Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/fb2411-485b-4143-9241-13839640a604/1/b9J9IwWo0cnfNrweAQT5nwBGmcI.roa
File: b9J9IwWo0cnfNrweAQT5nwBGmcI.roa (raw, json)
Hash identifier: AskcpzwJYxPVum8PliM8EtHacD/ngQoy8Q/lp5ZQUqg=
Subject key identifier: 6F:D2:7D:23:05:A8:D1:C9:DF:36:BC:1E:01:04:F9:9F:00:46:99:C2
Certificate issuer: /CN=f84128146b7bec8bd1185bbe0c3b9340aaf5b714
Certificate serial: 03DFAFAA
Authority key identifier: F8:41:28:14:6B:7B:EC:8B:D1:18:5B:BE:0C:3B:93:40:AA:F5:B7:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-EEoFGt77IvRGFu-DDuTQKr1txQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/fb2411-485b-4143-9241-13839640a604/1/b9J9IwWo0cnfNrweAQT5nwBGmcI.roa
Signing time: Sat 01 Jan 2022 11:58:08 +0000
ROA not before: Sat 01 Jan 2022 11:58:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39608
IP address blocks: 194.50.85.0/24 maxlen: 24
185.53.76.0/23 maxlen: 24
176.36.0.0/16 maxlen: 17
176.37.0.0/16 maxlen: 17
194.60.69.0/24 maxlen: 24
194.33.189.0/24 maxlen: 24
2a01:5800::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64991146 (0x3dfafaa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f84128146b7bec8bd1185bbe0c3b9340aaf5b714
Validity
Not Before: Jan 1 11:58:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6fd27d2305a8d1c9df36bc1e0104f99f004699c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:e9:ab:55:fa:3a:97:90:6c:f6:76:05:d9:24:
ac:a4:a5:7f:8b:e6:33:2c:cc:0c:3c:1d:7d:a0:f8:
99:df:1e:1b:22:d5:db:60:b2:3f:5a:ee:68:5c:ee:
d7:27:b6:36:46:d3:58:bf:5d:40:af:ed:82:d7:db:
a6:eb:56:5a:57:71:a9:6d:66:13:49:b3:04:af:39:
6d:e9:bf:ad:a1:f8:62:40:1b:8a:c0:11:fe:82:12:
65:6e:b1:15:12:48:bc:39:63:e4:2b:1b:e4:f5:12:
a1:38:d9:07:bc:85:a9:24:f9:94:54:eb:ec:e9:05:
ad:01:d2:6b:4b:37:e3:9c:13:b3:83:62:9c:e1:04:
3c:df:95:51:2a:36:af:90:61:7b:07:a0:46:0a:9f:
98:dd:5e:20:ba:dd:c8:37:81:b4:e1:34:b6:a9:8f:
72:6a:2c:a7:8c:ab:03:41:ef:3a:03:38:2d:d7:48:
fe:6f:95:4c:ca:80:85:03:2f:65:82:4b:18:1a:f8:
ea:be:21:d1:4a:b5:28:cf:80:ec:f1:81:47:c7:e4:
8b:ec:5f:c4:95:27:ba:61:f9:03:45:e1:80:49:17:
8c:1d:6b:c6:1b:26:c3:e1:85:d7:88:94:11:27:9c:
53:cf:53:f5:45:82:67:17:34:78:a4:1a:a8:00:e6:
de:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:D2:7D:23:05:A8:D1:C9:DF:36:BC:1E:01:04:F9:9F:00:46:99:C2
X509v3 Authority Key Identifier:
keyid:F8:41:28:14:6B:7B:EC:8B:D1:18:5B:BE:0C:3B:93:40:AA:F5:B7:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-EEoFGt77IvRGFu-DDuTQKr1txQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/fb2411-485b-4143-9241-13839640a604/1/b9J9IwWo0cnfNrweAQT5nwBGmcI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/fb2411-485b-4143-9241-13839640a604/1/1-EEoFGt77IvRGFu-DDuTQKr1txQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.36.0.0/15
185.53.76.0/23
194.33.189.0/24
194.50.85.0/24
194.60.69.0/24
IPv6:
2a01:5800::/32
Signature Algorithm: sha256WithRSAEncryption
b3:0f:9f:7e:04:e6:e9:f9:58:ea:bf:43:40:0e:b4:61:f0:44:
24:2b:f2:1f:07:56:66:f4:fa:ff:98:03:39:7d:cc:18:77:b5:
ed:75:e0:2c:69:1b:16:05:25:b0:0a:03:0d:56:f5:dd:99:72:
63:6c:98:0c:da:d7:f3:88:04:d9:bf:8d:17:8b:0c:37:02:09:
de:8c:0d:03:3e:9d:7e:e5:8c:8c:eb:a5:38:9a:eb:b7:83:7f:
0a:c2:24:3c:be:b5:64:80:e2:e7:dd:7a:d3:59:cf:4c:8c:5a:
de:08:70:55:1e:41:e2:b4:3f:9f:a0:2f:9d:7b:dc:00:53:3e:
43:a9:cd:cc:d9:a2:a3:c0:7b:51:8f:8a:df:a7:53:af:5d:8e:
31:ec:8c:7a:09:82:18:26:06:63:fb:9c:51:84:32:65:a5:6b:
3a:36:a9:3b:75:90:62:27:95:d1:dc:1b:11:14:e4:28:91:8c:
f9:e7:17:84:11:59:0a:22:0c:92:15:e0:11:75:81:21:3c:f2:
a5:25:3f:92:0e:40:92:d9:2c:73:ae:f7:da:ff:f4:7e:ec:ca:
c4:71:0e:7a:5b:9e:71:71:2e:e4:e3:c0:c2:07:8d:a8:e7:db:
75:22:58:e5:d3:0a:a9:64:e4:2f:06:ce:89:99:b4:13:d7:6d:
b1:e8:89:25
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgIEA9+vqjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ODQxMjgxNDZiN2JlYzhiZDExODViYmUwYzNiOTM0MGFhZjViNzE0MB4XDTIyMDEw
MTExNTgwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmZkMjdkMjMwNWE4
ZDFjOWRmMzZiYzFlMDEwNGY5OWYwMDQ2OTljMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALzpq1X6OpeQbPZ2BdkkrKSlf4vmMyzMDDwdfaD4md8eGyLV
22CyP1ruaFzu1ye2NkbTWL9dQK/tgtfbputWWldxqW1mE0mzBK85bem/raH4YkAb
isAR/oISZW6xFRJIvDlj5Csb5PUSoTjZB7yFqST5lFTr7OkFrQHSa0s345wTs4Ni
nOEEPN+VUSo2r5BhewegRgqfmN1eILrdyDeBtOE0tqmPcmosp4yrA0HvOgM4LddI
/m+VTMqAhQMvZYJLGBr46r4h0Uq1KM+A7PGBR8fki+xfxJUnumH5A0XhgEkXjB1r
xhsmw+GF14iUESecU89T9UWCZxc0eKQaqADm3nkCAwEAAaOCAjEwggItMB0GA1Ud
DgQWBBRv0n0jBajRyd82vB4BBPmfAEaZwjAfBgNVHSMEGDAWgBT4QSgUa3vsi9EY
W74MO5NAqvW3FDAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtRUVvRkd0NzdJdlJHRnUtRER1VFFLcjF0eFEuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzYyL2ZiMjQxMS00ODViLTQxNDMtOTI0MS0xMzgzOTY0MGE2MDQv
MS9iOUo5SXdXbzBjbmZOcndlQVFUNW53QkdtY0kucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzYy
L2ZiMjQxMS00ODViLTQxNDMtOTI0MS0xMzgzOTY0MGE2MDQvMS8xLUVFb0ZHdDc3
SXZSR0Z1LUREdVRRS3IxdHhRLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MEUGCCsGAQUFBwEHAQH/BDYwNDAjBAIAATAdAwMBsCQDBAG5NUwDBADCIb0DBADC
MlUDBADCPEUwDQQCAAIwBwMFACoBWAAwDQYJKoZIhvcNAQELBQADggEBALMPn34E
5un5WOq/Q0AOtGHwRCQr8h8HVmb0+v+YAzl9zBh3te114CxpGxYFJbAKAw1W9d2Z
cmNsmAza1/OIBNm/jReLDDcCCd6MDQM+nX7ljIzrpTia67eDfwrCJDy+tWSA4ufd
etNZz0yMWt4IcFUeQeK0P5+gL5173ABTPkOpzczZoqPAe1GPit+nU69djjHsjHoJ
ghgmBmP7nFGEMmWlazo2qTt1kGInldHcGxEU5CiRjPnnF4QRWQoiDJIV4BF1gSE8
8qUlP5IOQJLZLHOu99r/9H7sysRxDnpbnnFxLuTjwMIHjajn23UiWOXTCqlk5C8G
zomZtBPXbbHoiSU=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:03 2023 by rpki-client on console-fra.rpki-client.org