Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/g85TjZjfapF_3mXGkne1HCRKhT8.roa
File: g85TjZjfapF_3mXGkne1HCRKhT8.roa (raw, json)
Hash identifier: 2ChRYJCdIo09mDxE9oz0dEfwonpGMJTu5TmjWUAJ6Tg=
Subject key identifier: 83:CE:53:8D:98:DF:6A:91:7F:DE:65:C6:92:77:B5:1C:24:4A:85:3F
Certificate issuer: /CN=ec6b42021886d8eedbae90d9e6ab1de533c50d20
Certificate serial: 018267F769CC13235C3E434C6A651953B473
Authority key identifier: EC:6B:42:02:18:86:D8:EE:DB:AE:90:D9:E6:AB:1D:E5:33:C5:0D:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7GtCAhiG2O7brpDZ5qsd5TPFDSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/g85TjZjfapF_3mXGkne1HCRKhT8.roa
Signing time: Thu 04 Aug 2022 08:27:23 +0000
ROA not before: Thu 04 Aug 2022 08:27:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41412
IP address blocks: 46.245.176.0/21 maxlen: 24
89.38.36.0/23 maxlen: 24
185.187.64.0/22 maxlen: 24
91.230.172.0/22 maxlen: 24
194.1.181.0/24 maxlen: 24
91.90.144.0/20 maxlen: 24
195.93.242.0/23 maxlen: 24
109.70.216.0/21 maxlen: 24
86.105.222.0/23 maxlen: 24
2a00:14e0::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:67:f7:69:cc:13:23:5c:3e:43:4c:6a:65:19:53:b4:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec6b42021886d8eedbae90d9e6ab1de533c50d20
Validity
Not Before: Aug 4 08:27:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=83ce538d98df6a917fde65c69277b51c244a853f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:2f:c9:f3:f7:1c:13:0b:b2:1c:f9:df:70:c3:
58:80:03:e9:aa:72:7f:66:51:69:0f:4f:bc:6f:a1:
6a:3a:2f:88:bd:81:22:3a:71:57:63:8c:78:d4:03:
b1:30:21:80:7d:7d:43:ed:17:5f:09:8c:f0:c2:4c:
74:d6:4f:5e:ea:d5:29:03:dc:58:9c:d5:6c:43:26:
52:dc:1d:5e:15:f7:1c:e0:08:28:4b:e9:62:8a:c6:
fc:18:b6:e3:38:97:a7:b8:4b:fb:2c:da:0e:05:11:
12:30:1d:1b:af:d3:c0:ec:fd:1b:38:bf:f3:5c:cc:
2f:e4:ba:cf:f0:a6:a1:7b:d8:65:4d:ed:97:fc:d9:
ff:ab:77:12:1b:28:70:fa:95:77:9e:43:dc:de:c1:
bc:fd:03:d2:56:a8:58:86:a3:d9:cc:a2:9f:53:5e:
e8:de:ee:28:de:53:79:58:1f:0b:97:01:d7:03:02:
e2:af:eb:70:ad:bd:82:7c:c1:df:f6:03:89:fb:4b:
83:c8:b8:da:d8:dc:01:2a:af:cc:af:bc:6e:15:87:
c5:33:7b:17:ed:cc:d7:ff:29:e5:2b:ba:5e:b0:27:
71:31:be:77:23:3d:4c:86:13:2f:18:22:41:ea:df:
0a:8b:2c:53:b1:0c:d8:57:5e:e9:8a:ac:0f:ca:16:
75:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:CE:53:8D:98:DF:6A:91:7F:DE:65:C6:92:77:B5:1C:24:4A:85:3F
X509v3 Authority Key Identifier:
keyid:EC:6B:42:02:18:86:D8:EE:DB:AE:90:D9:E6:AB:1D:E5:33:C5:0D:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7GtCAhiG2O7brpDZ5qsd5TPFDSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/g85TjZjfapF_3mXGkne1HCRKhT8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/7GtCAhiG2O7brpDZ5qsd5TPFDSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.245.176.0/21
86.105.222.0/23
89.38.36.0/23
91.90.144.0/20
91.230.172.0/22
109.70.216.0/21
185.187.64.0/22
194.1.181.0/24
195.93.242.0/23
IPv6:
2a00:14e0::/29
Signature Algorithm: sha256WithRSAEncryption
00:76:0c:51:22:2b:90:53:58:ad:b9:e8:a0:70:e7:ed:88:1e:
3d:e3:d5:3e:c5:5a:f5:6b:1f:78:a3:2f:29:a5:53:bc:16:86:
0a:b0:b3:db:51:16:dd:1b:7d:74:ad:dd:3f:b9:7a:4f:3a:cb:
ff:fe:d1:6e:d1:0f:71:13:49:19:bd:ae:fe:f9:e6:18:55:03:
70:15:74:35:70:cf:61:8c:1b:be:3d:05:2b:eb:45:cf:00:b1:
eb:37:63:10:c5:dc:78:e6:be:d2:d8:38:ec:cc:8d:60:37:92:
b2:93:82:ec:eb:7b:d4:7b:65:31:4a:1d:99:55:de:b4:6d:79:
ad:98:6a:59:cd:6d:7d:30:5a:01:54:1e:a6:c5:44:1a:9a:79:
16:f8:ae:df:97:48:cf:0e:a0:b2:5a:3f:5f:05:48:ed:f8:10:
35:7e:f5:8c:5b:15:30:aa:c6:84:5a:cf:6e:ca:f9:6b:95:75:
bd:bd:0c:01:54:33:e3:cd:f6:02:10:b8:d1:22:85:cd:06:b4:
6f:7d:d0:53:b8:87:c5:3a:2c:57:e5:e5:54:9c:1c:e3:0c:61:
5a:04:1b:3e:70:ed:84:75:16:24:5b:75:67:53:0d:73:d3:4a:
bf:ba:03:93:d2:fa:6c:57:fa:47:80:0e:6c:7f:c0:e9:cf:8b:
25:ff:18:01
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAYJn92nMEyNcPkNMamUZU7RzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjNmI0MjAyMTg4NmQ4ZWVkYmFlOTBkOWU2YWIxZGU1MzNj
NTBkMjAwHhcNMjIwODA0MDgyNzIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2NlNTM4ZDk4ZGY2YTkxN2ZkZTY1YzY5Mjc3YjUxYzI0NGE4NTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkC/J8/ccEwuyHPnfcMNYgAPpqnJ/
ZlFpD0+8b6FqOi+IvYEiOnFXY4x41AOxMCGAfX1D7RdfCYzwwkx01k9e6tUpA9xY
nNVsQyZS3B1eFfcc4AgoS+liisb8GLbjOJenuEv7LNoOBRESMB0br9PA7P0bOL/z
XMwv5LrP8Kahe9hlTe2X/Nn/q3cSGyhw+pV3nkPc3sG8/QPSVqhYhqPZzKKfU17o
3u4o3lN5WB8LlwHXAwLir+twrb2CfMHf9gOJ+0uDyLja2NwBKq/Mr7xuFYfFM3sX
7czX/ynlK7pesCdxMb53Iz1MhhMvGCJB6t8KiyxTsQzYV17piqwPyhZ1fQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFIPOU42Y32qRf95lxpJ3tRwkSoU/MB8GA1UdIwQY
MBaAFOxrQgIYhtju266Q2earHeUzxQ0gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0d0Q0FoaUcyTzdicnBEWjVxc2Q1VFBGRFNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8yNmMzZTEtNjQ4Ni00ZTA5LTk5YTQt
YTY4NzNiMzc0ZTI2LzEvZzg1VGpaamZhcEZfM21YR2tuZTFIQ1JLaFQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8yNmMzZTEtNjQ4Ni00ZTA5LTk5YTQtYTY4NzNiMzc0ZTI2
LzEvN0d0Q0FoaUcyTzdicnBEWjVxc2Q1VFBGRFNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQDLvWwAwQB
VmneAwQBWSYkAwQEW1qQAwQCW+asAwQDbUbYAwQCubtAAwQAwgG1AwQBw13yMA0E
AgACMAcDBQMqABTgMA0GCSqGSIb3DQEBCwUAA4IBAQAAdgxRIiuQU1itueigcOft
iB4949U+xVr1ax94oy8ppVO8FoYKsLPbURbdG310rd0/uXpPOsv//tFu0Q9xE0kZ
va7++eYYVQNwFXQ1cM9hjBu+PQUr60XPALHrN2MQxdx45r7S2DjszI1gN5Kyk4Ls
63vUe2UxSh2ZVd60bXmtmGpZzW19MFoBVB6mxUQamnkW+K7fl0jPDqCyWj9fBUjt
+BA1fvWMWxUwqsaEWs9uyvlrlXW9vQwBVDPjzfYCELjRIoXNBrRvfdBTuIfFOixX
5eVUnBzjDGFaBBs+cO2EdRYkW3VnUw1z00q/ugOT0vpsV/pHgA5sf8Dpz4sl/xgB
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:21 2024 by rpki-client on console-ams.rpki-client.org