Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/16b7f4-fa15-47a6-9fc5-254bcbcec037/1/o1rfiKB3kgYmzcvX65HPw_MjGnI.roa
File: o1rfiKB3kgYmzcvX65HPw_MjGnI.roa (raw, json)
Hash identifier: rF8a39a/EZMPQVGpiHXW/IR0QERGGIMXKwM4JhZ0mdM=
Subject key identifier: A3:5A:DF:88:A0:77:92:06:26:CD:CB:D7:EB:91:CF:C3:F3:23:1A:72
Certificate issuer: /CN=759d6afb8ddf8f8c0dd660790edcba1f3b370c63
Certificate serial: 085E8E8A
Authority key identifier: 75:9D:6A:FB:8D:DF:8F:8C:0D:D6:60:79:0E:DC:BA:1F:3B:37:0C:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dZ1q-43fj4wN1mB5Dty6Hzs3DGM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/16b7f4-fa15-47a6-9fc5-254bcbcec037/1/o1rfiKB3kgYmzcvX65HPw_MjGnI.roa
Signing time: Sat 01 Jan 2022 09:57:37 +0000
ROA not before: Sat 01 Jan 2022 09:57:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202269
IP address blocks: 185.8.172.0/24 maxlen: 24
185.8.173.0/24 maxlen: 24
185.8.175.0/24 maxlen: 24
185.8.174.0/24 maxlen: 24
130.185.73.0/24 maxlen: 24
130.185.72.0/24 maxlen: 24
130.185.77.0/24 maxlen: 24
130.185.76.0/24 maxlen: 24
130.185.75.0/24 maxlen: 24
130.185.74.0/24 maxlen: 24
130.185.78.0/23 maxlen: 23
130.185.78.0/24 maxlen: 24
130.185.79.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 140414602 (0x85e8e8a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=759d6afb8ddf8f8c0dd660790edcba1f3b370c63
Validity
Not Before: Jan 1 09:57:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a35adf88a077920626cdcbd7eb91cfc3f3231a72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:23:92:d4:28:0b:f6:36:e1:fc:80:a0:cb:fa:
07:8e:35:b5:e2:ab:8d:ac:e0:a2:01:09:65:c9:57:
6f:4f:ba:05:a5:8a:79:e9:bd:27:dc:a5:25:cd:bb:
76:f5:ee:f9:d9:f6:2f:20:c3:0e:47:bf:38:91:67:
8f:b8:7c:36:4a:24:20:c6:32:26:6d:e1:97:96:53:
3c:e6:81:c8:71:5c:7e:cb:25:c9:44:b5:f2:31:21:
4e:81:1c:b4:dc:53:8a:03:66:99:c8:ef:e7:4e:be:
e9:85:07:4b:45:85:b5:7e:ca:c6:57:58:a9:80:f3:
7f:bf:c0:ed:8b:5f:a7:d3:b0:5d:06:e8:a5:2e:16:
ee:dd:ab:2b:da:e1:36:31:38:82:df:6c:df:da:3c:
57:3b:d8:49:f0:da:09:a9:56:e2:8f:5b:72:61:32:
8b:86:d8:f5:09:ec:15:ab:02:30:1c:16:4b:64:cf:
4c:30:35:57:c9:a5:28:bb:b9:f6:b9:84:2d:f6:97:
e7:84:0f:1e:31:46:d5:c9:88:43:01:db:47:36:8e:
0e:39:82:eb:15:41:fa:49:85:8c:c3:a3:fd:64:da:
2b:5c:a5:38:55:aa:00:d1:75:9d:7f:0f:a1:34:54:
24:78:ca:ba:3b:2f:14:02:5e:88:b1:da:21:ce:8c:
9b:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:5A:DF:88:A0:77:92:06:26:CD:CB:D7:EB:91:CF:C3:F3:23:1A:72
X509v3 Authority Key Identifier:
keyid:75:9D:6A:FB:8D:DF:8F:8C:0D:D6:60:79:0E:DC:BA:1F:3B:37:0C:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dZ1q-43fj4wN1mB5Dty6Hzs3DGM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/16b7f4-fa15-47a6-9fc5-254bcbcec037/1/o1rfiKB3kgYmzcvX65HPw_MjGnI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/16b7f4-fa15-47a6-9fc5-254bcbcec037/1/dZ1q-43fj4wN1mB5Dty6Hzs3DGM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.185.72.0/21
185.8.172.0/22
Signature Algorithm: sha256WithRSAEncryption
b0:f3:b6:40:91:d6:b5:9c:2d:ba:c1:12:aa:5b:6a:fe:17:c4:
ce:41:c6:bf:fc:7f:f5:4f:05:8a:1f:fc:0e:2d:5a:d4:c2:74:
4f:61:f0:72:25:7d:51:52:72:dd:d5:47:90:7b:00:b3:cd:99:
c6:b4:68:63:8d:62:1a:32:74:f2:d9:60:3a:f5:92:79:7c:65:
75:9d:2f:37:86:f6:e4:c3:fa:18:fd:4e:7c:43:a8:af:71:1e:
4d:12:e0:69:5f:d5:64:ef:7f:19:24:71:0a:c8:3f:ec:87:73:
2e:51:df:75:f6:d0:f7:40:10:c0:d3:77:de:f8:4d:f0:fd:a2:
81:ad:a8:39:14:57:34:d8:61:90:e0:ff:72:6e:43:9f:99:e2:
6b:0f:4b:17:ce:ee:86:08:55:c1:e3:85:2b:45:2b:7b:f5:84:
c2:3c:28:f3:47:10:e5:94:32:e8:5a:03:34:a7:93:6f:e9:64:
e2:5f:9e:96:8c:36:ae:30:0c:c9:29:20:63:32:98:0a:e9:3a:
1c:b9:a1:91:b2:86:15:92:b4:2e:30:c3:4d:25:58:db:12:e7:
a4:ef:8b:20:b9:12:d3:bb:93:81:54:14:3c:56:1c:43:e6:c4:
40:d6:ce:71:24:48:e5:02:f4:65:30:c1:a9:85:83:9a:35:87:
4e:a6:aa:a4
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIECF6OijANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NTlkNmFmYjhkZGY4ZjhjMGRkNjYwNzkwZWRjYmExZjNiMzcwYzYzMB4XDTIyMDEw
MTA5NTczN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTM1YWRmODhhMDc3
OTIwNjI2Y2RjYmQ3ZWI5MWNmYzNmMzIzMWE3MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMEjktQoC/Y24fyAoMv6B441teKrjazgogEJZclXb0+6BaWK
eem9J9ylJc27dvXu+dn2LyDDDke/OJFnj7h8NkokIMYyJm3hl5ZTPOaByHFcfssl
yUS18jEhToEctNxTigNmmcjv506+6YUHS0WFtX7KxldYqYDzf7/A7Ytfp9OwXQbo
pS4W7t2rK9rhNjE4gt9s39o8VzvYSfDaCalW4o9bcmEyi4bY9QnsFasCMBwWS2TP
TDA1V8mlKLu59rmELfaX54QPHjFG1cmIQwHbRzaODjmC6xVB+kmFjMOj/WTaK1yl
OFWqANF1nX8PoTRUJHjKujsvFAJeiLHaIc6Mm0cCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSjWt+IoHeSBibNy9frkc/D8yMacjAfBgNVHSMEGDAWgBR1nWr7jd+PjA3W
YHkO3LofOzcMYzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RaMXEtNDNmajR3TjFtQjVEdHk2SHpzM0RHTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvMTZiN2Y0LWZhMTUtNDdhNi05ZmM1LTI1NGJjYmNlYzAzNy8x
L28xcmZpS0Iza2dZbXpjdlg2NUhQd19NakduSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
MTZiN2Y0LWZhMTUtNDdhNi05ZmM1LTI1NGJjYmNlYzAzNy8xL2RaMXEtNDNmajR3
TjFtQjVEdHk2SHpzM0RHTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEA4K5SAMEArkIrDANBgkqhkiG9w0B
AQsFAAOCAQEAsPO2QJHWtZwtusESqltq/hfEzkHGv/x/9U8Fih/8Di1a1MJ0T2Hw
ciV9UVJy3dVHkHsAs82ZxrRoY41iGjJ08tlgOvWSeXxldZ0vN4b25MP6GP1OfEOo
r3EeTRLgaV/VZO9/GSRxCsg/7IdzLlHfdfbQ90AQwNN33vhN8P2iga2oORRXNNhh
kOD/cm5Dn5niaw9LF87uhghVweOFK0Ure/WEwjwo80cQ5ZQy6FoDNKeTb+lk4l+e
low2rjAMySkgYzKYCuk6HLmhkbKGFZK0LjDDTSVY2xLnpO+LILkS07uTgVQUPFYc
Q+bEQNbOcSRI5QL0ZTDBqYWDmjWHTqaqpA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:39 2024 by rpki-client on console-fra.rpki-client.org