Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/ed51d7-64fd-4c73-9e8c-0e37e11d0ec3/1/c4eZTdvbu7tOcpBFfa8J3OUSVBQ.roa
File: c4eZTdvbu7tOcpBFfa8J3OUSVBQ.roa (raw, json)
Hash identifier: 5Pmdyu6GnvsqlWNPedaC7lsl42T7aLcDfEawBtpoT1I=
Subject key identifier: 73:87:99:4D:DB:DB:BB:BB:4E:72:90:45:7D:AF:09:DC:E5:12:54:14
Certificate issuer: /CN=b6d14118dbd227298daa80c7acab11eea6d63e21
Certificate serial: 0184A45D5C3799F1262E49DF4EDBBC4DED4D
Authority key identifier: B6:D1:41:18:DB:D2:27:29:8D:AA:80:C7:AC:AB:11:EE:A6:D6:3E:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ttFBGNvSJymNqoDHrKsR7qbWPiE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/ed51d7-64fd-4c73-9e8c-0e37e11d0ec3/1/c4eZTdvbu7tOcpBFfa8J3OUSVBQ.roa
Signing time: Wed 23 Nov 2022 12:01:32 +0000
ROA not before: Wed 23 Nov 2022 12:01:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34636
IP address blocks: 185.237.11.0/24 maxlen: 24
185.237.9.0/24 maxlen: 24
185.237.10.0/24 maxlen: 24
185.237.8.0/24 maxlen: 24
185.237.8.0/22 maxlen: 22
185.189.122.0/23 maxlen: 23
185.189.122.0/24 maxlen: 24
185.189.123.0/24 maxlen: 24
185.189.120.0/24 maxlen: 24
185.189.120.0/22 maxlen: 22
185.189.120.0/23 maxlen: 23
185.189.121.0/24 maxlen: 24
185.132.80.0/24 maxlen: 24
185.132.80.0/23 maxlen: 23
185.132.80.0/22 maxlen: 22
185.132.82.0/23 maxlen: 23
185.132.83.0/24 maxlen: 24
185.132.81.0/24 maxlen: 24
185.67.102.0/24 maxlen: 24
185.67.103.0/24 maxlen: 24
185.67.100.0/22 maxlen: 22
185.67.100.0/24 maxlen: 24
185.67.101.0/24 maxlen: 24
185.233.14.0/24 maxlen: 24
185.233.15.0/24 maxlen: 24
185.233.12.0/22 maxlen: 22
185.233.12.0/24 maxlen: 24
185.233.13.0/24 maxlen: 24
88.135.41.0/24 maxlen: 24
88.135.42.0/23 maxlen: 23
88.135.42.0/24 maxlen: 24
88.135.40.0/22 maxlen: 22
88.135.40.0/24 maxlen: 24
88.135.40.0/23 maxlen: 23
88.135.43.0/24 maxlen: 24
88.135.44.0/24 maxlen: 24
2a04:f080::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:a4:5d:5c:37:99:f1:26:2e:49:df:4e:db:bc:4d:ed:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b6d14118dbd227298daa80c7acab11eea6d63e21
Validity
Not Before: Nov 23 12:01:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7387994ddbdbbbbb4e7290457daf09dce5125414
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:ba:b8:56:91:d0:3b:97:be:97:fa:c1:f8:d3:
6b:15:a8:e6:8e:76:92:b0:41:a6:72:47:bb:6e:2d:
97:1e:41:bb:91:0f:92:1a:cf:fd:ec:3a:7a:9e:8f:
52:4c:2b:47:fb:70:2b:fa:70:e6:18:36:18:20:5b:
1d:a9:c8:e3:3a:53:bb:59:23:cc:18:6e:02:76:14:
c0:d1:37:2e:57:e8:93:cf:20:26:ac:db:93:92:3e:
50:58:c9:43:2b:41:36:15:22:6c:40:23:6e:20:52:
32:50:2e:b9:51:c4:3f:30:4f:d4:4f:b6:a8:df:3e:
d3:06:64:c2:b8:78:8f:88:c7:92:ad:26:12:5d:6a:
2a:b2:eb:f8:57:d5:29:b0:51:67:26:e3:24:9e:e3:
14:f9:34:52:73:38:d2:38:0c:60:e5:e9:2d:8d:91:
11:05:4c:f4:0f:33:c7:4c:58:29:e8:72:d6:f9:30:
07:8c:ed:bd:b4:6f:a0:14:bf:4d:ba:ed:7a:5e:0b:
8c:0b:06:fa:7d:bb:0b:34:b6:35:95:1b:34:7d:4f:
5c:cd:f9:71:f0:a7:a8:09:68:e9:30:7f:db:d4:4f:
81:4a:9d:aa:d8:f8:4f:a3:5d:bf:4e:06:76:fb:42:
f5:40:df:df:81:c7:31:22:2c:e0:97:4e:40:dc:36:
be:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:87:99:4D:DB:DB:BB:BB:4E:72:90:45:7D:AF:09:DC:E5:12:54:14
X509v3 Authority Key Identifier:
keyid:B6:D1:41:18:DB:D2:27:29:8D:AA:80:C7:AC:AB:11:EE:A6:D6:3E:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ttFBGNvSJymNqoDHrKsR7qbWPiE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/ed51d7-64fd-4c73-9e8c-0e37e11d0ec3/1/c4eZTdvbu7tOcpBFfa8J3OUSVBQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/ed51d7-64fd-4c73-9e8c-0e37e11d0ec3/1/ttFBGNvSJymNqoDHrKsR7qbWPiE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.135.40.0-88.135.44.255
185.67.100.0/22
185.132.80.0/22
185.189.120.0/22
185.233.12.0/22
185.237.8.0/22
IPv6:
2a04:f080::/29
Signature Algorithm: sha256WithRSAEncryption
03:3c:c2:ae:32:50:35:04:23:21:42:e8:f2:ff:42:db:ce:93:
d2:28:be:aa:bc:b2:ec:e8:0f:cf:db:69:62:2c:de:e4:46:76:
99:2b:b1:3d:54:1f:c3:77:b0:ce:6c:a3:49:e8:2d:e1:07:24:
88:df:41:93:57:2b:17:28:58:eb:fa:d9:19:1f:17:de:c3:2f:
b1:2d:7a:e7:09:fc:0c:d2:ea:bb:40:ec:79:3c:86:ed:59:c6:
43:c4:c3:4f:19:01:d3:d3:5d:7c:a7:db:35:ec:44:65:3c:65:
32:c6:1f:32:d1:f9:af:99:29:b5:9d:2c:16:c3:aa:2d:ae:b0:
73:c5:69:5d:16:05:5b:19:ac:41:f7:4e:29:b7:20:59:45:94:
5f:76:87:92:e1:68:e2:f2:65:89:9e:e7:d4:a1:ca:ee:36:43:
e4:8a:c2:a1:b1:5e:91:e0:1e:96:04:51:02:08:df:52:61:13:
56:bf:53:1d:a0:30:bf:9a:3b:7e:a3:e8:c7:5a:ce:16:32:3f:
30:45:0f:a8:1a:34:54:97:89:35:8a:56:11:05:16:05:7e:ed:
cf:06:98:13:27:d6:4b:f9:c6:8c:80:81:31:02:9e:34:5c:e4:
08:d4:bf:57:56:3a:e3:75:84:f3:2b:a5:f8:66:5a:18:df:cd:
f8:33:4f:c9
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAYSkXVw3mfEmLknfTtu8Te1NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2ZDE0MTE4ZGJkMjI3Mjk4ZGFhODBjN2FjYWIxMWVlYTZk
NjNlMjEwHhcNMjIxMTIzMTIwMTMyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Mzg3OTk0ZGRiZGJiYmJiNGU3MjkwNDU3ZGFmMDlkY2U1MTI1NDE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzbq4VpHQO5e+l/rB+NNrFajmjnaS
sEGmcke7bi2XHkG7kQ+SGs/97Dp6no9STCtH+3Ar+nDmGDYYIFsdqcjjOlO7WSPM
GG4CdhTA0TcuV+iTzyAmrNuTkj5QWMlDK0E2FSJsQCNuIFIyUC65UcQ/ME/UT7ao
3z7TBmTCuHiPiMeSrSYSXWoqsuv4V9UpsFFnJuMknuMU+TRSczjSOAxg5ektjZER
BUz0DzPHTFgp6HLW+TAHjO29tG+gFL9Nuu16XguMCwb6fbsLNLY1lRs0fU9czflx
8KeoCWjpMH/b1E+BSp2q2PhPo12/TgZ2+0L1QN/fgccxIizgl05A3Da+hwIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFHOHmU3b27u7TnKQRX2vCdzlElQUMB8GA1UdIwQY
MBaAFLbRQRjb0icpjaqAx6yrEe6m1j4hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHRGQkdOdlNKeW1OcW9ESHJLc1I3cWJXUGlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9lZDUxZDctNjRmZC00YzczLTllOGMt
MGUzN2UxMWQwZWMzLzEvYzRlWlRkdmJ1N3RPY3BCRmZhOEozT1VTVkJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni9lZDUxZDctNjRmZC00YzczLTllOGMtMGUzN2UxMWQwZWMz
LzEvdHRGQkdOdlNKeW1OcW9ESHJLc1I3cWJXUGlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAyBAIAATAsMAwDBANYhygD
BABYhywDBAK5Q2QDBAK5hFADBAK5vXgDBAK56QwDBAK57QgwDQQCAAIwBwMFAyoE
8IAwDQYJKoZIhvcNAQELBQADggEBAAM8wq4yUDUEIyFC6PL/QtvOk9Iovqq8suzo
D8/baWIs3uRGdpkrsT1UH8N3sM5so0noLeEHJIjfQZNXKxcoWOv62RkfF97DL7Et
eucJ/AzS6rtA7Hk8hu1ZxkPEw08ZAdPTXXyn2zXsRGU8ZTLGHzLR+a+ZKbWdLBbD
qi2usHPFaV0WBVsZrEH3Tim3IFlFlF92h5LhaOLyZYme59Shyu42Q+SKwqGxXpHg
HpYEUQII31JhE1a/Ux2gML+aO36j6MdazhYyPzBFD6gaNFSXiTWKVhEFFgV+7c8G
mBMn1kv5xoyAgTECnjRc5AjUv1dWOuN1hPMrpfhmWhjfzfgzT8k=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:20 2023 by rpki-client on console-ams.rpki-client.org