Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/1-sArdZD0xEcOBW4GYQ9zCGFwT9Q.roa
File: 1-sArdZD0xEcOBW4GYQ9zCGFwT9Q.roa (raw, json)
Hash identifier: ee6BDRrXg8iHTBEJGfRxYHo1ko1Uy65Dk+zCVfUewww=
Subject key identifier: FA:C0:2B:75:90:F4:C4:47:0E:05:6E:06:61:0F:73:08:61:70:4F:D4
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 01856EC9443D7D29AAADB73442659D8D317E
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/1-sArdZD0xEcOBW4GYQ9zCGFwT9Q.roa
Signing time: Sun 01 Jan 2023 19:22:42 +0000
ROA not before: Sun 01 Jan 2023 19:22:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 194.5.67.0/24 maxlen: 24
185.230.52.0/23 maxlen: 24
185.255.124.0/24 maxlen: 24
185.223.76.0/24 maxlen: 24
185.121.12.0/22 maxlen: 24
185.206.251.0/24 maxlen: 24
185.206.248.0/24 maxlen: 24
185.226.105.0/24 maxlen: 24
185.226.107.0/24 maxlen: 24
185.234.20.0/22 maxlen: 24
185.234.23.0/24 maxlen: 24
185.240.120.0/23 maxlen: 24
45.8.20.0/22 maxlen: 24
185.238.228.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:c9:44:3d:7d:29:aa:ad:b7:34:42:65:9d:8d:31:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 1 19:22:42 2023 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fac02b7590f4c4470e056e06610f730861704fd4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:bd:9c:f1:9d:33:86:50:51:7d:71:a2:3a:05:
6b:ec:ee:45:55:d7:09:c0:d4:8d:44:82:25:9c:fe:
f0:3e:aa:92:59:8e:15:bf:fe:d7:21:6d:4d:07:f6:
60:03:46:c6:16:be:ea:e4:5b:f1:ba:fc:c4:a0:95:
e1:6b:9c:1b:52:1e:da:05:ca:22:70:26:23:f4:a2:
86:9c:d6:3c:b3:de:3b:b4:8a:b2:30:38:67:49:78:
ce:6f:df:b5:ce:dd:7d:68:8e:f1:af:fc:fc:62:70:
1c:68:cc:df:63:52:57:4f:73:f1:8a:9e:84:5e:a3:
c7:e5:22:75:7d:b1:7f:f9:c4:bb:61:15:e5:d1:6b:
8b:fa:e2:42:78:4b:5d:cc:68:da:70:55:46:71:71:
40:b0:1a:a9:6a:3b:51:ca:a7:1a:d9:96:17:f7:b0:
3e:1f:d7:b5:94:42:a7:cb:9b:ce:45:6a:1c:0e:6e:
9e:8e:d0:f2:d1:cc:92:92:73:e1:96:d7:5d:dc:17:
8d:8d:8c:2e:51:c2:eb:70:99:2e:da:63:bd:54:94:
73:f0:28:cf:db:91:03:f1:9e:9a:0e:2d:fd:c2:13:
c5:2c:cd:10:22:07:71:bd:d3:45:a4:57:93:af:9e:
c1:53:a3:cd:de:d8:a0:8d:cb:7a:c8:36:a9:ae:72:
28:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:C0:2B:75:90:F4:C4:47:0E:05:6E:06:61:0F:73:08:61:70:4F:D4
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/1-sArdZD0xEcOBW4GYQ9zCGFwT9Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.20.0/22
185.121.12.0/22
185.206.248.0/24
185.206.251.0/24
185.223.76.0/24
185.226.105.0/24
185.226.107.0/24
185.230.52.0/23
185.234.20.0/22
185.238.228.0/22
185.240.120.0/23
185.255.124.0/24
194.5.67.0/24
Signature Algorithm: sha256WithRSAEncryption
55:31:d0:ab:f8:cc:fd:a6:6d:9f:f9:90:c0:99:aa:01:ca:92:
52:e3:c1:f6:2a:0d:ae:16:01:b5:98:c7:b6:7a:95:28:fd:e5:
cf:5f:34:70:77:38:08:22:6f:f8:47:e6:2a:83:b1:e7:0c:97:
e9:1e:ec:8c:44:9d:a2:82:35:29:fb:64:1e:f5:3b:ce:6d:24:
1e:c4:47:70:8a:a5:ad:79:e9:db:bd:25:2e:98:c2:a0:c5:db:
5e:9b:bf:6f:b8:20:c3:f8:d1:f8:ff:5d:3d:51:94:be:47:3d:
30:16:4a:70:90:40:02:43:a4:d7:63:93:03:83:1a:38:2a:4e:
bf:6c:5a:b9:c1:26:f6:13:c4:e9:e2:d1:f7:3f:f6:d8:1c:ca:
c8:75:1e:36:8e:2e:17:23:37:61:36:18:a7:e8:6a:c6:5b:17:
35:b6:20:6e:f9:e0:8c:aa:0d:0c:74:79:b5:f8:af:4c:a7:d2:
22:4d:75:f0:02:bf:44:39:bb:46:8e:2e:7f:c1:09:60:5f:5d:
1d:0c:da:05:37:89:38:1e:18:26:f4:23:7a:86:44:bd:04:b8:
6a:88:44:85:24:f6:92:be:93:b3:cf:dd:fa:a0:5a:4e:de:07:
43:4a:02:76:8b:bf:ec:1a:5b:b4:dd:fe:74:19:b6:81:63:97:
7a:06:b1:6d
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgISAYVuyUQ9fSmqrbc0QmWdjTF+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwMTAxMTkyMjQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWMwMmI3NTkwZjRjNDQ3MGUwNTZlMDY2MTBmNzMwODYxNzA0ZmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv72c8Z0zhlBRfXGiOgVr7O5FVdcJ
wNSNRIIlnP7wPqqSWY4Vv/7XIW1NB/ZgA0bGFr7q5FvxuvzEoJXha5wbUh7aBcoi
cCYj9KKGnNY8s947tIqyMDhnSXjOb9+1zt19aI7xr/z8YnAcaMzfY1JXT3Pxip6E
XqPH5SJ1fbF/+cS7YRXl0WuL+uJCeEtdzGjacFVGcXFAsBqpajtRyqca2ZYX97A+
H9e1lEKny5vORWocDm6ejtDy0cySknPhltdd3BeNjYwuUcLrcJku2mO9VJRz8CjP
25ED8Z6aDi39whPFLM0QIgdxvdNFpFeTr57BU6PN3tigjct6yDaprnIoFwIDAQAB
o4ICUjCCAk4wHQYDVR0OBBYEFPrAK3WQ9MRHDgVuBmEPcwhhcE/UMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvMS1zQXJkWkQweEVjT0JXNEdZUTl6Q0dGd1Q5US5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZDAvMmI4MzRlLWJhZDItNDlmZi1iYTM4LWI0MzQyYmE5MWFi
Yy8xL1lHZUV3UVVJVzUxcTFmYzZBN0lObWx3UlRLOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBnBggrBgEFBQcBBwEB/wRYMFYwVAQCAAEwTgMEAi0IFAME
Arl5DAMEALnO+AMEALnO+wMEALnfTAMEALniaQMEALniawMEAbnmNAMEArnqFAME
Arnu5AMEAbnweAMEALn/fAMEAMIFQzANBgkqhkiG9w0BAQsFAAOCAQEAVTHQq/jM
/aZtn/mQwJmqAcqSUuPB9ioNrhYBtZjHtnqVKP3lz180cHc4CCJv+EfmKoOx5wyX
6R7sjESdooI1KftkHvU7zm0kHsRHcIqlrXnp270lLpjCoMXbXpu/b7ggw/jR+P9d
PVGUvkc9MBZKcJBAAkOk12OTA4MaOCpOv2xaucEm9hPE6eLR9z/22BzKyHUeNo4u
FyM3YTYYp+hqxlsXNbYgbvngjKoNDHR5tfivTKfSIk118AK/RDm7Ro4uf8EJYF9d
HQzaBTeJOB4YJvQjeoZEvQS4aohEhST2kr6Ts8/d+qBaTt4HQ0oCdou/7BpbtN3+
dBm2gWOXegaxbQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:40 2024 by rpki-client on console-fra.rpki-client.org