Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/a2e37d-4ba5-4165-9fd2-210d482a4b93/1/r-tt4kjLVPyHtFG703tEN6Z6hQs.roa
File: r-tt4kjLVPyHtFG703tEN6Z6hQs.roa (raw, json)
Hash identifier: O3BqltiH369qRcEhdG8airHuc2YRbDqWkdVyiPuaw9k=
Subject key identifier: AF:EB:6D:E2:48:CB:54:FC:87:B4:51:BB:D3:7B:44:37:A6:7A:85:0B
Certificate issuer: /CN=61ba0be7cce380e6bb74e3c5fcea081e9799ae54
Certificate serial: 0183A3854CFB9010B81AD83A2EB6252B388F
Authority key identifier: 61:BA:0B:E7:CC:E3:80:E6:BB:74:E3:C5:FC:EA:08:1E:97:99:AE:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YboL58zjgOa7dOPF_OoIHpeZrlQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/a2e37d-4ba5-4165-9fd2-210d482a4b93/1/r-tt4kjLVPyHtFG703tEN6Z6hQs.roa
Signing time: Tue 04 Oct 2022 15:02:45 +0000
ROA not before: Tue 04 Oct 2022 15:02:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 24631
IP address blocks: 185.137.24.0/24 maxlen: 24
185.137.25.0/24 maxlen: 24
185.137.27.0/24 maxlen: 24
185.191.78.0/24 maxlen: 24
185.191.77.0/24 maxlen: 24
185.191.76.0/24 maxlen: 24
185.191.79.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:a3:85:4c:fb:90:10:b8:1a:d8:3a:2e:b6:25:2b:38:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61ba0be7cce380e6bb74e3c5fcea081e9799ae54
Validity
Not Before: Oct 4 15:02:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=afeb6de248cb54fc87b451bbd37b4437a67a850b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:86:ca:01:62:6e:e3:24:c0:54:a7:ce:78:b9:
89:57:c7:d8:60:ca:dd:1b:a1:14:4c:17:c1:40:62:
8d:1c:3d:e1:88:27:42:b8:76:01:65:c8:14:05:fd:
e1:3e:78:66:38:2e:5a:fb:13:8f:b8:67:0d:a2:ec:
b2:e5:1f:8f:cb:01:02:1e:cb:7a:cd:3c:79:72:64:
48:9e:60:25:fc:4c:79:55:07:97:5e:97:48:d1:27:
4e:5d:29:71:8c:b7:a8:76:5c:f3:80:ec:df:dc:50:
20:85:aa:f3:be:75:46:88:01:61:cf:a6:81:c1:ef:
fd:1b:cc:21:ee:c7:7d:c6:94:a6:61:86:dc:6c:5c:
5b:d0:ae:07:5e:7b:5b:25:1d:ab:c1:64:48:93:58:
0a:12:53:7a:b8:32:be:1a:02:e8:97:44:d1:7a:1c:
8d:14:2c:21:65:73:35:76:34:45:90:0b:5e:33:e8:
6f:f6:4e:36:e6:b2:31:37:57:41:a0:3b:71:da:2e:
d1:c2:ef:75:d9:4b:09:3c:d9:4c:69:3f:cc:d9:26:
e7:95:6d:c9:e0:02:b7:7c:3b:5e:35:6e:7a:9f:0f:
e5:01:35:aa:82:4b:94:94:44:27:3f:90:65:40:1f:
36:6c:18:5f:0b:c9:05:fd:1f:7f:3d:3b:ad:2a:58:
95:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:EB:6D:E2:48:CB:54:FC:87:B4:51:BB:D3:7B:44:37:A6:7A:85:0B
X509v3 Authority Key Identifier:
keyid:61:BA:0B:E7:CC:E3:80:E6:BB:74:E3:C5:FC:EA:08:1E:97:99:AE:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YboL58zjgOa7dOPF_OoIHpeZrlQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/a2e37d-4ba5-4165-9fd2-210d482a4b93/1/r-tt4kjLVPyHtFG703tEN6Z6hQs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/a2e37d-4ba5-4165-9fd2-210d482a4b93/1/YboL58zjgOa7dOPF_OoIHpeZrlQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.137.24.0/23
185.137.27.0/24
185.191.76.0/22
Signature Algorithm: sha256WithRSAEncryption
37:b5:d3:b2:9e:bd:69:7c:da:1f:bb:68:25:83:36:60:99:e7:
84:44:50:a0:07:57:d7:7f:9b:70:6a:64:7b:0b:15:ed:bc:33:
eb:6e:ca:18:da:b4:ad:57:f5:7b:2d:9f:14:ea:3a:87:f7:a0:
46:76:0e:bd:8d:63:d7:77:8d:f5:ec:78:b3:57:e5:8e:6e:89:
e5:26:1e:68:be:72:35:c1:a8:70:81:75:01:0e:36:97:e9:4a:
b3:62:c2:8e:a3:2e:85:b4:96:5b:bb:07:1e:25:f2:ab:8c:cc:
b6:e6:0e:df:76:07:61:6f:32:fb:4c:81:0e:0f:e3:6d:a3:94:
6e:5c:10:bb:0f:22:ae:9a:ee:d6:2c:93:6b:77:a2:d1:78:28:
b5:40:36:e1:0b:65:15:ea:c8:08:c7:06:88:03:2d:2f:a8:28:
1f:35:2c:7c:88:44:cf:3d:f9:49:b7:76:48:1b:9a:42:c4:a9:
c5:34:c5:d3:02:a0:ab:6c:09:b2:96:ab:13:96:a5:71:8a:b2:
89:3a:23:3a:64:1b:60:de:e0:11:11:d6:d9:89:a9:9e:ad:fe:
05:20:6d:94:ec:3f:7d:0a:13:ed:fb:9d:a5:0c:da:6a:fd:57:
4b:3d:dc:70:13:f4:d9:a7:ca:a2:b3:2f:9c:a8:e6:e9:b8:52:
82:f6:e6:5f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYOjhUz7kBC4Gtg6LrYlKziPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxYmEwYmU3Y2NlMzgwZTZiYjc0ZTNjNWZjZWEwODFlOTc5
OWFlNTQwHhcNMjIxMDA0MTUwMjQ1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZmViNmRlMjQ4Y2I1NGZjODdiNDUxYmJkMzdiNDQzN2E2N2E4NTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk4bKAWJu4yTAVKfOeLmJV8fYYMrd
G6EUTBfBQGKNHD3hiCdCuHYBZcgUBf3hPnhmOC5a+xOPuGcNouyy5R+PywECHst6
zTx5cmRInmAl/Ex5VQeXXpdI0SdOXSlxjLeodlzzgOzf3FAgharzvnVGiAFhz6aB
we/9G8wh7sd9xpSmYYbcbFxb0K4HXntbJR2rwWRIk1gKElN6uDK+GgLol0TRehyN
FCwhZXM1djRFkAteM+hv9k425rIxN1dBoDtx2i7Rwu912UsJPNlMaT/M2SbnlW3J
4AK3fDteNW56nw/lATWqgkuUlEQnP5BlQB82bBhfC8kF/R9/PTutKliVXQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFK/rbeJIy1T8h7RRu9N7RDemeoULMB8GA1UdIwQY
MBaAFGG6C+fM44Dmu3TjxfzqCB6Xma5UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWJvTDU4empnT2E3ZE9QRl9Pb0lIcGVacmxRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS9hMmUzN2QtNGJhNS00MTY1LTlmZDIt
MjEwZDQ4MmE0YjkzLzEvci10dDRrakxWUHlIdEZHNzAzdEVONlo2aFFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS9hMmUzN2QtNGJhNS00MTY1LTlmZDItMjEwZDQ4MmE0Yjkz
LzEvWWJvTDU4empnT2E3ZE9QRl9Pb0lIcGVacmxRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBuYkYAwQA
uYkbAwQCub9MMA0GCSqGSIb3DQEBCwUAA4IBAQA3tdOynr1pfNofu2glgzZgmeeE
RFCgB1fXf5twamR7CxXtvDPrbsoY2rStV/V7LZ8U6jqH96BGdg69jWPXd4317Hiz
V+WObonlJh5ovnI1wahwgXUBDjaX6UqzYsKOoy6FtJZbuwceJfKrjMy25g7fdgdh
bzL7TIEOD+Nto5RuXBC7DyKumu7WLJNrd6LReCi1QDbhC2UV6sgIxwaIAy0vqCgf
NSx8iETPPflJt3ZIG5pCxKnFNMXTAqCrbAmylqsTlqVxirKJOiM6ZBtg3uAREdbZ
iamerf4FIG2U7D99ChPt+52lDNpq/VdLPdxwE/TZp8qisy+cqObpuFKC9uZf
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:40 2023 by rpki-client on console-fra.rpki-client.org