Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/2640df-b5d1-4c00-b2f2-5e5b8b28059a/1/6EFnKzv2yCV07Rgtfl0G8UL4JNU.roa
File: 6EFnKzv2yCV07Rgtfl0G8UL4JNU.roa (raw, json)
Hash identifier: pNEya2rxA/WdJulIgA794cCsVbQZzQM3m6+9iMoVLD0=
Subject key identifier: E8:41:67:2B:3B:F6:C8:25:74:ED:18:2D:7E:5D:06:F1:42:F8:24:D5
Certificate issuer: /CN=09d1a634bbb7aefad87d121a5fe545648738c8c5
Certificate serial: 0184CDC0E2EDAC9EBE2A53B07436C1CDDF79
Authority key identifier: 09:D1:A6:34:BB:B7:AE:FA:D8:7D:12:1A:5F:E5:45:64:87:38:C8:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CdGmNLu3rvrYfRIaX-VFZIc4yMU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/2640df-b5d1-4c00-b2f2-5e5b8b28059a/1/6EFnKzv2yCV07Rgtfl0G8UL4JNU.roa
Signing time: Thu 01 Dec 2022 12:54:40 +0000
ROA not before: Thu 01 Dec 2022 12:54:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1299
IP address blocks: 185.254.133.0/24 maxlen: 24
185.254.134.0/24 maxlen: 24
185.254.135.0/24 maxlen: 24
185.121.28.0/24 maxlen: 24
185.121.29.0/24 maxlen: 24
185.121.30.0/24 maxlen: 24
185.121.31.0/24 maxlen: 24
185.40.185.0/24 maxlen: 24
185.40.186.0/24 maxlen: 24
185.40.184.0/24 maxlen: 24
185.40.187.0/24 maxlen: 24
185.254.132.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:cd:c0:e2:ed:ac:9e:be:2a:53:b0:74:36:c1:cd:df:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=09d1a634bbb7aefad87d121a5fe545648738c8c5
Validity
Not Before: Dec 1 12:54:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e841672b3bf6c82574ed182d7e5d06f142f824d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:a8:a0:ee:a3:70:07:1a:29:dc:83:65:31:ff:
9f:5e:6c:9e:5a:f8:d8:44:18:44:f5:e4:92:c6:93:
25:7e:cf:45:33:f2:9f:28:6d:7f:20:b1:8a:f5:7c:
16:61:4b:b9:08:21:14:2c:b1:f8:a5:6f:88:5b:bf:
80:cf:ae:51:82:a5:91:a9:36:bf:e0:39:bf:e4:af:
8d:89:7d:4c:be:e4:7a:c5:c1:2c:fb:7b:96:36:53:
07:81:4f:a8:9f:b5:65:41:eb:5e:d6:62:3a:21:7d:
76:3c:b8:74:54:aa:28:92:c0:e9:e6:12:66:24:56:
16:f3:00:55:43:5c:c1:0e:27:ed:de:2d:bd:d2:3d:
17:35:82:fa:c2:52:f1:af:c8:e5:bf:40:5c:a8:80:
9a:a4:f6:b2:0b:9b:2d:04:82:87:e2:6a:4f:08:ba:
b0:1a:cf:16:07:b9:37:13:53:bf:02:2a:58:f1:f7:
aa:93:e3:b9:68:3a:ec:27:e2:01:c4:fc:53:a5:70:
6b:27:8b:84:a1:44:be:9f:b2:96:49:b4:c6:b9:20:
5b:5d:f5:9d:5b:41:dd:e5:61:c3:1b:86:be:84:8c:
12:3a:4b:c4:a3:56:7e:bc:be:4a:79:3b:fa:16:fd:
69:a9:e0:45:26:b0:8e:46:e3:8e:64:67:43:0f:ee:
95:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:41:67:2B:3B:F6:C8:25:74:ED:18:2D:7E:5D:06:F1:42:F8:24:D5
X509v3 Authority Key Identifier:
keyid:09:D1:A6:34:BB:B7:AE:FA:D8:7D:12:1A:5F:E5:45:64:87:38:C8:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CdGmNLu3rvrYfRIaX-VFZIc4yMU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/2640df-b5d1-4c00-b2f2-5e5b8b28059a/1/6EFnKzv2yCV07Rgtfl0G8UL4JNU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/2640df-b5d1-4c00-b2f2-5e5b8b28059a/1/CdGmNLu3rvrYfRIaX-VFZIc4yMU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.40.184.0/22
185.121.28.0/22
185.254.132.0/22
Signature Algorithm: sha256WithRSAEncryption
a5:d7:ef:fe:c1:ac:3d:50:07:87:5d:a0:96:5b:1c:50:8d:63:
6d:be:e7:fb:8a:e2:37:7a:ba:1c:b9:9c:ab:87:81:eb:9b:3c:
0b:49:e9:94:83:05:3a:67:94:ae:70:7f:9e:42:06:29:14:08:
65:c2:2e:71:76:93:37:2a:35:1e:c0:d2:97:82:5e:29:e6:49:
d2:d9:31:1a:66:1f:e8:e6:0d:59:80:f1:1c:05:3c:6d:67:0f:
90:62:94:f3:03:c2:cf:3b:10:2f:83:e7:cf:ef:65:a6:77:39:
c7:d7:64:b4:e0:a6:b8:a9:f5:94:c7:91:42:b5:f1:8e:a9:5e:
8c:e5:d4:3d:b5:49:49:da:db:ff:cd:f8:06:b7:cc:8d:b5:a2:
8f:7d:34:b5:f0:d2:c6:31:fc:ed:98:96:0d:07:10:fc:1c:df:
52:e1:50:f9:46:bf:a3:0f:9c:d6:13:60:e5:a9:30:02:7a:bc:
d0:50:3d:2c:5e:81:5d:62:d3:4e:ef:5d:8a:16:c0:cd:9e:2e:
9b:93:e5:7a:d9:69:9c:31:7f:46:26:3d:62:ed:3c:8a:60:72:
be:bf:03:fa:cc:47:c9:13:77:52:9e:ef:5f:5a:50:a1:2c:66:
62:49:75:84:bc:3d:d8:5e:68:84:24:9d:04:54:1b:45:19:ce:
c0:da:29:3f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYTNwOLtrJ6+KlOwdDbBzd95MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5ZDFhNjM0YmJiN2FlZmFkODdkMTIxYTVmZTU0NTY0ODcz
OGM4YzUwHhcNMjIxMjAxMTI1NDQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODQxNjcyYjNiZjZjODI1NzRlZDE4MmQ3ZTVkMDZmMTQyZjgyNGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjaig7qNwBxop3INlMf+fXmyeWvjY
RBhE9eSSxpMlfs9FM/KfKG1/ILGK9XwWYUu5CCEULLH4pW+IW7+Az65RgqWRqTa/
4Dm/5K+NiX1MvuR6xcEs+3uWNlMHgU+on7VlQete1mI6IX12PLh0VKooksDp5hJm
JFYW8wBVQ1zBDift3i290j0XNYL6wlLxr8jlv0BcqICapPayC5stBIKH4mpPCLqw
Gs8WB7k3E1O/AipY8feqk+O5aDrsJ+IBxPxTpXBrJ4uEoUS+n7KWSbTGuSBbXfWd
W0Hd5WHDG4a+hIwSOkvEo1Z+vL5KeTv6Fv1pqeBFJrCORuOOZGdDD+6VtwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOhBZys79sgldO0YLX5dBvFC+CTVMB8GA1UdIwQY
MBaAFAnRpjS7t6762H0SGl/lRWSHOMjFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2RHbU5MdTNydnJZZlJJYVgtVkZaSWM0eU1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC8yNjQwZGYtYjVkMS00YzAwLWIyZjIt
NWU1YjhiMjgwNTlhLzEvNkVGbkt6djJ5Q1YwN1JndGZsMEc4VUw0Sk5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC8yNjQwZGYtYjVkMS00YzAwLWIyZjItNWU1YjhiMjgwNTlh
LzEvQ2RHbU5MdTNydnJZZlJJYVgtVkZaSWM0eU1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCuSi4AwQC
uXkcAwQCuf6EMA0GCSqGSIb3DQEBCwUAA4IBAQCl1+/+waw9UAeHXaCWWxxQjWNt
vuf7iuI3erocuZyrh4HrmzwLSemUgwU6Z5SucH+eQgYpFAhlwi5xdpM3KjUewNKX
gl4p5knS2TEaZh/o5g1ZgPEcBTxtZw+QYpTzA8LPOxAvg+fP72WmdznH12S04Ka4
qfWUx5FCtfGOqV6M5dQ9tUlJ2tv/zfgGt8yNtaKPfTS18NLGMfztmJYNBxD8HN9S
4VD5Rr+jD5zWE2DlqTACerzQUD0sXoFdYtNO712KFsDNni6bk+V62WmcMX9GJj1i
7TyKYHK+vwP6zEfJE3dSnu9fWlChLGZiSXWEvD3YXmiEJJ0EVBtFGc7A2ik/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:04 2024 by rpki-client on console-fra.rpki-client.org