Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/45c689-afaa-4da3-a942-93194eb6108d/1/9w6p-hNO-KQ5domRiaAWF9iOy7Y.roa
File: 9w6p-hNO-KQ5domRiaAWF9iOy7Y.roa (raw, json)
Hash identifier: ytTDd7YmmIRq9cxVuLHolsPkjsTxtWHiNO6c+orpx8I=
Subject key identifier: F7:0E:A9:FA:13:4E:F8:A4:39:76:89:91:89:A0:16:17:D8:8E:CB:B6
Certificate issuer: /CN=6e6d7bcabfcc308d420053c482a0d59fb1282e30
Certificate serial: 0A64B496
Authority key identifier: 6E:6D:7B:CA:BF:CC:30:8D:42:00:53:C4:82:A0:D5:9F:B1:28:2E:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bm17yr_MMI1CAFPEgqDVn7EoLjA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/45c689-afaa-4da3-a942-93194eb6108d/1/9w6p-hNO-KQ5domRiaAWF9iOy7Y.roa
Signing time: Sat 01 Jan 2022 06:01:14 +0000
ROA not before: Sat 01 Jan 2022 06:01:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198949
IP address blocks: 145.219.11.0/24 maxlen: 24
145.219.8.0/24 maxlen: 24
145.219.10.0/24 maxlen: 24
145.219.9.0/24 maxlen: 24
145.219.15.0/24 maxlen: 24
145.219.17.0/24 maxlen: 24
145.219.16.0/24 maxlen: 24
145.219.12.0/24 maxlen: 24
145.219.14.0/24 maxlen: 24
145.219.13.0/24 maxlen: 24
2a04:b0c0::/45 maxlen: 45
2a04:b0c0:8::/45 maxlen: 45
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 174371990 (0xa64b496)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e6d7bcabfcc308d420053c482a0d59fb1282e30
Validity
Not Before: Jan 1 06:01:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f70ea9fa134ef8a43976899189a01617d88ecbb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:59:44:db:45:da:3a:6f:59:2d:a5:1a:45:fa:
e2:0d:36:4a:12:c0:2d:ef:12:58:0d:a7:df:58:70:
3f:3a:60:96:da:07:9f:a2:4c:28:d5:2b:16:e4:66:
29:24:4e:da:89:f5:4a:92:70:0d:e3:7b:e6:43:a0:
f3:48:c0:99:33:33:73:0d:5c:df:25:42:4b:b4:31:
da:bb:9e:e5:41:e8:a3:29:c8:ca:29:0b:bc:c4:01:
91:dd:88:d3:80:cb:06:51:a9:2f:b5:df:2d:da:a0:
b5:18:bb:fe:6a:b8:51:c7:64:3b:bf:4c:60:2d:e8:
72:64:87:9c:63:30:08:28:7d:0b:9a:16:52:be:7c:
d0:17:3c:d7:54:36:ac:d6:d9:8b:f2:60:2f:f9:09:
97:c3:20:d8:15:ec:be:ff:14:d7:ec:f0:8a:b4:8c:
15:0d:cd:e0:b4:cf:e0:d6:ba:23:d6:16:a2:69:d5:
1e:e6:02:99:e2:0a:ed:ae:87:a2:55:91:f1:50:20:
a8:00:b1:fa:e2:8c:f4:e9:ad:7e:ff:a1:f7:18:d7:
c5:44:5d:ca:ce:18:59:37:5f:0e:e4:49:0f:b6:9c:
5e:d0:a4:19:2a:7e:c2:ff:d6:6f:eb:c5:a9:bc:3f:
37:aa:d9:b3:c3:05:3d:c2:8f:78:5f:a5:f8:bf:35:
17:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:0E:A9:FA:13:4E:F8:A4:39:76:89:91:89:A0:16:17:D8:8E:CB:B6
X509v3 Authority Key Identifier:
keyid:6E:6D:7B:CA:BF:CC:30:8D:42:00:53:C4:82:A0:D5:9F:B1:28:2E:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bm17yr_MMI1CAFPEgqDVn7EoLjA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/45c689-afaa-4da3-a942-93194eb6108d/1/9w6p-hNO-KQ5domRiaAWF9iOy7Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/45c689-afaa-4da3-a942-93194eb6108d/1/bm17yr_MMI1CAFPEgqDVn7EoLjA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.219.8.0-145.219.17.255
IPv6:
2a04:b0c0::/44
Signature Algorithm: sha256WithRSAEncryption
38:62:da:11:5b:b1:97:25:66:dc:7c:d7:05:3b:2b:e9:31:ed:
d8:78:40:02:95:b0:63:0c:7b:f7:9c:24:9e:74:2c:b2:88:4d:
d5:1f:4c:92:4f:6a:f2:29:9f:97:e3:91:2a:29:a4:80:62:73:
02:43:a4:e0:d3:24:82:47:d4:a0:9d:5f:2f:be:47:b3:5a:fc:
44:9b:a4:ba:1c:5c:dd:dd:90:65:3c:f1:41:9b:3b:fb:51:52:
7d:45:48:66:4e:52:1a:a2:f1:0b:eb:12:32:ae:5a:e3:85:56:
a1:47:34:00:6f:84:88:f5:73:38:57:71:2f:b5:89:fd:97:09:
9b:c7:35:6c:39:07:52:fe:5b:42:8e:30:37:04:a3:5a:84:64:
03:1a:e5:50:a7:6e:95:9b:6e:35:ee:7e:5a:28:7b:e3:54:1b:
2f:44:6b:c8:f1:ee:05:93:50:d1:36:6c:f3:c2:e6:24:6a:ea:
b0:9b:38:46:e2:1a:e3:9c:64:19:e8:a7:17:c3:6a:b6:bb:3b:
aa:6b:8e:53:08:22:d9:7f:3c:b0:7e:99:d6:d2:b2:ef:7f:76:
f9:5e:41:cf:90:7f:81:e0:ea:13:3b:34:6e:aa:bb:dc:b8:a5:
d7:e2:28:77:c8:61:f5:79:b9:ad:7d:3b:ca:c2:0f:9d:8d:87:
22:cd:3d:63
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgIECmS0ljANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
ZTZkN2JjYWJmY2MzMDhkNDIwMDUzYzQ4MmEwZDU5ZmIxMjgyZTMwMB4XDTIyMDEw
MTA2MDExNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjcwZWE5ZmExMzRl
ZjhhNDM5NzY4OTkxODlhMDE2MTdkODhlY2JiNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOJZRNtF2jpvWS2lGkX64g02ShLALe8SWA2n31hwPzpgltoH
n6JMKNUrFuRmKSRO2on1SpJwDeN75kOg80jAmTMzcw1c3yVCS7Qx2rue5UHooynI
yikLvMQBkd2I04DLBlGpL7XfLdqgtRi7/mq4UcdkO79MYC3ocmSHnGMwCCh9C5oW
Ur580Bc811Q2rNbZi/JgL/kJl8Mg2BXsvv8U1+zwirSMFQ3N4LTP4Na6I9YWomnV
HuYCmeIK7a6HolWR8VAgqACx+uKM9Omtfv+h9xjXxURdys4YWTdfDuRJD7acXtCk
GSp+wv/Wb+vFqbw/N6rZs8MFPcKPeF+l+L81F9UCAwEAAaOCAiIwggIeMB0GA1Ud
DgQWBBT3Dqn6E074pDl2iZGJoBYX2I7LtjAfBgNVHSMEGDAWgBRubXvKv8wwjUIA
U8SCoNWfsSguMDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JtMTd5cl9NTUkxQ0FGUEVncURWbjdFb0xqQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTMvNDVjNjg5LWFmYWEtNGRhMy1hOTQyLTkzMTk0ZWI2MTA4ZC8x
Lzl3NnAtaE5PLUtRNWRvbVJpYUFXRjlpT3k3WS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTMv
NDVjNjg5LWFmYWEtNGRhMy1hOTQyLTkzMTk0ZWI2MTA4ZC8xL2JtMTd5cl9NTUkx
Q0FGUEVncURWbjdFb0xqQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA4
BggrBgEFBQcBBwEB/wQpMCcwFAQCAAEwDjAMAwQDkdsIAwQBkdsQMA8EAgACMAkD
BwQqBLDAAAAwDQYJKoZIhvcNAQELBQADggEBADhi2hFbsZclZtx81wU7K+kx7dh4
QAKVsGMMe/ecJJ50LLKITdUfTJJPavIpn5fjkSoppIBicwJDpODTJIJH1KCdXy++
R7Na/ESbpLocXN3dkGU88UGbO/tRUn1FSGZOUhqi8QvrEjKuWuOFVqFHNABvhIj1
czhXcS+1if2XCZvHNWw5B1L+W0KOMDcEo1qEZAMa5VCnbpWbbjXuflooe+NUGy9E
a8jx7gWTUNE2bPPC5iRq6rCbOEbiGuOcZBnopxfDara7O6prjlMIItl/PLB+mdbS
su9/dvleQc+Qf4Hg6hM7NG6qu9y4pdfiKHfIYfV5ua19O8rCD52NhyLNPWM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:11 2024 by rpki-client on console-fra.rpki-client.org