Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/22f570-0b26-4004-8ed0-d9509473072c/1/GRFcPpXDymldMlqn-lIGFpX9nJQ.roa
File: GRFcPpXDymldMlqn-lIGFpX9nJQ.roa (raw, json)
Hash identifier: JzmWcIbni/oQN62ffaGM6iQYYhmlUFHAPjnIrIhyiYE=
Subject key identifier: 19:11:5C:3E:95:C3:CA:69:5D:32:5A:A7:FA:52:06:16:95:FD:9C:94
Certificate issuer: /CN=3eb1788fe220e46434692d1cc437072d792d7888
Certificate serial: 0C80DEEF
Authority key identifier: 3E:B1:78:8F:E2:20:E4:64:34:69:2D:1C:C4:37:07:2D:79:2D:78:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PrF4j-Ig5GQ0aS0cxDcHLXkteIg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/22f570-0b26-4004-8ed0-d9509473072c/1/GRFcPpXDymldMlqn-lIGFpX9nJQ.roa
Signing time: Sat 01 Jan 2022 14:02:39 +0000
ROA not before: Sat 01 Jan 2022 14:02:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213068
IP address blocks: 185.237.152.0/24 maxlen: 24
185.237.155.0/24 maxlen: 24
185.237.153.0/24 maxlen: 24
185.237.154.0/24 maxlen: 24
2001:678:da8::/48 maxlen: 48
2001:678:da0::/48 maxlen: 48
2001:678:dac::/48 maxlen: 48
2001:678:da4::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 209772271 (0xc80deef)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3eb1788fe220e46434692d1cc437072d792d7888
Validity
Not Before: Jan 1 14:02:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=19115c3e95c3ca695d325aa7fa52061695fd9c94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:81:3d:37:56:fb:34:f1:30:bc:b6:4f:f0:cf:
7c:6b:20:d1:c0:00:90:9c:46:79:26:54:11:6c:63:
fb:9f:05:89:88:1f:c1:86:3f:c4:da:7c:4e:59:6d:
78:5e:95:0f:d0:a4:d9:eb:5e:6f:0a:ed:bc:f6:8e:
01:c2:9f:70:92:e5:fa:e2:5b:d7:49:86:39:56:3e:
7d:85:9f:6c:cb:e9:a2:e6:09:fa:7a:2d:b0:2a:75:
4f:38:10:29:f9:c7:2e:81:61:c0:e7:b0:81:c6:56:
2e:14:5c:73:0a:fa:73:e0:68:4d:46:c0:46:a1:ce:
1b:5b:23:70:fd:fa:f0:f9:2f:73:83:ba:21:50:f0:
d3:ef:c1:37:cc:8e:94:9e:4a:f3:55:15:08:3b:71:
f5:f1:32:0e:54:98:fc:65:15:39:f8:8c:31:89:e0:
84:8f:68:11:9d:0f:45:b2:22:08:54:81:ad:2e:ec:
87:1b:fd:f7:b8:c4:7c:16:09:02:5a:4d:04:4e:1b:
76:6f:5d:96:0a:cb:1f:7c:b8:9e:f0:ab:3f:6d:56:
cc:89:08:f8:c2:ce:d3:03:e9:a8:ea:13:69:51:db:
ed:ae:ae:25:1d:fb:4a:a3:05:0a:b6:18:70:ff:df:
93:d7:22:75:b4:65:c7:6d:84:50:4b:30:04:72:a6:
f8:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:11:5C:3E:95:C3:CA:69:5D:32:5A:A7:FA:52:06:16:95:FD:9C:94
X509v3 Authority Key Identifier:
keyid:3E:B1:78:8F:E2:20:E4:64:34:69:2D:1C:C4:37:07:2D:79:2D:78:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PrF4j-Ig5GQ0aS0cxDcHLXkteIg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/22f570-0b26-4004-8ed0-d9509473072c/1/GRFcPpXDymldMlqn-lIGFpX9nJQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/22f570-0b26-4004-8ed0-d9509473072c/1/PrF4j-Ig5GQ0aS0cxDcHLXkteIg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.237.152.0/22
IPv6:
2001:678:da0::/48
2001:678:da4::/48
2001:678:da8::/48
2001:678:dac::/48
Signature Algorithm: sha256WithRSAEncryption
27:7c:9e:67:1c:46:fd:97:88:d7:49:06:6b:0c:ca:9b:ca:be:
28:b9:61:d6:23:b4:12:09:5c:55:2a:b8:e5:f8:52:63:0e:fc:
cb:3b:fb:08:b9:0c:8f:d1:3b:9d:fb:0b:e7:59:75:b5:12:35:
34:32:b8:a7:a3:a0:e9:f1:04:c5:ff:0a:d0:8c:f3:40:a5:7d:
3d:73:45:46:3c:6b:a6:1d:d7:ab:22:ed:04:30:e3:a3:a0:c9:
55:d3:df:e4:67:0f:14:39:ab:8b:59:28:cf:85:da:a0:b0:f3:
35:8f:ae:9e:2f:80:da:24:ee:5c:62:b0:df:73:65:0d:cb:28:
78:3b:35:b6:4b:80:5d:e3:a1:22:ef:4e:d3:ab:e0:01:92:c2:
5e:af:bf:ee:4e:14:96:5b:f4:95:1e:4c:24:d8:74:bb:6e:e1:
2a:c2:b8:c0:a0:56:df:a4:42:a7:90:71:82:84:ef:c2:8b:4e:
1f:d4:73:2a:31:7d:5f:f6:63:83:be:03:ea:7d:aa:32:a0:d4:
94:21:55:af:60:20:8d:0d:49:50:30:57:67:2b:59:ae:48:df:
af:53:d9:c3:e4:cc:ed:61:2a:9e:45:b3:42:8c:17:01:20:aa:
8b:71:d8:1a:28:0d:db:9a:4b:07:de:7d:a2:37:5c:3d:d3:13:
5b:3f:4c:24
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgIEDIDe7zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
ZWIxNzg4ZmUyMjBlNDY0MzQ2OTJkMWNjNDM3MDcyZDc5MmQ3ODg4MB4XDTIyMDEw
MTE0MDIzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTkxMTVjM2U5NWMz
Y2E2OTVkMzI1YWE3ZmE1MjA2MTY5NWZkOWM5NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKaBPTdW+zTxMLy2T/DPfGsg0cAAkJxGeSZUEWxj+58FiYgf
wYY/xNp8TllteF6VD9Ck2etebwrtvPaOAcKfcJLl+uJb10mGOVY+fYWfbMvpouYJ
+notsCp1TzgQKfnHLoFhwOewgcZWLhRccwr6c+BoTUbARqHOG1sjcP368Pkvc4O6
IVDw0+/BN8yOlJ5K81UVCDtx9fEyDlSY/GUVOfiMMYnghI9oEZ0PRbIiCFSBrS7s
hxv997jEfBYJAlpNBE4bdm9dlgrLH3y4nvCrP21WzIkI+MLO0wPpqOoTaVHb7a6u
JR37SqMFCrYYcP/fk9cidbRlx22EUEswBHKm+HUCAwEAAaOCAjUwggIxMB0GA1Ud
DgQWBBQZEVw+lcPKaV0yWqf6UgYWlf2clDAfBgNVHSMEGDAWgBQ+sXiP4iDkZDRp
LRzENwcteS14iDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1ByRjRqLUlnNUdRMGFTMGN4RGNITFhrdGVJZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGUvMjJmNTcwLTBiMjYtNDAwNC04ZWQwLWQ5NTA5NDczMDcyYy8x
L0dSRmNQcFhEeW1sZE1scW4tbElHRnBYOW5KUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGUv
MjJmNTcwLTBiMjYtNDAwNC04ZWQwLWQ5NTA5NDczMDcyYy8xL1ByRjRqLUlnNUdR
MGFTMGN4RGNITFhrdGVJZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBL
BggrBgEFBQcBBwEB/wQ8MDowDAQCAAEwBgMEArntmDAqBAIAAjAkAwcAIAEGeA2g
AwcAIAEGeA2kAwcAIAEGeA2oAwcAIAEGeA2sMA0GCSqGSIb3DQEBCwUAA4IBAQAn
fJ5nHEb9l4jXSQZrDMqbyr4ouWHWI7QSCVxVKrjl+FJjDvzLO/sIuQyP0Tud+wvn
WXW1EjU0Mrino6Dp8QTF/wrQjPNApX09c0VGPGumHderIu0EMOOjoMlV09/kZw8U
OauLWSjPhdqgsPM1j66eL4DaJO5cYrDfc2UNyyh4OzW2S4Bd46Ei707Tq+ABksJe
r7/uThSWW/SVHkwk2HS7buEqwrjAoFbfpEKnkHGChO/Ci04f1HMqMX1f9mODvgPq
faoyoNSUIVWvYCCNDUlQMFdnK1muSN+vU9nD5MztYSqeRbNCjBcBIKqLcdgaKA3b
mksH3n2iN1w90xNbP0wk
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:53 2024 by rpki-client on console-fra.rpki-client.org