Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/bb6f38-2369-446f-88f2-0b4575b69c57/1/AGy0zix-SZNQK4bC4MHbtqrMnSk.roa
File: AGy0zix-SZNQK4bC4MHbtqrMnSk.roa (raw, json)
Hash identifier: qPR3c89TEbR0jQjPkqWWFBMIgKJqknELO/zBDNw70r4=
Subject key identifier: 00:6C:B4:CE:2C:7E:49:93:50:2B:86:C2:E0:C1:DB:B6:AA:CC:9D:29
Certificate issuer: /CN=614c9585889f98e0c77f9b6cd80361aa02bdd68e
Certificate serial: 32BB9994
Authority key identifier: 61:4C:95:85:88:9F:98:E0:C7:7F:9B:6C:D8:03:61:AA:02:BD:D6:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YUyVhYifmODHf5ts2ANhqgK91o4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/bb6f38-2369-446f-88f2-0b4575b69c57/1/AGy0zix-SZNQK4bC4MHbtqrMnSk.roa
Signing time: Sat 01 Jan 2022 02:01:33 +0000
ROA not before: Sat 01 Jan 2022 02:01:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51790
IP address blocks: 185.92.228.0/24 maxlen: 24
185.57.145.0/24 maxlen: 24
185.57.144.0/23 maxlen: 23
185.57.146.0/24 maxlen: 24
185.97.52.0/22 maxlen: 24
217.61.252.0/24 maxlen: 24
46.19.10.0/23 maxlen: 24
46.19.8.0/23 maxlen: 24
46.19.14.0/23 maxlen: 24
46.19.12.0/23 maxlen: 24
209.16.152.0/22 maxlen: 23
2a02:28b0::/32 maxlen: 32
2a02:28b1::/32 maxlen: 32
2a02:28b7::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 851155348 (0x32bb9994)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=614c9585889f98e0c77f9b6cd80361aa02bdd68e
Validity
Not Before: Jan 1 02:01:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=006cb4ce2c7e4993502b86c2e0c1dbb6aacc9d29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:2a:bb:37:46:0a:41:3d:39:af:38:31:c4:fa:
49:60:18:9b:74:cf:27:92:8f:b5:b3:9a:b2:83:d7:
ea:d1:d1:29:f1:c6:99:22:17:61:77:0c:f5:75:8f:
2e:83:10:17:80:5c:c5:a3:09:bd:35:b4:fe:19:f0:
e9:a0:3f:d5:77:33:b5:c7:e7:a2:63:48:87:a0:eb:
e6:14:e2:18:ff:08:27:1f:4e:d7:9c:cf:dc:bc:e3:
9d:87:9f:59:e0:09:6b:92:5c:c9:17:e7:ed:05:aa:
76:d7:0f:a8:3c:9b:6e:c9:10:d3:db:89:f2:54:d2:
0e:4b:b1:1f:74:fc:52:60:92:dc:e8:38:f7:dd:a3:
01:20:ce:a1:63:0e:e8:7e:99:36:f9:49:c4:47:11:
87:6e:26:f3:c9:a6:7d:75:90:de:bd:62:ae:9c:f4:
60:61:1d:8e:30:40:0b:52:9f:c9:60:1b:18:bb:2a:
c4:40:88:39:02:ba:a2:d7:b9:9b:05:7a:2c:b7:ec:
83:21:5c:96:6e:21:04:03:05:51:b2:7d:24:96:55:
23:7a:e0:f6:0e:9c:29:14:52:15:14:cf:f4:cb:9b:
75:4c:2d:e7:3a:b6:48:dc:f4:53:df:93:b5:19:a4:
37:e3:41:70:fa:3c:8a:4e:28:05:82:6a:32:8d:fe:
91:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:6C:B4:CE:2C:7E:49:93:50:2B:86:C2:E0:C1:DB:B6:AA:CC:9D:29
X509v3 Authority Key Identifier:
keyid:61:4C:95:85:88:9F:98:E0:C7:7F:9B:6C:D8:03:61:AA:02:BD:D6:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YUyVhYifmODHf5ts2ANhqgK91o4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/bb6f38-2369-446f-88f2-0b4575b69c57/1/AGy0zix-SZNQK4bC4MHbtqrMnSk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/bb6f38-2369-446f-88f2-0b4575b69c57/1/YUyVhYifmODHf5ts2ANhqgK91o4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.19.8.0/21
185.57.144.0-185.57.146.255
185.92.228.0/24
185.97.52.0/22
209.16.152.0/22
217.61.252.0/24
IPv6:
2a02:28b0::/31
2a02:28b7::/32
Signature Algorithm: sha256WithRSAEncryption
8a:c6:8d:c1:d3:05:d7:63:a7:58:d5:62:d9:9a:55:ca:b4:6e:
72:28:67:29:a1:44:52:e3:6b:44:84:7b:03:38:e8:33:3a:d2:
8b:95:31:a9:2d:e8:f3:83:5d:85:ea:6d:72:79:be:d6:3e:68:
d1:d2:95:e4:a1:4a:df:c9:59:dd:a7:3d:9a:57:c6:15:d5:b7:
37:c7:a7:22:86:39:e3:87:24:e3:b4:b0:82:47:28:44:ed:28:
b1:1a:09:1a:81:10:2a:e0:49:95:01:ab:f1:9a:c5:dd:6f:51:
3e:7c:0d:d6:a5:c7:55:76:3e:b6:bd:50:40:8f:91:a7:72:91:
ce:eb:c1:2e:e2:00:31:02:a4:97:46:c4:b7:bd:35:e7:20:d5:
02:2d:51:b2:c6:1f:3c:88:f1:c0:62:5f:47:09:75:61:92:ed:
cd:f5:72:ed:a4:10:0c:96:34:80:85:76:c3:37:74:eb:49:4a:
ec:63:91:38:57:04:93:cd:c5:aa:ca:f5:23:3b:62:a0:ef:c5:
6d:2e:4d:06:e0:9f:ff:0d:a3:6e:f7:78:c0:4e:38:fb:f7:dc:
ab:c0:5e:1c:01:5d:4e:b8:9a:47:8c:ac:a3:96:2a:80:99:8d:
ba:b2:46:94:a4:10:2c:f5:f8:2a:89:26:f0:6e:93:92:54:bb:
a5:46:08:d7
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIEMruZlDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
MTRjOTU4NTg4OWY5OGUwYzc3ZjliNmNkODAzNjFhYTAyYmRkNjhlMB4XDTIyMDEw
MTAyMDEzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDA2Y2I0Y2UyYzdl
NDk5MzUwMmI4NmMyZTBjMWRiYjZhYWNjOWQyOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALEquzdGCkE9Oa84McT6SWAYm3TPJ5KPtbOasoPX6tHRKfHG
mSIXYXcM9XWPLoMQF4BcxaMJvTW0/hnw6aA/1XcztcfnomNIh6Dr5hTiGP8IJx9O
15zP3LzjnYefWeAJa5JcyRfn7QWqdtcPqDybbskQ09uJ8lTSDkuxH3T8UmCS3Og4
992jASDOoWMO6H6ZNvlJxEcRh24m88mmfXWQ3r1irpz0YGEdjjBAC1KfyWAbGLsq
xECIOQK6ote5mwV6LLfsgyFclm4hBAMFUbJ9JJZVI3rg9g6cKRRSFRTP9MubdUwt
5zq2SNz0U9+TtRmkN+NBcPo8ik4oBYJqMo3+kYECAwEAAaOCAkUwggJBMB0GA1Ud
DgQWBBQAbLTOLH5Jk1ArhsLgwdu2qsydKTAfBgNVHSMEGDAWgBRhTJWFiJ+Y4Md/
m2zYA2GqAr3WjjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1lVeVZoWWlmbU9ESGY1dHMyQU5ocWdLOTFvNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzUvYmI2ZjM4LTIzNjktNDQ2Zi04OGYyLTBiNDU3NWI2OWM1Ny8x
L0FHeTB6aXgtU1pOUUs0YkM0TUhidHFyTW5Tay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzUv
YmI2ZjM4LTIzNjktNDQ2Zi04OGYyLTBiNDU3NWI2OWM1Ny8xL1lVeVZoWWlmbU9E
SGY1dHMyQU5ocWdLOTFvNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBb
BggrBgEFBQcBBwEB/wRMMEowMgQCAAEwLAMEAy4TCDAMAwQEuTmQAwQAuTmSAwQA
uVzkAwQCuWE0AwQC0RCYAwQA2T38MBQEAgACMA4DBQEqAiiwAwUAKgIotzANBgkq
hkiG9w0BAQsFAAOCAQEAisaNwdMF12OnWNVi2ZpVyrRucihnKaFEUuNrRIR7Azjo
MzrSi5UxqS3o84Ndheptcnm+1j5o0dKV5KFK38lZ3ac9mlfGFdW3N8enIoY544ck
47SwgkcoRO0osRoJGoEQKuBJlQGr8ZrF3W9RPnwN1qXHVXY+tr1QQI+Rp3KRzuvB
LuIAMQKkl0bEt7015yDVAi1RssYfPIjxwGJfRwl1YZLtzfVy7aQQDJY0gIV2wzd0
60lK7GOROFcEk83Fqsr1IztioO/FbS5NBuCf/w2jbvd4wE44+/fcq8BeHAFdTria
R4yso5YqgJmNurJGlKQQLPX4Kokm8G6TklS7pUYI1w==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:39 2023 by rpki-client on console-fra.rpki-client.org