Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/224155-3ca4-4ff7-a964-fc0dd9252c9a/1/tgRzWxvKXulHdGN8ZlYWiLkvpVY.roa
File: tgRzWxvKXulHdGN8ZlYWiLkvpVY.roa (raw, json)
Hash identifier: C0xT1cz1/+n3UNPKxwHt05i2MIEbD/M7bAl3KUGFLG4=
Subject key identifier: B6:04:73:5B:1B:CA:5E:E9:47:74:63:7C:66:56:16:88:B9:2F:A5:56
Certificate issuer: /CN=5bea81aa9b2197d9127b442525100ffaa36e0d52
Certificate serial: 0185392EDC1B9D348D78C45A24F408855F9E
Authority key identifier: 5B:EA:81:AA:9B:21:97:D9:12:7B:44:25:25:10:0F:FA:A3:6E:0D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W-qBqpshl9kSe0QlJRAP-qNuDVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/224155-3ca4-4ff7-a964-fc0dd9252c9a/1/tgRzWxvKXulHdGN8ZlYWiLkvpVY.roa
Signing time: Thu 22 Dec 2022 09:34:10 +0000
ROA not before: Thu 22 Dec 2022 09:34:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34373
IP address blocks: 185.97.228.0/22 maxlen: 22
185.165.68.0/22 maxlen: 22
45.128.64.0/22 maxlen: 24
86.48.68.0/22 maxlen: 22
91.219.76.0/22 maxlen: 22
185.63.56.0/22 maxlen: 24
185.96.44.0/22 maxlen: 24
193.105.233.0/24 maxlen: 24
185.56.52.0/22 maxlen: 22
185.69.204.0/22 maxlen: 22
45.132.40.0/22 maxlen: 22
185.116.40.0/22 maxlen: 23
185.210.128.0/22 maxlen: 24
217.61.253.0/24 maxlen: 24
2a0b:ec00::/29 maxlen: 29
2a00:4140::/29 maxlen: 48
2a06:7bc0::/29 maxlen: 29
2a0b:57c0::/29 maxlen: 36
2a06:900::/29 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:39:2e:dc:1b:9d:34:8d:78:c4:5a:24:f4:08:85:5f:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5bea81aa9b2197d9127b442525100ffaa36e0d52
Validity
Not Before: Dec 22 09:34:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b604735b1bca5ee94774637c66561688b92fa556
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:a6:b9:6f:8f:8d:3a:55:9b:93:6c:6d:6c:46:
0d:02:60:89:24:64:3e:a6:68:73:8d:72:59:bf:ec:
25:d8:9b:83:11:f0:d8:36:66:ad:ad:7c:35:b4:47:
54:e1:e5:85:5c:dc:cc:28:c9:c2:69:6f:8e:8b:d0:
17:b9:f3:7c:bb:85:6d:dc:59:0c:61:1d:69:5e:0d:
1f:c3:de:12:f0:c5:aa:30:f1:89:11:81:a6:21:bf:
0f:5f:98:b7:fd:48:bf:67:c2:7b:20:29:de:51:24:
25:c6:12:b9:bc:33:39:9b:c6:21:47:16:d8:0f:5a:
2b:07:88:97:fb:c1:d8:61:64:1b:8a:f2:5f:ef:e0:
35:a0:81:6f:67:d6:49:a5:cc:f4:2d:9c:a6:12:01:
28:0b:b3:9a:e5:b7:1e:33:4f:d4:6a:f8:9b:89:6c:
83:eb:ce:f1:16:31:53:1f:18:88:6a:1b:79:1c:b4:
ca:4d:8d:1e:76:1d:83:f8:61:c7:bc:53:15:18:82:
48:8a:78:f4:2c:9d:35:e0:dd:ec:7a:54:82:20:a7:
1a:ae:22:44:0e:f8:b1:78:0a:c6:ed:67:3f:7d:21:
24:e0:a7:a7:6c:b5:b3:9c:fe:26:63:ab:73:e7:75:
bc:0e:d1:e5:8c:7a:68:f8:a9:fc:c9:c3:62:68:72:
a2:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:04:73:5B:1B:CA:5E:E9:47:74:63:7C:66:56:16:88:B9:2F:A5:56
X509v3 Authority Key Identifier:
keyid:5B:EA:81:AA:9B:21:97:D9:12:7B:44:25:25:10:0F:FA:A3:6E:0D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W-qBqpshl9kSe0QlJRAP-qNuDVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/224155-3ca4-4ff7-a964-fc0dd9252c9a/1/tgRzWxvKXulHdGN8ZlYWiLkvpVY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/224155-3ca4-4ff7-a964-fc0dd9252c9a/1/W-qBqpshl9kSe0QlJRAP-qNuDVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.64.0/22
45.132.40.0/22
86.48.68.0/22
91.219.76.0/22
185.56.52.0/22
185.63.56.0/22
185.69.204.0/22
185.96.44.0/22
185.97.228.0/22
185.116.40.0/22
185.165.68.0/22
185.210.128.0/22
193.105.233.0/24
217.61.253.0/24
IPv6:
2a00:4140::/29
2a06:900::/29
2a06:7bc0::/29
2a0b:57c0::/29
2a0b:ec00::/29
Signature Algorithm: sha256WithRSAEncryption
7f:1e:1d:05:33:57:88:f1:07:b0:a1:24:6a:c1:b4:b0:78:60:
0a:a0:4e:9a:e8:29:55:4b:eb:ff:66:a5:aa:cc:22:cc:51:68:
6e:4a:66:67:53:0a:80:88:63:e8:da:b5:56:b4:af:77:9d:a8:
17:a7:9e:15:2d:da:3d:3e:8d:67:be:a5:1c:d8:86:72:86:1f:
6b:17:90:02:72:de:25:d4:6d:2e:15:24:0b:0e:4a:6c:ae:fd:
ba:61:49:44:aa:84:7f:8c:95:04:1c:f9:5c:b4:d1:7a:30:44:
5f:a3:83:05:cc:2a:72:06:fc:44:4a:58:cd:f7:d0:3b:6c:7d:
f3:bd:f4:0c:b7:21:37:67:d6:92:26:a6:f2:bf:bb:0d:12:7f:
0d:82:bc:31:c7:89:6a:c0:77:5b:18:14:f3:81:16:15:af:ac:
c0:49:6b:62:f5:b6:0a:12:92:fd:9c:01:0e:a5:cd:d6:30:60:
26:b5:07:c4:2f:c3:a8:6b:d0:a8:aa:a5:e1:03:1b:f9:03:92:
db:4a:4c:a3:83:31:43:46:84:e6:d9:6f:5c:24:ca:e1:1d:00:
12:8e:0a:ae:0b:af:23:3a:64:8f:24:e5:dd:d9:31:55:1f:7d:
4b:44:ad:12:9f:96:7a:c7:44:e5:c9:75:ff:1a:6e:71:97:57:
6d:8d:98:2f
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAYU5LtwbnTSNeMRaJPQIhV+eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViZWE4MWFhOWIyMTk3ZDkxMjdiNDQyNTI1MTAwZmZhYTM2
ZTBkNTIwHhcNMjIxMjIyMDkzNDEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjA0NzM1YjFiY2E1ZWU5NDc3NDYzN2M2NjU2MTY4OGI5MmZhNTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyKa5b4+NOlWbk2xtbEYNAmCJJGQ+
pmhzjXJZv+wl2JuDEfDYNmatrXw1tEdU4eWFXNzMKMnCaW+Oi9AXufN8u4Vt3FkM
YR1pXg0fw94S8MWqMPGJEYGmIb8PX5i3/Ui/Z8J7ICneUSQlxhK5vDM5m8YhRxbY
D1orB4iX+8HYYWQbivJf7+A1oIFvZ9ZJpcz0LZymEgEoC7Oa5bceM0/UavibiWyD
687xFjFTHxiIaht5HLTKTY0edh2D+GHHvFMVGIJIinj0LJ014N3selSCIKcariJE
DvixeArG7Wc/fSEk4KenbLWznP4mY6tz53W8DtHljHpo+Kn8ycNiaHKiswIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFLYEc1sbyl7pR3RjfGZWFoi5L6VWMB8GA1UdIwQY
MBaAFFvqgaqbIZfZEntEJSUQD/qjbg1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVy1xQnFwc2hsOWtTZTBRbEpSQVAtcU51RFZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8yMjQxNTUtM2NhNC00ZmY3LWE5NjQt
ZmMwZGQ5MjUyYzlhLzEvdGdSeld4dktYdWxIZEdOOFpsWVdpTGt2cFZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8yMjQxNTUtM2NhNC00ZmY3LWE5NjQtZmMwZGQ5MjUyYzlh
LzEvVy1xQnFwc2hsOWtTZTBRbEpSQVAtcU51RFZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzBaBAIAATBUAwQCLYBA
AwQCLYQoAwQCVjBEAwQCW9tMAwQCuTg0AwQCuT84AwQCuUXMAwQCuWAsAwQCuWHk
AwQCuXQoAwQCuaVEAwQCudKAAwQAwWnpAwQA2T39MCkEAgACMCMDBQMqAEFAAwUD
KgYJAAMFAyoGe8ADBQMqC1fAAwUDKgvsADANBgkqhkiG9w0BAQsFAAOCAQEAfx4d
BTNXiPEHsKEkasG0sHhgCqBOmugpVUvr/2alqswizFFobkpmZ1MKgIhj6Nq1VrSv
d52oF6eeFS3aPT6NZ76lHNiGcoYfaxeQAnLeJdRtLhUkCw5KbK79umFJRKqEf4yV
BBz5XLTRejBEX6ODBcwqcgb8REpYzffQO2x98730DLchN2fWkiam8r+7DRJ/DYK8
MceJasB3WxgU84EWFa+swElrYvW2ChKS/ZwBDqXN1jBgJrUHxC/DqGvQqKql4QMb
+QOS20pMo4MxQ0aE5tlvXCTK4R0AEo4KrguvIzpkjyTl3dkxVR99S0StEp+WesdE
5cl1/xpucZdXbY2YLw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:18 2024 by rpki-client on console-ams.rpki-client.org