Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/cfda05-190d-4142-bd4f-b6a8f8e80f7b/1/SoBMCHWzvOYIt5pPSRHei8iUH0c.roa
File: SoBMCHWzvOYIt5pPSRHei8iUH0c.roa (raw, json)
Hash identifier: 8f8OuBlT2217e6SXtbKiyYJbo1DxXBk9vYeamJfeAAo=
Subject key identifier: 4A:80:4C:08:75:B3:BC:E6:08:B7:9A:4F:49:11:DE:8B:C8:94:1F:47
Certificate issuer: /CN=6f10d8e1564e40312c9ddf21ba2aa03ba559ead6
Certificate serial: 018529D6E0DEDD1A7944A5D349833BE83DD7
Authority key identifier: 6F:10:D8:E1:56:4E:40:31:2C:9D:DF:21:BA:2A:A0:3B:A5:59:EA:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bxDY4VZOQDEsnd8huiqgO6VZ6tY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/cfda05-190d-4142-bd4f-b6a8f8e80f7b/1/SoBMCHWzvOYIt5pPSRHei8iUH0c.roa
Signing time: Mon 19 Dec 2022 10:03:46 +0000
ROA not before: Mon 19 Dec 2022 10:03:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 64476
IP address blocks: 185.231.8.0/22 maxlen: 22
85.190.84.0/24 maxlen: 24
85.190.85.0/24 maxlen: 24
85.190.88.0/22 maxlen: 22
185.253.171.0/24 maxlen: 24
185.253.169.0/24 maxlen: 24
185.253.170.0/24 maxlen: 24
185.253.168.0/24 maxlen: 24
46.247.138.0/23 maxlen: 23
46.247.136.0/23 maxlen: 23
85.190.67.0/24 maxlen: 24
46.247.141.0/24 maxlen: 24
185.161.168.0/22 maxlen: 22
46.247.140.0/24 maxlen: 24
87.121.208.0/21 maxlen: 21
2a0a:e805:500::/40 maxlen: 40
2a0a:e805:210::/44 maxlen: 44
2a0a:e805:610::/44 maxlen: 44
2a0a:e805:710::/44 maxlen: 44
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:29:d6:e0:de:dd:1a:79:44:a5:d3:49:83:3b:e8:3d:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f10d8e1564e40312c9ddf21ba2aa03ba559ead6
Validity
Not Before: Dec 19 10:03:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4a804c0875b3bce608b79a4f4911de8bc8941f47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:f5:79:be:66:11:2c:c3:88:98:b9:e6:76:7b:
d1:8b:07:c0:7a:b2:8d:93:f0:3c:04:54:55:d6:cb:
76:45:ee:9b:4a:56:b4:d3:74:42:d5:0a:fc:4e:85:
6e:53:52:d1:bf:77:81:b9:2b:da:67:4a:86:11:56:
40:5f:a6:44:8f:f5:0c:e0:bf:4c:42:1b:6e:a2:b9:
0a:b0:b4:c8:ac:1b:8d:a1:a2:77:53:3a:66:31:e3:
49:21:3e:2d:28:fc:27:61:9a:58:26:6d:23:d3:f5:
0d:d5:4b:70:ba:c0:58:32:97:e1:ef:13:aa:b5:97:
1e:b4:a2:73:08:b9:bf:d3:5e:05:c5:ba:4f:8d:c7:
47:72:23:b6:55:fc:21:81:7e:ee:42:ce:8f:4a:fe:
c7:d2:95:c5:5a:37:0d:ad:b1:ec:99:19:66:62:5f:
db:2f:1e:1c:ff:69:f4:70:5d:c1:27:e3:20:20:00:
a3:c2:04:cd:d6:d3:70:d5:0d:6a:08:2a:fc:ad:d7:
a1:ce:72:b7:b1:30:08:62:78:41:9d:1a:68:9b:6a:
9d:a2:44:dd:d7:5e:a8:ee:65:0e:43:e4:6c:ba:5a:
58:16:b7:50:a8:11:65:76:ac:17:f4:f2:8b:da:16:
4d:fb:8a:0b:75:fe:74:44:13:97:b3:55:94:f2:e9:
50:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:80:4C:08:75:B3:BC:E6:08:B7:9A:4F:49:11:DE:8B:C8:94:1F:47
X509v3 Authority Key Identifier:
keyid:6F:10:D8:E1:56:4E:40:31:2C:9D:DF:21:BA:2A:A0:3B:A5:59:EA:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bxDY4VZOQDEsnd8huiqgO6VZ6tY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/cfda05-190d-4142-bd4f-b6a8f8e80f7b/1/SoBMCHWzvOYIt5pPSRHei8iUH0c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/cfda05-190d-4142-bd4f-b6a8f8e80f7b/1/bxDY4VZOQDEsnd8huiqgO6VZ6tY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.247.136.0-46.247.141.255
85.190.67.0/24
85.190.84.0/23
85.190.88.0/22
87.121.208.0/21
185.161.168.0/22
185.231.8.0/22
185.253.168.0/22
IPv6:
2a0a:e805:210::/44
2a0a:e805:500::/40
2a0a:e805:610::/44
2a0a:e805:710::/44
Signature Algorithm: sha256WithRSAEncryption
0b:60:ca:5b:0a:39:71:64:91:af:a9:7c:4a:13:77:85:81:b8:
92:40:e2:0a:2c:a3:bf:b1:57:9a:2a:8c:61:7f:1d:26:ce:4d:
66:b5:2a:32:29:1b:d4:93:83:bd:6c:e0:23:ba:03:fd:75:b0:
31:b8:9b:2c:27:f1:8b:90:88:8b:6d:8e:f3:ed:4d:96:66:b3:
04:bf:e4:33:d3:b7:3a:06:4e:d8:ee:8d:3a:06:8c:cf:7b:64:
cf:7b:a5:53:4d:62:6e:3f:be:c5:bf:b5:31:ff:a8:84:60:1f:
fe:2b:60:6f:4c:ae:7d:6c:b8:8a:e0:f0:b3:e5:7e:54:ce:c8:
8f:30:37:a9:55:14:5f:c2:d4:12:34:90:ba:6c:19:0e:cd:69:
92:fb:59:66:5e:3b:79:d7:26:a4:ed:d2:57:9a:f0:bb:86:57:
6e:aa:db:94:cc:1b:bf:c7:17:f6:6e:21:ef:fa:25:a0:72:cf:
39:5b:e7:31:72:75:da:8d:85:8b:25:24:e6:1f:8e:63:fe:42:
c3:ed:3f:9f:1f:9c:f6:3b:d6:21:48:d0:70:dc:a0:67:5b:bf:
4c:ab:a8:a4:88:2e:17:26:16:9f:28:b9:30:50:e0:6b:98:42:
89:fa:e3:64:66:6f:9b:dc:fe:28:d6:f5:46:93:74:3d:72:8d:
7b:b3:93:f8
-----BEGIN CERTIFICATE-----
MIIFWjCCBEKgAwIBAgISAYUp1uDe3Rp5RKXTSYM76D3XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmMTBkOGUxNTY0ZTQwMzEyYzlkZGYyMWJhMmFhMDNiYTU1
OWVhZDYwHhcNMjIxMjE5MTAwMzQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTgwNGMwODc1YjNiY2U2MDhiNzlhNGY0OTExZGU4YmM4OTQxZjQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxvV5vmYRLMOImLnmdnvRiwfAerKN
k/A8BFRV1st2Re6bSla003RC1Qr8ToVuU1LRv3eBuSvaZ0qGEVZAX6ZEj/UM4L9M
QhtuorkKsLTIrBuNoaJ3UzpmMeNJIT4tKPwnYZpYJm0j0/UN1UtwusBYMpfh7xOq
tZcetKJzCLm/014FxbpPjcdHciO2VfwhgX7uQs6PSv7H0pXFWjcNrbHsmRlmYl/b
Lx4c/2n0cF3BJ+MgIACjwgTN1tNw1Q1qCCr8rdehznK3sTAIYnhBnRpom2qdokTd
116o7mUOQ+RsulpYFrdQqBFldqwX9PKL2hZN+4oLdf50RBOXs1WU8ulQFwIDAQAB
o4ICZjCCAmIwHQYDVR0OBBYEFEqATAh1s7zmCLeaT0kR3ovIlB9HMB8GA1UdIwQY
MBaAFG8Q2OFWTkAxLJ3fIboqoDulWerWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnhEWTRWWk9RREVzbmQ4aHVpcWdPNlZaNnRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9jZmRhMDUtMTkwZC00MTQyLWJkNGYt
YjZhOGY4ZTgwZjdiLzEvU29CTUNIV3p2T1lJdDVwUFNSSGVpOGlVSDBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9jZmRhMDUtMTkwZC00MTQyLWJkNGYtYjZhOGY4ZTgwZjdi
LzEvYnhEWTRWWk9RREVzbmQ4aHVpcWdPNlZaNnRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHwGCCsGAQUFBwEHAQH/BG0wazA+BAIAATA4MAwDBAMu94gD
BAEu94wDBABVvkMDBAFVvlQDBAJVvlgDBANXedADBAK5oagDBAK55wgDBAK5/agw
KQQCAAIwIwMHBCoK6AUCEAMGACoK6AUFAwcEKgroBQYQAwcEKgroBQcQMA0GCSqG
SIb3DQEBCwUAA4IBAQALYMpbCjlxZJGvqXxKE3eFgbiSQOIKLKO/sVeaKoxhfx0m
zk1mtSoyKRvUk4O9bOAjugP9dbAxuJssJ/GLkIiLbY7z7U2WZrMEv+Qz07c6Bk7Y
7o06BozPe2TPe6VTTWJuP77Fv7Ux/6iEYB/+K2BvTK59bLiK4PCz5X5UzsiPMDep
VRRfwtQSNJC6bBkOzWmS+1lmXjt51yak7dJXmvC7hlduqtuUzBu/xxf2biHv+iWg
cs85W+cxcnXajYWLJSTmH45j/kLD7T+fH5z2O9YhSNBw3KBnW79Mq6ikiC4XJhaf
KLkwUOBrmEKJ+uNkZm+b3P4o1vVGk3Q9co17s5P4
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:04 2023 by rpki-client on console-fra.rpki-client.org