmujyqKAF/0KbQhkMKf
Xn0z9FUJ1pZA0W3pxc6a4/fztBJJL9kgtZqF+/7TUgUn0Bt4/AJCiQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:51 2023 by rpki-client on console-fra.rpki-client.org