Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/d479cc-a712-4bc3-832d-2727247af210/1/1-6ZgxVQ_Aq2roMq-57JxxUe6Au0.roa
File: 1-6ZgxVQ_Aq2roMq-57JxxUe6Au0.roa (raw, json)
Hash identifier: 84mn8VPuYUkCgSLo6qq8EiLL0dya2rFCHV2yfWykylI=
Subject key identifier: FB:A6:60:C5:54:3F:02:AD:AB:A0:CA:BE:E7:B2:71:C5:47:BA:02:ED
Certificate issuer: /CN=e07e008d6ed2388ad31b7422423152a92a54de71
Certificate serial: 14CF8195
Authority key identifier: E0:7E:00:8D:6E:D2:38:8A:D3:1B:74:22:42:31:52:A9:2A:54:DE:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4H4AjW7SOIrTG3QiQjFSqSpU3nE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/d479cc-a712-4bc3-832d-2727247af210/1/1-6ZgxVQ_Aq2roMq-57JxxUe6Au0.roa
Signing time: Sat 01 Jan 2022 09:03:23 +0000
ROA not before: Sat 01 Jan 2022 09:03:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197227
IP address blocks: 145.14.240.0/21 maxlen: 24
46.243.156.0/22 maxlen: 24
213.5.208.0/21 maxlen: 24
185.81.56.0/22 maxlen: 24
46.175.40.0/21 maxlen: 24
85.234.248.0/21 maxlen: 24
37.247.56.0/21 maxlen: 24
5.133.248.0/21 maxlen: 24
195.80.128.0/21 maxlen: 24
188.211.16.0/21 maxlen: 24
2a03:1280::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 349143445 (0x14cf8195)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e07e008d6ed2388ad31b7422423152a92a54de71
Validity
Not Before: Jan 1 09:03:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fba660c5543f02adaba0cabee7b271c547ba02ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:09:9e:b5:39:cd:5f:8a:74:81:e0:1e:d9:16:
18:a5:04:5d:79:61:6b:ae:ef:97:2b:04:ae:49:c8:
c4:f8:58:29:84:d9:f2:a6:83:50:54:fa:d5:94:c6:
09:42:9a:f0:66:7e:87:3e:60:3d:0f:a5:74:5f:f4:
fd:7c:03:9b:c5:f2:02:ac:46:f9:a2:5f:b1:c4:5c:
37:f5:1b:10:1e:d6:18:65:3f:76:e3:71:ba:39:33:
bc:7b:e8:d4:21:dc:2c:cd:f0:35:a4:55:f8:62:64:
4a:e2:2d:33:17:09:11:03:5b:0e:51:31:77:4f:55:
64:a3:0b:f1:0d:d4:75:28:a0:6d:53:96:f0:05:32:
bc:16:a2:6a:8f:10:cd:d0:87:fc:2e:19:7b:35:7c:
a0:da:af:4e:12:d0:e7:d0:92:b3:61:a8:49:4a:10:
85:9b:2a:eb:d9:90:eb:7c:78:85:04:de:51:2e:d8:
9a:b9:ab:9f:2b:59:72:a3:dd:d6:ee:f6:78:16:1a:
c9:b6:67:af:2f:1f:de:66:fd:4b:05:7d:80:a4:85:
e1:86:c1:46:c8:0c:d6:00:d7:39:aa:f2:eb:eb:ce:
6d:18:73:d3:21:66:7e:a7:1f:00:ad:10:5c:1f:ea:
d7:13:7c:86:46:6c:8e:ce:94:1e:0b:b9:f4:fa:1b:
c5:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:A6:60:C5:54:3F:02:AD:AB:A0:CA:BE:E7:B2:71:C5:47:BA:02:ED
X509v3 Authority Key Identifier:
keyid:E0:7E:00:8D:6E:D2:38:8A:D3:1B:74:22:42:31:52:A9:2A:54:DE:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4H4AjW7SOIrTG3QiQjFSqSpU3nE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/d479cc-a712-4bc3-832d-2727247af210/1/1-6ZgxVQ_Aq2roMq-57JxxUe6Au0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/d479cc-a712-4bc3-832d-2727247af210/1/4H4AjW7SOIrTG3QiQjFSqSpU3nE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.248.0/21
37.247.56.0/21
46.175.40.0/21
46.243.156.0/22
85.234.248.0/21
145.14.240.0/21
185.81.56.0/22
188.211.16.0/21
195.80.128.0/21
213.5.208.0/21
IPv6:
2a03:1280::/32
Signature Algorithm: sha256WithRSAEncryption
a8:47:ec:94:1d:38:ba:e7:24:b0:98:f8:36:06:cb:3d:b1:56:
15:0b:e8:1b:f4:8e:e2:57:90:b8:74:3c:7a:cc:ca:b6:01:03:
0a:9e:3c:21:57:23:f0:72:e6:b2:69:4a:12:d7:bd:46:49:52:
be:67:32:17:fd:55:44:f7:85:9a:e0:d4:e9:bf:93:64:76:63:
4e:85:29:74:df:92:89:b7:f4:b5:53:a6:0d:5c:8e:53:d5:8c:
69:eb:95:b9:9e:62:47:6a:2a:7d:08:fd:a7:88:44:c5:0a:b5:
d3:db:8f:0e:da:79:5e:0a:ed:67:f9:27:b9:58:0a:cc:4e:ba:
0a:60:67:e8:2c:64:17:17:ac:91:ca:82:25:42:d4:b0:b1:cf:
fc:48:93:e5:8a:a8:2c:18:fa:0d:e5:44:08:58:ac:d1:2c:2d:
7e:a3:3f:19:3b:63:56:56:2d:b4:5a:86:f0:2c:37:85:fe:29:
05:88:40:17:ee:19:28:53:60:fc:2c:9b:fb:2b:60:93:43:36:
ab:a4:14:29:8b:8d:00:66:f9:81:34:6e:a1:3c:a1:2b:83:07:
cf:53:ca:0e:f8:07:da:cb:3e:e2:68:c7:02:8b:ab:d2:41:d3:
5a:0f:68:a7:5b:4e:16:aa:b9:b8:54:03:92:6e:26:1b:8b:04:
e7:e3:85:31
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIEFM+BlTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
MDdlMDA4ZDZlZDIzODhhZDMxYjc0MjI0MjMxNTJhOTJhNTRkZTcxMB4XDTIyMDEw
MTA5MDMyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmJhNjYwYzU1NDNm
MDJhZGFiYTBjYWJlZTdiMjcxYzU0N2JhMDJlZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANgJnrU5zV+KdIHgHtkWGKUEXXlha67vlysErknIxPhYKYTZ
8qaDUFT61ZTGCUKa8GZ+hz5gPQ+ldF/0/XwDm8XyAqxG+aJfscRcN/UbEB7WGGU/
duNxujkzvHvo1CHcLM3wNaRV+GJkSuItMxcJEQNbDlExd09VZKML8Q3UdSigbVOW
8AUyvBaiao8QzdCH/C4ZezV8oNqvThLQ59CSs2GoSUoQhZsq69mQ63x4hQTeUS7Y
mrmrnytZcqPd1u72eBYaybZnry8f3mb9SwV9gKSF4YbBRsgM1gDXOary6+vObRhz
0yFmfqcfAK0QXB/q1xN8hkZsjs6UHgu59PobxYcCAwEAAaOCAk8wggJLMB0GA1Ud
DgQWBBT7pmDFVD8Craugyr7nsnHFR7oC7TAfBgNVHSMEGDAWgBTgfgCNbtI4itMb
dCJCMVKpKlTecTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzRINEFqVzdTT0lyVEczUWlRakZTcVNwVTNuRS5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmUvZDQ3OWNjLWE3MTItNGJjMy04MzJkLTI3MjcyNDdhZjIxMC8x
LzEtNlpneFZRX0FxMnJvTXEtNTdKeHhVZTZBdTAucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Jl
L2Q0NzljYy1hNzEyLTRiYzMtODMyZC0yNzI3MjQ3YWYyMTAvMS80SDRBalc3U09J
clRHM1FpUWpGU3FTcFUzbkUuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
ZAYIKwYBBQUHAQcBAf8EVTBTMEIEAgABMDwDBAMFhfgDBAMl9zgDBAMurygDBAIu
85wDBANV6vgDBAORDvADBAK5UTgDBAO80xADBAPDUIADBAPVBdAwDQQCAAIwBwMF
ACoDEoAwDQYJKoZIhvcNAQELBQADggEBAKhH7JQdOLrnJLCY+DYGyz2xVhUL6Bv0
juJXkLh0PHrMyrYBAwqePCFXI/By5rJpShLXvUZJUr5nMhf9VUT3hZrg1Om/k2R2
Y06FKXTfkom39LVTpg1cjlPVjGnrlbmeYkdqKn0I/aeIRMUKtdPbjw7aeV4K7Wf5
J7lYCsxOugpgZ+gsZBcXrJHKgiVC1LCxz/xIk+WKqCwY+g3lRAhYrNEsLX6jPxk7
Y1ZWLbRahvAsN4X+KQWIQBfuGShTYPwsm/srYJNDNqukFCmLjQBm+YE0bqE8oSuD
B89Tyg74B9rLPuJoxwKLq9JB01oPaKdbThaqubhUA5JuJhuLBOfjhTE=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:05 2023 by rpki-client on console-ams.rpki-client.org