Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/9d9680-ffbf-43d1-9c05-1be753fad1bf/1/iLy6gslvkEhcftnpw9Rs74bCYto.roa
File: iLy6gslvkEhcftnpw9Rs74bCYto.roa (raw, json)
Hash identifier: /dO/IX8K1BJwPf1cNSKZXV1cNOVFWmayXDcosQlZMkg=
Subject key identifier: 88:BC:BA:82:C9:6F:90:48:5C:7E:D9:E9:C3:D4:6C:EF:86:C2:62:DA
Certificate issuer: /CN=6c5e4ef5516799ffe0bb1b839317dbd355bb7a9b
Certificate serial: 33D12E5A
Authority key identifier: 6C:5E:4E:F5:51:67:99:FF:E0:BB:1B:83:93:17:DB:D3:55:BB:7A:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bF5O9VFnmf_guxuDkxfb01W7eps.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/9d9680-ffbf-43d1-9c05-1be753fad1bf/1/iLy6gslvkEhcftnpw9Rs74bCYto.roa
Signing time: Sat 01 Jan 2022 12:54:34 +0000
ROA not before: Sat 01 Jan 2022 12:54:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47527
IP address blocks: 185.126.152.0/23 maxlen: 23
91.223.235.0/24 maxlen: 24
185.208.212.0/22 maxlen: 22
62.69.152.0/21 maxlen: 21
46.30.120.0/21 maxlen: 21
2a00:1b18::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 869346906 (0x33d12e5a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c5e4ef5516799ffe0bb1b839317dbd355bb7a9b
Validity
Not Before: Jan 1 12:54:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=88bcba82c96f90485c7ed9e9c3d46cef86c262da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:de:d7:b5:a3:2d:5a:33:9e:97:c4:75:72:3d:
30:a1:1e:72:c7:c4:9a:fa:5b:04:67:46:7c:1a:77:
8a:f6:4c:56:22:8e:4d:5b:c3:5c:79:c9:6b:2c:96:
16:a5:dd:31:cd:77:f1:4c:4b:33:c4:a8:74:5c:74:
56:8b:b5:1d:50:a2:46:37:a5:57:c2:6f:bf:47:29:
8a:30:8c:16:84:be:f3:94:05:e8:31:26:66:4b:ac:
5c:c4:97:b1:e5:45:f8:5f:af:6d:56:12:a4:7d:1b:
a2:0b:51:40:5d:70:f0:e9:87:53:eb:80:8e:41:97:
e5:2f:29:58:36:78:c3:f0:c3:06:9d:55:1d:c7:33:
77:dc:ca:2a:64:a7:61:99:05:60:f4:42:fd:00:6d:
fd:7f:c9:e3:2a:37:00:f5:f9:24:36:59:bd:89:29:
90:02:3e:10:d6:6a:ae:d4:07:53:a4:9b:4e:95:7b:
f2:cf:7d:02:8d:57:0b:9c:07:96:3a:f3:44:28:49:
26:06:10:bc:96:0d:d0:3c:f2:6b:bc:a8:c6:25:11:
b6:b9:ae:27:6a:7b:fa:12:2f:fb:63:c0:57:b0:47:
60:d0:ea:5d:77:b0:b5:91:51:12:3f:fc:8e:ba:54:
c6:36:81:6b:f4:2b:c4:6d:31:65:c7:08:e9:17:79:
e5:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:BC:BA:82:C9:6F:90:48:5C:7E:D9:E9:C3:D4:6C:EF:86:C2:62:DA
X509v3 Authority Key Identifier:
keyid:6C:5E:4E:F5:51:67:99:FF:E0:BB:1B:83:93:17:DB:D3:55:BB:7A:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bF5O9VFnmf_guxuDkxfb01W7eps.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/9d9680-ffbf-43d1-9c05-1be753fad1bf/1/iLy6gslvkEhcftnpw9Rs74bCYto.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/9d9680-ffbf-43d1-9c05-1be753fad1bf/1/bF5O9VFnmf_guxuDkxfb01W7eps.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.30.120.0/21
62.69.152.0/21
91.223.235.0/24
185.126.152.0/23
185.208.212.0/22
IPv6:
2a00:1b18::/32
Signature Algorithm: sha256WithRSAEncryption
24:7c:f4:c9:7d:7a:37:a9:a2:e9:d8:f3:fb:ce:79:4e:5b:45:
80:fe:d5:76:de:5c:38:a5:60:7e:8e:98:9e:a7:12:ba:35:07:
72:ca:45:9b:1e:a4:b9:e6:75:10:bb:75:0a:5c:a0:4c:30:cc:
53:c9:10:81:9e:d8:c7:61:9c:d2:5b:cb:f5:1e:04:02:89:4f:
77:0c:a2:1e:60:13:8b:43:26:fe:e5:71:d9:88:10:ea:68:7c:
34:ab:d8:08:f4:97:ce:f3:d7:b3:a5:d7:94:7c:a9:df:21:0d:
33:34:51:ff:c8:09:1b:be:1d:b5:e6:03:f7:50:4a:c2:f6:43:
14:7a:c5:34:8c:9d:f0:c8:4e:1a:be:42:16:e5:26:72:08:56:
66:54:6c:94:e5:3b:15:3b:b0:7a:11:0e:34:2d:d1:b9:44:5b:
56:6f:f8:a4:46:17:ce:4e:2d:f9:ec:0f:d6:bd:76:26:19:75:
62:3a:e4:8a:8c:94:9c:98:15:51:02:30:8b:68:aa:e1:c5:41:
96:c9:a7:7c:f7:3f:af:cb:d1:1a:44:84:aa:98:cf:a6:d3:6d:
da:94:66:b7:7c:9e:6a:52:c1:b5:4e:1c:33:c3:15:cf:ac:67:
94:26:85:33:b9:0e:87:5d:ae:5a:1b:29:a7:2c:04:4b:91:f2:
55:b4:d9:70
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIEM9EuWjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzVlNGVmNTUxNjc5OWZmZTBiYjFiODM5MzE3ZGJkMzU1YmI3YTliMB4XDTIyMDEw
MTEyNTQzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODhiY2JhODJjOTZm
OTA0ODVjN2VkOWU5YzNkNDZjZWY4NmMyNjJkYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKre17WjLVoznpfEdXI9MKEecsfEmvpbBGdGfBp3ivZMViKO
TVvDXHnJayyWFqXdMc138UxLM8SodFx0Vou1HVCiRjelV8Jvv0cpijCMFoS+85QF
6DEmZkusXMSXseVF+F+vbVYSpH0bogtRQF1w8OmHU+uAjkGX5S8pWDZ4w/DDBp1V
Hcczd9zKKmSnYZkFYPRC/QBt/X/J4yo3APX5JDZZvYkpkAI+ENZqrtQHU6SbTpV7
8s99Ao1XC5wHljrzRChJJgYQvJYN0Dzya7yoxiURtrmuJ2p7+hIv+2PAV7BHYNDq
XXewtZFREj/8jrpUxjaBa/QrxG0xZccI6Rd55bUCAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBSIvLqCyW+QSFx+2enD1GzvhsJi2jAfBgNVHSMEGDAWgBRsXk71UWeZ/+C7
G4OTF9vTVbt6mzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JGNU85VkZubWZfZ3V4dURreGZiMDFXN2Vwcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGUvOWQ5NjgwLWZmYmYtNDNkMS05YzA1LTFiZTc1M2ZhZDFiZi8x
L2lMeTZnc2x2a0VoY2Z0bnB3OVJzNzRiQ1l0by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGUv
OWQ5NjgwLWZmYmYtNDNkMS05YzA1LTFiZTc1M2ZhZDFiZi8xL2JGNU85VkZubWZf
Z3V4dURreGZiMDFXN2Vwcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBG
BggrBgEFBQcBBwEB/wQ3MDUwJAQCAAEwHgMEAy4eeAMEAz5FmAMEAFvf6wMEAbl+
mAMEArnQ1DANBAIAAjAHAwUAKgAbGDANBgkqhkiG9w0BAQsFAAOCAQEAJHz0yX16
N6mi6djz+855TltFgP7Vdt5cOKVgfo6YnqcSujUHcspFmx6kueZ1ELt1ClygTDDM
U8kQgZ7Yx2Gc0lvL9R4EAolPdwyiHmATi0Mm/uVx2YgQ6mh8NKvYCPSXzvPXs6XX
lHyp3yENMzRR/8gJG74dteYD91BKwvZDFHrFNIyd8MhOGr5CFuUmcghWZlRslOU7
FTuwehEONC3RuURbVm/4pEYXzk4t+ewP1r12Jhl1YjrkioyUnJgVUQIwi2iq4cVB
lsmnfPc/r8vRGkSEqpjPptNt2pRmt3yealLBtU4cM8MVz6xnlCaFM7kOh12uWhsp
pywES5HyVbTZcA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:55 2024 by rpki-client on console-fra.rpki-client.org