Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/ed51d7-64fd-4c73-9e8c-0e37e11d0ec3/1/wBOnxQZsUtHVvpEx9tR-tsqARSE.roa
File: wBOnxQZsUtHVvpEx9tR-tsqARSE.roa (raw, json)
Hash identifier: tz/hCKl0CgcWnyC1oTjbRwBmSN+tYb56YK0lDIPtYyU=
Subject key identifier: C0:13:A7:C5:06:6C:52:D1:D5:BE:91:31:F6:D4:7E:B6:CA:80:45:21
Certificate issuer: /CN=b6d14118dbd227298daa80c7acab11eea6d63e21
Certificate serial: 0184BE508D8FA115DFAB82928BE2A7E1ED69
Authority key identifier: B6:D1:41:18:DB:D2:27:29:8D:AA:80:C7:AC:AB:11:EE:A6:D6:3E:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ttFBGNvSJymNqoDHrKsR7qbWPiE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/ed51d7-64fd-4c73-9e8c-0e37e11d0ec3/1/wBOnxQZsUtHVvpEx9tR-tsqARSE.roa
Signing time: Mon 28 Nov 2022 12:57:40 +0000
ROA not before: Mon 28 Nov 2022 12:57:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34636
IP address blocks: 185.237.11.0/24 maxlen: 24
185.237.9.0/24 maxlen: 24
185.237.10.0/24 maxlen: 24
185.237.8.0/24 maxlen: 24
185.237.8.0/22 maxlen: 22
185.189.122.0/23 maxlen: 23
185.189.122.0/24 maxlen: 24
185.189.123.0/24 maxlen: 24
185.189.120.0/24 maxlen: 24
185.189.120.0/23 maxlen: 23
185.189.120.0/22 maxlen: 22
185.189.121.0/24 maxlen: 24
185.132.80.0/24 maxlen: 24
185.132.80.0/23 maxlen: 23
185.132.80.0/22 maxlen: 22
185.132.82.0/23 maxlen: 23
185.132.83.0/24 maxlen: 24
185.67.102.0/24 maxlen: 24
185.67.103.0/24 maxlen: 24
185.67.100.0/22 maxlen: 22
185.67.100.0/24 maxlen: 24
185.67.101.0/24 maxlen: 24
185.233.14.0/24 maxlen: 24
185.233.15.0/24 maxlen: 24
185.233.12.0/22 maxlen: 22
185.233.12.0/24 maxlen: 24
185.233.13.0/24 maxlen: 24
88.135.41.0/24 maxlen: 24
88.135.42.0/23 maxlen: 23
88.135.42.0/24 maxlen: 24
88.135.40.0/22 maxlen: 22
88.135.40.0/24 maxlen: 24
88.135.40.0/23 maxlen: 23
88.135.43.0/24 maxlen: 24
88.135.44.0/24 maxlen: 24
2a04:f080::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:be:50:8d:8f:a1:15:df:ab:82:92:8b:e2:a7:e1:ed:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b6d14118dbd227298daa80c7acab11eea6d63e21
Validity
Not Before: Nov 28 12:57:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c013a7c5066c52d1d5be9131f6d47eb6ca804521
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:fa:34:c1:eb:d7:76:a4:60:d0:89:06:cd:30:
8e:57:7c:8a:0d:a8:9a:c8:b3:f1:dc:0a:d3:9e:0d:
5e:a4:a4:bc:ca:25:2e:92:b7:e3:8c:4a:fc:02:df:
36:02:6c:51:5d:38:dc:1e:fc:8a:43:77:3e:49:1e:
f3:5a:16:a8:8b:01:0d:2e:d4:17:6f:9a:5b:82:ac:
f3:65:e8:a2:fb:ef:54:07:b3:ad:a6:93:c0:4e:65:
8d:1d:49:25:f0:bd:31:d1:18:f7:a5:82:93:06:4f:
3f:34:e0:03:04:82:0f:f9:ae:c9:7d:2c:a1:1a:24:
cf:79:3f:cf:78:d2:2f:44:df:f1:3d:05:97:d6:5d:
2e:79:99:0e:6e:91:b6:8f:47:94:51:8d:9a:fa:83:
2a:a3:f3:7c:6d:41:5f:9a:30:05:80:8f:0d:b0:ae:
65:0c:f6:fc:a9:99:6d:a3:7e:ff:a2:4d:4a:f7:31:
8f:ac:f1:e3:72:23:5f:05:87:58:f7:63:74:ad:c5:
84:56:64:c9:43:f3:77:10:0c:ae:1c:19:e2:0c:bf:
6c:b7:62:5f:16:2a:d8:2e:c0:4c:8d:9d:65:bf:4a:
b9:56:58:04:80:f2:13:83:06:1f:a0:1d:0f:f8:62:
3b:69:f7:c0:7b:b9:75:b0:a5:54:c3:00:75:4d:ea:
95:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:13:A7:C5:06:6C:52:D1:D5:BE:91:31:F6:D4:7E:B6:CA:80:45:21
X509v3 Authority Key Identifier:
keyid:B6:D1:41:18:DB:D2:27:29:8D:AA:80:C7:AC:AB:11:EE:A6:D6:3E:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ttFBGNvSJymNqoDHrKsR7qbWPiE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/ed51d7-64fd-4c73-9e8c-0e37e11d0ec3/1/wBOnxQZsUtHVvpEx9tR-tsqARSE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/ed51d7-64fd-4c73-9e8c-0e37e11d0ec3/1/ttFBGNvSJymNqoDHrKsR7qbWPiE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.135.40.0-88.135.44.255
185.67.100.0/22
185.132.80.0/22
185.189.120.0/22
185.233.12.0/22
185.237.8.0/22
IPv6:
2a04:f080::/29
Signature Algorithm: sha256WithRSAEncryption
7c:a6:3c:1c:92:88:d4:ca:a3:fc:ff:6c:0e:d0:38:46:3a:f1:
5d:40:db:13:28:ca:7c:12:7c:a4:5b:37:da:40:ce:df:86:8e:
fb:c9:ca:a5:6e:c6:65:0b:04:92:43:12:90:70:cc:63:4b:be:
76:4d:ae:45:f3:b7:1f:10:2a:ce:4f:1d:b0:d5:44:e1:bf:53:
ea:20:56:9c:40:8a:7c:e3:46:d6:84:f4:a4:fd:60:ec:2f:d8:
99:dd:3b:fa:6d:a6:c8:81:1e:36:c4:e9:b0:63:a5:cc:03:0b:
61:0d:a9:08:ed:9d:71:d8:ab:5f:d3:f4:7b:92:fe:89:29:4e:
74:d8:29:91:80:1d:34:7c:54:5d:bc:7c:63:4b:41:36:47:42:
ea:cb:8f:f2:ca:43:3d:39:4d:71:ab:f9:d2:43:25:8a:60:1c:
c9:87:98:9c:6b:33:3e:24:6e:d1:74:02:b2:35:f3:3c:8a:ee:
61:0a:c4:53:d6:80:7c:71:b8:37:b7:59:2e:0c:17:fa:bf:07:
2b:5c:b1:59:8b:fd:67:fe:e8:33:af:9b:b0:e5:f6:a1:cb:79:
ec:ea:98:96:7f:49:97:9f:37:e6:94:87:5e:b4:44:6c:a4:0f:
f4:ba:7a:0d:49:d0:b7:f3:b3:67:87:57:10:41:d5:0e:98:7b:
75:02:b0:31
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAYS+UI2PoRXfq4KSi+Kn4e1pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2ZDE0MTE4ZGJkMjI3Mjk4ZGFhODBjN2FjYWIxMWVlYTZk
NjNlMjEwHhcNMjIxMTI4MTI1NzQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDEzYTdjNTA2NmM1MmQxZDViZTkxMzFmNmQ0N2ViNmNhODA0NTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlfo0wevXdqRg0IkGzTCOV3yKDaia
yLPx3ArTng1epKS8yiUukrfjjEr8At82AmxRXTjcHvyKQ3c+SR7zWhaoiwENLtQX
b5pbgqzzZeii++9UB7OtppPATmWNHUkl8L0x0Rj3pYKTBk8/NOADBIIP+a7JfSyh
GiTPeT/PeNIvRN/xPQWX1l0ueZkObpG2j0eUUY2a+oMqo/N8bUFfmjAFgI8NsK5l
DPb8qZlto37/ok1K9zGPrPHjciNfBYdY92N0rcWEVmTJQ/N3EAyuHBniDL9st2Jf
FirYLsBMjZ1lv0q5VlgEgPITgwYfoB0P+GI7affAe7l1sKVUwwB1TeqVawIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFMATp8UGbFLR1b6RMfbUfrbKgEUhMB8GA1UdIwQY
MBaAFLbRQRjb0icpjaqAx6yrEe6m1j4hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHRGQkdOdlNKeW1OcW9ESHJLc1I3cWJXUGlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9lZDUxZDctNjRmZC00YzczLTllOGMt
MGUzN2UxMWQwZWMzLzEvd0JPbnhRWnNVdEhWdnBFeDl0Ui10c3FBUlNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni9lZDUxZDctNjRmZC00YzczLTllOGMtMGUzN2UxMWQwZWMz
LzEvdHRGQkdOdlNKeW1OcW9ESHJLc1I3cWJXUGlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAyBAIAATAsMAwDBANYhygD
BABYhywDBAK5Q2QDBAK5hFADBAK5vXgDBAK56QwDBAK57QgwDQQCAAIwBwMFAyoE
8IAwDQYJKoZIhvcNAQELBQADggEBAHymPBySiNTKo/z/bA7QOEY68V1A2xMoynwS
fKRbN9pAzt+GjvvJyqVuxmULBJJDEpBwzGNLvnZNrkXztx8QKs5PHbDVROG/U+og
VpxAinzjRtaE9KT9YOwv2JndO/ptpsiBHjbE6bBjpcwDC2ENqQjtnXHYq1/T9HuS
/okpTnTYKZGAHTR8VF28fGNLQTZHQurLj/LKQz05TXGr+dJDJYpgHMmHmJxrMz4k
btF0ArI18zyK7mEKxFPWgHxxuDe3WS4MF/q/BytcsVmL/Wf+6DOvm7Dl9qHLeezq
mJZ/SZefN+aUh160RGykD/S6eg1J0Lfzs2eHVxBB1Q6Ye3UCsDE=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:12:04 2025 by rpki-client