Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/452c2b-f2cf-4a92-a1cd-f0198c6c2474/1/rXXfUCLRuWi0Z2Hxb8_2oHxbWQs.roa
File: rXXfUCLRuWi0Z2Hxb8_2oHxbWQs.roa (raw, json)
Hash identifier: +/RIdWmWvhcSpnrCRcRdzOFMoskfnz1+5O8EEnKhSIk=
Subject key identifier: AD:75:DF:50:22:D1:B9:68:B4:67:61:F1:6F:CF:F6:A0:7C:5B:59:0B
Certificate issuer: /CN=6696aea6bab79c48f5ddee4a46bf4ab64d863160
Certificate serial: 3948C207
Authority key identifier: 66:96:AE:A6:BA:B7:9C:48:F5:DD:EE:4A:46:BF:4A:B6:4D:86:31:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zpauprq3nEj13e5KRr9Ktk2GMWA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/452c2b-f2cf-4a92-a1cd-f0198c6c2474/1/rXXfUCLRuWi0Z2Hxb8_2oHxbWQs.roa
Signing time: Fri 08 Apr 2022 13:45:38 +0000
ROA not before: Fri 08 Apr 2022 13:45:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39122
IP address blocks: 185.97.236.0/22 maxlen: 22
176.52.222.0/23 maxlen: 23
81.17.240.0/20 maxlen: 24
200.69.8.0/21 maxlen: 21
194.36.58.0/23 maxlen: 23
194.36.64.0/23 maxlen: 23
78.153.192.0/19 maxlen: 24
185.2.64.0/22 maxlen: 22
46.22.128.0/20 maxlen: 20
2a01:ac::/32 maxlen: 32
2a01:a8::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 961069575 (0x3948c207)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6696aea6bab79c48f5ddee4a46bf4ab64d863160
Validity
Not Before: Apr 8 13:45:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ad75df5022d1b968b46761f16fcff6a07c5b590b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:94:95:a8:4d:09:54:50:45:6b:07:81:f1:59:
c9:69:b8:8a:ef:79:ec:a2:9f:87:40:5f:d5:03:4f:
da:50:89:46:1a:0f:65:57:fb:8b:b4:bc:58:9e:96:
b4:00:0c:e0:f0:36:53:70:c1:64:bf:c5:8e:b9:66:
dd:57:b2:6a:10:fd:93:28:fe:87:24:e3:1c:c0:59:
99:bf:c2:6c:53:73:5b:9c:a5:43:4f:7b:2d:a6:d0:
b8:e7:01:c9:20:46:c6:bb:0d:31:dc:ba:1d:b1:be:
9b:87:05:3d:f2:5f:52:30:08:d9:96:c0:7c:8d:66:
e9:d3:ff:e4:50:32:65:f9:a6:9a:9e:a3:65:66:8b:
20:19:2c:be:51:00:92:ac:bb:f6:3b:74:44:f2:7e:
f2:c9:0f:b4:2f:e4:4f:e3:dd:57:30:5e:1c:f9:60:
51:99:3f:dd:73:42:ea:5a:ee:75:f4:9e:6f:6b:bb:
ea:88:dd:4d:46:36:d7:81:30:5a:da:75:a7:a8:71:
1c:86:36:ea:c9:45:df:5e:36:b4:02:c3:f0:10:37:
36:92:b9:9a:0e:5f:60:4c:84:ce:b9:e2:b1:bb:ae:
23:cf:62:52:8b:de:91:64:26:03:d3:bf:72:46:6f:
88:a4:2c:63:23:a5:99:9b:f6:61:dc:32:df:8c:61:
7d:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:75:DF:50:22:D1:B9:68:B4:67:61:F1:6F:CF:F6:A0:7C:5B:59:0B
X509v3 Authority Key Identifier:
keyid:66:96:AE:A6:BA:B7:9C:48:F5:DD:EE:4A:46:BF:4A:B6:4D:86:31:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zpauprq3nEj13e5KRr9Ktk2GMWA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/452c2b-f2cf-4a92-a1cd-f0198c6c2474/1/rXXfUCLRuWi0Z2Hxb8_2oHxbWQs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/452c2b-f2cf-4a92-a1cd-f0198c6c2474/1/Zpauprq3nEj13e5KRr9Ktk2GMWA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.22.128.0/20
78.153.192.0/19
81.17.240.0/20
176.52.222.0/23
185.2.64.0/22
185.97.236.0/22
194.36.58.0/23
194.36.64.0/23
200.69.8.0/21
IPv6:
2a01:a8::/32
2a01:ac::/32
Signature Algorithm: sha256WithRSAEncryption
81:44:0c:31:b1:cd:ab:e5:07:fa:ee:3a:d0:d8:70:8d:39:7e:
f1:b8:1b:b9:c8:6c:bf:a3:ac:37:7f:6c:75:3f:df:e0:da:36:
d3:bc:2f:07:6e:75:91:c7:10:4e:d1:6d:35:39:53:1c:af:0e:
12:93:4e:7f:6b:06:9c:e5:32:f0:26:38:9d:48:40:68:1e:92:
1e:23:e9:69:23:28:88:bf:1c:54:f3:62:b0:81:ff:4f:cc:15:
9e:db:ee:02:4e:ae:a6:4c:c3:68:6f:ae:7a:6c:89:b4:9c:0b:
ad:79:a0:2a:56:d1:ff:dd:18:44:be:d6:8c:37:37:c7:d1:a3:
b0:9a:99:93:97:0b:32:39:d7:29:9b:66:7c:f8:f3:b6:3e:f0:
5a:2f:07:26:a9:97:aa:f6:c0:66:54:62:4a:e9:4f:e2:a8:d5:
8e:e8:9d:b8:2b:5f:2a:ab:44:aa:44:9f:c9:b7:56:48:3b:ea:
3d:71:32:4c:9f:b4:5b:69:d3:98:45:19:39:0b:05:bb:8b:be:
9c:8b:b2:4f:89:0a:0f:b9:a6:88:0f:f0:6a:ae:61:f0:52:e8:
4b:66:4e:30:34:0d:37:8a:78:72:22:6b:61:96:e7:05:1d:ed:
76:fb:d2:98:7f:3f:a8:cb:68:a3:de:83:60:ee:12:68:87:44:
58:8f:05:17
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIEOUjCBzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
Njk2YWVhNmJhYjc5YzQ4ZjVkZGVlNGE0NmJmNGFiNjRkODYzMTYwMB4XDTIyMDQw
ODEzNDUzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWQ3NWRmNTAyMmQx
Yjk2OGI0Njc2MWYxNmZjZmY2YTA3YzViNTkwYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANuUlahNCVRQRWsHgfFZyWm4iu957KKfh0Bf1QNP2lCJRhoP
ZVf7i7S8WJ6WtAAM4PA2U3DBZL/Fjrlm3VeyahD9kyj+hyTjHMBZmb/CbFNzW5yl
Q097LabQuOcBySBGxrsNMdy6HbG+m4cFPfJfUjAI2ZbAfI1m6dP/5FAyZfmmmp6j
ZWaLIBksvlEAkqy79jt0RPJ+8skPtC/kT+PdVzBeHPlgUZk/3XNC6lrudfSeb2u7
6ojdTUY214EwWtp1p6hxHIY26slF3142tALD8BA3NpK5mg5fYEyEzrnisbuuI89i
UovekWQmA9O/ckZviKQsYyOlmZv2Ydwy34xhfW8CAwEAAaOCAk8wggJLMB0GA1Ud
DgQWBBStdd9QItG5aLRnYfFvz/agfFtZCzAfBgNVHSMEGDAWgBRmlq6murecSPXd
7kpGv0q2TYYxYDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1pwYXVwcnEzbkVqMTNlNUtScjlLdGsyR01XQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjMvNDUyYzJiLWYyY2YtNGE5Mi1hMWNkLWYwMTk4YzZjMjQ3NC8x
L3JYWGZVQ0xSdVdpMFoySHhiOF8yb0h4YldRcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjMv
NDUyYzJiLWYyY2YtNGE5Mi1hMWNkLWYwMTk4YzZjMjQ3NC8xL1pwYXVwcnEzbkVq
MTNlNUtScjlLdGsyR01XQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBl
BggrBgEFBQcBBwEB/wRWMFQwPAQCAAEwNgMEBC4WgAMEBU6ZwAMEBFER8AMEAbA0
3gMEArkCQAMEArlh7AMEAcIkOgMEAcIkQAMEA8hFCDAUBAIAAjAOAwUAKgEAqAMF
ACoBAKwwDQYJKoZIhvcNAQELBQADggEBAIFEDDGxzavlB/ruOtDYcI05fvG4G7nI
bL+jrDd/bHU/3+DaNtO8LwdudZHHEE7RbTU5UxyvDhKTTn9rBpzlMvAmOJ1IQGge
kh4j6WkjKIi/HFTzYrCB/0/MFZ7b7gJOrqZMw2hvrnpsibScC615oCpW0f/dGES+
1ow3N8fRo7CamZOXCzI51ymbZnz487Y+8FovByapl6r2wGZUYkrpT+Ko1Y7onbgr
XyqrRKpEn8m3Vkg76j1xMkyftFtp05hFGTkLBbuLvpyLsk+JCg+5pogP8GquYfBS
6EtmTjA0DTeKeHIia2GW5wUd7Xb70ph/P6jLaKPeg2DuEmiHRFiPBRc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:36 2024 by rpki-client on console-ams.rpki-client.org