Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/bc4d7b-3cb7-4f33-89e7-2100bf0f140a/1/od6yEsOXjwpVTZMMgucMC9foyYA.roa
File: od6yEsOXjwpVTZMMgucMC9foyYA.roa (raw, json)
Hash identifier: nM/Mxs/nrfSzjoGEBIzKUoJv1Gm6d6KOpchx5kqSSl4=
Subject key identifier: A1:DE:B2:12:C3:97:8F:0A:55:4D:93:0C:82:E7:0C:0B:D7:E8:C9:80
Certificate issuer: /CN=b1a89b67c66debf5ded3f2880bb4941d30411257
Certificate serial: F1B471
Authority key identifier: B1:A8:9B:67:C6:6D:EB:F5:DE:D3:F2:88:0B:B4:94:1D:30:41:12:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saibZ8Zt6_Xe0_KIC7SUHTBBElc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/bc4d7b-3cb7-4f33-89e7-2100bf0f140a/1/od6yEsOXjwpVTZMMgucMC9foyYA.roa
Signing time: Mon 04 Apr 2022 09:26:27 +0000
ROA not before: Mon 04 Apr 2022 09:26:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29286
IP address blocks: 185.15.102.0/23 maxlen: 23
185.15.100.0/22 maxlen: 22
185.15.101.0/24 maxlen: 24
5.152.168.0/21 maxlen: 21
5.8.184.0/24 maxlen: 24
5.8.185.0/24 maxlen: 24
5.8.184.0/21 maxlen: 21
5.8.186.0/24 maxlen: 24
5.8.191.0/24 maxlen: 24
5.8.190.0/24 maxlen: 24
5.8.187.0/24 maxlen: 24
37.1.176.0/21 maxlen: 21
37.1.183.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15840369 (0xf1b471)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a89b67c66debf5ded3f2880bb4941d30411257
Validity
Not Before: Apr 4 09:26:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a1deb212c3978f0a554d930c82e70c0bd7e8c980
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:a1:5e:20:8d:bc:ab:e2:74:e9:f7:9a:47:aa:
84:e0:49:d3:96:60:75:45:c2:e9:f3:f5:e3:df:f9:
79:2f:51:26:9d:15:9e:b3:37:24:90:10:75:ff:50:
0f:68:af:14:a9:ae:58:fb:40:72:0a:ed:e6:c0:6e:
1f:57:23:f7:04:03:e3:20:6c:41:15:25:e6:cc:ed:
c6:85:27:75:0d:87:2f:dd:f2:b8:10:30:f7:c5:97:
9b:bc:48:5d:12:89:4f:66:f7:e2:d5:bf:6a:94:b5:
e8:84:41:7b:da:26:c1:27:76:21:dc:d9:66:d1:19:
ff:45:e7:22:70:e3:a3:00:09:d9:b5:82:64:03:dd:
76:8f:d2:65:d1:0b:33:97:2d:cd:32:15:8c:61:63:
bc:c4:59:5e:d2:c6:29:5c:b0:29:0b:eb:e5:1c:89:
41:86:39:3a:3c:40:c9:8a:81:51:9a:db:30:54:fc:
25:08:89:52:1c:c9:a3:94:e8:36:bc:1d:d2:97:4f:
6f:ce:11:9f:5a:11:0c:3c:5b:52:23:13:e9:9d:77:
25:29:d7:f8:18:f2:e2:e0:1c:6a:82:2c:14:0c:f0:
68:53:9d:43:fb:e5:8a:99:a4:cc:1f:e8:06:31:c8:
07:91:0c:03:03:28:ec:65:ca:4f:b1:1e:51:ca:e4:
88:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:DE:B2:12:C3:97:8F:0A:55:4D:93:0C:82:E7:0C:0B:D7:E8:C9:80
X509v3 Authority Key Identifier:
keyid:B1:A8:9B:67:C6:6D:EB:F5:DE:D3:F2:88:0B:B4:94:1D:30:41:12:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saibZ8Zt6_Xe0_KIC7SUHTBBElc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/bc4d7b-3cb7-4f33-89e7-2100bf0f140a/1/od6yEsOXjwpVTZMMgucMC9foyYA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/bc4d7b-3cb7-4f33-89e7-2100bf0f140a/1/saibZ8Zt6_Xe0_KIC7SUHTBBElc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.8.184.0/21
5.152.168.0/21
37.1.176.0/21
185.15.100.0/22
Signature Algorithm: sha256WithRSAEncryption
21:51:40:46:10:41:90:f8:62:97:18:1d:2c:2d:f1:f1:40:5e:
97:d6:59:b2:5f:2d:c3:5d:fa:57:8f:38:01:7b:81:d0:0e:4c:
06:83:8e:06:3f:72:99:de:07:51:12:df:85:94:a2:d4:6f:be:
ba:fd:23:5c:2a:5a:6a:ce:e3:d3:90:e5:42:52:c6:db:1e:2a:
cb:71:23:01:1d:54:82:64:bb:d7:0e:5e:51:38:48:b3:08:bf:
6b:4a:d2:20:06:1e:9c:bb:28:36:79:18:84:c9:e8:b9:a2:f2:
eb:35:66:fd:64:20:9f:4d:59:14:e3:ae:1d:5c:e7:65:d4:da:
76:d7:5e:f1:4f:b5:8b:25:b5:d0:cd:5b:4b:23:80:a7:0c:d5:
13:83:2a:ac:ff:5d:e2:63:66:d7:f1:69:70:83:34:79:f8:f9:
e9:6d:9b:51:1e:fa:08:32:db:b0:56:a5:ce:4f:86:42:a8:35:
74:4a:87:9a:28:db:fc:fb:61:97:d3:84:b9:47:a3:d1:70:db:
5d:d0:b1:bf:b8:c4:3a:57:c4:e9:c7:15:84:c1:b8:46:6b:7f:
da:13:90:b4:e7:77:60:12:f3:f9:25:8d:8c:27:df:65:8b:10:
10:45:b3:99:7e:ae:7c:dd:04:b8:81:a8:99:9b:9a:02:ff:f9:
ba:7b:80:a4
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEAPG0cTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MWE4OWI2N2M2NmRlYmY1ZGVkM2YyODgwYmI0OTQxZDMwNDExMjU3MB4XDTIyMDQw
NDA5MjYyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTFkZWIyMTJjMzk3
OGYwYTU1NGQ5MzBjODJlNzBjMGJkN2U4Yzk4MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMihXiCNvKvidOn3mkeqhOBJ05ZgdUXC6fP149/5eS9RJp0V
nrM3JJAQdf9QD2ivFKmuWPtAcgrt5sBuH1cj9wQD4yBsQRUl5sztxoUndQ2HL93y
uBAw98WXm7xIXRKJT2b34tW/apS16IRBe9omwSd2IdzZZtEZ/0XnInDjowAJ2bWC
ZAPddo/SZdELM5ctzTIVjGFjvMRZXtLGKVywKQvr5RyJQYY5OjxAyYqBUZrbMFT8
JQiJUhzJo5ToNrwd0pdPb84Rn1oRDDxbUiMT6Z13JSnX+Bjy4uAcaoIsFAzwaFOd
Q/vlipmkzB/oBjHIB5EMAwMo7GXKT7EeUcrkiG8CAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBSh3rISw5ePClVNkwyC5wwL1+jJgDAfBgNVHSMEGDAWgBSxqJtnxm3r9d7T
8ogLtJQdMEESVzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NhaWJaOFp0Nl9YZTBfS0lDN1NVSFRCQkVsYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGEvYmM0ZDdiLTNjYjctNGYzMy04OWU3LTIxMDBiZjBmMTQwYS8x
L29kNnlFc09YandwVlRaTU1ndWNNQzlmb3lZQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGEv
YmM0ZDdiLTNjYjctNGYzMy04OWU3LTIxMDBiZjBmMTQwYS8xL3NhaWJaOFp0Nl9Y
ZTBfS0lDN1NVSFRCQkVsYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAwUIuAMEAwWYqAMEAyUBsAMEArkP
ZDANBgkqhkiG9w0BAQsFAAOCAQEAIVFARhBBkPhilxgdLC3x8UBel9ZZsl8tw136
V484AXuB0A5MBoOOBj9ymd4HURLfhZSi1G++uv0jXCpaas7j05DlQlLG2x4qy3Ej
AR1UgmS71w5eUThIswi/a0rSIAYenLsoNnkYhMnouaLy6zVm/WQgn01ZFOOuHVzn
ZdTadtde8U+1iyW10M1bSyOApwzVE4MqrP9d4mNm1/FpcIM0efj56W2bUR76CDLb
sFalzk+GQqg1dEqHmijb/Pthl9OEuUej0XDbXdCxv7jEOlfE6ccVhMG4Rmt/2hOQ
tOd3YBLz+SWNjCffZYsQEEWzmX6ufN0EuIGomZuaAv/5unuApA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:08 2024 by rpki-client on console-ams.rpki-client.org