Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/39a5fc-d26e-4d53-91e3-493d774aa1ff/1/6PhGdfeLhEYQDqGxwqe-Zbj_dJc.roa
File: 6PhGdfeLhEYQDqGxwqe-Zbj_dJc.roa (raw, json)
Hash identifier: fEa2Y1BXz+IvH+j9/Er+04u1EGPzzmaN6R7OgMIfU5M=
Subject key identifier: E8:F8:46:75:F7:8B:84:46:10:0E:A1:B1:C2:A7:BE:65:B8:FF:74:97
Certificate issuer: /CN=3e24c7ecfa37d2487152fb9bbbab50be79de2619
Certificate serial: 10B4F970
Authority key identifier: 3E:24:C7:EC:FA:37:D2:48:71:52:FB:9B:BB:AB:50:BE:79:DE:26:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PiTH7Po30khxUvubu6tQvnneJhk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/39a5fc-d26e-4d53-91e3-493d774aa1ff/1/6PhGdfeLhEYQDqGxwqe-Zbj_dJc.roa
Signing time: Sat 01 Jan 2022 03:53:11 +0000
ROA not before: Sat 01 Jan 2022 03:53:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 36351
IP address blocks: 185.125.85.0/24 maxlen: 24
185.125.84.0/24 maxlen: 24
193.0.180.0/24 maxlen: 24
185.125.87.0/24 maxlen: 24
193.0.181.0/24 maxlen: 24
185.71.228.0/24 maxlen: 24
185.71.231.0/24 maxlen: 24
185.71.229.0/24 maxlen: 24
2a05:3343::/42 maxlen: 42
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 280295792 (0x10b4f970)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e24c7ecfa37d2487152fb9bbbab50be79de2619
Validity
Not Before: Jan 1 03:53:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e8f84675f78b8446100ea1b1c2a7be65b8ff7497
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:52:b2:35:2f:d6:ba:9f:25:96:3c:f1:a4:6a:
26:e5:57:40:56:b4:03:7a:6e:45:de:00:c4:93:e6:
db:92:1a:7a:90:6e:7b:bd:30:f0:e3:fd:c5:04:66:
41:c9:41:fe:66:23:cb:91:9e:90:e1:31:e9:2c:e6:
88:69:1a:14:20:f8:67:98:06:a5:8a:97:45:ce:3e:
46:75:3b:8c:be:a3:6a:ec:ec:d1:d0:ad:c8:9c:5d:
ba:09:f6:f9:d8:44:94:cf:15:f7:d8:69:97:c9:f2:
5e:12:0b:3c:0d:f1:37:fe:aa:e7:10:52:19:7c:93:
9e:bf:a3:fc:70:ac:63:4f:50:a3:bb:c7:ed:f4:ef:
6d:4b:2f:b5:a6:7e:b3:01:f1:28:65:31:bd:fd:3b:
ad:3b:8c:0d:ae:ef:66:e8:a0:f2:f1:cf:06:e1:e1:
61:ab:c5:f9:5a:33:71:6e:06:f1:ba:f6:ca:e5:d7:
09:fd:a9:24:ff:60:f5:b2:a8:83:6e:6e:aa:a6:71:
13:85:d0:24:af:1d:fd:9a:4f:3a:b9:af:ab:dd:63:
62:64:3a:99:36:a2:c6:76:9d:0a:7f:25:cd:5e:dd:
5a:72:3a:b7:03:48:9a:7b:f8:9f:21:1d:b0:0d:4f:
2f:cd:4b:84:e4:4f:02:51:d0:9c:03:58:eb:47:8f:
c0:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:F8:46:75:F7:8B:84:46:10:0E:A1:B1:C2:A7:BE:65:B8:FF:74:97
X509v3 Authority Key Identifier:
keyid:3E:24:C7:EC:FA:37:D2:48:71:52:FB:9B:BB:AB:50:BE:79:DE:26:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PiTH7Po30khxUvubu6tQvnneJhk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/39a5fc-d26e-4d53-91e3-493d774aa1ff/1/6PhGdfeLhEYQDqGxwqe-Zbj_dJc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/39a5fc-d26e-4d53-91e3-493d774aa1ff/1/PiTH7Po30khxUvubu6tQvnneJhk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.71.228.0/23
185.71.231.0/24
185.125.84.0/23
185.125.87.0/24
193.0.180.0/23
IPv6:
2a05:3343::/42
Signature Algorithm: sha256WithRSAEncryption
b3:06:f3:2d:1f:ce:43:0e:56:cc:c7:d3:79:40:18:51:44:d5:
ea:13:a9:c5:7b:82:76:44:f5:39:84:78:e6:a7:91:4a:be:a9:
9a:44:59:3d:33:da:02:6a:3d:8a:15:a9:5f:dc:dd:fd:e1:9e:
79:64:d7:44:bc:2d:40:06:85:fd:8d:7d:03:9a:ab:19:ad:de:
1f:3a:54:61:94:11:43:cc:70:fa:e3:4e:e2:0a:a1:8b:c1:d5:
2d:76:50:f1:b7:a2:9b:47:61:3b:4d:b2:4a:87:d5:f1:0a:b9:
16:b7:65:dd:07:d8:5b:e7:be:1a:79:7c:3e:68:ae:cd:06:1d:
f6:03:e3:cf:17:75:fa:da:ee:94:ed:c6:ea:ee:bd:01:70:ba:
68:90:6b:b0:f4:70:1d:6b:f1:83:f4:71:66:03:15:39:22:94:
ad:c8:ec:5e:cd:61:b7:eb:fc:9f:44:3e:c7:4f:e4:a7:1b:48:
e8:ef:da:c4:c6:9d:2c:1f:6d:46:6c:3c:4c:36:37:6a:33:d3:
2f:29:eb:f1:ef:3d:63:9c:49:e9:d2:5b:d8:7d:3e:2f:c1:85:
65:4d:27:ab:67:a3:58:a1:a9:1b:25:a5:d4:bb:7b:c7:b7:38:
e2:a6:14:51:c1:f2:9c:17:35:1d:b2:54:ff:2b:df:f9:54:aa:
1a:b1:d8:25
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgIEELT5cDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
ZTI0YzdlY2ZhMzdkMjQ4NzE1MmZiOWJiYmFiNTBiZTc5ZGUyNjE5MB4XDTIyMDEw
MTAzNTMxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZThmODQ2NzVmNzhi
ODQ0NjEwMGVhMWIxYzJhN2JlNjViOGZmNzQ5NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANlSsjUv1rqfJZY88aRqJuVXQFa0A3puRd4AxJPm25IaepBu
e70w8OP9xQRmQclB/mYjy5GekOEx6SzmiGkaFCD4Z5gGpYqXRc4+RnU7jL6jauzs
0dCtyJxdugn2+dhElM8V99hpl8nyXhILPA3xN/6q5xBSGXyTnr+j/HCsY09Qo7vH
7fTvbUsvtaZ+swHxKGUxvf07rTuMDa7vZuig8vHPBuHhYavF+VozcW4G8br2yuXX
Cf2pJP9g9bKog25uqqZxE4XQJK8d/ZpPOrmvq91jYmQ6mTaixnadCn8lzV7dWnI6
twNImnv4nyEdsA1PL81LhORPAlHQnANY60ePwFcCAwEAAaOCAjIwggIuMB0GA1Ud
DgQWBBTo+EZ194uERhAOobHCp75luP90lzAfBgNVHSMEGDAWgBQ+JMfs+jfSSHFS
+5u7q1C+ed4mGTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1BpVEg3UG8zMGtoeFV2dWJ1NnRRdm5uZUpoay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2EvMzlhNWZjLWQyNmUtNGQ1My05MWUzLTQ5M2Q3NzRhYTFmZi8x
LzZQaEdkZmVMaEVZUURxR3h3cWUtWmJqX2RKYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Ev
MzlhNWZjLWQyNmUtNGQ1My05MWUzLTQ5M2Q3NzRhYTFmZi8xL1BpVEg3UG8zMGto
eFV2dWJ1NnRRdm5uZUpoay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBI
BggrBgEFBQcBBwEB/wQ5MDcwJAQCAAEwHgMEAblH5AMEALlH5wMEAbl9VAMEALl9
VwMEAcEAtDAPBAIAAjAJAwcGKgUzQwAAMA0GCSqGSIb3DQEBCwUAA4IBAQCzBvMt
H85DDlbMx9N5QBhRRNXqE6nFe4J2RPU5hHjmp5FKvqmaRFk9M9oCaj2KFalf3N39
4Z55ZNdEvC1ABoX9jX0DmqsZrd4fOlRhlBFDzHD6407iCqGLwdUtdlDxt6KbR2E7
TbJKh9XxCrkWt2XdB9hb574aeXw+aK7NBh32A+PPF3X62u6U7cbq7r0BcLpokGuw
9HAda/GD9HFmAxU5IpStyOxezWG36/yfRD7HT+SnG0jo79rExp0sH21GbDxMNjdq
M9MvKevx7z1jnEnp0lvYfT4vwYVlTSerZ6NYoakbJaXUu3vHtzjiphRRwfKcFzUd
slT/K9/5VKoasdgl
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:58 2024 by rpki-client on console-fra.rpki-client.org