Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/8de4a3-8d5a-46b1-a735-2f46e9317cc6/1/aEA24WRIVxVdJ8BQeRRPVT6Y9YI.roa
File: aEA24WRIVxVdJ8BQeRRPVT6Y9YI.roa (raw, json)
Hash identifier: 4ADfJE6EoYJ8D1AzPZr2zJLCQDfnDIohzSQe/DM6NVM=
Subject key identifier: 68:40:36:E1:64:48:57:15:5D:27:C0:50:79:14:4F:55:3E:98:F5:82
Certificate issuer: /CN=b3b6f54ea9b15a8bd4f33825386cb277b03439dd
Certificate serial: 0E1D4049
Authority key identifier: B3:B6:F5:4E:A9:B1:5A:8B:D4:F3:38:25:38:6C:B2:77:B0:34:39:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s7b1TqmxWovU8zglOGyyd7A0Od0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/8de4a3-8d5a-46b1-a735-2f46e9317cc6/1/aEA24WRIVxVdJ8BQeRRPVT6Y9YI.roa
Signing time: Wed 09 Mar 2022 19:59:22 +0000
ROA not before: Wed 09 Mar 2022 19:59:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42184
IP address blocks: 178.251.8.0/21 maxlen: 24
188.64.250.0/23 maxlen: 23
188.64.252.0/24 maxlen: 24
188.64.253.0/24 maxlen: 24
188.64.248.0/21 maxlen: 21
188.64.248.0/23 maxlen: 23
188.64.254.0/23 maxlen: 23
185.64.168.0/22 maxlen: 22
185.143.168.0/22 maxlen: 22
91.190.224.0/22 maxlen: 22
91.190.224.0/21 maxlen: 21
91.190.229.0/24 maxlen: 24
91.190.228.0/24 maxlen: 24
91.190.230.0/23 maxlen: 23
2a02:f08::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 236798025 (0xe1d4049)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3b6f54ea9b15a8bd4f33825386cb277b03439dd
Validity
Not Before: Mar 9 19:59:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=684036e1644857155d27c05079144f553e98f582
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:ba:cb:35:fb:e2:3e:45:d7:66:e7:64:01:7a:
c4:4a:59:ed:78:cd:83:9b:32:9d:f9:4c:a8:fe:92:
8c:80:9c:38:bb:5f:69:00:b8:41:c0:f7:bf:33:60:
dd:d2:47:c6:8b:1b:aa:25:81:fb:6d:5a:96:4f:e0:
24:59:09:af:b5:9b:d0:e9:d9:d2:cd:b8:52:42:2d:
69:67:dd:7a:cc:f7:4e:d1:10:cb:73:be:11:c7:c5:
64:76:d9:6a:86:f1:ec:87:3d:b8:0c:00:7c:f9:88:
55:cc:6f:cc:60:5f:ba:84:e0:fc:22:4f:10:74:c1:
f1:e7:f4:7f:c5:de:b9:b5:0d:58:06:d8:1c:d5:8f:
3e:90:47:af:47:5b:92:57:40:3b:98:9e:42:77:52:
e4:50:d5:76:6c:df:2b:ff:19:b5:fc:62:78:91:07:
f7:78:9e:50:48:a9:e4:87:82:94:d1:2e:45:1d:ba:
af:c6:8e:b5:6d:7f:d1:b3:99:68:0f:18:ea:89:7d:
39:83:81:be:2e:64:fe:df:7a:d8:d3:96:12:aa:f3:
2c:e6:d2:9a:78:b5:48:e3:5b:9d:92:4c:68:72:c0:
9b:ef:2b:d8:be:8a:14:73:2d:bb:47:ae:41:f6:d6:
1c:61:da:78:69:a6:14:67:e6:b3:5a:b5:1a:36:c0:
70:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:40:36:E1:64:48:57:15:5D:27:C0:50:79:14:4F:55:3E:98:F5:82
X509v3 Authority Key Identifier:
keyid:B3:B6:F5:4E:A9:B1:5A:8B:D4:F3:38:25:38:6C:B2:77:B0:34:39:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s7b1TqmxWovU8zglOGyyd7A0Od0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/8de4a3-8d5a-46b1-a735-2f46e9317cc6/1/aEA24WRIVxVdJ8BQeRRPVT6Y9YI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/8de4a3-8d5a-46b1-a735-2f46e9317cc6/1/s7b1TqmxWovU8zglOGyyd7A0Od0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.190.224.0/21
178.251.8.0/21
185.64.168.0/22
185.143.168.0/22
188.64.248.0/21
IPv6:
2a02:f08::/32
Signature Algorithm: sha256WithRSAEncryption
aa:9a:ca:ab:aa:29:f2:d2:07:e5:e5:88:41:d3:9d:67:22:ad:
a1:43:4f:97:e4:d3:7a:e9:75:0a:fc:dd:9f:db:65:9c:58:35:
ca:70:6d:8e:b8:32:94:36:60:65:4a:f7:95:c3:ea:92:5a:63:
72:91:65:7d:21:68:8e:79:bd:90:89:07:6c:6a:2d:98:65:e5:
91:d8:92:f0:21:96:93:c4:ad:b9:0e:98:fb:04:dd:16:60:90:
68:c4:ce:3b:26:4e:82:be:22:2f:07:0e:2e:1c:c3:90:62:b6:
e6:0c:e9:d0:8c:57:eb:72:60:96:e6:36:0a:63:e7:1c:8a:8a:
63:00:37:17:be:b0:40:fa:75:d9:59:c8:d8:b9:17:0c:d3:08:
55:b7:7a:7d:57:43:21:1a:69:d9:73:65:f8:13:81:3d:0e:e0:
a4:5e:d1:45:83:90:73:63:b0:07:d1:2a:1c:ee:3e:79:2e:12:
74:5d:25:10:6b:95:4d:db:ec:91:c2:6d:12:da:03:e8:cd:0d:
d6:cc:66:68:7e:67:30:76:4e:c4:5a:d0:30:28:37:08:96:d5:
f4:b2:bb:99:cf:44:bd:14:d2:7f:fc:16:1c:e8:12:dd:8a:66:
b4:2d:9c:3b:5e:9d:ed:a2:4b:db:e9:e4:f6:a7:bb:e0:5c:ac:
3c:8b:d4:0b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIEDh1ASTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
M2I2ZjU0ZWE5YjE1YThiZDRmMzM4MjUzODZjYjI3N2IwMzQzOWRkMB4XDTIyMDMw
OTE5NTkyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjg0MDM2ZTE2NDQ4
NTcxNTVkMjdjMDUwNzkxNDRmNTUzZTk4ZjU4MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAO26yzX74j5F12bnZAF6xEpZ7XjNg5synflMqP6SjICcOLtf
aQC4QcD3vzNg3dJHxosbqiWB+21alk/gJFkJr7Wb0OnZ0s24UkItaWfdesz3TtEQ
y3O+EcfFZHbZaobx7Ic9uAwAfPmIVcxvzGBfuoTg/CJPEHTB8ef0f8XeubUNWAbY
HNWPPpBHr0dbkldAO5ieQndS5FDVdmzfK/8ZtfxieJEH93ieUEip5IeClNEuRR26
r8aOtW1/0bOZaA8Y6ol9OYOBvi5k/t962NOWEqrzLObSmni1SONbnZJMaHLAm+8r
2L6KFHMtu0euQfbWHGHaeGmmFGfms1q1GjbAcEsCAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBRoQDbhZEhXFV0nwFB5FE9VPpj1gjAfBgNVHSMEGDAWgBSztvVOqbFai9Tz
OCU4bLJ3sDQ53TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3M3YjFUcW14V292VTh6Z2xPR3l5ZDdBME9kMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzIvOGRlNGEzLThkNWEtNDZiMS1hNzM1LTJmNDZlOTMxN2NjNi8x
L2FFQTI0V1JJVnhWZEo4QlFlUlJQVlQ2WTlZSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzIv
OGRlNGEzLThkNWEtNDZiMS1hNzM1LTJmNDZlOTMxN2NjNi8xL3M3YjFUcW14V292
VTh6Z2xPR3l5ZDdBME9kMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBG
BggrBgEFBQcBBwEB/wQ3MDUwJAQCAAEwHgMEA1u+4AMEA7L7CAMEArlAqAMEArmP
qAMEA7xA+DANBAIAAjAHAwUAKgIPCDANBgkqhkiG9w0BAQsFAAOCAQEAqprKq6op
8tIH5eWIQdOdZyKtoUNPl+TTeul1Cvzdn9tlnFg1ynBtjrgylDZgZUr3lcPqklpj
cpFlfSFojnm9kIkHbGotmGXlkdiS8CGWk8StuQ6Y+wTdFmCQaMTOOyZOgr4iLwcO
LhzDkGK25gzp0IxX63JgluY2CmPnHIqKYwA3F76wQPp12VnI2LkXDNMIVbd6fVdD
IRpp2XNl+BOBPQ7gpF7RRYOQc2OwB9EqHO4+eS4SdF0lEGuVTdvskcJtEtoD6M0N
1sxmaH5nMHZOxFrQMCg3CJbV9LK7mc9EvRTSf/wWHOgS3YpmtC2cO16d7aJL2+nk
9qe74FysPIvUCw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:57 2024 by rpki-client on console-ams.rpki-client.org