Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/cfda05-190d-4142-bd4f-b6a8f8e80f7b/1/PXRYsQpvhqS1Y3D6TQGwEzMOPdY.roa
File: PXRYsQpvhqS1Y3D6TQGwEzMOPdY.roa (raw, json)
Hash identifier: eocjpV43dLUxPG2KTrTE0n7X+y/zJwtS4L0wZcbwlMw=
Subject key identifier: 3D:74:58:B1:0A:6F:86:A4:B5:63:70:FA:4D:01:B0:13:33:0E:3D:D6
Certificate issuer: /CN=6f10d8e1564e40312c9ddf21ba2aa03ba559ead6
Certificate serial: 0184CEC04F7A8014B117A4D25A29EE1612D6
Authority key identifier: 6F:10:D8:E1:56:4E:40:31:2C:9D:DF:21:BA:2A:A0:3B:A5:59:EA:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bxDY4VZOQDEsnd8huiqgO6VZ6tY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/cfda05-190d-4142-bd4f-b6a8f8e80f7b/1/PXRYsQpvhqS1Y3D6TQGwEzMOPdY.roa
Signing time: Thu 01 Dec 2022 17:33:40 +0000
ROA not before: Thu 01 Dec 2022 17:33:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 64476
IP address blocks: 185.231.8.0/22 maxlen: 22
85.190.84.0/24 maxlen: 24
85.190.80.0/22 maxlen: 22
85.190.85.0/24 maxlen: 24
85.190.88.0/22 maxlen: 22
185.253.171.0/24 maxlen: 24
185.253.169.0/24 maxlen: 24
185.253.170.0/24 maxlen: 24
185.253.168.0/24 maxlen: 24
85.190.64.0/20 maxlen: 20
46.247.138.0/23 maxlen: 23
46.247.136.0/23 maxlen: 23
85.190.67.0/24 maxlen: 24
46.247.141.0/24 maxlen: 24
185.161.168.0/22 maxlen: 22
46.247.140.0/24 maxlen: 24
87.121.208.0/21 maxlen: 21
2a0a:e805:500::/40 maxlen: 40
2a0a:e805:300::/40 maxlen: 40
2a0a:e805:100::/40 maxlen: 40
2a0a:e805:710::/44 maxlen: 44
2a0a:e805:610::/44 maxlen: 44
2a0a:e805:210::/44 maxlen: 44
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:ce:c0:4f:7a:80:14:b1:17:a4:d2:5a:29:ee:16:12:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f10d8e1564e40312c9ddf21ba2aa03ba559ead6
Validity
Not Before: Dec 1 17:33:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3d7458b10a6f86a4b56370fa4d01b013330e3dd6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:40:a5:53:67:bb:25:d6:da:bb:62:3a:66:f9:
9b:38:1f:28:b0:2f:d1:a3:5e:35:d0:94:47:27:23:
51:bf:d7:46:3f:0d:0a:10:bb:db:c4:ab:58:44:1e:
ab:84:85:79:09:5a:00:10:3a:cf:c1:25:98:3d:bb:
24:6d:37:0e:68:5a:5d:9a:b9:bc:bb:d2:60:a7:c3:
99:62:b0:55:4e:90:42:8e:3b:1a:05:79:61:a8:bd:
71:64:bb:65:00:22:7a:1a:5b:75:a0:8b:60:52:cf:
3b:2d:03:07:ab:e9:45:80:16:18:5c:7b:c9:6c:86:
ea:a5:e5:a0:85:11:fe:04:cd:61:b1:37:e4:d1:43:
d8:28:3f:06:15:e3:cc:53:f4:cb:e7:13:3a:ac:9a:
f9:6d:62:b0:65:f1:66:d5:c1:f6:47:11:f4:ca:2d:
d3:2d:29:44:38:7a:46:50:67:b8:44:0b:b3:ae:18:
fb:0d:af:01:d1:60:ee:4b:f8:61:51:52:26:40:7b:
b2:f5:46:6f:9b:c0:3f:d0:4d:1c:c2:eb:4c:17:9c:
fd:bd:92:1c:dc:d5:26:75:b4:57:79:19:97:ce:6a:
fe:48:a9:b1:3a:16:fa:83:11:63:97:3f:c7:31:ab:
19:06:ac:8a:8f:a1:9a:7f:3c:ec:ba:14:aa:9f:2d:
0e:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:74:58:B1:0A:6F:86:A4:B5:63:70:FA:4D:01:B0:13:33:0E:3D:D6
X509v3 Authority Key Identifier:
keyid:6F:10:D8:E1:56:4E:40:31:2C:9D:DF:21:BA:2A:A0:3B:A5:59:EA:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bxDY4VZOQDEsnd8huiqgO6VZ6tY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/cfda05-190d-4142-bd4f-b6a8f8e80f7b/1/PXRYsQpvhqS1Y3D6TQGwEzMOPdY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/cfda05-190d-4142-bd4f-b6a8f8e80f7b/1/bxDY4VZOQDEsnd8huiqgO6VZ6tY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.247.136.0-46.247.141.255
85.190.64.0-85.190.85.255
85.190.88.0/22
87.121.208.0/21
185.161.168.0/22
185.231.8.0/22
185.253.168.0/22
IPv6:
2a0a:e805:100::/40
2a0a:e805:210::/44
2a0a:e805:300::/40
2a0a:e805:500::/40
2a0a:e805:610::/44
2a0a:e805:710::/44
Signature Algorithm: sha256WithRSAEncryption
54:e9:48:ea:f6:cb:93:c1:4f:b3:8a:7e:99:7c:f4:62:8f:41:
ca:93:57:99:68:38:14:c7:03:e7:3d:30:54:3a:71:9c:09:18:
1a:e8:76:3a:7b:56:df:ab:6d:9d:d9:22:57:6f:7e:fe:b1:6f:
4b:18:54:3c:ea:1c:2d:ec:7b:24:95:24:a8:e3:26:d7:ce:ff:
08:9b:93:2e:34:f8:56:f5:30:3c:32:3e:f8:f5:2f:8a:77:5d:
c0:87:2a:c9:ae:59:87:81:73:0c:9b:a9:b8:6c:f0:5a:20:c3:
34:79:8e:66:fa:30:3d:15:48:6e:26:3d:ee:42:16:dd:77:4c:
3e:f7:d0:74:32:a3:b8:be:bb:fe:bd:8b:2c:e9:d7:df:57:a4:
8b:5c:fc:3c:96:20:6d:8e:0e:4c:c2:de:81:1a:95:be:71:e9:
d6:a7:9b:79:a4:e6:c0:54:61:31:58:c3:b2:5f:d6:a3:c6:80:
76:f2:75:2e:6f:03:4a:93:7e:c3:72:e8:4c:35:a5:10:e9:6d:
b0:15:a3:2c:b7:5d:de:5e:97:69:af:c7:5b:fa:e8:25:d5:60:
ef:bc:67:ea:53:29:d9:d6:71:bb:c0:3a:fd:ec:19:b7:10:56:
8b:61:e4:7f:84:c2:09:fc:62:1e:44:b6:ab:cb:2a:7d:d5:15:
32:30:a6:93
-----BEGIN CERTIFICATE-----
MIIFbTCCBFWgAwIBAgISAYTOwE96gBSxF6TSWinuFhLWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmMTBkOGUxNTY0ZTQwMzEyYzlkZGYyMWJhMmFhMDNiYTU1
OWVhZDYwHhcNMjIxMjAxMTczMzQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDc0NThiMTBhNmY4NmE0YjU2MzcwZmE0ZDAxYjAxMzMzMGUzZGQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApEClU2e7Jdbau2I6ZvmbOB8osC/R
o1410JRHJyNRv9dGPw0KELvbxKtYRB6rhIV5CVoAEDrPwSWYPbskbTcOaFpdmrm8
u9Jgp8OZYrBVTpBCjjsaBXlhqL1xZLtlACJ6Glt1oItgUs87LQMHq+lFgBYYXHvJ
bIbqpeWghRH+BM1hsTfk0UPYKD8GFePMU/TL5xM6rJr5bWKwZfFm1cH2RxH0yi3T
LSlEOHpGUGe4RAuzrhj7Da8B0WDuS/hhUVImQHuy9UZvm8A/0E0cwutMF5z9vZIc
3NUmdbRXeRmXzmr+SKmxOhb6gxFjlz/HMasZBqyKj6GafzzsuhSqny0OZwIDAQAB
o4ICeTCCAnUwHQYDVR0OBBYEFD10WLEKb4aktWNw+k0BsBMzDj3WMB8GA1UdIwQY
MBaAFG8Q2OFWTkAxLJ3fIboqoDulWerWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnhEWTRWWk9RREVzbmQ4aHVpcWdPNlZaNnRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9jZmRhMDUtMTkwZC00MTQyLWJkNGYt
YjZhOGY4ZTgwZjdiLzEvUFhSWXNRcHZocVMxWTNENlRRR3dFek1PUGRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9jZmRhMDUtMTkwZC00MTQyLWJkNGYtYjZhOGY4ZTgwZjdi
LzEvYnhEWTRWWk9RREVzbmQ4aHVpcWdPNlZaNnRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGOBggrBgEFBQcBBwEB/wR/MH0wQAQCAAEwOjAMAwQDLveI
AwQBLveMMAwDBAZVvkADBAFVvlQDBAJVvlgDBANXedADBAK5oagDBAK55wgDBAK5
/agwOQQCAAIwMwMGACoK6AUBAwcEKgroBQIQAwYAKgroBQMDBgAqCugFBQMHBCoK
6AUGEAMHBCoK6AUHEDANBgkqhkiG9w0BAQsFAAOCAQEAVOlI6vbLk8FPs4p+mXz0
Yo9BypNXmWg4FMcD5z0wVDpxnAkYGuh2OntW36ttndkiV29+/rFvSxhUPOocLex7
JJUkqOMm187/CJuTLjT4VvUwPDI++PUvinddwIcqya5Zh4FzDJupuGzwWiDDNHmO
ZvowPRVIbiY97kIW3XdMPvfQdDKjuL67/r2LLOnX31eki1z8PJYgbY4OTMLegRqV
vnHp1qebeaTmwFRhMVjDsl/Wo8aAdvJ1Lm8DSpN+w3LoTDWlEOltsBWjLLdd3l6X
aa/HW/roJdVg77xn6lMp2dZxu8A6/ewZtxBWi2Hkf4TCCfxiHkS2q8sqfdUVMjCm
kw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:30 2024 by rpki-client on console-ams.rpki-client.org