Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/dd7beb-6f78-419b-957d-37a60c335a5d/1/h6W2QaXH6CuQhSfEWHV2Gy_5Mm0.roa
File: h6W2QaXH6CuQhSfEWHV2Gy_5Mm0.roa (raw, json)
Hash identifier: mbBDJPAUtlv2fqsY0eD3Ci3ztWeARuetnm9ub46o3BE=
Subject key identifier: 87:A5:B6:41:A5:C7:E8:2B:90:85:27:C4:58:75:76:1B:2F:F9:32:6D
Certificate issuer: /CN=7e45a9a0353a33c6a4f93608f9d25f27c85948b7
Certificate serial: 38010F2D
Authority key identifier: 7E:45:A9:A0:35:3A:33:C6:A4:F9:36:08:F9:D2:5F:27:C8:59:48:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fkWpoDU6M8ak-TYI-dJfJ8hZSLc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/dd7beb-6f78-419b-957d-37a60c335a5d/1/h6W2QaXH6CuQhSfEWHV2Gy_5Mm0.roa
Signing time: Tue 26 Apr 2022 09:05:24 +0000
ROA not before: Tue 26 Apr 2022 09:05:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43207
IP address blocks: 46.231.8.0/21 maxlen: 24
185.44.248.0/22 maxlen: 24
151.249.64.0/20 maxlen: 24
85.95.32.0/19 maxlen: 19
209.35.128.0/20 maxlen: 20
185.168.144.0/22 maxlen: 22
91.214.228.0/22 maxlen: 24
5.133.172.0/22 maxlen: 24
2a01:5640::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 939593517 (0x38010f2d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e45a9a0353a33c6a4f93608f9d25f27c85948b7
Validity
Not Before: Apr 26 09:05:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=87a5b641a5c7e82b908527c45875761b2ff9326d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:7a:5e:f0:89:2d:6d:e5:fa:e2:f3:b0:d2:45:
41:5d:dc:94:e1:55:2d:cf:09:44:ab:70:64:11:cb:
53:2e:84:fc:33:f1:96:9f:b0:d0:a1:da:d1:fa:fd:
83:ab:77:44:e4:22:ea:08:ef:d5:c2:bd:b8:5b:a5:
c9:a2:c5:43:ee:1a:25:3b:d1:e4:55:1e:87:a6:f8:
5c:32:11:57:e9:f2:17:fc:c0:93:e5:b3:1d:85:86:
9e:27:01:aa:8f:5c:c9:f1:cd:7b:08:5b:7a:b5:f8:
29:4f:fe:f4:0e:c2:a9:46:b4:ca:aa:f3:81:31:ec:
3e:00:dc:bb:2c:31:16:5f:43:25:92:37:f4:02:9a:
f2:55:ed:bf:1c:a2:4b:64:a3:6c:cd:74:17:05:6a:
8c:20:f1:ec:f4:bc:35:68:d4:70:25:45:db:84:d0:
7f:f3:57:73:43:a1:18:8c:cb:25:a7:e4:21:f6:24:
7e:a0:d6:36:e5:f4:b6:01:c7:0e:b2:75:5c:d1:9f:
ee:df:43:e3:8a:fd:f9:d7:4c:11:ad:d8:8a:e5:b4:
70:19:a3:32:d3:3d:0d:7b:63:22:0c:45:54:0b:17:
79:92:d1:69:7a:6b:7c:9b:cd:e3:0d:cf:b2:af:61:
18:5f:17:c1:3e:d6:2e:41:7b:73:c4:6b:b3:ec:24:
fe:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:A5:B6:41:A5:C7:E8:2B:90:85:27:C4:58:75:76:1B:2F:F9:32:6D
X509v3 Authority Key Identifier:
keyid:7E:45:A9:A0:35:3A:33:C6:A4:F9:36:08:F9:D2:5F:27:C8:59:48:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fkWpoDU6M8ak-TYI-dJfJ8hZSLc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/dd7beb-6f78-419b-957d-37a60c335a5d/1/h6W2QaXH6CuQhSfEWHV2Gy_5Mm0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/dd7beb-6f78-419b-957d-37a60c335a5d/1/fkWpoDU6M8ak-TYI-dJfJ8hZSLc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.172.0/22
46.231.8.0/21
85.95.32.0/19
91.214.228.0/22
151.249.64.0/20
185.44.248.0/22
185.168.144.0/22
209.35.128.0/20
IPv6:
2a01:5640::/32
Signature Algorithm: sha256WithRSAEncryption
00:fc:51:34:54:8f:69:45:0a:ae:18:07:39:13:e5:e1:2b:f7:
de:6c:a1:14:6c:c9:c1:48:ee:eb:37:90:d9:11:a2:e0:3a:80:
ea:fb:62:9f:12:cf:c2:a5:83:52:7c:02:f5:57:64:9e:7e:18:
87:b9:43:9d:cf:1d:25:59:84:c6:a6:03:b3:50:54:42:07:e8:
53:fa:5b:1c:35:25:cc:3c:9a:d4:0d:1a:c0:02:0b:d4:07:f2:
47:91:ce:da:b6:75:c3:73:63:28:f8:5a:4b:94:57:cd:8f:48:
e1:4f:09:bc:bc:a9:d3:e9:68:eb:8f:61:c7:d6:26:87:90:94:
80:92:a0:e6:ef:9f:8e:49:1d:26:b2:e8:da:24:f8:06:6c:db:
aa:7f:8e:36:2b:1b:a4:10:f7:71:00:bc:86:23:98:44:0d:e3:
c8:06:f0:79:1a:29:b7:1b:09:9d:ad:d5:4e:7d:4b:d4:70:01:
30:e4:d0:29:a0:2f:c5:90:fd:88:6d:13:5a:bf:8d:93:00:ea:
ab:6f:5f:e5:c9:3f:8e:50:3f:20:c8:44:b4:c0:f4:97:15:96:
a7:5a:46:ef:8f:14:5c:30:17:62:fc:92:a4:24:31:24:9a:16:
b5:15:10:21:5e:8b:be:a1:ce:73:e0:ac:9f:42:da:0c:b8:b0:
e3:cc:1f:e9
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIEOAEPLTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
ZTQ1YTlhMDM1M2EzM2M2YTRmOTM2MDhmOWQyNWYyN2M4NTk0OGI3MB4XDTIyMDQy
NjA5MDUyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODdhNWI2NDFhNWM3
ZTgyYjkwODUyN2M0NTg3NTc2MWIyZmY5MzI2ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL16XvCJLW3l+uLzsNJFQV3clOFVLc8JRKtwZBHLUy6E/DPx
lp+w0KHa0fr9g6t3ROQi6gjv1cK9uFulyaLFQ+4aJTvR5FUeh6b4XDIRV+nyF/zA
k+WzHYWGnicBqo9cyfHNewhberX4KU/+9A7CqUa0yqrzgTHsPgDcuywxFl9DJZI3
9AKa8lXtvxyiS2SjbM10FwVqjCDx7PS8NWjUcCVF24TQf/NXc0OhGIzLJafkIfYk
fqDWNuX0tgHHDrJ1XNGf7t9D44r9+ddMEa3YiuW0cBmjMtM9DXtjIgxFVAsXeZLR
aXprfJvN4w3Psq9hGF8XwT7WLkF7c8Rrs+wk/p8CAwEAAaOCAkIwggI+MB0GA1Ud
DgQWBBSHpbZBpcfoK5CFJ8RYdXYbL/kybTAfBgNVHSMEGDAWgBR+RamgNTozxqT5
Ngj50l8nyFlItzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ZrV3BvRFU2TThhay1UWUktZEpmSjhoWlNMYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmYvZGQ3YmViLTZmNzgtNDE5Yi05NTdkLTM3YTYwYzMzNWE1ZC8x
L2g2VzJRYVhINkN1UWhTZkVXSFYyR3lfNU1tMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmYv
ZGQ3YmViLTZmNzgtNDE5Yi05NTdkLTM3YTYwYzMzNWE1ZC8xL2ZrV3BvRFU2TThh
ay1UWUktZEpmSjhoWlNMYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBY
BggrBgEFBQcBBwEB/wRJMEcwNgQCAAEwMAMEAgWFrAMEAy7nCAMEBVVfIAMEAlvW
5AMEBJf5QAMEArks+AMEArmokAMEBNEjgDANBAIAAjAHAwUAKgFWQDANBgkqhkiG
9w0BAQsFAAOCAQEAAPxRNFSPaUUKrhgHORPl4Sv33myhFGzJwUju6zeQ2RGi4DqA
6vtinxLPwqWDUnwC9Vdknn4Yh7lDnc8dJVmExqYDs1BUQgfoU/pbHDUlzDya1A0a
wAIL1AfyR5HO2rZ1w3NjKPhaS5RXzY9I4U8JvLyp0+lo649hx9Ymh5CUgJKg5u+f
jkkdJrLo2iT4Bmzbqn+ONisbpBD3cQC8hiOYRA3jyAbweRoptxsJna3VTn1L1HAB
MOTQKaAvxZD9iG0TWr+NkwDqq29f5ck/jlA/IMhEtMD0lxWWp1pG748UXDAXYvyS
pCQxJJoWtRUQIV6LvqHOc+Csn0LaDLiw48wf6Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:23 2024 by rpki-client on console-fra.rpki-client.org