Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/755c55-c4f5-4cb7-871d-69c68e2ef27d/1/b0-qe3oD-S2BikBhUIeD2KJOFV8.roa
File: b0-qe3oD-S2BikBhUIeD2KJOFV8.roa (raw, json)
Hash identifier: 9L8AzI8NCSctYEuTczr/lMgzAEF7mVe2tg5VZEHA4vg=
Subject key identifier: 6F:4F:AA:7B:7A:03:F9:2D:81:8A:40:61:50:87:83:D8:A2:4E:15:5F
Certificate issuer: /CN=da9c6729e1e8989984dd802d1a90e89ce2fe373c
Certificate serial: 11B78FF8
Authority key identifier: DA:9C:67:29:E1:E8:98:99:84:DD:80:2D:1A:90:E8:9C:E2:FE:37:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2pxnKeHomJmE3YAtGpDonOL-Nzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/755c55-c4f5-4cb7-871d-69c68e2ef27d/1/b0-qe3oD-S2BikBhUIeD2KJOFV8.roa
Signing time: Sat 01 Jan 2022 10:56:07 +0000
ROA not before: Sat 01 Jan 2022 10:56:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35280
IP address blocks: 185.94.142.0/23 maxlen: 24
185.94.141.0/24 maxlen: 24
185.94.140.0/22 maxlen: 22
185.94.140.0/23 maxlen: 24
185.94.140.0/24 maxlen: 24
84.54.60.0/22 maxlen: 24
185.160.10.0/23 maxlen: 24
185.160.9.0/24 maxlen: 24
185.160.8.0/23 maxlen: 24
185.56.152.0/24 maxlen: 24
185.56.154.0/23 maxlen: 24
2a05:f440::/29 maxlen: 48
2a07:b7c0::/29 maxlen: 29
2a02:53a0::/32 maxlen: 32
2a09:4b00::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 297242616 (0x11b78ff8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da9c6729e1e8989984dd802d1a90e89ce2fe373c
Validity
Not Before: Jan 1 10:56:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6f4faa7b7a03f92d818a4061508783d8a24e155f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:b1:00:1d:8d:cb:07:21:94:44:08:64:a8:fe:
ef:66:55:92:e9:0d:f5:76:91:13:00:53:bd:4a:77:
a9:97:aa:0a:ec:bf:b1:5e:47:2e:3e:c7:c5:d7:3c:
ad:bf:a4:9f:ac:d4:ee:ca:5b:48:fd:bc:90:75:a4:
0c:34:13:0c:48:07:45:1c:1f:fc:53:c2:16:89:53:
01:b5:bf:b4:2f:92:2f:b5:9c:3f:e4:ac:8c:2a:4c:
f2:11:21:73:97:8b:69:c2:b5:2b:5c:5b:3f:40:b8:
a3:aa:86:7c:74:a6:e4:05:68:4b:2f:27:07:52:6f:
a2:c0:69:a5:b8:52:ab:4e:b0:8c:ef:d5:fd:44:94:
1a:b5:bf:95:10:ce:ed:67:de:e3:fb:30:0b:e0:1b:
96:d8:30:00:36:79:57:66:49:c7:8f:79:a0:2e:a8:
15:86:f6:06:c2:4f:0b:e1:db:d3:e0:25:2e:0b:0f:
22:e6:fe:39:e9:cd:32:49:b5:4f:a7:8b:c9:86:b3:
82:44:4e:08:f8:cd:7f:65:8e:5c:bd:a5:6c:b6:c3:
50:05:31:83:da:35:fa:3f:06:df:66:38:de:fb:aa:
71:64:a2:e8:45:f9:3d:3e:5d:bb:bf:6a:36:b5:4a:
97:80:19:1d:c3:53:ce:8a:48:a3:3c:f0:69:59:2d:
67:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:4F:AA:7B:7A:03:F9:2D:81:8A:40:61:50:87:83:D8:A2:4E:15:5F
X509v3 Authority Key Identifier:
keyid:DA:9C:67:29:E1:E8:98:99:84:DD:80:2D:1A:90:E8:9C:E2:FE:37:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2pxnKeHomJmE3YAtGpDonOL-Nzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/755c55-c4f5-4cb7-871d-69c68e2ef27d/1/b0-qe3oD-S2BikBhUIeD2KJOFV8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/755c55-c4f5-4cb7-871d-69c68e2ef27d/1/2pxnKeHomJmE3YAtGpDonOL-Nzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.54.60.0/22
185.56.152.0/24
185.56.154.0/23
185.94.140.0/22
185.160.8.0/22
IPv6:
2a02:53a0::/32
2a05:f440::/29
2a07:b7c0::/29
2a09:4b00::/32
Signature Algorithm: sha256WithRSAEncryption
1c:dd:fc:52:d3:29:b8:bf:ed:16:7f:aa:91:f1:bb:61:ce:24:
c4:be:ed:0d:13:57:a5:84:29:c2:e6:cd:9d:38:e3:08:13:a0:
e1:b4:95:ab:e0:0d:e4:72:22:bc:9e:b6:71:8a:3e:45:88:8e:
13:e5:46:f5:23:72:0b:e6:aa:4e:7e:00:86:86:fb:14:6e:b9:
98:6a:e1:21:23:7a:0b:32:c5:fe:b1:45:cb:3c:bf:0b:61:39:
dc:ab:24:8e:ad:04:23:35:49:0d:18:4b:78:f2:a3:b9:ba:fb:
89:e7:53:8c:70:95:7e:0c:32:3b:02:f7:5e:53:f4:6a:e3:bd:
9e:db:6a:ca:14:51:56:99:07:6d:a3:f6:e0:00:dd:4c:3c:4d:
30:2d:23:f5:ed:55:91:1e:cc:6e:88:bf:35:5a:4e:64:11:67:
11:de:94:92:92:0f:1d:dd:a9:25:ac:71:2f:96:39:57:84:5d:
da:bd:05:d9:da:5b:ed:2e:e9:9f:c8:68:fb:1c:eb:cf:48:79:
3e:a5:76:f8:3f:62:9b:85:51:ce:57:85:bd:69:35:dd:00:e1:
22:8d:71:9f:4b:aa:a9:f9:87:79:80:50:b0:67:78:f9:f2:01:
a1:c2:a4:28:bb:46:d5:01:e0:48:67:98:7a:29:a6:ef:c4:8b:
62:6d:fe:dc
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIEEbeP+DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
YTljNjcyOWUxZTg5ODk5ODRkZDgwMmQxYTkwZTg5Y2UyZmUzNzNjMB4XDTIyMDEw
MTEwNTYwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmY0ZmFhN2I3YTAz
ZjkyZDgxOGE0MDYxNTA4NzgzZDhhMjRlMTU1ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMexAB2NywchlEQIZKj+72ZVkukN9XaREwBTvUp3qZeqCuy/
sV5HLj7Hxdc8rb+kn6zU7spbSP28kHWkDDQTDEgHRRwf/FPCFolTAbW/tC+SL7Wc
P+SsjCpM8hEhc5eLacK1K1xbP0C4o6qGfHSm5AVoSy8nB1JvosBppbhSq06wjO/V
/USUGrW/lRDO7Wfe4/swC+AbltgwADZ5V2ZJx495oC6oFYb2BsJPC+Hb0+AlLgsP
Iub+OenNMkm1T6eLyYazgkROCPjNf2WOXL2lbLbDUAUxg9o1+j8G32Y43vuqcWSi
6EX5PT5du79qNrVKl4AZHcNTzopIozzwaVktZ/kCAwEAAaOCAkUwggJBMB0GA1Ud
DgQWBBRvT6p7egP5LYGKQGFQh4PYok4VXzAfBgNVHSMEGDAWgBTanGcp4eiYmYTd
gC0akOic4v43PDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJweG5LZUhvbUptRTNZQXRHcERvbk9MLU56dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjgvNzU1YzU1LWM0ZjUtNGNiNy04NzFkLTY5YzY4ZTJlZjI3ZC8x
L2IwLXFlM29ELVMyQmlrQmhVSWVEMktKT0ZWOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjgv
NzU1YzU1LWM0ZjUtNGNiNy04NzFkLTY5YzY4ZTJlZjI3ZC8xLzJweG5LZUhvbUpt
RTNZQXRHcERvbk9MLU56dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBb
BggrBgEFBQcBBwEB/wRMMEowJAQCAAEwHgMEAlQ2PAMEALk4mAMEAbk4mgMEArle
jAMEArmgCDAiBAIAAjAcAwUAKgJToAMFAyoF9EADBQMqB7fAAwUAKglLADANBgkq
hkiG9w0BAQsFAAOCAQEAHN38UtMpuL/tFn+qkfG7Yc4kxL7tDRNXpYQpwubNnTjj
CBOg4bSVq+AN5HIivJ62cYo+RYiOE+VG9SNyC+aqTn4Ahob7FG65mGrhISN6CzLF
/rFFyzy/C2E53Kskjq0EIzVJDRhLePKjubr7iedTjHCVfgwyOwL3XlP0auO9nttq
yhRRVpkHbaP24ADdTDxNMC0j9e1VkR7Mboi/NVpOZBFnEd6UkpIPHd2pJaxxL5Y5
V4Rd2r0F2dpb7S7pn8ho+xzrz0h5PqV2+D9im4VRzleFvWk13QDhIo1xn0uqqfmH
eYBQsGd4+fIBocKkKLtG1QHgSGeYeimm78SLYm3+3A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:10 2024 by rpki-client on console-fra.rpki-client.org