Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/b796f4-2e88-4eaa-a269-2738bcb43d6d/1/6w77e_LfJ4UQBBAaW_NYHb1JuCc.roa
File: 6w77e_LfJ4UQBBAaW_NYHb1JuCc.roa (raw, json)
Hash identifier: zDqLIq0MkGgalyuS3KdGIPiSQAxYJEP1uHgSL1TRYZA=
Subject key identifier: EB:0E:FB:7B:F2:DF:27:85:10:04:10:1A:5B:F3:58:1D:BD:49:B8:27
Certificate issuer: /CN=923a2b3dd7667275f09886df7da079f755ceed59
Certificate serial: 01856C53B00765F60FB2B7ECD205DC1C765E
Authority key identifier: 92:3A:2B:3D:D7:66:72:75:F0:98:86:DF:7D:A0:79:F7:55:CE:ED:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kjorPddmcnXwmIbffaB591XO7Vk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/b796f4-2e88-4eaa-a269-2738bcb43d6d/1/6w77e_LfJ4UQBBAaW_NYHb1JuCc.roa
Signing time: Sun 01 Jan 2023 07:55:01 +0000
ROA not before: Sun 01 Jan 2023 07:55:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207143
IP address blocks: 185.229.89.0/24 maxlen: 24
185.229.88.0/24 maxlen: 24
185.229.91.0/24 maxlen: 24
185.229.90.0/24 maxlen: 24
185.101.159.0/24 maxlen: 24
185.101.158.0/24 maxlen: 24
185.101.157.0/24 maxlen: 24
185.101.156.0/22 maxlen: 22
185.101.156.0/24 maxlen: 24
2a11:8b82::/32 maxlen: 32
2a11:8b81::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:53:b0:07:65:f6:0f:b2:b7:ec:d2:05:dc:1c:76:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=923a2b3dd7667275f09886df7da079f755ceed59
Validity
Not Before: Jan 1 07:55:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=eb0efb7bf2df27851004101a5bf3581dbd49b827
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:03:a0:71:5a:0a:eb:ea:82:c1:28:ea:56:52:
ab:3b:2e:91:38:31:ff:ad:c9:42:9b:6f:19:c1:6e:
80:0d:ee:f9:46:9e:af:77:04:f4:89:c6:34:0c:21:
74:a9:e3:9f:ca:b7:7d:ba:81:46:f7:13:1b:3f:b2:
c2:4f:77:58:8c:f8:b9:e4:3e:af:3b:7b:c2:2c:13:
c8:c0:32:09:48:23:d5:50:ee:4a:11:ae:16:d9:7b:
59:36:cb:f9:da:6d:b8:61:bb:cc:d8:98:df:ce:88:
b6:9f:29:ef:b0:1e:64:0e:9e:82:d8:be:e7:c2:0f:
23:74:68:3b:73:62:9d:35:33:29:63:29:40:a3:50:
34:f1:ed:f4:d0:9d:2d:70:6d:f6:51:81:56:2f:98:
02:e6:1f:c3:df:1e:14:57:62:60:3c:dc:05:38:86:
fa:d5:15:ea:99:20:2e:c6:11:56:2a:28:2e:46:05:
ca:0f:89:91:e5:3f:36:10:85:e4:2b:36:75:66:50:
34:50:85:89:6f:b2:95:e1:8d:42:3c:c9:23:c2:05:
31:84:7b:ac:14:8b:1c:7d:02:87:38:02:ec:f5:28:
9d:d5:f7:71:b4:ec:1f:4b:87:21:7d:a2:ac:45:0d:
7e:c0:2d:05:a5:21:bc:4a:51:71:89:42:03:db:76:
63:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:0E:FB:7B:F2:DF:27:85:10:04:10:1A:5B:F3:58:1D:BD:49:B8:27
X509v3 Authority Key Identifier:
keyid:92:3A:2B:3D:D7:66:72:75:F0:98:86:DF:7D:A0:79:F7:55:CE:ED:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kjorPddmcnXwmIbffaB591XO7Vk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/b796f4-2e88-4eaa-a269-2738bcb43d6d/1/6w77e_LfJ4UQBBAaW_NYHb1JuCc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/b796f4-2e88-4eaa-a269-2738bcb43d6d/1/kjorPddmcnXwmIbffaB591XO7Vk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.101.156.0/22
185.229.88.0/22
IPv6:
2a11:8b81::-2a11:8b82:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
47:07:b3:20:c0:82:f9:19:02:24:98:c5:e6:26:e3:11:50:40:
4a:e5:f6:37:63:13:1c:be:6b:51:1a:d4:88:b0:6b:1b:c2:0e:
da:f7:16:93:d6:bd:91:ed:2d:0a:12:60:a7:98:bd:84:b7:13:
a3:88:34:a2:8a:cb:46:d1:da:c6:97:11:9e:a8:de:46:42:39:
48:02:a5:86:57:76:6c:95:f5:f1:95:a9:d4:d2:ff:db:b1:8f:
64:5a:c0:01:fb:c0:f5:a4:25:8e:5e:e1:83:70:c7:bf:11:32:
dd:bc:22:78:d7:8d:a2:54:b6:39:f0:e2:78:cb:6f:60:c5:f3:
df:3d:2d:53:e9:23:07:c9:33:58:a4:b1:50:ce:3f:58:85:17:
f9:bf:64:e7:b2:65:73:6d:a6:3b:2a:c0:dc:a8:0e:b5:2e:c0:
3c:04:0e:e8:03:9b:43:7d:85:08:b5:a6:1a:cb:b2:b8:a5:79:
61:22:70:98:b9:ba:67:e8:cc:05:ae:76:e4:e5:a0:82:f9:f5:
cb:4b:76:bd:1b:d3:1e:cb:08:3a:41:43:60:31:62:59:0c:34:
99:16:1c:51:d7:af:49:13:a9:80:10:1b:bc:41:97:f3:b6:80:
6d:ad:95:3e:50:d3:da:ce:d4:10:db:29:99:b8:5e:11:5c:55:
14:7b:65:60
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYVsU7AHZfYPsrfs0gXcHHZeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyM2EyYjNkZDc2NjcyNzVmMDk4ODZkZjdkYTA3OWY3NTVj
ZWVkNTkwHhcNMjMwMTAxMDc1NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjBlZmI3YmYyZGYyNzg1MTAwNDEwMWE1YmYzNTgxZGJkNDliODI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgwOgcVoK6+qCwSjqVlKrOy6RODH/
rclCm28ZwW6ADe75Rp6vdwT0icY0DCF0qeOfyrd9uoFG9xMbP7LCT3dYjPi55D6v
O3vCLBPIwDIJSCPVUO5KEa4W2XtZNsv52m24YbvM2Jjfzoi2nynvsB5kDp6C2L7n
wg8jdGg7c2KdNTMpYylAo1A08e300J0tcG32UYFWL5gC5h/D3x4UV2JgPNwFOIb6
1RXqmSAuxhFWKiguRgXKD4mR5T82EIXkKzZ1ZlA0UIWJb7KV4Y1CPMkjwgUxhHus
FIscfQKHOALs9Sid1fdxtOwfS4chfaKsRQ1+wC0FpSG8SlFxiUID23ZjDwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFOsO+3vy3yeFEAQQGlvzWB29SbgnMB8GA1UdIwQY
MBaAFJI6Kz3XZnJ18JiG332gefdVzu1ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2pvclBkZG1jblh3bUliZmZhQjU5MVhPN1ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9iNzk2ZjQtMmU4OC00ZWFhLWEyNjkt
MjczOGJjYjQzZDZkLzEvNnc3N2VfTGZKNFVRQkJBYVdfTllIYjFKdUNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9iNzk2ZjQtMmU4OC00ZWFhLWEyNjktMjczOGJjYjQzZDZk
LzEva2pvclBkZG1jblh3bUliZmZhQjU5MVhPN1ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQCuWWcAwQC
ueVYMBYEAgACMBAwDgMFACoRi4EDBQAqEYuCMA0GCSqGSIb3DQEBCwUAA4IBAQBH
B7MgwIL5GQIkmMXmJuMRUEBK5fY3YxMcvmtRGtSIsGsbwg7a9xaT1r2R7S0KEmCn
mL2EtxOjiDSiistG0drGlxGeqN5GQjlIAqWGV3ZslfXxlanU0v/bsY9kWsAB+8D1
pCWOXuGDcMe/ETLdvCJ4142iVLY58OJ4y29gxfPfPS1T6SMHyTNYpLFQzj9YhRf5
v2TnsmVzbaY7KsDcqA61LsA8BA7oA5tDfYUItaYay7K4pXlhInCYubpn6MwFrnbk
5aCC+fXLS3a9G9Meywg6QUNgMWJZDDSZFhxR169JE6mAEBu8QZfztoBtrZU+UNPa
ztQQ2ymZuF4RXFUUe2Vg
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:24:59 2025 by rpki-client