Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/971f08-e57c-408a-b776-f7da3b8732bf/1/pBHRQI_hX0utFlVFVYBksn3Ii6Q.roa
File: pBHRQI_hX0utFlVFVYBksn3Ii6Q.roa (raw, json)
Hash identifier: PYjcuZKNZfMtRvUukc91JLU2yjoQG5Dwe9LLOWDGXAw=
Subject key identifier: A4:11:D1:40:8F:E1:5F:4B:AD:16:55:45:55:80:64:B2:7D:C8:8B:A4
Certificate issuer: /CN=3b0cd44ebbe3d0d6a072e75103f231606995f6ab
Certificate serial: 0D7F0340
Authority key identifier: 3B:0C:D4:4E:BB:E3:D0:D6:A0:72:E7:51:03:F2:31:60:69:95:F6:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OwzUTrvj0NagcudRA_IxYGmV9qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/971f08-e57c-408a-b776-f7da3b8732bf/1/pBHRQI_hX0utFlVFVYBksn3Ii6Q.roa
Signing time: Sat 01 Jan 2022 08:02:14 +0000
ROA not before: Sat 01 Jan 2022 08:02:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206350
IP address blocks: 185.186.206.0/24 maxlen: 24
185.186.207.0/24 maxlen: 24
2a0b:d580:1::/48 maxlen: 48
2a0b:d580:0:16::/64 maxlen: 64
2a0b:d580::/32 maxlen: 32
2a0b:d580:2060::/44 maxlen: 44
2a0b:d580:2020::/44 maxlen: 44
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 226427712 (0xd7f0340)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b0cd44ebbe3d0d6a072e75103f231606995f6ab
Validity
Not Before: Jan 1 08:02:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a411d1408fe15f4bad165545558064b27dc88ba4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:34:5a:9f:e8:29:4f:a3:a0:30:99:98:62:c7:
e6:f7:35:f7:21:fb:25:33:b8:25:99:2a:d6:82:e2:
d8:0b:27:fe:0a:74:8d:7b:63:dc:3d:ed:35:32:c5:
2a:76:f3:d6:d1:6e:cc:37:63:a2:df:67:a2:eb:3c:
df:4d:74:7b:2d:87:c1:54:bd:fc:e4:da:9c:be:50:
5a:f4:33:d7:59:a0:fa:86:b2:dc:f2:5a:63:82:e6:
45:33:d7:bf:30:6b:e5:dd:23:95:72:16:02:b5:8a:
bb:a0:4d:ae:f0:8a:a8:f1:1f:f0:e2:55:cb:e0:4f:
61:c6:80:c3:c8:e3:85:19:39:b9:da:3d:88:2c:88:
6b:53:0b:b1:e1:d5:06:c0:23:68:c8:04:ed:1a:5c:
9b:d4:8b:8d:47:e5:7b:71:c5:19:1b:ff:c5:3a:5b:
45:c8:4f:83:35:df:77:41:74:ef:88:8c:41:72:e2:
e0:46:80:4b:13:91:cf:ed:37:77:9f:23:4f:5f:e2:
27:c6:c6:29:49:cf:1d:60:41:2d:c7:da:63:97:6e:
82:02:c0:77:8a:2b:aa:57:9b:30:cf:ba:53:f8:1b:
28:2f:7a:62:69:6c:d7:12:d1:cb:80:d6:ef:0e:91:
f7:5e:74:98:f1:ac:be:99:4f:c8:cd:6f:a4:41:2f:
56:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:11:D1:40:8F:E1:5F:4B:AD:16:55:45:55:80:64:B2:7D:C8:8B:A4
X509v3 Authority Key Identifier:
keyid:3B:0C:D4:4E:BB:E3:D0:D6:A0:72:E7:51:03:F2:31:60:69:95:F6:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OwzUTrvj0NagcudRA_IxYGmV9qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/971f08-e57c-408a-b776-f7da3b8732bf/1/pBHRQI_hX0utFlVFVYBksn3Ii6Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/971f08-e57c-408a-b776-f7da3b8732bf/1/OwzUTrvj0NagcudRA_IxYGmV9qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.186.206.0/23
IPv6:
2a0b:d580::/32
Signature Algorithm: sha256WithRSAEncryption
81:f1:70:f3:3b:46:13:83:55:a0:16:3e:28:ff:6d:fe:c9:f6:
6f:19:03:06:ba:35:7c:9e:f7:31:a5:4f:b1:5c:53:2b:15:66:
1d:66:ee:7c:2a:46:46:fa:b6:4a:24:3c:5c:a2:c7:25:cf:dc:
ff:84:86:8c:3f:52:85:94:78:10:1a:c0:fb:83:e7:a0:74:4c:
aa:49:0c:4d:4e:3d:41:f8:2a:d4:ca:6e:91:b3:e1:ed:40:c7:
8a:38:7b:d0:bd:b8:c9:f0:a5:f5:e0:0d:7b:06:fb:30:90:ac:
de:a1:d4:b1:e9:d7:99:03:ef:66:6a:73:1a:86:2b:ac:31:1b:
dd:6d:8b:7c:ef:3a:40:75:03:45:76:77:68:73:b6:36:16:9f:
11:2d:0a:11:14:5f:59:f7:ff:9f:60:c8:b5:f2:76:76:47:c1:
b5:99:1d:97:3a:93:ca:8b:66:54:59:08:ea:a0:14:f8:77:02:
5d:38:50:40:a7:e0:c2:e6:cc:74:32:73:86:75:9d:d1:2f:a7:
ee:c2:3e:91:ce:d5:c7:9e:1a:f6:32:bd:ac:9e:64:b8:68:7c:
be:f2:57:cc:1f:e5:c9:5d:1d:df:1d:45:85:8c:45:37:a3:75:
6c:9b:32:0e:a3:d1:db:72:f5:32:b6:09:6d:13:ee:24:14:6a:
3d:05:c0:15
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEDX8DQDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjBjZDQ0ZWJiZTNkMGQ2YTA3MmU3NTEwM2YyMzE2MDY5OTVmNmFiMB4XDTIyMDEw
MTA4MDIxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTQxMWQxNDA4ZmUx
NWY0YmFkMTY1NTQ1NTU4MDY0YjI3ZGM4OGJhNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJw0Wp/oKU+joDCZmGLH5vc19yH7JTO4JZkq1oLi2Asn/gp0
jXtj3D3tNTLFKnbz1tFuzDdjot9nous83010ey2HwVS9/OTanL5QWvQz11mg+oay
3PJaY4LmRTPXvzBr5d0jlXIWArWKu6BNrvCKqPEf8OJVy+BPYcaAw8jjhRk5udo9
iCyIa1MLseHVBsAjaMgE7Rpcm9SLjUfle3HFGRv/xTpbRchPgzXfd0F074iMQXLi
4EaASxORz+03d58jT1/iJ8bGKUnPHWBBLcfaY5duggLAd4orqlebMM+6U/gbKC96
Ymls1xLRy4DW7w6R9150mPGsvplPyM1vpEEvVhkCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSkEdFAj+FfS60WVUVVgGSyfciLpDAfBgNVHSMEGDAWgBQ7DNROu+PQ1qBy
51ED8jFgaZX2qzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L093elVUcnZqME5hZ2N1ZFJBX0l4WUdtVjlxcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWMvOTcxZjA4LWU1N2MtNDA4YS1iNzc2LWY3ZGEzYjg3MzJiZi8x
L3BCSFJRSV9oWDB1dEZsVkZWWUJrc24zSWk2US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWMv
OTcxZjA4LWU1N2MtNDA4YS1iNzc2LWY3ZGEzYjg3MzJiZi8xL093elVUcnZqME5h
Z2N1ZFJBX0l4WUdtVjlxcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAbm6zjANBAIAAjAHAwUAKgvVgDAN
BgkqhkiG9w0BAQsFAAOCAQEAgfFw8ztGE4NVoBY+KP9t/sn2bxkDBro1fJ73MaVP
sVxTKxVmHWbufCpGRvq2SiQ8XKLHJc/c/4SGjD9ShZR4EBrA+4PnoHRMqkkMTU49
Qfgq1MpukbPh7UDHijh70L24yfCl9eANewb7MJCs3qHUsenXmQPvZmpzGoYrrDEb
3W2LfO86QHUDRXZ3aHO2NhafES0KERRfWff/n2DItfJ2dkfBtZkdlzqTyotmVFkI
6qAU+HcCXThQQKfgwubMdDJzhnWd0S+n7sI+kc7Vx54a9jK9rJ5kuGh8vvJXzB/l
yV0d3x1FhYxFN6N1bJsyDqPR23L1MrYJbRPuJBRqPQXAFQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:17 2024 by rpki-client on console-fra.rpki-client.org