Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/f6969c-3a6e-4bec-9742-ece87c6a0318/1/Cb7uasProImWSXeq5iNWQ39D3Fc.roa
File: Cb7uasProImWSXeq5iNWQ39D3Fc.roa (raw, json)
Hash identifier: kTTe8BvSuRjoXERU4vNjIt0j1TtshuuHnElB9yfdZ9k=
Subject key identifier: 09:BE:EE:6A:C3:EB:A0:89:96:49:77:AA:E6:23:56:43:7F:43:DC:57
Certificate issuer: /CN=ca900f1e11e2d25d0b2316ad6e012684839ac81e
Certificate serial: 131E39E4
Authority key identifier: CA:90:0F:1E:11:E2:D2:5D:0B:23:16:AD:6E:01:26:84:83:9A:C8:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ypAPHhHi0l0LIxatbgEmhIOayB4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/f6969c-3a6e-4bec-9742-ece87c6a0318/1/Cb7uasProImWSXeq5iNWQ39D3Fc.roa
Signing time: Sat 01 Jan 2022 08:54:41 +0000
ROA not before: Sat 01 Jan 2022 08:54:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203177
IP address blocks: 185.135.210.0/24 maxlen: 24
185.135.208.0/22 maxlen: 22
185.135.211.0/24 maxlen: 24
91.244.117.0/24 maxlen: 24
185.135.208.0/24 maxlen: 24
185.135.209.0/24 maxlen: 24
2a0a:6600::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 320748004 (0x131e39e4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca900f1e11e2d25d0b2316ad6e012684839ac81e
Validity
Not Before: Jan 1 08:54:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=09beee6ac3eba089964977aae62356437f43dc57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:95:32:da:86:0c:0d:34:67:fb:96:fc:7b:77:
62:05:49:1b:ff:d1:9a:99:1f:2f:fc:0d:0f:be:52:
96:87:be:d9:76:5b:1e:ff:36:c3:d7:19:b7:00:20:
91:74:83:c7:35:80:49:01:62:68:e1:5e:7f:95:48:
84:7d:a6:90:53:9e:46:9e:33:02:25:bd:ba:c2:76:
2f:1f:61:79:a6:88:77:b8:82:58:b1:2a:a0:4b:8d:
ea:9c:52:b0:79:77:b0:0b:35:b5:75:9b:90:fd:cf:
0d:46:af:ed:30:4d:9a:19:26:73:12:01:72:13:96:
d1:eb:9c:ae:29:8f:8c:07:ed:f0:cb:9d:1d:89:0b:
47:7b:75:01:29:68:63:31:69:da:66:50:52:8d:5c:
47:23:ee:3c:08:e8:c1:89:aa:61:1f:b6:4c:0e:62:
34:2e:c3:92:84:b4:b5:50:15:64:a5:36:0f:e8:8e:
fa:55:a9:64:77:8d:16:e8:3b:91:28:48:04:43:7b:
cc:75:8e:bf:e5:09:73:39:1d:66:0b:83:45:6b:30:
11:5b:ec:a8:7c:24:02:75:31:fa:c4:1b:24:a8:e0:
ea:76:1d:6e:90:70:59:bd:a8:71:2f:4b:b8:ff:de:
35:fd:fb:3b:2e:9a:ff:78:aa:9d:3f:ce:fd:49:eb:
ae:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:BE:EE:6A:C3:EB:A0:89:96:49:77:AA:E6:23:56:43:7F:43:DC:57
X509v3 Authority Key Identifier:
keyid:CA:90:0F:1E:11:E2:D2:5D:0B:23:16:AD:6E:01:26:84:83:9A:C8:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ypAPHhHi0l0LIxatbgEmhIOayB4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/f6969c-3a6e-4bec-9742-ece87c6a0318/1/Cb7uasProImWSXeq5iNWQ39D3Fc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/f6969c-3a6e-4bec-9742-ece87c6a0318/1/ypAPHhHi0l0LIxatbgEmhIOayB4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.244.117.0/24
185.135.208.0/22
IPv6:
2a0a:6600::/29
Signature Algorithm: sha256WithRSAEncryption
99:5c:d4:d2:9a:06:76:44:1c:25:a6:a7:ad:88:f9:4a:87:7f:
15:73:2f:e0:48:0c:97:92:d4:8b:c5:6d:9f:ac:8a:64:01:36:
e6:00:b6:35:e4:c1:06:21:dc:28:16:41:7c:ba:b2:f9:59:a0:
0b:9e:65:66:9c:42:33:26:57:fa:8e:70:60:ac:37:d1:8e:7f:
73:a3:e6:8c:40:90:8f:15:36:b5:20:7b:d5:b4:5c:7a:0a:0e:
41:ef:57:47:32:6a:c1:d3:ea:19:0a:c7:17:98:b4:08:c6:c3:
df:99:ba:34:93:e7:08:f6:c6:66:07:fb:91:32:cf:9a:ad:e2:
cf:68:3c:59:ba:cc:8e:c8:02:d3:03:b1:97:0b:60:95:2e:b9:
3b:ae:96:3f:e5:6e:18:bc:21:68:77:43:54:99:62:76:6d:21:
cd:64:39:68:ed:c8:1e:fd:d9:25:de:ef:46:96:2f:b6:ef:42:
e6:13:72:de:48:fd:88:14:9d:53:17:0b:f7:ef:27:26:7b:09:
d7:e3:48:88:cb:b5:11:9c:c2:af:29:48:e0:0f:58:d7:fc:c0:
95:77:e1:9d:2b:5c:24:54:33:6a:24:59:bf:d5:fe:75:3c:4e:
92:9d:f9:1e:f7:26:33:ca:cf:c9:1a:93:88:a0:5f:ab:48:7d:
ae:3e:18:97
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEEx455DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
YTkwMGYxZTExZTJkMjVkMGIyMzE2YWQ2ZTAxMjY4NDgzOWFjODFlMB4XDTIyMDEw
MTA4NTQ0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDliZWVlNmFjM2Vi
YTA4OTk2NDk3N2FhZTYyMzU2NDM3ZjQzZGM1NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKKVMtqGDA00Z/uW/Ht3YgVJG//RmpkfL/wND75Sloe+2XZb
Hv82w9cZtwAgkXSDxzWASQFiaOFef5VIhH2mkFOeRp4zAiW9usJ2Lx9heaaId7iC
WLEqoEuN6pxSsHl3sAs1tXWbkP3PDUav7TBNmhkmcxIBchOW0eucrimPjAft8Mud
HYkLR3t1ASloYzFp2mZQUo1cRyPuPAjowYmqYR+2TA5iNC7DkoS0tVAVZKU2D+iO
+lWpZHeNFug7kShIBEN7zHWOv+UJczkdZguDRWswEVvsqHwkAnUx+sQbJKjg6nYd
bpBwWb2ocS9LuP/eNf37Oy6a/3iqnT/O/UnrrmsCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBQJvu5qw+ugiZZJd6rmI1ZDf0PcVzAfBgNVHSMEGDAWgBTKkA8eEeLSXQsj
Fq1uASaEg5rIHjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3lwQVBIaEhpMGwwTEl4YXRiZ0VtaElPYXlCNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2UvZjY5NjljLTNhNmUtNGJlYy05NzQyLWVjZTg3YzZhMDMxOC8x
L0NiN3Vhc1Byb0ltV1NYZXE1aU5XUTM5RDNGYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Uv
ZjY5NjljLTNhNmUtNGJlYy05NzQyLWVjZTg3YzZhMDMxOC8xL3lwQVBIaEhpMGww
TEl4YXRiZ0VtaElPYXlCNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAFv0dQMEArmH0DANBAIAAjAHAwUD
KgpmADANBgkqhkiG9w0BAQsFAAOCAQEAmVzU0poGdkQcJaanrYj5Sod/FXMv4EgM
l5LUi8Vtn6yKZAE25gC2NeTBBiHcKBZBfLqy+VmgC55lZpxCMyZX+o5wYKw30Y5/
c6PmjECQjxU2tSB71bRcegoOQe9XRzJqwdPqGQrHF5i0CMbD35m6NJPnCPbGZgf7
kTLPmq3iz2g8WbrMjsgC0wOxlwtglS65O66WP+VuGLwhaHdDVJlidm0hzWQ5aO3I
Hv3ZJd7vRpYvtu9C5hNy3kj9iBSdUxcL9+8nJnsJ1+NIiMu1EZzCrylI4A9Y1/zA
lXfhnStcJFQzaiRZv9X+dTxOkp35HvcmM8rPyRqTiKBfq0h9rj4Ylw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:02 2023 by rpki-client on console-ams.rpki-client.org