Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/9002e2-dc04-4c39-9235-54d5d04e346d/1/6VDbKsUwFSpCxxqCeKTWClE7frg.roa
File: 6VDbKsUwFSpCxxqCeKTWClE7frg.roa (raw, json)
Hash identifier: GRijlIH7aNSEM6lkUVpLMGwuv7W8hjWnVdDuumtjtO0=
Subject key identifier: E9:50:DB:2A:C5:30:15:2A:42:C7:1A:82:78:A4:D6:0A:51:3B:7E:B8
Certificate issuer: /CN=d922d8d45f985dc3896c9176a7d48d7658cb4f68
Certificate serial: 0A31C46A
Authority key identifier: D9:22:D8:D4:5F:98:5D:C3:89:6C:91:76:A7:D4:8D:76:58:CB:4F:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2SLY1F-YXcOJbJF2p9SNdljLT2g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/9002e2-dc04-4c39-9235-54d5d04e346d/1/6VDbKsUwFSpCxxqCeKTWClE7frg.roa
Signing time: Sat 01 Jan 2022 10:58:25 +0000
ROA not before: Sat 01 Jan 2022 10:58:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39500
IP address blocks: 185.154.68.0/24 maxlen: 24
193.47.191.0/24 maxlen: 24
185.154.69.0/24 maxlen: 24
185.154.70.0/24 maxlen: 24
2a07:7f40::/29 maxlen: 29
2001:67c:1f4::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 171033706 (0xa31c46a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d922d8d45f985dc3896c9176a7d48d7658cb4f68
Validity
Not Before: Jan 1 10:58:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e950db2ac530152a42c71a8278a4d60a513b7eb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:40:57:f8:2a:39:5b:fb:4a:a0:f8:58:3a:7f:
5d:74:32:2d:23:3b:18:aa:38:b9:68:96:41:15:3a:
6b:95:4d:be:47:87:40:50:82:02:d9:03:47:a6:bc:
e0:cc:02:71:9a:ae:21:aa:de:9f:3b:ba:0d:49:53:
65:5a:50:26:93:3f:f7:1e:59:3f:e4:20:ee:45:20:
ab:c6:0a:31:8a:7e:62:1f:0f:f2:06:6f:5b:89:a2:
00:17:13:12:6b:a9:4b:f7:29:99:9f:c3:04:9e:27:
ef:5b:18:6b:d7:9f:39:6c:bb:8c:64:ca:69:61:5f:
0f:2b:9f:5b:80:b7:db:99:d8:e4:fc:c0:03:4e:67:
3b:62:37:de:fa:82:e2:1c:c4:89:00:ae:5c:20:e6:
4c:02:8b:fd:e2:77:52:73:95:61:54:96:00:51:9c:
c5:ad:be:30:42:3e:ed:6d:fb:1b:94:f1:f0:fd:ac:
35:2a:f1:13:68:44:43:70:6e:75:99:10:59:25:3a:
fb:d0:52:df:99:59:1d:fa:be:0d:54:d0:76:55:08:
15:f1:68:d8:1e:16:54:96:bd:ec:06:bd:11:7f:c0:
7d:01:5f:aa:cc:ae:21:6e:e3:24:b8:87:6b:b5:c6:
39:d2:62:14:c6:be:9d:fe:be:23:58:35:7b:cd:40:
0c:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:50:DB:2A:C5:30:15:2A:42:C7:1A:82:78:A4:D6:0A:51:3B:7E:B8
X509v3 Authority Key Identifier:
keyid:D9:22:D8:D4:5F:98:5D:C3:89:6C:91:76:A7:D4:8D:76:58:CB:4F:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2SLY1F-YXcOJbJF2p9SNdljLT2g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/9002e2-dc04-4c39-9235-54d5d04e346d/1/6VDbKsUwFSpCxxqCeKTWClE7frg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/9002e2-dc04-4c39-9235-54d5d04e346d/1/2SLY1F-YXcOJbJF2p9SNdljLT2g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.154.68.0-185.154.70.255
193.47.191.0/24
IPv6:
2001:67c:1f4::/48
2a07:7f40::/29
Signature Algorithm: sha256WithRSAEncryption
5a:70:c7:45:54:b0:bb:ea:62:13:13:53:b2:81:4f:75:50:12:
f7:da:ba:c1:a4:30:72:43:f9:e1:b9:30:65:3f:ef:8e:1e:1f:
a5:4b:31:f9:52:80:03:1e:4d:5d:95:29:bc:8e:be:98:f1:50:
1a:92:b2:1c:d7:79:3b:0c:78:d1:02:dc:11:81:64:dd:65:f2:
3b:dd:52:2a:c4:24:ea:22:6b:6d:bf:5a:66:25:57:50:ef:28:
2f:96:80:08:2d:60:89:73:80:65:a6:6a:6e:fd:b3:9f:b9:46:
08:49:44:36:31:26:1e:b0:7f:f2:c9:b0:c2:9c:3e:ab:37:df:
e4:2a:4a:1c:46:52:b1:e7:70:d9:30:a9:41:fb:20:d0:f2:01:
c6:05:7f:c1:f9:18:72:0e:80:6b:15:d9:3f:53:ba:81:3a:0d:
4a:54:db:0d:d5:ae:c3:7e:38:3e:50:60:65:f8:d6:9f:06:30:
c8:88:c3:0f:63:ea:a9:63:73:e7:9d:8f:f7:cb:5f:8f:79:a9:
3c:e5:cc:c2:2e:16:7d:c1:23:db:58:1e:6e:f3:41:77:ed:ec:
6b:1d:b3:e2:3d:4c:ac:f8:9d:25:e3:12:4f:00:20:83:70:a6:
ea:b4:2c:23:22:5a:b2:e3:e3:13:58:e0:ed:73:c9:ec:df:ea:
ae:c4:57:af
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgIECjHEajANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
OTIyZDhkNDVmOTg1ZGMzODk2YzkxNzZhN2Q0OGQ3NjU4Y2I0ZjY4MB4XDTIyMDEw
MTEwNTgyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTk1MGRiMmFjNTMw
MTUyYTQyYzcxYTgyNzhhNGQ2MGE1MTNiN2ViODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMdAV/gqOVv7SqD4WDp/XXQyLSM7GKo4uWiWQRU6a5VNvkeH
QFCCAtkDR6a84MwCcZquIarenzu6DUlTZVpQJpM/9x5ZP+Qg7kUgq8YKMYp+Yh8P
8gZvW4miABcTEmupS/cpmZ/DBJ4n71sYa9efOWy7jGTKaWFfDyufW4C325nY5PzA
A05nO2I33vqC4hzEiQCuXCDmTAKL/eJ3UnOVYVSWAFGcxa2+MEI+7W37G5Tx8P2s
NSrxE2hEQ3BudZkQWSU6+9BS35lZHfq+DVTQdlUIFfFo2B4WVJa97Aa9EX/AfQFf
qsyuIW7jJLiHa7XGOdJiFMa+nf6+I1g1e81ADB0CAwEAAaOCAi8wggIrMB0GA1Ud
DgQWBBTpUNsqxTAVKkLHGoJ4pNYKUTt+uDAfBgNVHSMEGDAWgBTZItjUX5hdw4ls
kXan1I12WMtPaDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJTTFkxRi1ZWGNPSmJKRjJwOVNOZGxqTFQyZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjQvOTAwMmUyLWRjMDQtNGMzOS05MjM1LTU0ZDVkMDRlMzQ2ZC8x
LzZWRGJLc1V3RlNwQ3h4cUNlS1RXQ2xFN2ZyZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjQv
OTAwMmUyLWRjMDQtNGMzOS05MjM1LTU0ZDVkMDRlMzQ2ZC8xLzJTTFkxRi1ZWGNP
SmJKRjJwOVNOZGxqTFQyZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBF
BggrBgEFBQcBBwEB/wQ2MDQwGgQCAAEwFDAMAwQCuZpEAwQAuZpGAwQAwS+/MBYE
AgACMBADBwAgAQZ8AfQDBQMqB39AMA0GCSqGSIb3DQEBCwUAA4IBAQBacMdFVLC7
6mITE1OygU91UBL32rrBpDByQ/nhuTBlP++OHh+lSzH5UoADHk1dlSm8jr6Y8VAa
krIc13k7DHjRAtwRgWTdZfI73VIqxCTqImttv1pmJVdQ7ygvloAILWCJc4Blpmpu
/bOfuUYISUQ2MSYesH/yybDCnD6rN9/kKkocRlKx53DZMKlB+yDQ8gHGBX/B+Rhy
DoBrFdk/U7qBOg1KVNsN1a7Dfjg+UGBl+NafBjDIiMMPY+qpY3PnnY/3y1+Peak8
5czCLhZ9wSPbWB5u80F37exrHbPiPUys+J0l4xJPACCDcKbqtCwjIlqy4+MTWODt
c8ns3+quxFev
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:28 2023 by rpki-client on console-ams.rpki-client.org