Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/846d6e-04ec-4219-8223-8623335c0ee0/1/5sqrnH07qAWy57cOyjhnE0T7C_E.roa
File: 5sqrnH07qAWy57cOyjhnE0T7C_E.roa (raw, json)
Hash identifier: DiNnF3dgZTEPuRFyQAZYvZ9iLam0mYgcnhaPb6QrnUQ=
Subject key identifier: E6:CA:AB:9C:7D:3B:A8:05:B2:E7:B7:0E:CA:38:67:13:44:FB:0B:F1
Certificate issuer: /CN=33b4b5b7b21caebf3d20809f6c570599f1d60468
Certificate serial: 089DF628
Authority key identifier: 33:B4:B5:B7:B2:1C:AE:BF:3D:20:80:9F:6C:57:05:99:F1:D6:04:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M7S1t7Icrr89IICfbFcFmfHWBGg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/846d6e-04ec-4219-8223-8623335c0ee0/1/5sqrnH07qAWy57cOyjhnE0T7C_E.roa
Signing time: Sat 01 Jan 2022 01:59:15 +0000
ROA not before: Sat 01 Jan 2022 01:59:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201877
IP address blocks: 212.84.32.0/21 maxlen: 22
185.33.56.0/24 maxlen: 24
185.33.58.0/24 maxlen: 24
185.33.56.0/22 maxlen: 22
185.33.57.0/24 maxlen: 24
185.33.59.0/24 maxlen: 24
185.14.8.0/22 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 144569896 (0x89df628)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33b4b5b7b21caebf3d20809f6c570599f1d60468
Validity
Not Before: Jan 1 01:59:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e6caab9c7d3ba805b2e7b70eca38671344fb0bf1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:53:de:dd:8c:a1:a1:02:02:ad:28:f7:05:1e:
49:c7:06:5a:f9:7d:91:a0:77:cc:56:df:8f:29:1a:
33:d3:95:77:4e:09:bc:a2:30:e4:17:0e:3e:67:8f:
e2:62:8f:e8:ed:d2:de:2b:d8:1c:2f:38:53:d2:57:
df:64:7e:d4:c8:88:7f:37:68:6e:a7:cd:97:ce:17:
87:f7:e8:6a:76:4d:b6:62:55:ce:1e:2d:70:92:a6:
26:09:7f:a0:49:af:a3:e7:43:0c:7c:d8:ad:02:7a:
b7:fa:b8:48:cd:18:2d:f4:92:23:47:4d:d8:36:73:
27:c2:c0:d6:2b:09:59:c1:75:af:fe:71:91:42:a2:
af:dc:b3:95:49:39:c0:68:8f:b0:ad:47:e0:37:21:
a9:b9:32:ba:5c:b3:67:70:bb:68:b3:3b:c7:36:e7:
6c:a1:e6:fd:64:5a:6c:2f:2e:1c:0e:c5:d2:be:7c:
cf:7d:a1:e6:25:46:ce:fa:bb:48:9c:8a:f1:97:aa:
f5:ed:0e:b5:d0:5c:65:de:4d:2a:b8:c3:b4:25:12:
f9:60:9f:cc:03:f3:55:ff:c4:00:79:f2:7c:81:0f:
6e:f0:99:dc:98:e5:d9:6f:16:77:4d:24:2b:d9:69:
86:6c:cc:b4:85:3f:67:80:50:7a:71:e4:ca:43:d8:
5f:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:CA:AB:9C:7D:3B:A8:05:B2:E7:B7:0E:CA:38:67:13:44:FB:0B:F1
X509v3 Authority Key Identifier:
keyid:33:B4:B5:B7:B2:1C:AE:BF:3D:20:80:9F:6C:57:05:99:F1:D6:04:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M7S1t7Icrr89IICfbFcFmfHWBGg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/846d6e-04ec-4219-8223-8623335c0ee0/1/5sqrnH07qAWy57cOyjhnE0T7C_E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/846d6e-04ec-4219-8223-8623335c0ee0/1/M7S1t7Icrr89IICfbFcFmfHWBGg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.14.8.0/22
185.33.56.0/22
212.84.32.0/21
Signature Algorithm: sha256WithRSAEncryption
02:22:4a:1d:36:b0:57:e1:31:0d:25:53:85:20:4f:3e:12:c6:
1e:a8:1a:c1:5a:4d:24:72:c8:c0:f2:38:f3:a9:4d:07:ec:f4:
23:7b:5a:01:df:f4:6a:c4:30:e8:b7:a3:4e:e1:9f:aa:45:1e:
77:9d:80:e8:9e:b8:9c:bd:cf:7b:96:47:ea:e4:f3:c1:28:66:
c7:36:35:b3:5c:cf:54:c3:32:2d:75:90:f4:35:01:56:f8:e2:
d9:f6:11:e9:c1:6e:ae:24:85:9e:1a:2d:8b:5d:af:f2:57:b7:
13:ba:e9:86:cb:d0:9a:1c:e7:c3:59:30:05:e4:8e:f9:98:6d:
c9:25:5d:02:df:5b:00:1e:ba:72:19:4e:56:54:ff:47:2d:e6:
17:87:7d:86:92:9e:5e:80:80:f5:82:cc:94:09:f7:33:d7:b8:
3f:e7:ea:d7:81:40:3a:58:e1:c4:0b:fa:ff:52:cb:91:03:44:
8e:aa:b0:3a:cd:fd:7d:c7:69:0e:e8:4d:1f:cf:42:46:76:67:
70:b4:bc:e8:ba:a0:5c:ce:6a:38:dd:04:7d:56:9a:47:9f:68:
98:89:49:17:17:46:06:93:38:50:fc:fb:bb:f7:1c:df:e7:49:
58:b2:48:de:0f:a3:be:31:ec:50:9c:80:81:3a:00:4e:d3:b5:
78:f6:ed:b7
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIECJ32KDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
M2I0YjViN2IyMWNhZWJmM2QyMDgwOWY2YzU3MDU5OWYxZDYwNDY4MB4XDTIyMDEw
MTAxNTkxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTZjYWFiOWM3ZDNi
YTgwNWIyZTdiNzBlY2EzODY3MTM0NGZiMGJmMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANRT3t2MoaECAq0o9wUeSccGWvl9kaB3zFbfjykaM9OVd04J
vKIw5BcOPmeP4mKP6O3S3ivYHC84U9JX32R+1MiIfzdobqfNl84Xh/foanZNtmJV
zh4tcJKmJgl/oEmvo+dDDHzYrQJ6t/q4SM0YLfSSI0dN2DZzJ8LA1isJWcF1r/5x
kUKir9yzlUk5wGiPsK1H4DchqbkyulyzZ3C7aLM7xzbnbKHm/WRabC8uHA7F0r58
z32h5iVGzvq7SJyK8Zeq9e0OtdBcZd5NKrjDtCUS+WCfzAPzVf/EAHnyfIEPbvCZ
3Jjl2W8Wd00kK9lphmzMtIU/Z4BQenHkykPYX58CAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBTmyqucfTuoBbLntw7KOGcTRPsL8TAfBgNVHSMEGDAWgBQztLW3shyuvz0g
gJ9sVwWZ8dYEaDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L003UzF0N0ljcnI4OUlJQ2ZiRmNGbWZIV0JHZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmYvODQ2ZDZlLTA0ZWMtNDIxOS04MjIzLTg2MjMzMzVjMGVlMC8x
LzVzcXJuSDA3cUFXeTU3Y095amhuRTBUN0NfRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmYv
ODQ2ZDZlLTA0ZWMtNDIxOS04MjIzLTg2MjMzMzVjMGVlMC8xL003UzF0N0ljcnI4
OUlJQ2ZiRmNGbWZIV0JHZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEArkOCAMEArkhOAMEA9RUIDANBgkq
hkiG9w0BAQsFAAOCAQEAAiJKHTawV+ExDSVThSBPPhLGHqgawVpNJHLIwPI486lN
B+z0I3taAd/0asQw6LejTuGfqkUed52A6J64nL3Pe5ZH6uTzwShmxzY1s1zPVMMy
LXWQ9DUBVvji2fYR6cFuriSFnhoti12v8le3E7rphsvQmhznw1kwBeSO+ZhtySVd
At9bAB66chlOVlT/Ry3mF4d9hpKeXoCA9YLMlAn3M9e4P+fq14FAOljhxAv6/1LL
kQNEjqqwOs39fcdpDuhNH89CRnZncLS86LqgXM5qON0EfVaaR59omIlJFxdGBpM4
UPz7u/cc3+dJWLJI3g+jvjHsUJyAgToATtO1ePbttw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:21 2024 by rpki-client on console-fra.rpki-client.org