Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/63ff81-6460-4c05-852d-262eb39bbe76/1/0uOEy1veRRWtDFSFB7M18qzrwCc.roa
File: 0uOEy1veRRWtDFSFB7M18qzrwCc.roa (raw, json)
Hash identifier: PMpDNP9ETxY44UJp3hQwlawSMu3HCQUmAa0NkLXfVak=
Subject key identifier: D2:E3:84:CB:5B:DE:45:15:AD:0C:54:85:07:B3:35:F2:AC:EB:C0:27
Certificate issuer: /CN=435416b2282b4533c3509c18e957ce0c836bc837
Certificate serial: 0148A208
Authority key identifier: 43:54:16:B2:28:2B:45:33:C3:50:9C:18:E9:57:CE:0C:83:6B:C8:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q1QWsigrRTPDUJwY6VfODINryDc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/63ff81-6460-4c05-852d-262eb39bbe76/1/0uOEy1veRRWtDFSFB7M18qzrwCc.roa
Signing time: Sun 26 Jun 2022 06:51:21 +0000
ROA not before: Sun 26 Jun 2022 06:51:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203020
IP address blocks: 185.251.44.0/22 maxlen: 32
194.156.112.0/22 maxlen: 32
195.66.216.0/21 maxlen: 32
185.247.228.0/22 maxlen: 32
95.214.84.0/22 maxlen: 32
195.158.208.0/22 maxlen: 32
95.175.64.0/19 maxlen: 32
185.251.248.0/22 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21537288 (0x148a208)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=435416b2282b4533c3509c18e957ce0c836bc837
Validity
Not Before: Jun 26 06:51:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d2e384cb5bde4515ad0c548507b335f2acebc027
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:df:f9:d9:a3:79:10:49:8a:32:b3:5b:8a:36:
ae:b4:89:00:71:25:2a:85:fe:e2:62:2e:35:70:b6:
cd:0a:4e:e3:c0:9e:52:93:80:87:68:0b:79:57:08:
68:38:ad:cf:08:e1:43:05:d8:96:00:08:70:7c:f1:
c4:88:06:6a:80:16:d4:65:01:c6:35:ad:c5:d7:41:
06:c0:2b:cb:27:6c:dd:3e:9b:6d:eb:cb:c6:12:0c:
b4:19:7a:b1:43:af:be:c9:6a:83:a6:29:85:00:5b:
e5:56:d3:16:c2:95:9a:72:17:0d:b3:5c:62:10:2f:
b3:4b:0e:68:e6:aa:5b:a1:69:9e:34:e5:a7:14:02:
b1:8c:0a:5b:67:41:ed:d9:34:44:71:65:70:3c:ca:
51:67:ac:b6:b8:f5:11:b7:8f:9b:c9:a2:ed:53:4a:
8e:63:13:d0:5d:94:9b:71:f1:30:1a:26:f5:1a:fb:
d0:6b:b5:76:20:d8:b7:37:ee:b8:c5:5d:a2:47:7f:
20:90:8d:3e:4f:1f:43:ad:88:e5:76:4d:3e:9b:d4:
d3:88:2c:b7:1a:6e:23:5c:42:c7:c5:2b:37:b1:da:
40:5a:b8:ef:2d:35:50:f4:95:c6:ec:bd:c1:72:bc:
9a:c3:7b:68:35:48:f4:80:22:f9:f7:48:f0:13:37:
5c:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:E3:84:CB:5B:DE:45:15:AD:0C:54:85:07:B3:35:F2:AC:EB:C0:27
X509v3 Authority Key Identifier:
keyid:43:54:16:B2:28:2B:45:33:C3:50:9C:18:E9:57:CE:0C:83:6B:C8:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q1QWsigrRTPDUJwY6VfODINryDc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/63ff81-6460-4c05-852d-262eb39bbe76/1/0uOEy1veRRWtDFSFB7M18qzrwCc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/63ff81-6460-4c05-852d-262eb39bbe76/1/Q1QWsigrRTPDUJwY6VfODINryDc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.175.64.0/19
95.214.84.0/22
185.247.228.0/22
185.251.44.0/22
185.251.248.0/22
194.156.112.0/22
195.66.216.0/21
195.158.208.0/22
Signature Algorithm: sha256WithRSAEncryption
30:a5:11:20:f7:82:c0:96:20:8a:21:79:15:0b:92:ba:d4:2e:
4b:ee:bd:04:34:63:ff:0e:71:63:cb:26:1a:19:3a:c6:da:96:
df:0f:14:be:2c:d2:b7:b0:f4:68:36:db:3c:8f:40:95:5a:a1:
c2:97:24:fd:5f:e3:af:27:c6:3d:7d:4e:35:87:b3:4b:92:23:
95:3d:20:c9:d6:16:ca:9a:47:0b:6d:10:80:12:9e:4c:11:03:
8c:c1:33:24:38:ff:f9:98:7c:5b:b1:bb:95:dd:8b:8d:ba:c4:
52:8b:07:86:7f:4d:1a:42:88:ee:52:7d:90:b4:c5:b1:ac:06:
cd:66:0b:0a:f7:e4:bf:8b:f5:2b:8e:03:23:47:c4:42:dc:86:
4a:a4:2d:fc:bd:c4:b2:2b:66:9b:e4:da:07:0e:54:ba:96:83:
01:f5:d1:91:f2:c1:65:56:8a:0c:39:e6:1c:3c:9a:b1:6c:30:
c7:26:15:f7:4b:f6:33:d1:d4:c2:4a:f8:6e:7e:df:03:ab:37:
c1:29:4d:36:30:cd:a8:f6:88:0c:21:df:b8:81:e1:08:6e:33:
d6:64:dd:70:f2:41:39:8f:f7:a4:7c:35:45:6e:ea:46:a1:93:
5e:c0:1c:8a:53:1f:40:a8:92:65:45:c6:b8:f9:da:83:37:7e:
98:93:4b:34
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgIEAUiiCDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MzU0MTZiMjI4MmI0NTMzYzM1MDljMThlOTU3Y2UwYzgzNmJjODM3MB4XDTIyMDYy
NjA2NTEyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDJlMzg0Y2I1YmRl
NDUxNWFkMGM1NDg1MDdiMzM1ZjJhY2ViYzAyNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKTf+dmjeRBJijKzW4o2rrSJAHElKoX+4mIuNXC2zQpO48Ce
UpOAh2gLeVcIaDitzwjhQwXYlgAIcHzxxIgGaoAW1GUBxjWtxddBBsAryyds3T6b
bevLxhIMtBl6sUOvvslqg6YphQBb5VbTFsKVmnIXDbNcYhAvs0sOaOaqW6FpnjTl
pxQCsYwKW2dB7dk0RHFlcDzKUWestrj1EbePm8mi7VNKjmMT0F2Um3HxMBom9Rr7
0Gu1diDYtzfuuMVdokd/IJCNPk8fQ62I5XZNPpvU04gstxpuI1xCx8UrN7HaQFq4
7y01UPSVxuy9wXK8msN7aDVI9IAi+fdI8BM3XAcCAwEAAaOCAjMwggIvMB0GA1Ud
DgQWBBTS44TLW95FFa0MVIUHszXyrOvAJzAfBgNVHSMEGDAWgBRDVBayKCtFM8NQ
nBjpV84Mg2vINzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1ExUVdzaWdyUlRQRFVKd1k2VmZPRElOcnlEYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjMvNjNmZjgxLTY0NjAtNGMwNS04NTJkLTI2MmViMzliYmU3Ni8x
LzB1T0V5MXZlUlJXdERGU0ZCN00xOHF6cndDYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjMv
NjNmZjgxLTY0NjAtNGMwNS04NTJkLTI2MmViMzliYmU3Ni8xL1ExUVdzaWdyUlRQ
RFVKd1k2VmZPRElOcnlEYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBJ
BggrBgEFBQcBBwEB/wQ6MDgwNgQCAAEwMAMEBV+vQAMEAl/WVAMEArn35AMEArn7
LAMEArn7+AMEAsKccAMEA8NC2AMEAsOe0DANBgkqhkiG9w0BAQsFAAOCAQEAMKUR
IPeCwJYgiiF5FQuSutQuS+69BDRj/w5xY8smGhk6xtqW3w8UvizSt7D0aDbbPI9A
lVqhwpck/V/jryfGPX1ONYezS5IjlT0gydYWyppHC20QgBKeTBEDjMEzJDj/+Zh8
W7G7ld2LjbrEUosHhn9NGkKI7lJ9kLTFsawGzWYLCvfkv4v1K44DI0fEQtyGSqQt
/L3Esitmm+TaBw5UupaDAfXRkfLBZVaKDDnmHDyasWwwxyYV90v2M9HUwkr4bn7f
A6s3wSlNNjDNqPaIDCHfuIHhCG4z1mTdcPJBOY/3pHw1RW7qRqGTXsAcilMfQKiS
ZUXGuPnagzd+mJNLNA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:32 2024 by rpki-client on console-fra.rpki-client.org