Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/097748-5cc8-450f-9fbb-8c8d10e8eabc/1/8VbsH6lubWJ9FlgX0-PyNL6pizg.roa
File: 8VbsH6lubWJ9FlgX0-PyNL6pizg.roa (raw, json)
Hash identifier: 9khB/3vnaWMnc2nwYfL5f82vloFk3qAScc+mt391yYg=
Subject key identifier: F1:56:EC:1F:A9:6E:6D:62:7D:16:58:17:D3:E3:F2:34:BE:A9:8B:38
Certificate issuer: /CN=e6faa0d2f5dec0201f55e40979c1909b6db77c3b
Certificate serial: 37E4A51D
Authority key identifier: E6:FA:A0:D2:F5:DE:C0:20:1F:55:E4:09:79:C1:90:9B:6D:B7:7C:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5vqg0vXewCAfVeQJecGQm223fDs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/097748-5cc8-450f-9fbb-8c8d10e8eabc/1/8VbsH6lubWJ9FlgX0-PyNL6pizg.roa
Signing time: Sat 01 Jan 2022 03:58:53 +0000
ROA not before: Sat 01 Jan 2022 03:58:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197075
IP address blocks: 81.29.176.0/22 maxlen: 23
46.31.104.0/21 maxlen: 24
185.186.12.0/22 maxlen: 23
185.37.116.0/22 maxlen: 23
185.59.20.0/22 maxlen: 23
37.77.160.0/21 maxlen: 24
2a02:2420::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 937731357 (0x37e4a51d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e6faa0d2f5dec0201f55e40979c1909b6db77c3b
Validity
Not Before: Jan 1 03:58:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f156ec1fa96e6d627d165817d3e3f234bea98b38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:6d:6c:a3:59:45:b7:28:78:f4:66:41:41:67:
69:c0:ab:70:69:a7:25:5a:77:b0:c7:13:93:07:62:
6f:9d:b0:27:7f:1a:d3:e5:2c:09:1a:22:6f:42:f5:
47:9d:1f:c5:1c:14:6a:81:b1:37:43:d5:83:e5:88:
22:eb:3c:29:2e:06:a3:46:15:ec:e2:31:d8:39:10:
f9:96:f7:68:62:09:1e:40:66:db:29:f2:7a:0e:34:
dd:a7:3e:d6:91:44:97:c0:e1:bd:be:7c:43:b1:09:
79:5a:bc:1a:19:51:5c:2f:e5:18:d4:62:93:aa:d6:
66:28:9a:40:65:7e:24:a0:08:c9:3d:cc:66:0e:5b:
c0:f8:8d:74:15:0a:a0:c4:31:d2:ba:22:be:7e:df:
bf:db:d1:e9:13:5e:1d:f8:39:79:b2:dc:10:99:c1:
9c:b7:da:60:ca:ac:e5:6c:aa:28:ff:4d:58:c0:b2:
4a:b4:ad:3d:5f:af:55:91:20:d0:fe:c1:96:d4:9b:
c0:d9:ef:86:17:10:d9:e8:e3:f5:ad:60:34:ae:fe:
8a:ba:c4:34:66:e2:0c:29:4f:22:28:c4:af:c0:ae:
f7:b1:84:54:ef:a1:69:5f:04:db:06:62:79:22:2b:
bf:2a:10:23:78:51:d9:31:da:6d:3a:4f:bf:07:b5:
7a:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:56:EC:1F:A9:6E:6D:62:7D:16:58:17:D3:E3:F2:34:BE:A9:8B:38
X509v3 Authority Key Identifier:
keyid:E6:FA:A0:D2:F5:DE:C0:20:1F:55:E4:09:79:C1:90:9B:6D:B7:7C:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5vqg0vXewCAfVeQJecGQm223fDs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/097748-5cc8-450f-9fbb-8c8d10e8eabc/1/8VbsH6lubWJ9FlgX0-PyNL6pizg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/097748-5cc8-450f-9fbb-8c8d10e8eabc/1/5vqg0vXewCAfVeQJecGQm223fDs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.77.160.0/21
46.31.104.0/21
81.29.176.0/22
185.37.116.0/22
185.59.20.0/22
185.186.12.0/22
IPv6:
2a02:2420::/32
Signature Algorithm: sha256WithRSAEncryption
16:02:30:22:35:b5:f2:cb:5a:b4:e9:70:9d:cd:28:a0:9f:b2:
f1:13:f9:2b:a5:db:b2:87:6c:18:74:ec:4b:b2:6e:4f:79:64:
10:11:c6:53:de:fd:00:d4:45:85:c1:dc:30:c1:ee:99:cd:59:
08:61:62:66:ac:7d:78:b5:52:ed:c9:12:28:f6:50:e1:28:b0:
d9:eb:e9:98:9d:88:83:27:4c:d0:e8:92:27:37:5a:70:db:57:
65:cd:4d:72:40:88:c0:1a:8b:de:70:06:7c:f8:76:86:0f:f6:
62:c5:b2:2e:45:c9:e6:e3:1b:8b:d4:42:31:15:cb:19:3c:48:
b6:31:c1:4e:36:73:b9:f2:f8:79:ce:5f:2e:0f:02:8c:25:ad:
00:67:2f:5b:22:70:93:0c:01:f0:28:68:a5:bb:07:f5:19:d9:
4f:cc:a2:2f:6e:56:3e:35:03:d9:3b:43:66:df:05:2f:9c:0f:
c7:67:3d:9f:f2:99:71:99:3a:a0:20:d0:5d:63:2f:47:28:e0:
b9:76:87:77:cc:32:c8:20:ab:8e:c9:ec:43:d9:f3:3c:2d:e1:
2c:96:07:22:4a:33:f2:98:1a:01:26:d2:22:1d:5f:bf:64:70:
ab:51:91:87:67:ac:84:99:6f:fc:83:2e:ff:01:57:9f:eb:33:
a9:c7:32:01
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgIEN+SlHTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
NmZhYTBkMmY1ZGVjMDIwMWY1NWU0MDk3OWMxOTA5YjZkYjc3YzNiMB4XDTIyMDEw
MTAzNTg1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjE1NmVjMWZhOTZl
NmQ2MjdkMTY1ODE3ZDNlM2YyMzRiZWE5OGIzODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ1tbKNZRbcoePRmQUFnacCrcGmnJVp3sMcTkwdib52wJ38a
0+UsCRoib0L1R50fxRwUaoGxN0PVg+WIIus8KS4Go0YV7OIx2DkQ+Zb3aGIJHkBm
2ynyeg403ac+1pFEl8Dhvb58Q7EJeVq8GhlRXC/lGNRik6rWZiiaQGV+JKAIyT3M
Zg5bwPiNdBUKoMQx0roivn7fv9vR6RNeHfg5ebLcEJnBnLfaYMqs5WyqKP9NWMCy
SrStPV+vVZEg0P7BltSbwNnvhhcQ2ejj9a1gNK7+irrENGbiDClPIijEr8Cu97GE
VO+haV8E2wZieSIrvyoQI3hR2THabTpPvwe1etMCAwEAAaOCAjYwggIyMB0GA1Ud
DgQWBBTxVuwfqW5tYn0WWBfT4/I0vqmLODAfBgNVHSMEGDAWgBTm+qDS9d7AIB9V
5Al5wZCbbbd8OzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzV2cWcwdlhld0NBZlZlUUplY0dRbTIyM2ZEcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzMvMDk3NzQ4LTVjYzgtNDUwZi05ZmJiLThjOGQxMGU4ZWFiYy8x
LzhWYnNINmx1YldKOUZsZ1gwLVB5Tkw2cGl6Zy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzMv
MDk3NzQ4LTVjYzgtNDUwZi05ZmJiLThjOGQxMGU4ZWFiYy8xLzV2cWcwdlhld0NB
ZlZlUUplY0dRbTIyM2ZEcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBM
BggrBgEFBQcBBwEB/wQ9MDswKgQCAAEwJAMEAyVNoAMEAy4faAMEAlEdsAMEArkl
dAMEArk7FAMEArm6DDANBAIAAjAHAwUAKgIkIDANBgkqhkiG9w0BAQsFAAOCAQEA
FgIwIjW18statOlwnc0ooJ+y8RP5K6XbsodsGHTsS7JuT3lkEBHGU979ANRFhcHc
MMHumc1ZCGFiZqx9eLVS7ckSKPZQ4Siw2evpmJ2IgydM0OiSJzdacNtXZc1NckCI
wBqL3nAGfPh2hg/2YsWyLkXJ5uMbi9RCMRXLGTxItjHBTjZzufL4ec5fLg8CjCWt
AGcvWyJwkwwB8ChopbsH9RnZT8yiL25WPjUD2TtDZt8FL5wPx2c9n/KZcZk6oCDQ
XWMvRyjguXaHd8wyyCCrjsnsQ9nzPC3hLJYHIkoz8pgaASbSIh1fv2Rwq1GRh2es
hJlv/IMu/wFXn+szqccyAQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:46 2024 by rpki-client on console-fra.rpki-client.org