Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/3KUIUcgcUCf0iwZ2qIMUDk2WpQc.roa
File: 3KUIUcgcUCf0iwZ2qIMUDk2WpQc.roa (raw, json)
Hash identifier: vwIliMDReWsS6FKmY35WqP71CwRovesh16vryvEHA9s=
Subject key identifier: DC:A5:08:51:C8:1C:50:27:F4:8B:06:76:A8:83:14:0E:4D:96:A5:07
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018484EC8777B5FC0A25C07984307378DF32
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/3KUIUcgcUCf0iwZ2qIMUDk2WpQc.roa
Signing time: Thu 17 Nov 2022 09:30:04 +0000
ROA not before: Thu 17 Nov 2022 09:30:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 185.230.52.0/23 maxlen: 24
185.255.124.0/24 maxlen: 24
185.223.76.0/24 maxlen: 24
185.121.12.0/22 maxlen: 24
185.206.251.0/24 maxlen: 24
185.206.248.0/24 maxlen: 24
185.226.105.0/24 maxlen: 24
185.226.107.0/24 maxlen: 24
185.234.20.0/22 maxlen: 24
185.234.23.0/24 maxlen: 24
185.240.120.0/23 maxlen: 24
45.8.20.0/22 maxlen: 24
185.238.228.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:84:ec:87:77:b5:fc:0a:25:c0:79:84:30:73:78:df:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Nov 17 09:30:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dca50851c81c5027f48b0676a883140e4d96a507
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:65:e9:2d:a9:a7:f5:2b:53:eb:fc:62:7a:d9:
7a:b6:b7:9f:29:40:a4:fb:ba:bf:78:97:06:9b:9d:
04:2f:05:f2:54:f1:fa:14:0c:55:03:80:74:10:3c:
c9:15:e5:ea:fa:6c:63:18:7c:16:8d:e7:4f:22:9f:
4e:5e:3b:47:a0:d5:ba:87:d5:0a:15:b6:78:4e:1d:
40:75:50:e9:e3:12:30:49:95:1f:b0:f6:f2:d9:c3:
e3:bb:0f:f7:dd:08:79:62:90:9b:21:9f:34:63:11:
5b:56:17:69:51:da:63:1e:86:00:ab:f6:fb:e0:dc:
f2:3e:f3:52:b2:4b:c6:ca:bf:82:cb:46:da:3a:68:
33:f5:a1:16:0e:70:d6:8a:b7:e8:12:62:2d:c9:ef:
b0:32:27:cd:50:83:31:5b:02:e2:33:b1:d3:d7:3f:
8e:1a:95:12:f9:04:b9:9d:2c:2c:97:a2:6c:46:a7:
fc:fc:7f:f9:c3:c5:9a:fd:25:3b:3a:a0:cd:6e:01:
1d:a0:c4:7f:42:dd:49:4d:4a:27:8d:75:a4:6e:13:
6a:0a:39:2c:18:36:bb:2d:d6:dc:c6:9f:04:fb:4b:
bf:d9:c0:b7:75:c8:80:10:d2:4f:9c:ad:bb:12:64:
0e:49:58:ce:90:a1:9e:4f:75:f8:18:da:06:3b:14:
07:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:A5:08:51:C8:1C:50:27:F4:8B:06:76:A8:83:14:0E:4D:96:A5:07
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/3KUIUcgcUCf0iwZ2qIMUDk2WpQc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.20.0/22
185.121.12.0/22
185.206.248.0/24
185.206.251.0/24
185.223.76.0/24
185.226.105.0/24
185.226.107.0/24
185.230.52.0/23
185.234.20.0/22
185.238.228.0/22
185.240.120.0/23
185.255.124.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:ce:68:da:ba:91:53:dc:e5:dc:e8:7f:b1:cc:26:3f:27:1c:
a1:54:07:78:b1:13:e6:a1:c3:03:bd:51:68:66:bf:79:49:78:
46:3a:68:02:d6:38:1d:b8:76:e4:2d:b8:7d:c5:f6:1b:b3:4f:
25:e3:95:2e:68:bf:32:7b:75:e2:1f:cd:3c:5f:55:bd:c6:87:
a7:20:ae:ad:4e:82:ec:58:a2:40:c6:32:7e:9e:b7:0c:8d:cb:
9e:26:33:f4:df:ef:99:66:da:92:49:82:54:e8:3e:0d:ba:b9:
8e:b2:34:7b:df:73:8b:cb:4c:99:61:f6:ba:8a:c5:fb:40:11:
42:5f:87:3b:bd:b7:96:b7:ac:0b:2a:ea:d9:ea:55:e3:3d:fa:
d4:89:31:69:32:b0:7a:3b:3b:84:8d:6d:4f:56:6f:c6:f9:ea:
dd:25:c8:e6:9b:23:c6:44:e7:de:b9:18:f1:1a:80:08:09:66:
02:a9:d9:9a:b6:20:38:91:5c:b6:08:3c:3e:74:0a:fe:ef:19:
8a:3e:25:b0:a8:60:31:f1:c1:04:24:12:96:25:10:be:b8:ab:
67:85:b2:f1:d1:4d:b7:ab:48:77:03:5b:3a:a9:3e:2a:98:4f:
bf:50:b2:8b:cc:23:60:f6:11:96:cf:59:73:f8:13:a3:5a:dd:
30:39:c3:3f
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYSE7Id3tfwKJcB5hDBzeN8yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjIxMTE3MDkzMDA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2E1MDg1MWM4MWM1MDI3ZjQ4YjA2NzZhODgzMTQwZTRkOTZhNTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlGXpLamn9StT6/xietl6trefKUCk
+7q/eJcGm50ELwXyVPH6FAxVA4B0EDzJFeXq+mxjGHwWjedPIp9OXjtHoNW6h9UK
FbZ4Th1AdVDp4xIwSZUfsPby2cPjuw/33Qh5YpCbIZ80YxFbVhdpUdpjHoYAq/b7
4NzyPvNSskvGyr+Cy0baOmgz9aEWDnDWirfoEmItye+wMifNUIMxWwLiM7HT1z+O
GpUS+QS5nSwsl6JsRqf8/H/5w8Wa/SU7OqDNbgEdoMR/Qt1JTUonjXWkbhNqCjks
GDa7Ldbcxp8E+0u/2cC3dciAENJPnK27EmQOSVjOkKGeT3X4GNoGOxQH0wIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFNylCFHIHFAn9IsGdqiDFA5NlqUHMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvM0tVSVVjZ2NVQ2YwaXdaMnFJTVVEazJXcFFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQCLQgUAwQC
uXkMAwQAuc74AwQAuc77AwQAud9MAwQAueJpAwQAueJrAwQBueY0AwQCueoUAwQC
ue7kAwQBufB4AwQAuf98MA0GCSqGSIb3DQEBCwUAA4IBAQC3zmjaupFT3OXc6H+x
zCY/JxyhVAd4sRPmocMDvVFoZr95SXhGOmgC1jgduHbkLbh9xfYbs08l45UuaL8y
e3XiH808X1W9xoenIK6tToLsWKJAxjJ+nrcMjcueJjP03++ZZtqSSYJU6D4NurmO
sjR733OLy0yZYfa6isX7QBFCX4c7vbeWt6wLKurZ6lXjPfrUiTFpMrB6OzuEjW1P
Vm/G+erdJcjmmyPGROfeuRjxGoAICWYCqdmatiA4kVy2CDw+dAr+7xmKPiWwqGAx
8cEEJBKWJRC+uKtnhbLx0U23q0h3A1s6qT4qmE+/ULKLzCNg9hGWz1lz+BOjWt0w
OcM/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:40 2024 by rpki-client on console-fra.rpki-client.org