Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/YXh88MPFe7GKKaPuQ_LjQMpBjSg.roa
File: YXh88MPFe7GKKaPuQ_LjQMpBjSg.roa (raw, json)
Hash identifier: FaLWCrnUSOiZzWvftQh/uiIA8gcOYtcRnmHwF3bEpxM=
Subject key identifier: 61:78:7C:F0:C3:C5:7B:B1:8A:29:A3:EE:43:F2:E3:40:CA:41:8D:28
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0CB63710
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/YXh88MPFe7GKKaPuQ_LjQMpBjSg.roa
Signing time: Sat 01 Jan 2022 05:04:58 +0000
ROA not before: Sat 01 Jan 2022 05:04:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48806
IP address blocks: 185.228.225.0/24 maxlen: 24
89.31.216.0/24 maxlen: 24
37.46.149.0/24 maxlen: 24
193.84.132.0/24 maxlen: 24
185.244.137.0/24 maxlen: 24
185.239.241.0/24 maxlen: 24
185.245.5.0/24 maxlen: 24
185.245.7.0/24 maxlen: 24
193.218.32.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 213268240 (0xcb63710)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 1 05:04:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=61787cf0c3c57bb18a29a3ee43f2e340ca418d28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:aa:62:6c:28:c7:a7:df:f9:0d:be:35:d8:db:
f4:d0:be:9b:30:38:da:bb:12:22:b1:4a:62:49:b6:
79:dd:3a:f4:1b:20:fd:4c:fd:b7:ce:6a:75:47:54:
d3:34:a1:6b:5e:d8:43:35:e8:0a:60:f4:17:37:c7:
ed:22:5d:ce:a9:a2:12:6d:d8:6a:9d:0d:8d:b3:60:
f4:03:0b:c7:f8:1c:d4:d6:f1:51:4e:9b:19:b2:e1:
70:d4:33:07:cd:cd:fd:8b:b5:3f:51:be:b0:38:8b:
df:0e:9c:81:53:b8:b0:91:27:8c:d0:ac:85:9e:86:
ed:df:4e:da:71:db:d6:4b:e9:e4:f5:99:69:01:33:
12:6f:ac:4c:ce:6a:92:8f:3a:61:e9:d5:cd:f2:c2:
17:90:63:ca:09:cc:38:66:f3:11:ea:fa:34:f7:e0:
8c:8d:ba:b9:02:33:1f:62:14:d0:cb:be:76:25:81:
6d:cc:fc:1f:7f:f3:1d:4f:67:ba:00:52:35:f6:b8:
87:54:ef:8d:31:11:21:26:71:04:16:1d:81:b7:f9:
d6:52:6a:48:f4:ea:dd:3c:4c:1c:cb:88:2b:69:30:
26:6b:3b:61:d8:ba:fb:6d:ad:78:31:94:d7:14:69:
ac:d4:bc:e8:da:c5:9a:1c:72:f1:c1:2a:e3:32:42:
00:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:78:7C:F0:C3:C5:7B:B1:8A:29:A3:EE:43:F2:E3:40:CA:41:8D:28
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/YXh88MPFe7GKKaPuQ_LjQMpBjSg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.46.149.0/24
89.31.216.0/24
185.228.225.0/24
185.239.241.0/24
185.244.137.0/24
185.245.5.0/24
185.245.7.0/24
193.84.132.0/24
193.218.32.0/24
Signature Algorithm: sha256WithRSAEncryption
39:c7:41:01:8d:6d:61:e3:fd:85:13:a2:a3:8b:95:85:f8:9f:
d1:b6:13:91:04:56:d0:60:b3:c8:eb:b3:11:d8:62:78:bd:f7:
74:5e:f8:93:d8:01:16:fb:7a:22:92:a8:d0:e6:69:fb:eb:af:
c4:01:c7:b0:f3:13:db:bb:1f:b1:96:d7:46:c7:b4:31:70:e8:
19:35:fd:fc:f6:c6:f0:7b:c1:66:25:c3:63:4a:e6:dd:a1:cf:
77:71:a9:64:89:da:ff:c1:cc:74:16:63:11:ad:c5:1f:0f:f4:
2a:2a:b6:19:7e:17:19:ff:53:04:bf:a4:79:a2:6b:8d:23:ae:
eb:dc:5e:a2:d3:dd:3b:b3:c1:cf:20:51:6e:54:8b:23:3c:da:
6e:42:db:48:0b:27:6c:7e:bb:54:53:ed:3e:c0:13:36:93:0c:
03:7a:d4:d9:1e:e8:cf:a8:93:a9:7d:c1:df:31:a8:a7:71:e2:
02:e8:29:6c:59:77:ea:37:31:56:ab:a9:65:aa:22:ca:36:5e:
9e:7b:10:26:e5:8e:a8:7b:e4:1c:0c:9a:5e:9a:ca:92:18:58:
dc:fe:1a:77:1d:5f:9d:71:c0:95:dd:04:bc:aa:be:56:ee:a6:
7d:5d:2e:7c:0a:08:61:a7:55:95:2e:8b:ed:26:92:31:47:c9:
34:72:6d:63
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgIEDLY3EDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NmMyYTRiN2Q1ZDczYzViNTcwNDYyMjNiZjMwZWI2NTMwMDViMGUyMB4XDTIyMDEw
MTA1MDQ1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjE3ODdjZjBjM2M1
N2JiMThhMjlhM2VlNDNmMmUzNDBjYTQxOGQyODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMCqYmwox6ff+Q2+Ndjb9NC+mzA42rsSIrFKYkm2ed069Bsg
/Uz9t85qdUdU0zSha17YQzXoCmD0FzfH7SJdzqmiEm3Yap0NjbNg9AMLx/gc1Nbx
UU6bGbLhcNQzB83N/Yu1P1G+sDiL3w6cgVO4sJEnjNCshZ6G7d9O2nHb1kvp5PWZ
aQEzEm+sTM5qko86YenVzfLCF5BjygnMOGbzEer6NPfgjI26uQIzH2IU0Mu+diWB
bcz8H3/zHU9nugBSNfa4h1TvjTERISZxBBYdgbf51lJqSPTq3TxMHMuIK2kwJms7
Ydi6+22teDGU1xRprNS86NrFmhxy8cEq4zJCAAMCAwEAAaOCAjkwggI1MB0GA1Ud
DgQWBBRheHzww8V7sYopo+5D8uNAykGNKDAfBgNVHSMEGDAWgBQ2wqS31dc8W1cE
YiO/MOtlMAWw4jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05zS2t0OVhYUEZ0WEJHSWp2ekRyWlRBRnNPSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmMvOGRkODVhLWJmOGYtNDI1ZS1hMjRiLTJjY2VkYjk2NmE1OC8x
L1lYaDg4TVBGZTdHS0thUHVRX0xqUU1wQmpTZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmMv
OGRkODVhLWJmOGYtNDI1ZS1hMjRiLTJjY2VkYjk2NmE1OC8xL05zS2t0OVhYUEZ0
WEJHSWp2ekRyWlRBRnNPSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBP
BggrBgEFBQcBBwEB/wRAMD4wPAQCAAEwNgMEACUulQMEAFkf2AMEALnk4QMEALnv
8QMEALn0iQMEALn1BQMEALn1BwMEAMFUhAMEAMHaIDANBgkqhkiG9w0BAQsFAAOC
AQEAOcdBAY1tYeP9hROio4uVhfif0bYTkQRW0GCzyOuzEdhieL33dF74k9gBFvt6
IpKo0OZp++uvxAHHsPMT27sfsZbXRse0MXDoGTX9/PbG8HvBZiXDY0rm3aHPd3Gp
ZIna/8HMdBZjEa3FHw/0Kiq2GX4XGf9TBL+keaJrjSOu69xeotPdO7PBzyBRblSL
IzzabkLbSAsnbH67VFPtPsATNpMMA3rU2R7oz6iTqX3B3zGop3HiAugpbFl36jcx
VqupZaoiyjZennsQJuWOqHvkHAyaXprKkhhY3P4adx1fnXHAld0EvKq+Vu6mfV0u
fAoIYadVlS6L7SaSMUfJNHJtYw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:55 2023 by rpki-client on console-ams.rpki-client.org