Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/f90d83-02be-4e5f-bd0f-929f106630f1/1/c6Qf7mslM37aGTJ3kVAmfl0CC2k.roa
File: c6Qf7mslM37aGTJ3kVAmfl0CC2k.roa (raw, json)
Hash identifier: iRaMfoPhc333Kdrz607VWk5h0Zz3V13HbgHl8vigwB0=
Subject key identifier: 73:A4:1F:EE:6B:25:33:7E:DA:19:32:77:91:50:26:7E:5D:02:0B:69
Certificate issuer: /CN=2f3136ed10998580a517d9598abca33d9ba66599
Certificate serial: 019B32E1
Authority key identifier: 2F:31:36:ED:10:99:85:80:A5:17:D9:59:8A:BC:A3:3D:9B:A6:65:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LzE27RCZhYClF9lZiryjPZumZZk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/f90d83-02be-4e5f-bd0f-929f106630f1/1/c6Qf7mslM37aGTJ3kVAmfl0CC2k.roa
Signing time: Sat 01 Jan 2022 09:01:12 +0000
ROA not before: Sat 01 Jan 2022 09:01:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 14340
IP address blocks: 194.145.16.0/21 maxlen: 24
159.92.0.0/16 maxlen: 24
161.71.0.0/17 maxlen: 24
151.106.216.0/22 maxlen: 24
161.71.128.0/17 maxlen: 24
151.106.220.0/22 maxlen: 24
151.106.128.0/20 maxlen: 24
185.79.140.0/22 maxlen: 24
151.106.144.0/20 maxlen: 24
160.8.0.0/16 maxlen: 24
194.145.0.0/20 maxlen: 24
85.222.128.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 26948321 (0x19b32e1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f3136ed10998580a517d9598abca33d9ba66599
Validity
Not Before: Jan 1 09:01:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=73a41fee6b25337eda1932779150267e5d020b69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:33:e6:9b:4c:ec:ca:c1:85:6d:ce:11:2c:81:
23:fc:c9:5f:4c:a6:ff:e9:96:6b:3c:91:27:c3:53:
a3:33:f8:14:fa:21:7d:02:cc:d8:ff:07:b9:f3:0f:
c7:8b:33:42:4f:6e:0f:ba:db:1b:32:67:a9:37:88:
32:f9:9f:d6:4a:dd:57:80:4f:3f:07:04:ee:f6:4e:
45:ef:93:18:f4:b1:37:d7:70:f9:ce:48:36:d4:de:
b2:67:28:7b:43:9c:e8:35:1e:9f:be:56:5f:d4:ad:
50:ec:6d:d4:bc:4a:65:7a:a2:b0:9c:54:86:84:f5:
c7:03:88:3c:68:69:ba:c0:f0:30:e9:4e:fc:d9:73:
87:8c:cb:ee:9f:9c:22:af:9f:f6:39:2b:d6:d2:cd:
0d:6f:66:31:c1:ec:7f:1d:40:f0:3f:c5:b6:1a:ec:
15:4a:8e:d5:05:47:db:0c:73:84:3c:3e:3e:45:55:
82:3c:7a:af:26:2a:83:41:c6:f4:18:45:4c:08:e8:
3f:9d:24:c1:4a:94:26:92:7b:bf:45:05:43:43:b0:
8c:67:64:28:39:c9:32:a8:9b:0c:a2:78:fc:ad:6d:
78:25:55:07:24:db:1f:26:ed:4e:9a:d5:20:83:0b:
da:a1:1c:20:01:55:3c:7d:7e:5f:6a:0c:aa:8d:e9:
74:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:A4:1F:EE:6B:25:33:7E:DA:19:32:77:91:50:26:7E:5D:02:0B:69
X509v3 Authority Key Identifier:
keyid:2F:31:36:ED:10:99:85:80:A5:17:D9:59:8A:BC:A3:3D:9B:A6:65:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LzE27RCZhYClF9lZiryjPZumZZk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f90d83-02be-4e5f-bd0f-929f106630f1/1/c6Qf7mslM37aGTJ3kVAmfl0CC2k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f90d83-02be-4e5f-bd0f-929f106630f1/1/LzE27RCZhYClF9lZiryjPZumZZk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.222.128.0/19
151.106.128.0/19
151.106.216.0/21
159.92.0.0/16
160.8.0.0/16
161.71.0.0/16
185.79.140.0/22
194.145.0.0-194.145.23.255
Signature Algorithm: sha256WithRSAEncryption
8d:12:bb:69:58:29:78:c6:87:94:fa:d1:34:72:5d:87:98:4b:
06:30:11:48:80:f0:27:44:4d:f6:01:67:7f:3f:33:bf:1f:16:
c4:a0:c3:99:7a:24:1a:1d:a5:9a:50:a6:fd:87:8f:17:a1:0d:
1f:55:43:23:ab:0a:da:1e:ff:f1:59:cd:c1:fd:41:69:8d:ec:
9f:d9:38:ef:1a:68:90:94:1b:dc:04:8a:cc:f7:65:e1:ae:24:
92:bf:ac:9e:12:79:05:69:2c:04:5b:b5:b2:0f:df:60:f9:47:
dd:50:e7:1c:26:d8:be:49:9b:d2:b1:57:be:12:48:ad:a7:50:
5a:72:80:2c:ff:9c:3f:3d:7a:e7:83:90:b8:30:be:45:c3:b1:
85:25:ae:de:50:6c:ac:16:4b:20:1e:c0:0a:85:5c:62:25:4a:
ee:6e:94:c2:8f:f1:72:ca:cb:e7:30:4c:e4:7b:f8:0d:9b:42:
79:cd:02:3e:cd:02:b0:d7:4f:84:d0:e6:05:97:fd:ba:50:4b:
59:a2:65:a2:dd:20:30:56:6e:07:bc:99:20:2d:80:4b:03:14:
87:9d:19:aa:71:54:b1:44:92:5e:b0:55:3d:78:90:1d:52:f5:
a3:7e:ea:85:85:dc:eb:c1:7a:ff:69:bb:4b:ec:8e:6e:db:0d:
f0:43:b0:db
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgIEAZsy4TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ZjMxMzZlZDEwOTk4NTgwYTUxN2Q5NTk4YWJjYTMzZDliYTY2NTk5MB4XDTIyMDEw
MTA5MDExMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzNhNDFmZWU2YjI1
MzM3ZWRhMTkzMjc3OTE1MDI2N2U1ZDAyMGI2OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMoz5ptM7MrBhW3OESyBI/zJX0ym/+mWazyRJ8NTozP4FPoh
fQLM2P8HufMPx4szQk9uD7rbGzJnqTeIMvmf1krdV4BPPwcE7vZORe+TGPSxN9dw
+c5INtTesmcoe0Oc6DUen75WX9StUOxt1LxKZXqisJxUhoT1xwOIPGhpusDwMOlO
/Nlzh4zL7p+cIq+f9jkr1tLNDW9mMcHsfx1A8D/FthrsFUqO1QVH2wxzhDw+PkVV
gjx6ryYqg0HG9BhFTAjoP50kwUqUJpJ7v0UFQ0OwjGdkKDnJMqibDKJ4/K1teCVV
ByTbHybtTprVIIML2qEcIAFVPH1+X2oMqo3pdFUCAwEAAaOCAjcwggIzMB0GA1Ud
DgQWBBRzpB/uayUzftoZMneRUCZ+XQILaTAfBgNVHSMEGDAWgBQvMTbtEJmFgKUX
2VmKvKM9m6ZlmTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0x6RTI3UkNaaFlDbEY5bFppcnlqUFp1bVpaay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmQvZjkwZDgzLTAyYmUtNGU1Zi1iZDBmLTkyOWYxMDY2MzBmMS8x
L2M2UWY3bXNsTTM3YUdUSjNrVkFtZmwwQ0Myay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmQv
ZjkwZDgzLTAyYmUtNGU1Zi1iZDBmLTkyOWYxMDY2MzBmMS8xL0x6RTI3UkNaaFlD
bEY5bFppcnlqUFp1bVpaay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBN
BggrBgEFBQcBBwEB/wQ+MDwwOgQCAAEwNAMEBVXegAMEBZdqgAMEA5dq2AMDAJ9c
AwMAoAgDAwChRwMEArlPjDALAwMAwpEDBAPCkRAwDQYJKoZIhvcNAQELBQADggEB
AI0Su2lYKXjGh5T60TRyXYeYSwYwEUiA8CdETfYBZ38/M78fFsSgw5l6JBodpZpQ
pv2HjxehDR9VQyOrCtoe//FZzcH9QWmN7J/ZOO8aaJCUG9wEisz3ZeGuJJK/rJ4S
eQVpLARbtbIP32D5R91Q5xwm2L5Jm9KxV74SSK2nUFpygCz/nD89eueDkLgwvkXD
sYUlrt5QbKwWSyAewAqFXGIlSu5ulMKP8XLKy+cwTOR7+A2bQnnNAj7NArDXT4TQ
5gWX/bpQS1miZaLdIDBWbge8mSAtgEsDFIedGapxVLFEkl6wVT14kB1S9aN+6oWF
3OvBev9pu0vsjm7bDfBDsNs=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:35 2023 by rpki-client on console-fra.rpki-client.org