Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/20c187-00fd-459e-aae4-467f4f7f5ded/1/r-vrsn7gbnP5hM_bsYE6sYIRGnI.roa
File: r-vrsn7gbnP5hM_bsYE6sYIRGnI.roa (raw, json)
Hash identifier: 6ocSxH2v6L3yOc1HJzgFdqpvkDk9Uubv1ph8VciBzxc=
Subject key identifier: AF:EB:EB:B2:7E:E0:6E:73:F9:84:CF:DB:B1:81:3A:B1:82:11:1A:72
Certificate issuer: /CN=dfd524a05d477b82fbca93e7a504aa31a3ad6863
Certificate serial: 097580D8
Authority key identifier: DF:D5:24:A0:5D:47:7B:82:FB:CA:93:E7:A5:04:AA:31:A3:AD:68:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/39UkoF1He4L7ypPnpQSqMaOtaGM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/20c187-00fd-459e-aae4-467f4f7f5ded/1/r-vrsn7gbnP5hM_bsYE6sYIRGnI.roa
Signing time: Wed 11 May 2022 16:29:02 +0000
ROA not before: Wed 11 May 2022 16:29:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201021
IP address blocks: 185.106.20.0/24 maxlen: 24
185.106.23.0/24 maxlen: 24
185.106.22.0/24 maxlen: 24
185.106.21.0/24 maxlen: 24
185.28.61.0/24 maxlen: 24
185.28.60.0/24 maxlen: 24
185.103.197.0/24 maxlen: 24
185.103.196.0/24 maxlen: 24
185.103.198.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 158695640 (0x97580d8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dfd524a05d477b82fbca93e7a504aa31a3ad6863
Validity
Not Before: May 11 16:29:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=afebebb27ee06e73f984cfdbb1813ab182111a72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:63:82:39:5f:19:1d:7e:0a:48:89:33:65:01:
c6:dd:40:b8:01:06:f5:1c:e8:dc:da:35:e0:0d:2f:
97:91:5c:96:f6:39:90:8e:f3:42:b9:7e:2b:97:25:
a8:06:d5:0b:47:59:c7:63:3b:01:ae:c2:57:85:95:
be:1c:d1:65:0d:e9:75:fc:6f:6a:17:fb:cf:c2:25:
e4:0d:3b:39:06:72:86:60:aa:99:26:02:07:83:73:
ee:e8:73:54:e4:ac:a1:e1:c0:39:a4:58:9e:4b:dd:
36:cf:99:00:a7:78:1b:34:a9:cd:69:79:91:70:2e:
31:72:74:ea:f9:8a:ac:5f:50:2d:5d:2f:93:9e:55:
3b:ef:3e:b6:6b:42:ad:37:a7:06:92:c5:28:90:5c:
1c:98:e6:05:5e:55:40:e3:0a:fa:ff:82:db:a1:e1:
86:fd:36:3c:c0:05:a1:48:24:e0:fa:5c:87:5b:2b:
f5:51:02:7f:e0:f0:82:e0:db:08:af:5b:5c:24:97:
f9:ca:44:7f:f0:a2:d7:e9:22:ca:13:39:aa:fc:a2:
ee:c0:a5:b1:79:da:ce:88:86:4e:7e:fd:15:31:bf:
ee:11:a3:e7:bb:cb:13:72:18:87:bf:4c:e1:f1:2c:
be:ce:cd:d0:21:5b:56:ce:6b:fa:67:65:59:f0:c2:
18:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:EB:EB:B2:7E:E0:6E:73:F9:84:CF:DB:B1:81:3A:B1:82:11:1A:72
X509v3 Authority Key Identifier:
keyid:DF:D5:24:A0:5D:47:7B:82:FB:CA:93:E7:A5:04:AA:31:A3:AD:68:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/39UkoF1He4L7ypPnpQSqMaOtaGM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/20c187-00fd-459e-aae4-467f4f7f5ded/1/r-vrsn7gbnP5hM_bsYE6sYIRGnI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/20c187-00fd-459e-aae4-467f4f7f5ded/1/39UkoF1He4L7ypPnpQSqMaOtaGM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.28.60.0/23
185.103.196.0-185.103.198.255
185.106.20.0/22
Signature Algorithm: sha256WithRSAEncryption
81:68:b8:0a:b5:ba:09:7a:b2:cb:c3:40:3d:c2:bc:91:32:e3:
e6:38:ae:fc:4b:d5:9a:3f:b0:b3:dd:75:72:6a:b1:c3:5f:82:
8b:d4:02:cc:c2:de:e4:bf:a5:04:ec:0c:95:f6:c8:ec:95:a3:
eb:3f:4c:53:05:85:1c:bd:d6:1d:9e:b2:f9:28:4a:73:c9:9d:
b2:16:e8:1e:ee:4c:3b:c7:26:bf:f5:de:33:8b:21:ea:ad:91:
67:2c:0f:97:20:f3:a8:24:98:3f:35:79:ba:7b:e3:36:72:e1:
52:e8:dd:70:41:c9:c2:1a:8d:09:e5:c4:37:12:cd:22:7a:fb:
a6:19:bb:86:08:5a:5a:62:ec:19:87:71:f9:59:17:9d:7a:f9:
1c:cc:65:46:fd:f5:d9:d8:2e:19:18:e2:53:85:04:b3:d1:9a:
8a:c9:91:b8:05:e8:9e:69:7c:9a:3d:81:72:b3:1c:bf:5a:79:
af:83:c0:99:86:60:72:42:4b:09:14:07:4d:93:56:ff:ff:d8:
9d:c7:a2:cb:f7:51:20:fc:5d:02:52:de:b1:89:c8:77:44:ce:
a6:ca:67:13:f3:74:63:2f:60:1b:db:ab:98:40:5b:73:8a:81:
f8:ee:7b:24:80:b6:70:0d:ac:02:52:5f:04:41:ff:a4:2e:a5:
4c:cb:7e:ab
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIECXWA2DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
ZmQ1MjRhMDVkNDc3YjgyZmJjYTkzZTdhNTA0YWEzMWEzYWQ2ODYzMB4XDTIyMDUx
MTE2MjkwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWZlYmViYjI3ZWUw
NmU3M2Y5ODRjZmRiYjE4MTNhYjE4MjExMWE3MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOljgjlfGR1+CkiJM2UBxt1AuAEG9Rzo3No14A0vl5FclvY5
kI7zQrl+K5clqAbVC0dZx2M7Aa7CV4WVvhzRZQ3pdfxvahf7z8Il5A07OQZyhmCq
mSYCB4Nz7uhzVOSsoeHAOaRYnkvdNs+ZAKd4GzSpzWl5kXAuMXJ06vmKrF9QLV0v
k55VO+8+tmtCrTenBpLFKJBcHJjmBV5VQOMK+v+C26Hhhv02PMAFoUgk4Ppch1sr
9VECf+DwguDbCK9bXCSX+cpEf/Ci1+kiyhM5qvyi7sClsXnazoiGTn79FTG/7hGj
57vLE3IYh79M4fEsvs7N0CFbVs5r+mdlWfDCGJsCAwEAAaOCAh0wggIZMB0GA1Ud
DgQWBBSv6+uyfuBuc/mEz9uxgTqxghEacjAfBgNVHSMEGDAWgBTf1SSgXUd7gvvK
k+elBKoxo61oYzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzM5VWtvRjFIZTRMN3lwUG5wUVNxTWFPdGFHTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODIvMjBjMTg3LTAwZmQtNDU5ZS1hYWU0LTQ2N2Y0ZjdmNWRlZC8x
L3ItdnJzbjdnYm5QNWhNX2JzWUU2c1lJUkduSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODIv
MjBjMTg3LTAwZmQtNDU5ZS1hYWU0LTQ2N2Y0ZjdmNWRlZC8xLzM5VWtvRjFIZTRM
N3lwUG5wUVNxTWFPdGFHTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAz
BggrBgEFBQcBBwEB/wQkMCIwIAQCAAEwGgMEAbkcPDAMAwQCuWfEAwQAuWfGAwQC
uWoUMA0GCSqGSIb3DQEBCwUAA4IBAQCBaLgKtboJerLLw0A9wryRMuPmOK78S9Wa
P7Cz3XVyarHDX4KL1ALMwt7kv6UE7AyV9sjslaPrP0xTBYUcvdYdnrL5KEpzyZ2y
Fuge7kw7xya/9d4ziyHqrZFnLA+XIPOoJJg/NXm6e+M2cuFS6N1wQcnCGo0J5cQ3
Es0ievumGbuGCFpaYuwZh3H5WRedevkczGVG/fXZ2C4ZGOJThQSz0ZqKyZG4Beie
aXyaPYFysxy/Wnmvg8CZhmByQksJFAdNk1b//9idx6LL91Eg/F0CUt6xich3RM6m
ymcT83RjL2Ab26uYQFtzioH47nskgLZwDawCUl8EQf+kLqVMy36r
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:19 2023 by rpki-client on console-ams.rpki-client.org