Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/ef0b92-5d85-4792-b551-9a358362829c/1/z3k8rcmbeumYAL_BT5lCNHwn-7M.roa
File: z3k8rcmbeumYAL_BT5lCNHwn-7M.roa (raw, json)
Hash identifier: 3K0+cCW2Jodl7GKIkxKPegFPyLya2D7m5Zm/6J03l8Q=
Subject key identifier: CF:79:3C:AD:C9:9B:7A:E9:98:00:BF:C1:4F:99:42:34:7C:27:FB:B3
Certificate issuer: /CN=167782bea46fd271768ff46d9b45c057a9df5481
Certificate serial: 08474C47
Authority key identifier: 16:77:82:BE:A4:6F:D2:71:76:8F:F4:6D:9B:45:C0:57:A9:DF:54:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FneCvqRv0nF2j_Rtm0XAV6nfVIE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/ef0b92-5d85-4792-b551-9a358362829c/1/z3k8rcmbeumYAL_BT5lCNHwn-7M.roa
Signing time: Sat 01 Jan 2022 12:56:46 +0000
ROA not before: Sat 01 Jan 2022 12:56:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205399
IP address blocks: 185.229.13.0/24 maxlen: 24
185.229.12.0/24 maxlen: 24
185.229.12.0/22 maxlen: 24
185.229.15.0/24 maxlen: 24
185.181.208.0/24 maxlen: 24
185.181.208.0/22 maxlen: 24
185.181.210.0/24 maxlen: 24
185.181.209.0/24 maxlen: 24
185.181.211.0/24 maxlen: 24
185.219.132.0/24 maxlen: 24
185.219.134.0/24 maxlen: 24
185.219.133.0/24 maxlen: 24
185.219.135.0/24 maxlen: 24
2a0a:e080::/29 maxlen: 29
2a0d:ae00::/29 maxlen: 48
2a0b:e8c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 138890311 (0x8474c47)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=167782bea46fd271768ff46d9b45c057a9df5481
Validity
Not Before: Jan 1 12:56:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cf793cadc99b7ae99800bfc14f9942347c27fbb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:63:8f:16:27:b1:40:fa:67:10:93:c3:4e:d6:
31:64:5e:92:9f:93:62:92:2a:48:44:de:39:c6:51:
05:c9:fa:da:5d:df:14:06:f7:23:ae:03:d3:63:b0:
c1:ac:6c:72:76:f9:f8:8b:6c:41:e9:82:ed:10:b5:
64:5d:e5:ee:96:3f:41:81:df:1d:71:45:41:67:d2:
c3:e9:99:51:6b:c4:65:91:67:52:3f:17:91:93:96:
78:6d:47:6f:de:30:21:c3:18:df:e4:62:01:12:86:
6f:a6:10:44:a7:2d:23:f3:88:20:60:60:7e:91:3a:
fc:04:33:4b:11:bd:cb:6d:a3:82:c9:98:99:0c:6f:
20:cf:f6:0d:56:14:8f:bc:0b:06:c3:26:62:9a:4e:
90:e2:b9:60:ec:0c:c3:f4:60:1f:41:6a:b0:6b:4f:
12:7c:ef:cd:ad:5e:bc:38:32:af:68:9d:25:ae:99:
b6:08:46:34:70:99:c2:d5:34:09:82:b7:c3:86:aa:
11:93:62:95:cb:67:4f:f9:b8:a2:f5:3b:1f:6e:b6:
fd:9d:d1:30:7b:8e:c3:4e:09:d6:34:22:1c:59:b6:
55:ce:8e:2c:b0:f2:51:f3:b3:d5:f1:2d:c2:60:47:
e1:b2:32:c5:84:e1:af:ea:1d:f3:43:2f:98:6c:28:
05:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:79:3C:AD:C9:9B:7A:E9:98:00:BF:C1:4F:99:42:34:7C:27:FB:B3
X509v3 Authority Key Identifier:
keyid:16:77:82:BE:A4:6F:D2:71:76:8F:F4:6D:9B:45:C0:57:A9:DF:54:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FneCvqRv0nF2j_Rtm0XAV6nfVIE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/ef0b92-5d85-4792-b551-9a358362829c/1/z3k8rcmbeumYAL_BT5lCNHwn-7M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/ef0b92-5d85-4792-b551-9a358362829c/1/FneCvqRv0nF2j_Rtm0XAV6nfVIE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.181.208.0/22
185.219.132.0/22
185.229.12.0/22
IPv6:
2a0a:e080::/29
2a0b:e8c0::/29
2a0d:ae00::/29
Signature Algorithm: sha256WithRSAEncryption
04:fc:6c:87:95:a4:1d:54:ff:8f:b1:c1:e4:9e:77:8f:a4:f4:
9a:6b:1e:ab:10:82:b5:56:38:5f:ae:85:95:89:c3:c0:c6:e2:
02:5a:86:0c:e0:1d:28:16:2d:35:13:c7:78:9c:d2:d5:13:fa:
25:9e:e4:6a:a7:92:04:fe:15:3b:83:dd:1c:2b:b5:9a:a9:8a:
27:0b:82:75:c7:61:57:df:56:0b:c0:20:9e:d3:09:99:3f:9c:
91:4d:6d:0a:98:6c:28:c1:73:ae:d2:27:8e:47:9c:f7:47:ca:
20:a6:21:39:86:15:45:a3:69:92:1f:11:f4:fa:e5:96:6d:92:
5a:dd:b8:28:f8:6e:ec:8e:14:ea:26:0c:f1:0e:41:7c:cd:85:
28:3e:8e:bc:6a:6c:00:f4:97:f4:40:4d:8c:0e:d3:ab:5a:f4:
ac:8e:c2:57:4c:06:af:2f:fc:21:48:ab:35:c5:f1:8c:c2:0d:
a3:e1:03:80:31:d4:c8:74:ae:2d:3c:0b:10:c3:1a:5c:19:c3:
57:de:08:ef:65:ab:dd:2e:55:b6:6c:d9:8a:2e:3c:c4:3c:7e:
be:5b:81:7c:6f:06:86:d0:1f:c6:79:7b:c7:f4:4f:bc:e6:98:
ed:11:ac:03:b6:cb:88:98:0e:a8:69:a7:06:d2:e8:60:76:63:
fd:4c:0b:f7
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgIECEdMRzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
Njc3ODJiZWE0NmZkMjcxNzY4ZmY0NmQ5YjQ1YzA1N2E5ZGY1NDgxMB4XDTIyMDEw
MTEyNTY0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2Y3OTNjYWRjOTli
N2FlOTk4MDBiZmMxNGY5OTQyMzQ3YzI3ZmJiMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALtjjxYnsUD6ZxCTw07WMWRekp+TYpIqSETeOcZRBcn62l3f
FAb3I64D02Owwaxscnb5+ItsQemC7RC1ZF3l7pY/QYHfHXFFQWfSw+mZUWvEZZFn
Uj8XkZOWeG1Hb94wIcMY3+RiARKGb6YQRKctI/OIIGBgfpE6/AQzSxG9y22jgsmY
mQxvIM/2DVYUj7wLBsMmYppOkOK5YOwMw/RgH0FqsGtPEnzvza1evDgyr2idJa6Z
tghGNHCZwtU0CYK3w4aqEZNilctnT/m4ovU7H262/Z3RMHuOw04J1jQiHFm2Vc6O
LLDyUfOz1fEtwmBH4bIyxYThr+od80MvmGwoBTUCAwEAAaOCAjIwggIuMB0GA1Ud
DgQWBBTPeTytyZt66ZgAv8FPmUI0fCf7szAfBgNVHSMEGDAWgBQWd4K+pG/ScXaP
9G2bRcBXqd9UgTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0ZuZUN2cVJ2MG5GMmpfUnRtMFhBVjZuZlZJRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTMvZWYwYjkyLTVkODUtNDc5Mi1iNTUxLTlhMzU4MzYyODI5Yy8x
L3ozazhyY21iZXVtWUFMX0JUNWxDTkh3bi03TS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTMv
ZWYwYjkyLTVkODUtNDc5Mi1iNTUxLTlhMzU4MzYyODI5Yy8xL0ZuZUN2cVJ2MG5G
MmpfUnRtMFhBVjZuZlZJRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBI
BggrBgEFBQcBBwEB/wQ5MDcwGAQCAAEwEgMEArm10AMEArnbhAMEArnlDDAbBAIA
AjAVAwUDKgrggAMFAyoL6MADBQMqDa4AMA0GCSqGSIb3DQEBCwUAA4IBAQAE/GyH
laQdVP+PscHknnePpPSaax6rEIK1VjhfroWVicPAxuICWoYM4B0oFi01E8d4nNLV
E/olnuRqp5IE/hU7g90cK7WaqYonC4J1x2FX31YLwCCe0wmZP5yRTW0KmGwowXOu
0ieOR5z3R8ogpiE5hhVFo2mSHxH0+uWWbZJa3bgo+G7sjhTqJgzxDkF8zYUoPo68
amwA9Jf0QE2MDtOrWvSsjsJXTAavL/whSKs1xfGMwg2j4QOAMdTIdK4tPAsQwxpc
GcNX3gjvZavdLlW2bNmKLjzEPH6+W4F8bwaG0B/GeXvH9E+85pjtEawDtsuImA6o
aacG0uhgdmP9TAv3
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:12 2023 by rpki-client on console-ams.rpki-client.org