Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/846d6e-04ec-4219-8223-8623335c0ee0/1/b7zCN4bNXWf0kePPyoIWIlNlXXI.roa
File: b7zCN4bNXWf0kePPyoIWIlNlXXI.roa (raw, json)
Hash identifier: HNZG6mdH1RBUqtk0IIojFDZgA1I9dG04dsvGyfgTk6o=
Subject key identifier: 6F:BC:C2:37:86:CD:5D:67:F4:91:E3:CF:CA:82:16:22:53:65:5D:72
Certificate issuer: /CN=33b4b5b7b21caebf3d20809f6c570599f1d60468
Certificate serial: 09BFE610
Authority key identifier: 33:B4:B5:B7:B2:1C:AE:BF:3D:20:80:9F:6C:57:05:99:F1:D6:04:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M7S1t7Icrr89IICfbFcFmfHWBGg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/846d6e-04ec-4219-8223-8623335c0ee0/1/b7zCN4bNXWf0kePPyoIWIlNlXXI.roa
Signing time: Wed 04 May 2022 07:43:47 +0000
ROA not before: Wed 04 May 2022 07:43:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201877
IP address blocks: 212.84.32.0/21 maxlen: 22
185.33.56.0/24 maxlen: 24
185.33.58.0/24 maxlen: 24
185.33.56.0/22 maxlen: 22
185.33.57.0/24 maxlen: 24
185.33.59.0/24 maxlen: 24
109.106.28.0/22 maxlen: 22
185.14.8.0/22 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 163571216 (0x9bfe610)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33b4b5b7b21caebf3d20809f6c570599f1d60468
Validity
Not Before: May 4 07:43:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6fbcc23786cd5d67f491e3cfca82162253655d72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:f4:2c:bc:31:08:03:9f:07:40:27:49:71:1a:
7c:07:4b:ba:e7:06:ab:b8:64:e1:f9:86:6a:3c:29:
97:dd:2e:e3:78:fc:3f:98:f2:24:68:fb:f6:9a:ee:
1c:18:ef:17:0a:fc:73:42:ea:16:4b:78:ca:43:3d:
6c:d3:0d:84:ca:c6:2e:30:69:c8:ca:9e:b7:fe:02:
32:fc:c9:4f:85:c0:db:78:1a:70:90:36:d1:af:45:
cc:9d:04:a6:32:d9:d2:fc:42:1b:a1:4f:2f:67:24:
72:1a:d1:ad:e0:8d:58:5d:ef:3d:b2:da:3d:58:0a:
56:01:88:e1:e9:19:b1:7b:84:71:0d:18:34:34:23:
e7:45:f9:15:e3:33:5f:b1:6e:6a:9f:b7:5e:b4:fa:
f8:08:2d:35:e0:bd:e7:66:98:5c:6c:30:dd:4e:27:
94:52:cf:b8:fe:12:f3:d2:e4:a6:bd:93:2b:10:b8:
57:99:e2:4d:10:c9:50:06:91:60:40:ad:ac:bb:61:
5c:8d:ae:70:b3:dc:b9:c2:f4:f3:83:cc:38:05:b4:
02:bd:d0:58:dc:16:5f:a3:ba:c8:b7:7c:7b:17:2f:
89:17:ad:ea:e2:ca:1d:93:8e:a5:a7:58:96:71:c4:
db:da:b7:dc:de:e9:dd:c1:eb:fa:a2:01:41:ec:69:
6a:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:BC:C2:37:86:CD:5D:67:F4:91:E3:CF:CA:82:16:22:53:65:5D:72
X509v3 Authority Key Identifier:
keyid:33:B4:B5:B7:B2:1C:AE:BF:3D:20:80:9F:6C:57:05:99:F1:D6:04:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M7S1t7Icrr89IICfbFcFmfHWBGg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/846d6e-04ec-4219-8223-8623335c0ee0/1/b7zCN4bNXWf0kePPyoIWIlNlXXI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/846d6e-04ec-4219-8223-8623335c0ee0/1/M7S1t7Icrr89IICfbFcFmfHWBGg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.106.28.0/22
185.14.8.0/22
185.33.56.0/22
212.84.32.0/21
Signature Algorithm: sha256WithRSAEncryption
91:24:32:2b:ce:de:17:fb:b8:5a:74:69:13:ff:24:2f:79:a8:
22:4d:f2:b9:62:85:53:af:9d:9d:db:6e:ca:7f:40:1f:20:a1:
c3:19:34:d2:5b:ad:aa:21:c9:62:6e:d9:b1:c8:bf:9e:d6:53:
c0:6d:c3:f1:5b:04:9d:a9:d8:b3:f5:56:0b:42:08:71:38:a9:
4d:58:d8:6d:a3:b0:b2:86:ab:17:d6:c8:f1:c6:f2:6c:20:ef:
0f:c7:7e:a3:5e:b8:ae:c2:08:91:45:8b:ea:6a:7e:fb:c8:08:
c0:0d:dd:9c:ab:09:9b:a9:eb:54:9b:dc:b4:13:45:a4:ac:47:
d3:9c:3c:97:74:68:90:ee:97:c6:26:0d:8f:04:71:78:43:c9:
ee:cd:70:78:e8:6e:8a:cb:72:af:c5:75:bb:c1:7c:b4:08:f6:
3c:c0:f8:4a:60:87:b5:9e:f5:37:26:d0:c7:c2:bc:68:57:ea:
da:48:0b:89:e4:04:1b:b6:35:b4:c2:b6:ae:4b:2d:80:b5:e7:
fe:b0:38:e9:89:3a:5c:e8:22:f2:76:a5:75:fb:07:58:37:fc:
27:63:3e:fa:c0:e2:85:0e:17:e6:5d:84:db:e4:51:e3:7e:85:
74:f8:b7:e2:fa:f9:90:d5:38:e3:51:af:3c:49:8a:c1:79:99:
88:8f:b5:63
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIECb/mEDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
M2I0YjViN2IyMWNhZWJmM2QyMDgwOWY2YzU3MDU5OWYxZDYwNDY4MB4XDTIyMDUw
NDA3NDM0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmZiY2MyMzc4NmNk
NWQ2N2Y0OTFlM2NmY2E4MjE2MjI1MzY1NWQ3MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL30LLwxCAOfB0AnSXEafAdLuucGq7hk4fmGajwpl90u43j8
P5jyJGj79pruHBjvFwr8c0LqFkt4ykM9bNMNhMrGLjBpyMqet/4CMvzJT4XA23ga
cJA20a9FzJ0EpjLZ0vxCG6FPL2ckchrRreCNWF3vPbLaPVgKVgGI4ekZsXuEcQ0Y
NDQj50X5FeMzX7Fuap+3XrT6+AgtNeC952aYXGww3U4nlFLPuP4S89Lkpr2TKxC4
V5niTRDJUAaRYECtrLthXI2ucLPcucL084PMOAW0Ar3QWNwWX6O6yLd8excviRet
6uLKHZOOpadYlnHE29q33N7p3cHr+qIBQexpahsCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBRvvMI3hs1dZ/SR48/KghYiU2VdcjAfBgNVHSMEGDAWgBQztLW3shyuvz0g
gJ9sVwWZ8dYEaDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L003UzF0N0ljcnI4OUlJQ2ZiRmNGbWZIV0JHZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmYvODQ2ZDZlLTA0ZWMtNDIxOS04MjIzLTg2MjMzMzVjMGVlMC8x
L2I3ekNONGJOWFdmMGtlUFB5b0lXSWxObFhYSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmYv
ODQ2ZDZlLTA0ZWMtNDIxOS04MjIzLTg2MjMzMzVjMGVlMC8xL003UzF0N0ljcnI4
OUlJQ2ZiRmNGbWZIV0JHZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAm1qHAMEArkOCAMEArkhOAMEA9RU
IDANBgkqhkiG9w0BAQsFAAOCAQEAkSQyK87eF/u4WnRpE/8kL3moIk3yuWKFU6+d
ndtuyn9AHyChwxk00lutqiHJYm7Zsci/ntZTwG3D8VsEnanYs/VWC0IIcTipTVjY
baOwsoarF9bI8cbybCDvD8d+o164rsIIkUWL6mp++8gIwA3dnKsJm6nrVJvctBNF
pKxH05w8l3RokO6XxiYNjwRxeEPJ7s1weOhuistyr8V1u8F8tAj2PMD4SmCHtZ71
NybQx8K8aFfq2kgLieQEG7Y1tMK2rkstgLXn/rA46Yk6XOgi8naldfsHWDf8J2M+
+sDihQ4X5l2E2+RR436FdPi34vr5kNU441GvPEmKwXmZiI+1Yw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:01 2024 by rpki-client on console-ams.rpki-client.org