Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/1RBMbkOC5mLh_rbLfC7kDme-y0U.roa
File: 1RBMbkOC5mLh_rbLfC7kDme-y0U.roa (raw, json)
Hash identifier: X/nP930xAZDuw7yqkMDux8MCgeVlLz33aPzjcpgG3rU=
Subject key identifier: D5:10:4C:6E:43:82:E6:62:E1:FE:B6:CB:7C:2E:E4:0E:67:BE:CB:45
Certificate issuer: /CN=ec6b42021886d8eedbae90d9e6ab1de533c50d20
Certificate serial: 0181DE91C2D76C8DD7CCBEE001B48F84429C
Authority key identifier: EC:6B:42:02:18:86:D8:EE:DB:AE:90:D9:E6:AB:1D:E5:33:C5:0D:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7GtCAhiG2O7brpDZ5qsd5TPFDSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/1RBMbkOC5mLh_rbLfC7kDme-y0U.roa
Signing time: Fri 08 Jul 2022 16:08:23 +0000
ROA not before: Fri 08 Jul 2022 16:08:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41412
IP address blocks: 46.245.176.0/21 maxlen: 24
89.38.36.0/23 maxlen: 24
185.187.64.0/22 maxlen: 24
91.230.172.0/22 maxlen: 24
91.90.144.0/20 maxlen: 24
195.93.242.0/23 maxlen: 24
109.70.216.0/21 maxlen: 24
86.105.222.0/23 maxlen: 24
2a00:14e0::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:de:91:c2:d7:6c:8d:d7:cc:be:e0:01:b4:8f:84:42:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec6b42021886d8eedbae90d9e6ab1de533c50d20
Validity
Not Before: Jul 8 16:08:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d5104c6e4382e662e1feb6cb7c2ee40e67becb45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:db:5f:ad:2c:4a:16:48:e7:52:f5:ac:09:17:
c9:40:f3:9a:32:19:1b:ad:84:4d:4a:06:9a:0a:ad:
12:32:de:38:4a:18:87:ef:e9:b6:a1:b8:03:b1:44:
51:0f:4a:b7:82:36:73:0d:48:39:82:ea:b4:8c:33:
25:cb:d7:86:69:2f:70:75:f5:6c:0f:8b:08:db:2c:
c6:4e:a3:5f:56:99:33:df:83:16:8f:e1:78:58:bb:
73:e9:22:e6:7f:15:e7:5f:5b:9e:53:a2:98:b6:d2:
69:e8:65:17:da:f5:7f:8e:3e:d5:e8:35:97:45:09:
08:75:4f:10:10:0a:f0:48:5d:ee:41:b2:69:3c:ff:
b3:75:b7:15:36:5c:78:54:34:72:41:f8:1b:9e:db:
91:56:86:7b:27:b0:01:fe:a0:5a:28:a2:3a:fa:13:
2d:8d:7c:7e:6a:73:66:0f:fb:86:87:b4:90:73:75:
27:56:da:b2:71:a7:b1:d6:01:41:b9:c7:c2:cb:b3:
ae:cb:cb:23:2e:dd:52:7f:ae:c6:19:00:38:3b:02:
d0:81:79:18:ae:2d:48:dd:fb:f4:6c:5f:a7:6d:ff:
22:b6:80:dc:26:99:8a:84:dd:63:cc:f3:71:83:0f:
79:fa:55:58:01:fb:c6:23:2f:41:53:5c:86:0b:64:
c1:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:10:4C:6E:43:82:E6:62:E1:FE:B6:CB:7C:2E:E4:0E:67:BE:CB:45
X509v3 Authority Key Identifier:
keyid:EC:6B:42:02:18:86:D8:EE:DB:AE:90:D9:E6:AB:1D:E5:33:C5:0D:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7GtCAhiG2O7brpDZ5qsd5TPFDSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/1RBMbkOC5mLh_rbLfC7kDme-y0U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/7GtCAhiG2O7brpDZ5qsd5TPFDSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.245.176.0/21
86.105.222.0/23
89.38.36.0/23
91.90.144.0/20
91.230.172.0/22
109.70.216.0/21
185.187.64.0/22
195.93.242.0/23
IPv6:
2a00:14e0::/29
Signature Algorithm: sha256WithRSAEncryption
46:ac:d3:95:e5:82:dd:3d:26:d5:36:58:b2:d4:a5:45:f2:e7:
52:b7:8d:e4:70:a7:13:bf:7d:1b:1d:9e:65:ef:68:32:c1:79:
0f:9b:a2:dd:42:ee:27:e4:17:e2:44:53:44:17:47:96:6e:77:
77:99:87:70:73:33:49:31:7b:67:aa:e5:bb:8c:6a:1d:ae:bd:
19:7e:45:30:dd:5a:0d:c1:48:7c:d1:ac:69:f3:10:26:4a:b9:
95:cf:f8:92:b9:ed:36:50:f5:e4:a4:b4:a2:a4:2a:0c:76:4b:
7a:30:e2:e6:cb:fa:dd:25:3c:91:85:c9:3e:1e:6f:5d:c3:a3:
6d:c1:c3:18:5e:62:12:89:de:d4:96:62:1a:29:51:79:0d:cf:
8a:e6:99:68:2b:b6:a5:19:b6:52:89:67:b7:1f:8d:f3:50:93:
61:69:73:16:89:27:da:1a:07:71:ab:06:f5:27:9a:9e:8e:d2:
75:02:2f:5d:99:a7:0b:c7:ca:ef:8d:6f:a5:ab:09:2b:ce:22:
37:f7:90:08:21:1c:a8:4a:6c:33:0c:e7:19:d4:71:41:8c:57:
3e:45:60:4c:04:15:ae:c5:2d:51:3d:e1:fd:0d:1a:0c:fc:1f:
fe:5d:7a:2a:a9:57:1f:24:c1:9b:85:6b:2c:8f:c0:2a:c6:11:
d1:ce:a1:49
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYHekcLXbI3XzL7gAbSPhEKcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjNmI0MjAyMTg4NmQ4ZWVkYmFlOTBkOWU2YWIxZGU1MzNj
NTBkMjAwHhcNMjIwNzA4MTYwODIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTEwNGM2ZTQzODJlNjYyZTFmZWI2Y2I3YzJlZTQwZTY3YmVjYjQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxdtfrSxKFkjnUvWsCRfJQPOaMhkb
rYRNSgaaCq0SMt44ShiH7+m2obgDsURRD0q3gjZzDUg5guq0jDMly9eGaS9wdfVs
D4sI2yzGTqNfVpkz34MWj+F4WLtz6SLmfxXnX1ueU6KYttJp6GUX2vV/jj7V6DWX
RQkIdU8QEArwSF3uQbJpPP+zdbcVNlx4VDRyQfgbntuRVoZ7J7AB/qBaKKI6+hMt
jXx+anNmD/uGh7SQc3UnVtqycaex1gFBucfCy7Ouy8sjLt1Sf67GGQA4OwLQgXkY
ri1I3fv0bF+nbf8itoDcJpmKhN1jzPNxgw95+lVYAfvGIy9BU1yGC2TBrQIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFNUQTG5DguZi4f62y3wu5A5nvstFMB8GA1UdIwQY
MBaAFOxrQgIYhtju266Q2earHeUzxQ0gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0d0Q0FoaUcyTzdicnBEWjVxc2Q1VFBGRFNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8yNmMzZTEtNjQ4Ni00ZTA5LTk5YTQt
YTY4NzNiMzc0ZTI2LzEvMVJCTWJrT0M1bUxoX3JiTGZDN2tEbWUteTBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8yNmMzZTEtNjQ4Ni00ZTA5LTk5YTQtYTY4NzNiMzc0ZTI2
LzEvN0d0Q0FoaUcyTzdicnBEWjVxc2Q1VFBGRFNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQDLvWwAwQB
VmneAwQBWSYkAwQEW1qQAwQCW+asAwQDbUbYAwQCubtAAwQBw13yMA0EAgACMAcD
BQMqABTgMA0GCSqGSIb3DQEBCwUAA4IBAQBGrNOV5YLdPSbVNliy1KVF8udSt43k
cKcTv30bHZ5l72gywXkPm6LdQu4n5BfiRFNEF0eWbnd3mYdwczNJMXtnquW7jGod
rr0ZfkUw3VoNwUh80axp8xAmSrmVz/iSue02UPXkpLSipCoMdkt6MOLmy/rdJTyR
hck+Hm9dw6NtwcMYXmISid7UlmIaKVF5Dc+K5ploK7alGbZSiWe3H43zUJNhaXMW
iSfaGgdxqwb1J5qejtJ1Ai9dmacLx8rvjW+lqwkrziI395AIIRyoSmwzDOcZ1HFB
jFc+RWBMBBWuxS1RPeH9DRoM/B/+XXoqqVcfJMGbhWssj8AqxhHRzqFJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:25 2024 by rpki-client on console-fra.rpki-client.org