Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/06eab0-6c6e-4c95-bbdc-916047062a22/1/sQWzREc81mi2_kg3NIqjql6wBm0.roa
File: sQWzREc81mi2_kg3NIqjql6wBm0.roa (raw, json)
Hash identifier: L3491seFhOLdY/4LY65E84Jg0lPQ+QWk4paxrPwhYEU=
Subject key identifier: B1:05:B3:44:47:3C:D6:68:B6:FE:48:37:34:8A:A3:AA:5E:B0:06:6D
Certificate issuer: /CN=9c1cd1b3c8772956fa85535a8464b4ca19663ade
Certificate serial: 131B6D26
Authority key identifier: 9C:1C:D1:B3:C8:77:29:56:FA:85:53:5A:84:64:B4:CA:19:66:3A:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nBzRs8h3KVb6hVNahGS0yhlmOt4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/06eab0-6c6e-4c95-bbdc-916047062a22/1/sQWzREc81mi2_kg3NIqjql6wBm0.roa
Signing time: Sat 01 Jan 2022 07:55:59 +0000
ROA not before: Sat 01 Jan 2022 07:55:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203374
IP address blocks: 185.136.240.0/22 maxlen: 22
185.136.240.0/23 maxlen: 23
185.136.240.0/24 maxlen: 24
185.136.243.0/24 maxlen: 24
185.136.242.0/24 maxlen: 24
185.136.242.0/23 maxlen: 23
185.136.241.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 320564518 (0x131b6d26)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c1cd1b3c8772956fa85535a8464b4ca19663ade
Validity
Not Before: Jan 1 07:55:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b105b344473cd668b6fe4837348aa3aa5eb0066d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:fe:b0:b5:68:a0:fc:28:02:ea:e8:7d:13:f5:
d7:e7:7f:f5:a8:67:8f:00:c1:6c:13:5c:fc:17:5f:
69:8b:b7:e4:68:1f:a5:1f:55:b9:36:c7:8c:dc:3e:
13:cf:ae:6b:b0:a2:ec:0e:c0:da:c3:b5:79:42:69:
ee:02:8c:ba:46:c7:f5:0d:aa:7d:37:c2:bf:d2:74:
26:50:ea:f2:8f:f9:8f:c8:3e:2d:4e:35:e3:f1:ba:
26:43:d5:ac:a6:ee:a6:d8:e5:a8:66:76:1d:3c:d2:
9f:ed:d9:44:01:bc:62:49:b2:55:81:67:55:cc:5a:
0f:51:ed:68:45:2c:5d:aa:6e:a4:5a:f4:cc:26:60:
0c:3b:14:ec:5f:e1:c5:fc:45:94:8b:86:11:eb:3e:
da:2c:c5:4c:f3:a8:d4:11:b9:e5:b9:79:c8:49:e4:
57:44:d4:b7:bc:57:3e:fd:a2:65:4c:9f:af:10:17:
da:78:58:5d:4a:eb:84:b8:09:8a:82:a0:8b:c3:ed:
33:cb:a0:c5:63:45:72:b7:c9:5e:0d:78:02:7a:aa:
c0:f9:da:e7:18:8e:01:d7:5d:f4:ea:81:9a:ca:69:
4a:48:95:13:53:47:28:7a:dc:38:25:0b:e1:04:8e:
cf:25:7e:38:76:62:e9:1a:4f:ad:b3:46:34:32:1d:
ce:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:05:B3:44:47:3C:D6:68:B6:FE:48:37:34:8A:A3:AA:5E:B0:06:6D
X509v3 Authority Key Identifier:
keyid:9C:1C:D1:B3:C8:77:29:56:FA:85:53:5A:84:64:B4:CA:19:66:3A:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nBzRs8h3KVb6hVNahGS0yhlmOt4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/06eab0-6c6e-4c95-bbdc-916047062a22/1/sQWzREc81mi2_kg3NIqjql6wBm0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/06eab0-6c6e-4c95-bbdc-916047062a22/1/nBzRs8h3KVb6hVNahGS0yhlmOt4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.136.240.0/22
Signature Algorithm: sha256WithRSAEncryption
8a:6b:69:8d:a1:ef:8c:c2:2a:e4:dd:a4:bd:3e:8c:8e:3d:09:
63:2e:67:bd:78:62:26:f7:9e:07:21:e8:f8:e4:1f:e3:8b:a5:
ac:31:a6:c5:ac:9a:48:5a:f2:dd:31:ab:81:62:8d:e0:92:cd:
24:16:e5:34:f3:b6:cf:9d:af:ab:fa:a3:4e:5d:7b:f0:f6:26:
3c:51:78:72:f0:b4:88:76:4c:90:6d:a0:8d:00:5b:e4:f6:a5:
63:7b:76:72:30:2c:04:31:b3:aa:0a:74:f9:54:2e:b4:d4:1e:
80:2c:40:f2:2e:45:b8:df:57:57:31:48:ee:85:b5:34:3f:5e:
fa:f7:9c:b3:f1:a3:04:8f:39:93:aa:6d:ad:06:63:eb:23:68:
ae:db:67:d2:21:f1:50:3b:f0:c4:f3:07:e2:d4:34:54:c2:18:
1c:0b:4d:00:20:68:58:a4:b2:5f:09:c5:38:10:c5:bf:c0:26:
5a:c3:9c:9c:72:b7:0f:05:80:4c:92:55:6e:9b:5d:db:ac:12:
1b:c5:ad:83:c9:85:7c:36:be:b1:41:07:bd:91:a1:5f:ef:0e:
33:17:4c:37:5f:cc:9d:a9:e2:31:43:95:90:00:73:1e:4f:9a:
c7:7e:2b:3e:0b:72:2d:24:c4:1b:a8:97:16:32:7e:60:7f:7b:
86:54:99:39
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEExttJjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
YzFjZDFiM2M4NzcyOTU2ZmE4NTUzNWE4NDY0YjRjYTE5NjYzYWRlMB4XDTIyMDEw
MTA3NTU1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjEwNWIzNDQ0NzNj
ZDY2OGI2ZmU0ODM3MzQ4YWEzYWE1ZWIwMDY2ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKH+sLVooPwoAurofRP11+d/9ahnjwDBbBNc/BdfaYu35Ggf
pR9VuTbHjNw+E8+ua7Ci7A7A2sO1eUJp7gKMukbH9Q2qfTfCv9J0JlDq8o/5j8g+
LU414/G6JkPVrKbuptjlqGZ2HTzSn+3ZRAG8YkmyVYFnVcxaD1HtaEUsXapupFr0
zCZgDDsU7F/hxfxFlIuGEes+2izFTPOo1BG55bl5yEnkV0TUt7xXPv2iZUyfrxAX
2nhYXUrrhLgJioKgi8PtM8ugxWNFcrfJXg14AnqqwPna5xiOAddd9OqBmsppSkiV
E1NHKHrcOCUL4QSOzyV+OHZi6RpPrbNGNDIdzicCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSxBbNERzzWaLb+SDc0iqOqXrAGbTAfBgNVHSMEGDAWgBScHNGzyHcpVvqF
U1qEZLTKGWY63jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L25CelJzOGgzS1ZiNmhWTmFoR1MweWhsbU90NC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzcvMDZlYWIwLTZjNmUtNGM5NS1iYmRjLTkxNjA0NzA2MmEyMi8x
L3NRV3pSRWM4MW1pMl9rZzNOSXFqcWw2d0JtMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzcv
MDZlYWIwLTZjNmUtNGM5NS1iYmRjLTkxNjA0NzA2MmEyMi8xL25CelJzOGgzS1Zi
NmhWTmFoR1MweWhsbU90NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArmI8DANBgkqhkiG9w0BAQsFAAOC
AQEAimtpjaHvjMIq5N2kvT6Mjj0JYy5nvXhiJveeByHo+OQf44ulrDGmxayaSFry
3TGrgWKN4JLNJBblNPO2z52vq/qjTl178PYmPFF4cvC0iHZMkG2gjQBb5PalY3t2
cjAsBDGzqgp0+VQutNQegCxA8i5FuN9XVzFI7oW1ND9e+vecs/GjBI85k6ptrQZj
6yNorttn0iHxUDvwxPMH4tQ0VMIYHAtNACBoWKSyXwnFOBDFv8AmWsOcnHK3DwWA
TJJVbptd26wSG8Wtg8mFfDa+sUEHvZGhX+8OMxdMN1/MnaniMUOVkABzHk+ax34r
PgtyLSTEG6iXFjJ+YH97hlSZOQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:56:46 2025 by rpki-client