Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/308179-be69-4c10-8694-fbd399a4475e/1/6PdOzXI_Kp6KQvMUyQ6BPEVZnTs.roa
File: 6PdOzXI_Kp6KQvMUyQ6BPEVZnTs.roa (raw, json)
Hash identifier: MYL+WWy/hN3/XntbfhXUjYWu6tWdAn8pVVx72UBAtrw=
Subject key identifier: E8:F7:4E:CD:72:3F:2A:9E:8A:42:F3:14:C9:0E:81:3C:45:59:9D:3B
Certificate issuer: /CN=34d519247402bcfbdf0ece9020ad64622e9d3bae
Certificate serial: 45D948
Authority key identifier: 34:D5:19:24:74:02:BC:FB:DF:0E:CE:90:20:AD:64:62:2E:9D:3B:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NNUZJHQCvPvfDs6QIK1kYi6dO64.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/308179-be69-4c10-8694-fbd399a4475e/1/6PdOzXI_Kp6KQvMUyQ6BPEVZnTs.roa
Signing time: Sat 01 Jan 2022 00:57:45 +0000
ROA not before: Sat 01 Jan 2022 00:57:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204144
IP address blocks: 185.236.216.0/23 maxlen: 23
185.236.218.0/23 maxlen: 23
188.114.208.0/20 maxlen: 20
185.113.76.0/22 maxlen: 22
185.113.72.0/22 maxlen: 22
185.111.164.0/22 maxlen: 22
185.112.236.0/22 maxlen: 22
185.41.204.0/23 maxlen: 23
185.163.236.0/22 maxlen: 22
185.108.212.0/22 maxlen: 22
185.107.252.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4577608 (0x45d948)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34d519247402bcfbdf0ece9020ad64622e9d3bae
Validity
Not Before: Jan 1 00:57:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e8f74ecd723f2a9e8a42f314c90e813c45599d3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:58:3d:fd:8b:3c:a8:93:98:9e:9a:77:13:bd:
44:9e:ee:89:f9:cb:e7:2c:5a:ab:5c:8b:ac:c4:b7:
62:ae:c3:26:8e:df:aa:4a:8d:e6:d9:dc:1b:c9:3a:
5c:fa:9f:87:ba:c9:9d:97:84:ea:6a:cd:e5:1a:99:
c3:75:89:60:9c:14:9b:31:1a:28:ad:19:7f:40:81:
38:cd:d7:ca:38:1c:84:0b:05:6f:35:3a:e3:8d:3c:
1f:97:4d:77:80:c0:62:ab:65:22:50:5f:5d:13:b9:
ec:b5:79:b0:8d:bd:e0:8d:40:da:33:ed:dc:a2:7a:
fb:4d:9a:52:0f:f8:fe:1e:75:6a:24:4b:3e:62:f7:
cc:97:e6:47:a8:84:5e:87:7a:5c:08:66:57:1d:65:
7b:a3:b8:d9:bd:3b:2d:ca:74:76:26:dd:3c:f5:05:
cf:22:c9:0e:93:ad:09:37:8a:eb:92:0f:98:08:fb:
6e:be:f2:7b:a8:77:0e:4e:5f:87:7d:44:5d:8b:8f:
3a:57:d1:20:ad:91:f0:0f:76:34:75:02:c1:c3:72:
b7:59:78:3b:05:7b:d8:bf:b0:5b:27:b6:d2:d6:ea:
6c:26:a5:89:1e:bf:df:6d:4e:e1:e7:b5:ea:d0:e9:
b4:b1:0e:a7:24:57:87:9b:97:e3:d1:7a:b1:6b:79:
29:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:F7:4E:CD:72:3F:2A:9E:8A:42:F3:14:C9:0E:81:3C:45:59:9D:3B
X509v3 Authority Key Identifier:
keyid:34:D5:19:24:74:02:BC:FB:DF:0E:CE:90:20:AD:64:62:2E:9D:3B:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NNUZJHQCvPvfDs6QIK1kYi6dO64.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/308179-be69-4c10-8694-fbd399a4475e/1/6PdOzXI_Kp6KQvMUyQ6BPEVZnTs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/308179-be69-4c10-8694-fbd399a4475e/1/NNUZJHQCvPvfDs6QIK1kYi6dO64.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.41.204.0/23
185.107.252.0/22
185.108.212.0/22
185.111.164.0/22
185.112.236.0/22
185.113.72.0/21
185.163.236.0/22
185.236.216.0/22
188.114.208.0/20
Signature Algorithm: sha256WithRSAEncryption
06:8b:e8:ad:7e:2d:f4:11:4a:fd:2c:97:a1:af:9f:7c:48:73:
4d:35:ac:b8:c1:54:72:75:a3:fb:9e:66:29:a3:6a:29:b0:bf:
09:75:a7:91:00:3a:6d:36:1f:6d:fb:e6:03:09:74:39:02:ce:
fa:6c:a8:94:90:41:55:c0:09:79:b3:06:ce:00:c4:55:c6:a1:
72:42:ff:05:57:ff:0c:f5:e2:a0:6b:22:c5:5a:e8:bc:b5:f4:
f7:25:f7:26:9e:0c:64:9d:f8:e0:eb:01:be:62:c2:95:c1:24:
b6:f6:c7:fb:57:bc:70:b6:b6:07:b0:01:b0:16:38:83:61:40:
90:d3:f5:07:9b:80:e3:29:d4:f5:dc:77:ed:bc:51:c2:19:25:
b7:c3:3b:cc:38:b1:aa:03:b3:da:08:e9:b6:3e:1d:f4:b6:b7:
96:2b:d0:60:23:d9:0c:15:b1:7c:d0:b3:7c:bd:3d:51:82:51:
1f:df:38:3b:4e:81:a9:62:b4:ce:0d:5c:df:86:ee:a7:1f:bf:
b9:f8:14:ee:af:4d:6d:92:60:fb:de:ed:21:43:fb:ec:f3:aa:
0a:5c:f7:8a:9d:fd:36:90:ea:73:33:6b:0f:91:63:62:45:28:
cd:b4:54:75:dc:09:28:ae:e6:8a:a5:c4:6d:79:44:c4:da:f2:
ae:46:f8:04
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgIDRdlIMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDM0
ZDUxOTI0NzQwMmJjZmJkZjBlY2U5MDIwYWQ2NDYyMmU5ZDNiYWUwHhcNMjIwMTAx
MDA1NzQ1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhlOGY3NGVjZDcyM2Yy
YTllOGE0MmYzMTRjOTBlODEzYzQ1NTk5ZDNiMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA5Fg9/Ys8qJOYnpp3E71Enu6J+cvnLFqrXIusxLdirsMmjt+q
So3m2dwbyTpc+p+Husmdl4Tqas3lGpnDdYlgnBSbMRoorRl/QIE4zdfKOByECwVv
NTrjjTwfl013gMBiq2UiUF9dE7nstXmwjb3gjUDaM+3conr7TZpSD/j+HnVqJEs+
YvfMl+ZHqIReh3pcCGZXHWV7o7jZvTstynR2Jt089QXPIskOk60JN4rrkg+YCPtu
vvJ7qHcOTl+HfURdi486V9EgrZHwD3Y0dQLBw3K3WXg7BXvYv7BbJ7bS1upsJqWJ
Hr/fbU7h57Xq0Om0sQ6nJFeHm5fj0Xqxa3kptwIDAQABo4ICOTCCAjUwHQYDVR0O
BBYEFOj3Ts1yPyqeikLzFMkOgTxFWZ07MB8GA1UdIwQYMBaAFDTVGSR0Arz73w7O
kCCtZGIunTuuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
Tk5VWkpIUUN2UHZmRHM2UUlLMWtZaTZkTzY0LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8yMi8zMDgxNzktYmU2OS00YzEwLTg2OTQtZmJkMzk5YTQ0NzVlLzEv
NlBkT3pYSV9LcDZLUXZNVXlRNkJQRVZablRzLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi8z
MDgxNzktYmU2OS00YzEwLTg2OTQtZmJkMzk5YTQ0NzVlLzEvTk5VWkpIUUN2UHZm
RHM2UUlLMWtZaTZkTzY0LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CME8G
CCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQBuSnMAwQCuWv8AwQCuWzUAwQCuW+k
AwQCuXDsAwQDuXFIAwQCuaPsAwQCuezYAwQEvHLQMA0GCSqGSIb3DQEBCwUAA4IB
AQAGi+itfi30EUr9LJehr598SHNNNay4wVRydaP7nmYpo2opsL8JdaeRADptNh9t
++YDCXQ5As76bKiUkEFVwAl5swbOAMRVxqFyQv8FV/8M9eKgayLFWui8tfT3Jfcm
ngxknfjg6wG+YsKVwSS29sf7V7xwtrYHsAGwFjiDYUCQ0/UHm4DjKdT13HftvFHC
GSW3wzvMOLGqA7PaCOm2Ph30treWK9BgI9kMFbF80LN8vT1RglEf3zg7ToGpYrTO
DVzfhu6nH7+5+BTur01tkmD73u0hQ/vs86oKXPeKnf02kOpzM2sPkWNiRSjNtFR1
3AkoruaKpcRteUTE2vKuRvgE
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:00 2023 by rpki-client on console-ams.rpki-client.org