Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/260b61-a348-4d47-92f6-1e0e8b909e34/1/b3T6C91crBKuUn1suEZKQwbcdnA.roa
File: b3T6C91crBKuUn1suEZKQwbcdnA.roa (raw, json)
Hash identifier: eV3sL8d4ladUSEBWGoTZtQcyeBMyGVBiP5WFFHx8Qb8=
Subject key identifier: 6F:74:FA:0B:DD:5C:AC:12:AE:52:7D:6C:B8:46:4A:43:06:DC:76:70
Certificate issuer: /CN=9e55320077696944b1613c2e8c9c606a1e06eb79
Certificate serial: 0A24825C
Authority key identifier: 9E:55:32:00:77:69:69:44:B1:61:3C:2E:8C:9C:60:6A:1E:06:EB:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nlUyAHdpaUSxYTwujJxgah4G63k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/260b61-a348-4d47-92f6-1e0e8b909e34/1/b3T6C91crBKuUn1suEZKQwbcdnA.roa
Signing time: Sat 01 Jan 2022 11:56:15 +0000
ROA not before: Sat 01 Jan 2022 11:56:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206119
IP address blocks: 5.182.245.0/24 maxlen: 24
5.182.246.0/24 maxlen: 24
185.195.255.0/24 maxlen: 24
185.195.254.0/24 maxlen: 24
185.233.247.0/24 maxlen: 24
89.200.217.0/24 maxlen: 24
185.107.132.0/24 maxlen: 24
185.93.53.0/24 maxlen: 24
185.93.52.0/24 maxlen: 24
185.93.54.0/24 maxlen: 24
185.93.55.0/24 maxlen: 24
185.195.253.0/24 maxlen: 24
2a0a:61c0::/29 maxlen: 29
2a05:f740::/29 maxlen: 29
2a0c:f700::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 170164828 (0xa24825c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e55320077696944b1613c2e8c9c606a1e06eb79
Validity
Not Before: Jan 1 11:56:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6f74fa0bdd5cac12ae527d6cb8464a4306dc7670
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:df:87:72:e4:9d:8f:73:a9:b4:ba:2a:16:ad:
d6:b7:72:49:ee:63:b5:30:f8:0e:4d:83:82:88:43:
b9:66:7f:f4:04:55:28:ca:e6:6e:0c:2b:42:00:ba:
0c:42:3e:76:3a:3d:f2:f9:9c:ea:07:81:49:d7:a6:
01:46:3c:96:3a:82:dc:91:e2:91:da:4a:31:9f:74:
ed:b8:25:42:f7:ee:3e:8a:f7:e4:3b:0d:03:68:80:
13:75:65:48:32:86:d2:2e:d1:a3:3e:23:38:e9:4d:
0b:84:ca:51:82:b6:a4:cf:56:ce:79:39:9a:77:75:
53:16:de:46:5e:ec:69:dc:6b:9a:d5:4b:06:49:d5:
33:51:49:81:1c:83:dd:07:02:82:11:e1:34:66:1d:
88:8d:5f:27:bf:e3:0a:82:79:36:04:0d:74:49:da:
9d:c5:b7:9e:5a:c8:18:05:66:14:a2:98:41:0f:f8:
cb:0f:8a:9c:7f:b2:b7:f4:d5:56:ae:ee:6d:b4:04:
a4:d2:66:89:09:b6:c4:f8:16:78:58:75:4d:76:20:
40:a1:ab:bc:1a:d1:0d:3b:9f:c1:3d:7d:48:5a:d7:
59:df:42:cb:d3:d8:5e:c9:50:44:57:6a:5a:79:83:
84:1e:11:a9:44:9f:d2:de:bb:1d:b4:af:40:92:f7:
c8:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:74:FA:0B:DD:5C:AC:12:AE:52:7D:6C:B8:46:4A:43:06:DC:76:70
X509v3 Authority Key Identifier:
keyid:9E:55:32:00:77:69:69:44:B1:61:3C:2E:8C:9C:60:6A:1E:06:EB:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nlUyAHdpaUSxYTwujJxgah4G63k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/260b61-a348-4d47-92f6-1e0e8b909e34/1/b3T6C91crBKuUn1suEZKQwbcdnA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/260b61-a348-4d47-92f6-1e0e8b909e34/1/nlUyAHdpaUSxYTwujJxgah4G63k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.245.0-5.182.246.255
89.200.217.0/24
185.93.52.0/22
185.107.132.0/24
185.195.253.0-185.195.255.255
185.233.247.0/24
IPv6:
2a05:f740::/29
2a0a:61c0::/29
2a0c:f700::/29
Signature Algorithm: sha256WithRSAEncryption
94:c7:62:a6:67:e5:1c:36:4a:4c:43:e1:7f:14:52:82:6d:04:
87:dd:89:b7:b6:ee:bb:f2:bf:a4:6f:68:12:1f:f1:dc:ae:11:
40:f9:b5:39:1d:57:80:68:4a:87:67:9c:82:80:ff:5e:8f:15:
01:d3:cc:2d:23:34:d2:9a:79:01:25:89:bf:fd:17:27:a9:0a:
bf:2c:53:9e:ee:23:af:9c:da:43:d3:f0:a5:83:19:91:e6:3c:
6f:c2:ea:8a:9e:23:cc:1c:b4:8d:2d:4b:15:bd:4a:29:6a:23:
62:37:96:43:f4:8c:ac:a4:b1:f9:42:c4:31:2b:85:07:d3:6f:
8e:d3:10:30:ea:af:ae:e7:91:ff:e1:9d:37:5f:b9:b9:10:ca:
06:8e:a5:b6:1a:34:59:d2:98:0c:f3:f1:0e:a5:f0:02:fe:6a:
53:e3:50:cc:4e:1b:bf:87:89:40:4b:a4:85:c4:e0:4e:ba:bb:
7b:2f:92:d4:18:1c:50:47:be:e3:f8:2b:e1:bb:26:c4:47:2c:
8a:f2:d6:fb:db:f1:57:6d:82:64:bc:d9:ac:e1:16:8b:7c:fb:
7c:f1:ca:01:1f:75:81:40:55:6a:8b:e5:cd:be:8c:ed:68:11:
a1:43:08:f4:16:18:29:db:f4:3b:03:7e:de:5f:ab:82:38:2e:
1c:d7:bc:b9
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgIECiSCXDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ZTU1MzIwMDc3Njk2OTQ0YjE2MTNjMmU4YzljNjA2YTFlMDZlYjc5MB4XDTIyMDEw
MTExNTYxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmY3NGZhMGJkZDVj
YWMxMmFlNTI3ZDZjYjg0NjRhNDMwNmRjNzY3MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOjfh3LknY9zqbS6Khat1rdySe5jtTD4Dk2DgohDuWZ/9ARV
KMrmbgwrQgC6DEI+djo98vmc6geBSdemAUY8ljqC3JHikdpKMZ907bglQvfuPor3
5DsNA2iAE3VlSDKG0i7Roz4jOOlNC4TKUYK2pM9Wznk5mnd1UxbeRl7sadxrmtVL
BknVM1FJgRyD3QcCghHhNGYdiI1fJ7/jCoJ5NgQNdEnancW3nlrIGAVmFKKYQQ/4
yw+KnH+yt/TVVq7ubbQEpNJmiQm2xPgWeFh1TXYgQKGrvBrRDTufwT19SFrXWd9C
y9PYXslQRFdqWnmDhB4RqUSf0t67HbSvQJL3yFcCAwEAAaOCAlMwggJPMB0GA1Ud
DgQWBBRvdPoL3VysEq5SfWy4RkpDBtx2cDAfBgNVHSMEGDAWgBSeVTIAd2lpRLFh
PC6MnGBqHgbreTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L25sVXlBSGRwYVVTeFlUd3VqSnhnYWg0RzYzay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTgvMjYwYjYxLWEzNDgtNGQ0Ny05MmY2LTFlMGU4YjkwOWUzNC8x
L2IzVDZDOTFjckJLdVVuMXN1RVpLUXdiY2RuQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTgv
MjYwYjYxLWEzNDgtNGQ0Ny05MmY2LTFlMGU4YjkwOWUzNC8xL25sVXlBSGRwYVVT
eFlUd3VqSnhnYWg0RzYzay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBp
BggrBgEFBQcBBwEB/wRaMFgwOQQCAAEwMzAMAwQABbb1AwQABbb2AwQAWcjZAwQC
uV00AwQAuWuEMAsDBAC5w/0DAwK5wAMEALnp9zAbBAIAAjAVAwUDKgX3QAMFAyoK
YcADBQMqDPcAMA0GCSqGSIb3DQEBCwUAA4IBAQCUx2KmZ+UcNkpMQ+F/FFKCbQSH
3Ym3tu678r+kb2gSH/HcrhFA+bU5HVeAaEqHZ5yCgP9ejxUB08wtIzTSmnkBJYm/
/RcnqQq/LFOe7iOvnNpD0/ClgxmR5jxvwuqKniPMHLSNLUsVvUopaiNiN5ZD9Iys
pLH5QsQxK4UH02+O0xAw6q+u55H/4Z03X7m5EMoGjqW2GjRZ0pgM8/EOpfAC/mpT
41DMThu/h4lAS6SFxOBOurt7L5LUGBxQR77j+CvhuybERyyK8tb72/FXbYJkvNms
4RaLfPt88coBH3WBQFVqi+XNvoztaBGhQwj0Fhgp2/Q7A37eX6uCOC4c17y5
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:43 2024 by rpki-client on console-ams.rpki-client.org