Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/a3aQweR3mf8r75GIs9kO_I0-EYc.roa
File: a3aQweR3mf8r75GIs9kO_I0-EYc.roa (raw, json)
Hash identifier: Nzc8jlOat4Ce9wPwPiKQJAkTpNZ5S3tj+w2wtpPMoP4=
Subject key identifier: 6B:76:90:C1:E4:77:99:FF:2B:EF:91:88:B3:D9:0E:FC:8D:3E:11:87
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 04D55C77
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/a3aQweR3mf8r75GIs9kO_I0-EYc.roa
Signing time: Thu 07 Apr 2022 15:19:30 +0000
ROA not before: Thu 07 Apr 2022 15:19:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202766
IP address blocks: 94.198.47.0/24 maxlen: 24
94.198.46.0/24 maxlen: 24
89.42.70.0/24 maxlen: 24
185.242.175.0/24 maxlen: 24
178.19.44.0/24 maxlen: 24
178.19.47.0/24 maxlen: 24
185.229.212.0/22 maxlen: 22
185.229.213.0/24 maxlen: 24
185.229.212.0/24 maxlen: 24
80.66.115.0/24 maxlen: 24
185.229.215.0/24 maxlen: 24
185.229.214.0/24 maxlen: 24
89.44.150.0/24 maxlen: 24
178.19.33.0/24 maxlen: 24
178.19.32.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 81091703 (0x4d55c77)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Apr 7 15:19:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6b7690c1e47799ff2bef9188b3d90efc8d3e1187
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:9e:59:12:fc:e7:10:6c:2a:d8:6e:18:78:a0:
68:9d:ec:8a:bc:e4:37:7d:d1:37:6b:cf:83:cf:0b:
ce:55:97:26:7b:e2:45:91:85:66:6a:7b:2a:48:4d:
39:2b:97:3e:f3:6a:71:2a:7f:dc:74:a6:e8:5d:2c:
9e:af:33:1c:46:c3:a6:c6:0c:d4:a6:00:10:cd:54:
1a:9f:62:bc:d1:79:43:16:02:b9:e4:b7:b8:12:9d:
81:02:14:a3:b5:ab:eb:71:1d:2a:7d:9e:8e:7b:a7:
c6:1d:b5:9f:eb:5d:a8:ee:44:39:b9:0d:79:4f:12:
a8:25:80:e9:95:7f:01:c3:58:96:70:4d:49:8e:5e:
c9:4a:dd:93:91:be:f5:f2:63:34:bd:93:b9:b2:0a:
e5:ee:42:67:3e:8e:ef:51:96:f1:c5:71:f0:10:19:
ae:9b:c8:cc:02:0b:86:f5:ab:2f:70:d1:11:b6:fb:
e4:d8:47:d0:ea:ec:b5:e6:ec:09:a2:47:8d:33:ef:
cc:3f:4e:55:46:7f:70:33:da:31:d1:18:18:61:65:
fa:b4:af:54:2c:96:3b:73:88:92:4f:20:ab:59:7b:
0b:ba:65:d8:c6:a2:76:17:7c:48:54:17:31:71:36:
b0:b1:45:00:ee:ab:fe:64:70:89:e1:d1:31:16:c7:
9d:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:76:90:C1:E4:77:99:FF:2B:EF:91:88:B3:D9:0E:FC:8D:3E:11:87
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/a3aQweR3mf8r75GIs9kO_I0-EYc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.66.115.0/24
89.42.70.0/24
89.44.150.0/24
94.198.46.0/23
178.19.32.0/23
178.19.44.0/24
178.19.47.0/24
185.229.212.0/22
185.242.175.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:f5:7b:11:a5:6a:c2:32:24:26:8d:8b:c9:bb:c2:5c:31:af:
1d:45:48:c6:ec:73:53:a3:62:00:2c:03:39:ba:b6:25:5b:2e:
68:56:14:68:11:f4:11:ad:6b:97:6e:19:fd:cd:63:cc:7a:c0:
56:1f:87:c6:ef:8c:83:6a:9a:ff:64:c7:85:e4:f5:fb:d8:8a:
d2:e3:b1:50:29:f9:d5:d7:6e:f9:4d:8b:94:d0:5e:5b:eb:f6:
d3:20:38:a0:27:4e:a3:03:81:3d:21:85:ba:31:89:54:4b:c0:
8d:b6:84:5d:11:9b:c7:b0:e2:60:a1:80:1d:22:9d:ca:d1:0d:
2c:43:4e:2e:27:92:7c:a7:ac:16:17:c6:74:56:69:05:ff:2d:
84:a5:90:75:ff:07:af:19:11:37:b9:c2:c1:61:bd:7e:57:9a:
80:50:1a:96:6f:c9:61:d0:10:27:db:5b:7c:97:39:e0:49:b6:
ca:0f:be:11:7e:03:2c:40:19:e3:f0:27:97:17:25:b3:03:5c:
ff:d7:57:0a:39:b2:ad:1e:b0:3b:d7:0d:7c:f9:d5:69:90:19:
83:a0:8f:44:67:b6:5f:7a:93:a5:14:97:6c:a0:57:ab:25:ad:
ee:f9:fd:9d:74:fe:8d:1a:d1:ff:fc:70:f4:0d:bd:06:23:88:
79:51:74:fd
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgIEBNVcdzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NTM0YzQ5ZmNmYThhNDUwNDFkOTVlZDRkOGQ0ZmM2OWM3MjdhNDY3MB4XDTIyMDQw
NzE1MTkzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmI3NjkwYzFlNDc3
OTlmZjJiZWY5MTg4YjNkOTBlZmM4ZDNlMTE4NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKWeWRL85xBsKthuGHigaJ3sirzkN33RN2vPg88LzlWXJnvi
RZGFZmp7KkhNOSuXPvNqcSp/3HSm6F0snq8zHEbDpsYM1KYAEM1UGp9ivNF5QxYC
ueS3uBKdgQIUo7Wr63EdKn2ejnunxh21n+tdqO5EObkNeU8SqCWA6ZV/AcNYlnBN
SY5eyUrdk5G+9fJjNL2TubIK5e5CZz6O71GW8cVx8BAZrpvIzAILhvWrL3DREbb7
5NhH0OrstebsCaJHjTPvzD9OVUZ/cDPaMdEYGGFl+rSvVCyWO3OIkk8gq1l7C7pl
2Maidhd8SFQXMXE2sLFFAO6r/mRwieHRMRbHnX8CAwEAAaOCAjkwggI1MB0GA1Ud
DgQWBBRrdpDB5HeZ/yvvkYiz2Q78jT4RhzAfBgNVHSMEGDAWgBQFNMSfz6ikUEHZ
XtTY1PxpxyekZzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JUVEVuOC1vcEZCQjJWN1UyTlQ4YWNjbnBHYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWEvMGNjYmRhLWQ2ZjEtNDUyNy04MTA2LWNkN2UwNmNiYjUzMS8x
L2EzYVF3ZVIzbWY4cjc1R0lzOWtPX0kwLUVZYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWEv
MGNjYmRhLWQ2ZjEtNDUyNy04MTA2LWNkN2UwNmNiYjUzMS8xL0JUVEVuOC1vcEZC
QjJWN1UyTlQ4YWNjbnBHYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBP
BggrBgEFBQcBBwEB/wRAMD4wPAQCAAEwNgMEAFBCcwMEAFkqRgMEAFkslgMEAV7G
LgMEAbITIAMEALITLAMEALITLwMEArnl1AMEALnyrzANBgkqhkiG9w0BAQsFAAOC
AQEALfV7EaVqwjIkJo2LybvCXDGvHUVIxuxzU6NiACwDObq2JVsuaFYUaBH0Ea1r
l24Z/c1jzHrAVh+Hxu+Mg2qa/2THheT1+9iK0uOxUCn51ddu+U2LlNBeW+v20yA4
oCdOowOBPSGFujGJVEvAjbaEXRGbx7DiYKGAHSKdytENLENOLieSfKesFhfGdFZp
Bf8thKWQdf8HrxkRN7nCwWG9fleagFAalm/JYdAQJ9tbfJc54Em2yg++EX4DLEAZ
4/AnlxclswNc/9dXCjmyrR6wO9cNfPnVaZAZg6CPRGe2X3qTpRSXbKBXqyWt7vn9
nXT+jRrR//xw9A29BiOIeVF0/Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:56 2024 by rpki-client on console-fra.rpki-client.org