Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/b70658-e1dc-4944-a06b-1c680adf7a26/1/bRz0r1rorYY2jaryHw6KZOYuNp4.roa
File: bRz0r1rorYY2jaryHw6KZOYuNp4.roa (raw, json)
Hash identifier: T+FyEbYoKgrRsOXyR25dkX4aeMZ2utrsXvXUKFgDGhY=
Subject key identifier: 6D:1C:F4:AF:5A:E8:AD:86:36:8D:AA:F2:1F:0E:8A:64:E6:2E:36:9E
Certificate issuer: /CN=d3600cbafd26fee5064fc89f301dfc8e3c1d3ca5
Certificate serial: 0C9DA726
Authority key identifier: D3:60:0C:BA:FD:26:FE:E5:06:4F:C8:9F:30:1D:FC:8E:3C:1D:3C:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/02AMuv0m_uUGT8ifMB38jjwdPKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/b70658-e1dc-4944-a06b-1c680adf7a26/1/bRz0r1rorYY2jaryHw6KZOYuNp4.roa
Signing time: Tue 31 May 2022 15:19:14 +0000
ROA not before: Tue 31 May 2022 15:19:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56910
IP address blocks: 185.36.232.0/22 maxlen: 24
185.4.236.0/22 maxlen: 24
31.177.56.0/21 maxlen: 24
185.109.16.0/22 maxlen: 24
185.106.36.0/22 maxlen: 24
91.220.184.0/24 maxlen: 24
188.214.127.0/24 maxlen: 24
2a04:3e00::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 211658534 (0xc9da726)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3600cbafd26fee5064fc89f301dfc8e3c1d3ca5
Validity
Not Before: May 31 15:19:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6d1cf4af5ae8ad86368daaf21f0e8a64e62e369e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:4a:94:20:6a:b8:7f:a3:f4:ae:ee:c5:73:15:
df:0e:8a:0d:06:22:3e:3e:54:f7:d0:55:71:6d:05:
a6:67:b0:e0:eb:56:dd:62:3e:fe:c7:ed:ac:26:63:
9e:d3:6e:28:52:8b:cb:16:1c:52:c0:87:ad:fc:38:
3d:a5:3b:c4:f5:2b:af:5d:e2:2e:54:3e:33:93:c9:
63:1f:97:ff:25:64:d8:52:f4:8e:f3:55:36:ed:3a:
eb:78:a5:88:fd:fa:72:98:99:c4:1e:56:63:4f:8b:
17:1f:54:72:80:46:36:36:47:d8:79:74:64:1b:c5:
d1:fa:c4:e4:36:0e:b1:81:1b:04:fe:3f:a8:de:ec:
fd:ac:82:32:30:09:69:61:19:1f:d8:c9:08:cf:df:
64:2c:47:5b:08:f9:31:54:d7:54:6f:8b:4c:66:11:
cc:44:86:8f:df:b9:06:7a:ab:72:c7:b6:56:ed:72:
dd:b1:0f:c8:a2:78:35:da:68:cd:28:6a:c4:a0:a5:
5b:01:fb:84:46:3c:7f:fb:ff:40:b8:69:ca:45:f8:
b6:56:75:61:6b:66:94:18:94:92:45:99:d4:6d:ba:
7e:ff:ec:59:87:83:fe:ff:6c:a5:7e:1f:c8:09:16:
91:9e:50:ee:c3:1a:9b:30:aa:77:10:78:37:fb:48:
35:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:1C:F4:AF:5A:E8:AD:86:36:8D:AA:F2:1F:0E:8A:64:E6:2E:36:9E
X509v3 Authority Key Identifier:
keyid:D3:60:0C:BA:FD:26:FE:E5:06:4F:C8:9F:30:1D:FC:8E:3C:1D:3C:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/02AMuv0m_uUGT8ifMB38jjwdPKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/b70658-e1dc-4944-a06b-1c680adf7a26/1/bRz0r1rorYY2jaryHw6KZOYuNp4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/b70658-e1dc-4944-a06b-1c680adf7a26/1/02AMuv0m_uUGT8ifMB38jjwdPKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.177.56.0/21
91.220.184.0/24
185.4.236.0/22
185.36.232.0/22
185.106.36.0/22
185.109.16.0/22
188.214.127.0/24
IPv6:
2a04:3e00::/29
Signature Algorithm: sha256WithRSAEncryption
24:c9:70:36:45:63:57:05:1a:32:a2:f4:ac:79:cd:41:dd:02:
01:c9:59:30:e3:2e:f8:e0:2a:c5:7e:89:38:23:ee:a9:ee:9a:
1d:71:b4:2e:19:c3:f1:e5:0f:0a:21:f3:55:ec:76:34:dd:41:
03:37:59:cd:f4:3c:38:b0:74:81:22:38:34:58:52:98:73:93:
1d:7a:e1:c7:47:a7:c3:8e:a5:ad:4a:f2:f1:75:ac:54:10:32:
c9:08:6d:b3:e6:9c:b5:94:a9:54:e1:aa:19:f7:0f:49:95:85:
d2:ef:df:94:ff:34:d8:a8:03:d0:b1:6b:ae:34:ae:01:29:da:
da:e9:09:66:64:5f:02:3f:51:f2:da:95:cb:cf:66:6f:8b:81:
6c:62:56:fd:61:44:0f:ad:72:b7:91:dc:d6:4d:6c:b8:b9:fc:
de:1c:4c:40:91:c7:91:56:16:6d:36:c5:98:c7:2a:34:f4:2a:
ef:07:0a:42:9d:cf:91:a6:c8:8d:e5:62:5c:c5:72:54:76:ba:
63:00:fa:2c:70:72:db:9f:cf:bc:56:47:ad:b2:fe:2b:6e:10:
8c:aa:1e:6b:e8:2a:45:b3:e4:07:d0:cd:ef:dc:36:09:9c:b5:
26:6f:ad:77:49:95:49:c4:cb:8e:4d:c6:c1:13:78:87:59:20:
6b:e0:9a:52
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgIEDJ2nJjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MzYwMGNiYWZkMjZmZWU1MDY0ZmM4OWYzMDFkZmM4ZTNjMWQzY2E1MB4XDTIyMDUz
MTE1MTkxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmQxY2Y0YWY1YWU4
YWQ4NjM2OGRhYWYyMWYwZThhNjRlNjJlMzY5ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJBKlCBquH+j9K7uxXMV3w6KDQYiPj5U99BVcW0Fpmew4OtW
3WI+/sftrCZjntNuKFKLyxYcUsCHrfw4PaU7xPUrr13iLlQ+M5PJYx+X/yVk2FL0
jvNVNu0663iliP36cpiZxB5WY0+LFx9UcoBGNjZH2Hl0ZBvF0frE5DYOsYEbBP4/
qN7s/ayCMjAJaWEZH9jJCM/fZCxHWwj5MVTXVG+LTGYRzESGj9+5Bnqrcse2Vu1y
3bEPyKJ4NdpozShqxKClWwH7hEY8f/v/QLhpykX4tlZ1YWtmlBiUkkWZ1G26fv/s
WYeD/v9spX4fyAkWkZ5Q7sMamzCqdxB4N/tINbkCAwEAAaOCAjwwggI4MB0GA1Ud
DgQWBBRtHPSvWuithjaNqvIfDopk5i42njAfBgNVHSMEGDAWgBTTYAy6/Sb+5QZP
yJ8wHfyOPB08pTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzAyQU11djBtX3VVR1Q4aWZNQjM4amp3ZFBLVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzAvYjcwNjU4LWUxZGMtNDk0NC1hMDZiLTFjNjgwYWRmN2EyNi8x
L2JSejByMXJvcllZMmphcnlIdzZLWk9ZdU5wNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzAv
YjcwNjU4LWUxZGMtNDk0NC1hMDZiLTFjNjgwYWRmN2EyNi8xLzAyQU11djBtX3VV
R1Q4aWZNQjM4amp3ZFBLVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBS
BggrBgEFBQcBBwEB/wRDMEEwMAQCAAEwKgMEAx+xOAMEAFvcuAMEArkE7AMEArkk
6AMEArlqJAMEArltEAMEALzWfzANBAIAAjAHAwUDKgQ+ADANBgkqhkiG9w0BAQsF
AAOCAQEAJMlwNkVjVwUaMqL0rHnNQd0CAclZMOMu+OAqxX6JOCPuqe6aHXG0LhnD
8eUPCiHzVex2NN1BAzdZzfQ8OLB0gSI4NFhSmHOTHXrhx0enw46lrUry8XWsVBAy
yQhts+actZSpVOGqGfcPSZWF0u/flP802KgD0LFrrjSuASna2ukJZmRfAj9R8tqV
y89mb4uBbGJW/WFED61yt5Hc1k1suLn83hxMQJHHkVYWbTbFmMcqNPQq7wcKQp3P
kabIjeViXMVyVHa6YwD6LHBy25/PvFZHrbL+K24QjKoea+gqRbPkB9DN79w2CZy1
Jm+td0mVScTLjk3GwRN4h1kga+CaUg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:30 2024 by rpki-client on console-fra.rpki-client.org