Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/001406-2e1f-4aeb-90a7-7528350d4c13/1/6By1_1AS0y_SD5iVzoa1HGTDaxA.roa
File: 6By1_1AS0y_SD5iVzoa1HGTDaxA.roa (raw, json)
Hash identifier: vFzvaeWFu3bTs4VzrKB7qUnRDP1biDQ6O13Nv23t2ts=
Subject key identifier: E8:1C:B5:FF:50:12:D3:2F:D2:0F:98:95:CE:86:B5:1C:64:C3:6B:10
Certificate issuer: /CN=85af5310805ec7561a1a22f9c890c9731fb6debf
Certificate serial: 44EBA4D5
Authority key identifier: 85:AF:53:10:80:5E:C7:56:1A:1A:22:F9:C8:90:C9:73:1F:B6:DE:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ha9TEIBex1YaGiL5yJDJcx-23r8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/001406-2e1f-4aeb-90a7-7528350d4c13/1/6By1_1AS0y_SD5iVzoa1HGTDaxA.roa
Signing time: Sat 01 Jan 2022 15:03:47 +0000
ROA not before: Sat 01 Jan 2022 15:03:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20875
IP address blocks: 212.39.96.0/19 maxlen: 24
185.38.144.0/22 maxlen: 24
159.20.16.0/21 maxlen: 24
95.156.128.0/18 maxlen: 24
5.133.128.0/19 maxlen: 24
37.8.128.0/20 maxlen: 24
46.35.128.0/19 maxlen: 24
92.240.32.0/19 maxlen: 24
62.113.0.0/19 maxlen: 24
85.94.128.0/19 maxlen: 24
2a02:28b8::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1156293845 (0x44eba4d5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85af5310805ec7561a1a22f9c890c9731fb6debf
Validity
Not Before: Jan 1 15:03:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e81cb5ff5012d32fd20f9895ce86b51c64c36b10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:3f:da:84:57:96:9d:cc:6e:ff:39:ab:7b:58:
8b:b9:f8:94:04:5c:0d:f1:01:59:fe:98:34:96:dd:
61:dd:f6:14:ca:1f:1a:43:23:91:57:30:18:a9:09:
14:ff:b6:40:25:f2:9a:96:47:2d:bf:86:fd:65:6a:
ea:b4:4d:75:62:3f:2c:71:9c:4a:95:25:20:71:cf:
aa:10:9e:1e:69:d5:db:ed:be:a9:91:fd:73:ee:cb:
f9:c9:3c:a0:ce:51:e8:03:20:26:7b:b3:24:82:01:
67:03:4e:95:1c:dc:e4:45:05:be:01:00:32:91:e3:
52:b1:a4:91:12:8a:d5:04:76:d3:14:07:67:69:52:
21:fa:6c:fb:4c:51:10:2b:c5:77:e4:07:e8:60:d0:
c1:59:3d:8c:fd:6d:c8:15:58:cd:71:79:aa:c0:2d:
5a:39:df:52:bf:8e:b6:78:c3:cb:05:93:fc:35:8a:
ef:7e:22:c7:30:2c:e9:89:a2:80:17:88:93:94:e9:
f5:c1:c4:41:c5:4f:29:b2:35:f8:20:d7:63:50:22:
f7:52:81:77:e2:15:60:63:5b:86:c3:58:be:60:f6:
e6:c3:34:4f:c9:1a:b0:f0:c6:6e:29:c8:94:18:b7:
58:e1:42:27:60:90:24:cb:d3:6e:80:85:a7:32:11:
e5:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:1C:B5:FF:50:12:D3:2F:D2:0F:98:95:CE:86:B5:1C:64:C3:6B:10
X509v3 Authority Key Identifier:
keyid:85:AF:53:10:80:5E:C7:56:1A:1A:22:F9:C8:90:C9:73:1F:B6:DE:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ha9TEIBex1YaGiL5yJDJcx-23r8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/001406-2e1f-4aeb-90a7-7528350d4c13/1/6By1_1AS0y_SD5iVzoa1HGTDaxA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/001406-2e1f-4aeb-90a7-7528350d4c13/1/ha9TEIBex1YaGiL5yJDJcx-23r8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.128.0/19
37.8.128.0/20
46.35.128.0/19
62.113.0.0/19
85.94.128.0/19
92.240.32.0/19
95.156.128.0/18
159.20.16.0/21
185.38.144.0/22
212.39.96.0/19
IPv6:
2a02:28b8::/29
Signature Algorithm: sha256WithRSAEncryption
23:17:28:31:f0:25:66:47:16:7f:e5:34:c1:b3:01:cb:34:5d:
d2:78:71:c5:65:3e:d8:ff:9c:98:83:06:c5:20:70:8f:a1:71:
b2:ce:54:ff:94:68:b1:cd:11:e3:bc:bf:de:3e:3e:ac:c3:52:
2e:fd:55:e8:c9:3a:be:4a:e8:01:6e:17:a6:71:dd:a1:5b:f4:
dc:82:22:92:ae:a1:54:6d:05:30:e6:ff:24:ae:32:14:2d:f5:
2b:4f:67:39:89:50:51:a5:00:e9:cb:d9:8a:f9:77:75:ab:86:
3c:e8:9e:38:2b:4a:a3:b3:6f:09:5c:c8:d4:ca:07:c1:a9:aa:
1d:90:da:03:e9:14:1c:7c:e3:8e:56:2f:85:b5:9f:36:09:58:
e8:cc:dd:08:87:b3:97:1e:1c:2d:5f:9c:13:82:ea:19:7e:a7:
c8:c9:06:53:14:db:b0:88:74:aa:80:ad:29:c4:b0:74:69:68:
47:45:e9:8e:12:b2:a2:2c:3a:02:18:bf:32:86:a2:44:3a:7a:
57:8c:7c:d6:e9:6e:1c:b5:87:66:40:28:54:5c:77:a9:62:c8:
82:00:0b:46:dc:d7:af:70:92:60:5e:f6:3e:e0:fc:62:9d:65:
f0:7b:c2:28:d4:f9:4b:af:22:9f:e6:36:cf:6b:86:79:b5:da:
d7:bb:a7:bf
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIEROuk1TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NWFmNTMxMDgwNWVjNzU2MWExYTIyZjljODkwYzk3MzFmYjZkZWJmMB4XDTIyMDEw
MTE1MDM0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTgxY2I1ZmY1MDEy
ZDMyZmQyMGY5ODk1Y2U4NmI1MWM2NGMzNmIxMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMk/2oRXlp3Mbv85q3tYi7n4lARcDfEBWf6YNJbdYd32FMof
GkMjkVcwGKkJFP+2QCXympZHLb+G/WVq6rRNdWI/LHGcSpUlIHHPqhCeHmnV2+2+
qZH9c+7L+ck8oM5R6AMgJnuzJIIBZwNOlRzc5EUFvgEAMpHjUrGkkRKK1QR20xQH
Z2lSIfps+0xRECvFd+QH6GDQwVk9jP1tyBVYzXF5qsAtWjnfUr+OtnjDywWT/DWK
734ixzAs6YmigBeIk5Tp9cHEQcVPKbI1+CDXY1Ai91KBd+IVYGNbhsNYvmD25sM0
T8kasPDGbinIlBi3WOFCJ2CQJMvTboCFpzIR5eUCAwEAAaOCAk4wggJKMB0GA1Ud
DgQWBBToHLX/UBLTL9IPmJXOhrUcZMNrEDAfBgNVHSMEGDAWgBSFr1MQgF7HVhoa
IvnIkMlzH7bevzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2hhOVRFSUJleDFZYUdpTDV5SkRKY3gtMjNyOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTQvMDAxNDA2LTJlMWYtNGFlYi05MGE3LTc1MjgzNTBkNGMxMy8x
LzZCeTFfMUFTMHlfU0Q1aVZ6b2ExSEdURGF4QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTQv
MDAxNDA2LTJlMWYtNGFlYi05MGE3LTc1MjgzNTBkNGMxMy8xL2hhOVRFSUJleDFZ
YUdpTDV5SkRKY3gtMjNyOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBk
BggrBgEFBQcBBwEB/wRVMFMwQgQCAAEwPAMEBQWFgAMEBCUIgAMEBS4jgAMEBT5x
AAMEBVVegAMEBVzwIAMEBl+cgAMEA58UEAMEArkmkAMEBdQnYDANBAIAAjAHAwUD
KgIouDANBgkqhkiG9w0BAQsFAAOCAQEAIxcoMfAlZkcWf+U0wbMByzRd0nhxxWU+
2P+cmIMGxSBwj6Fxss5U/5Rosc0R47y/3j4+rMNSLv1V6Mk6vkroAW4XpnHdoVv0
3IIikq6hVG0FMOb/JK4yFC31K09nOYlQUaUA6cvZivl3dauGPOieOCtKo7NvCVzI
1MoHwamqHZDaA+kUHHzjjlYvhbWfNglY6MzdCIezlx4cLV+cE4LqGX6nyMkGUxTb
sIh0qoCtKcSwdGloR0XpjhKyoiw6Ahi/MoaiRDp6V4x81uluHLWHZkAoVFx3qWLI
ggALRtzXr3CSYF72PuD8Yp1l8HvCKNT5S68in+Y2z2uGebXa17unvw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:39 2024 by rpki-client on console-fra.rpki-client.org