Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/c0a576-a220-4de0-aac1-7b96a9997718/1/6heKHvsQdDjo0Hai67MIjfAM6BY.roa
File: 6heKHvsQdDjo0Hai67MIjfAM6BY.roa (raw, json)
Hash identifier: WfFKOky8xpUshHaOHRfJoTD3zu4LVxI43PB0V7aRmYg=
Subject key identifier: EA:17:8A:1E:FB:10:74:38:E8:D0:76:A2:EB:B3:08:8D:F0:0C:E8:16
Certificate issuer: /CN=0246e8a76d30c7c0495bc5ce8ee5110feab286e6
Certificate serial: 04F04D0D
Authority key identifier: 02:46:E8:A7:6D:30:C7:C0:49:5B:C5:CE:8E:E5:11:0F:EA:B2:86:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Akbop20wx8BJW8XOjuURD-qyhuY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/c0a576-a220-4de0-aac1-7b96a9997718/1/6heKHvsQdDjo0Hai67MIjfAM6BY.roa
Signing time: Sat 01 Jan 2022 10:56:50 +0000
ROA not before: Sat 01 Jan 2022 10:56:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 14537
IP address blocks: 193.33.228.0/23 maxlen: 24
193.31.208.0/20 maxlen: 24
109.202.112.0/21 maxlen: 24
45.85.4.0/22 maxlen: 22
78.24.208.0/21 maxlen: 24
5.62.80.0/20 maxlen: 24
66.84.64.0/20 maxlen: 24
185.28.72.0/22 maxlen: 24
94.125.56.0/21 maxlen: 24
2a03:9e00::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 82857229 (0x4f04d0d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0246e8a76d30c7c0495bc5ce8ee5110feab286e6
Validity
Not Before: Jan 1 10:56:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ea178a1efb107438e8d076a2ebb3088df00ce816
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:ca:a1:9d:dd:c2:7d:43:5f:e0:a3:dc:e8:bc:
54:73:b8:a1:c5:42:e6:3b:09:be:9a:d8:eb:5f:07:
b2:ac:00:aa:26:b2:e4:d5:0f:83:05:ae:ed:8a:51:
ae:18:e9:35:01:86:8c:9e:85:bf:3a:a5:4d:2b:c4:
29:a2:c3:83:d9:b8:23:72:01:58:dc:b5:b2:11:97:
4f:4c:1c:16:b9:57:11:f9:a8:29:10:99:88:83:3c:
93:00:20:ae:66:4e:a9:b1:6c:68:b2:05:a9:a1:90:
54:3c:72:31:d5:b5:3c:09:00:10:8f:98:d8:d3:99:
e0:f9:6d:d9:ac:b3:65:1e:b8:9b:5e:fd:bf:35:53:
74:3c:b2:de:1f:68:12:98:12:05:ee:f2:3e:79:4a:
fc:4e:d6:e8:33:c2:e0:1a:f8:b5:45:c3:b1:71:27:
b0:4f:59:34:2e:b5:09:1e:9f:71:20:40:0a:0d:aa:
a1:45:ff:3d:3a:f3:40:dd:4b:4e:34:5b:5a:81:29:
00:01:d8:6f:59:9c:81:3d:ce:74:9e:a9:87:a8:9e:
ff:ea:19:2e:09:d6:26:ec:1b:ea:88:df:f8:29:d9:
30:0a:fe:98:45:05:7b:8d:b1:5c:57:f4:6b:a3:7b:
df:6e:dd:f8:d5:b1:2a:73:bf:e7:ef:4d:b2:7d:75:
20:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:17:8A:1E:FB:10:74:38:E8:D0:76:A2:EB:B3:08:8D:F0:0C:E8:16
X509v3 Authority Key Identifier:
keyid:02:46:E8:A7:6D:30:C7:C0:49:5B:C5:CE:8E:E5:11:0F:EA:B2:86:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Akbop20wx8BJW8XOjuURD-qyhuY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/c0a576-a220-4de0-aac1-7b96a9997718/1/6heKHvsQdDjo0Hai67MIjfAM6BY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/c0a576-a220-4de0-aac1-7b96a9997718/1/Akbop20wx8BJW8XOjuURD-qyhuY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.62.80.0/20
45.85.4.0/22
66.84.64.0/20
78.24.208.0/21
94.125.56.0/21
109.202.112.0/21
185.28.72.0/22
193.31.208.0/20
193.33.228.0/23
IPv6:
2a03:9e00::/32
Signature Algorithm: sha256WithRSAEncryption
44:c4:f5:de:00:99:f3:d5:d2:6d:1a:d1:25:91:5b:88:85:b5:
9c:0f:cc:76:e1:89:12:a9:6f:51:14:c2:9f:7d:aa:4c:d6:af:
73:c3:31:37:d2:00:54:8c:33:25:f4:4f:08:9f:cf:3d:e5:08:
88:27:91:81:6f:6b:0b:13:0e:90:1d:40:7f:31:26:0c:41:fe:
8f:c2:cb:e5:c0:8e:db:f1:aa:84:c0:c5:cf:4f:0d:36:0f:9b:
9f:25:66:7e:1f:75:e8:25:4e:bc:98:5a:1c:61:99:7c:a7:9f:
27:3d:c8:22:91:2e:35:18:be:90:df:ad:5c:0a:1a:cf:2a:09:
77:54:bd:2a:5f:2c:10:9a:2c:c6:51:31:ce:92:6d:31:ca:f6:
9d:08:d6:bd:99:50:75:fd:42:1e:e9:f3:2a:72:85:a7:d7:c3:
96:60:3b:fc:d3:25:56:62:c0:c9:d8:d8:b2:ab:6e:4c:a8:64:
be:6e:db:8f:63:50:53:b6:c4:41:f7:ad:e8:e0:c0:d6:55:08:
87:16:c9:6d:2c:2b:dc:07:94:6f:c7:c1:ce:45:95:53:2e:81:
c2:66:22:a3:9b:e7:a7:b2:f7:07:85:63:cb:5f:45:1d:b2:58:
fe:d1:a4:20:fd:08:8e:76:12:7a:2f:41:db:54:4e:89:e8:43:
3b:96:2f:c2
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgIEBPBNDTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MjQ2ZThhNzZkMzBjN2MwNDk1YmM1Y2U4ZWU1MTEwZmVhYjI4NmU2MB4XDTIyMDEw
MTEwNTY1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWExNzhhMWVmYjEw
NzQzOGU4ZDA3NmEyZWJiMzA4OGRmMDBjZTgxNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPPKoZ3dwn1DX+Cj3Oi8VHO4ocVC5jsJvprY618HsqwAqiay
5NUPgwWu7YpRrhjpNQGGjJ6FvzqlTSvEKaLDg9m4I3IBWNy1shGXT0wcFrlXEfmo
KRCZiIM8kwAgrmZOqbFsaLIFqaGQVDxyMdW1PAkAEI+Y2NOZ4Plt2ayzZR64m179
vzVTdDyy3h9oEpgSBe7yPnlK/E7W6DPC4Br4tUXDsXEnsE9ZNC61CR6fcSBACg2q
oUX/PTrzQN1LTjRbWoEpAAHYb1mcgT3OdJ6ph6ie/+oZLgnWJuwb6ojf+CnZMAr+
mEUFe42xXFf0a6N7327d+NWxKnO/5+9Nsn11IMECAwEAAaOCAkgwggJEMB0GA1Ud
DgQWBBTqF4oe+xB0OOjQdqLrswiN8AzoFjAfBgNVHSMEGDAWgBQCRuinbTDHwElb
xc6O5REP6rKG5jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0FrYm9wMjB3eDhCSlc4WE9qdVVSRC1xeWh1WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODYvYzBhNTc2LWEyMjAtNGRlMC1hYWMxLTdiOTZhOTk5NzcxOC8x
LzZoZUtIdnNRZERqbzBIYWk2N01JamZBTTZCWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODYv
YzBhNTc2LWEyMjAtNGRlMC1hYWMxLTdiOTZhOTk5NzcxOC8xL0FrYm9wMjB3eDhC
Slc4WE9qdVVSRC1xeWh1WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBe
BggrBgEFBQcBBwEB/wRPME0wPAQCAAEwNgMEBAU+UAMEAi1VBAMEBEJUQAMEA04Y
0AMEA159OAMEA23KcAMEArkcSAMEBMEf0AMEAcEh5DANBAIAAjAHAwUAKgOeADAN
BgkqhkiG9w0BAQsFAAOCAQEARMT13gCZ89XSbRrRJZFbiIW1nA/MduGJEqlvURTC
n32qTNavc8MxN9IAVIwzJfRPCJ/PPeUIiCeRgW9rCxMOkB1AfzEmDEH+j8LL5cCO
2/GqhMDFz08NNg+bnyVmfh916CVOvJhaHGGZfKefJz3IIpEuNRi+kN+tXAoazyoJ
d1S9Kl8sEJosxlExzpJtMcr2nQjWvZlQdf1CHunzKnKFp9fDlmA7/NMlVmLAydjY
sqtuTKhkvm7bj2NQU7bEQfet6ODA1lUIhxbJbSwr3AeUb8fBzkWVUy6BwmYio5vn
p7L3B4Vjy19FHbJY/tGkIP0IjnYSei9B21ROiehDO5Yvwg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:56 2023 by rpki-client on console-fra.rpki-client.org