Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/7DJF05VltN92ZeNDsiE-e0gsK14.roa
File: 7DJF05VltN92ZeNDsiE-e0gsK14.roa (raw, json)
Hash identifier: raYORm03M3le9ve+lwev8iAzLeflIPDdkCQ5AbDewNQ=
Subject key identifier: EC:32:45:D3:95:65:B4:DF:76:65:E3:43:B2:21:3E:7B:48:2C:2B:5E
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 07AF101B
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/7DJF05VltN92ZeNDsiE-e0gsK14.roa
Signing time: Thu 28 Apr 2022 19:33:34 +0000
ROA not before: Thu 28 Apr 2022 19:33:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 185.230.52.0/23 maxlen: 24
185.255.124.0/24 maxlen: 24
185.225.0.0/22 maxlen: 22
185.121.12.0/22 maxlen: 24
185.206.248.0/22 maxlen: 24
185.226.104.0/22 maxlen: 24
185.234.20.0/22 maxlen: 24
185.234.23.0/24 maxlen: 24
185.194.28.0/22 maxlen: 24
185.194.29.0/24 maxlen: 24
185.240.120.0/23 maxlen: 24
45.8.20.0/22 maxlen: 24
185.246.112.0/22 maxlen: 24
185.238.228.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 128913435 (0x7af101b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Apr 28 19:33:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ec3245d39565b4df7665e343b2213e7b482c2b5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:45:50:cc:db:1f:a8:8e:ae:c5:c4:e7:7c:47:
c1:db:00:96:cd:7a:f3:59:c6:f0:47:de:8a:ef:3a:
aa:25:9b:05:29:d4:b8:a3:e8:1b:37:8b:95:2e:9c:
e7:50:a3:ca:0e:5f:a9:fa:6d:96:d6:ca:fe:9f:ae:
cc:50:ad:28:ce:03:43:14:12:e3:38:84:ae:7c:f6:
93:70:ea:61:6f:cb:c8:9b:d7:dc:42:00:6e:d2:6d:
a9:a7:41:da:d8:04:e6:35:69:51:71:95:d7:95:d3:
f5:75:e3:7b:ea:43:28:4d:1c:59:bc:13:2b:67:f3:
2b:5c:e1:0a:40:49:fd:d1:d0:c6:8f:bc:90:5a:14:
b0:6a:c4:60:a6:f1:ca:3a:8f:29:e4:02:18:1e:9d:
16:64:57:9c:e3:f2:35:0c:28:94:1d:51:c7:c0:06:
6f:e3:bb:ea:b4:a3:8c:fb:fd:3d:fa:57:08:9a:9e:
8c:a6:42:29:26:69:14:dc:5e:13:59:e7:e5:9a:41:
b9:7c:9a:27:b3:c1:84:59:7e:e5:b7:3a:6d:50:ee:
50:9b:3a:40:8c:fe:28:55:93:4c:6e:d1:aa:ad:37:
2f:2e:03:f5:ca:e2:9a:e0:cc:36:d0:5a:31:7f:6f:
b6:3c:98:23:a1:42:e1:31:db:87:7c:c9:8c:07:85:
5d:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:32:45:D3:95:65:B4:DF:76:65:E3:43:B2:21:3E:7B:48:2C:2B:5E
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/7DJF05VltN92ZeNDsiE-e0gsK14.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.20.0/22
185.121.12.0/22
185.194.28.0/22
185.206.248.0/22
185.225.0.0/22
185.226.104.0/22
185.230.52.0/23
185.234.20.0/22
185.238.228.0/22
185.240.120.0/23
185.246.112.0/22
185.255.124.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:49:80:88:06:ab:e5:88:72:d0:b3:98:ed:cd:0b:98:fa:b4:
62:0c:f3:75:ef:0b:e8:21:34:47:07:ce:c4:51:59:5f:75:f6:
85:bf:da:b5:b0:71:42:8a:f1:c3:2b:6d:ea:b9:98:1b:fe:93:
18:8a:5a:4d:f8:39:8a:0a:b0:78:80:9d:ae:2a:80:59:5b:88:
70:53:f0:3e:4d:f3:44:dc:d9:03:2d:2d:ec:c4:e7:5d:c4:0a:
cd:77:22:94:51:bf:57:8c:48:21:c3:71:7c:b5:c3:4b:6a:5c:
5d:9d:de:7d:09:73:ac:fa:8d:72:99:64:de:21:5d:c8:98:7a:
a2:37:a1:24:c0:17:d9:a1:76:ca:e3:d9:b3:66:e5:31:b3:1e:
4d:4b:b3:cc:94:3f:23:31:2c:45:58:6c:23:ce:ef:ed:26:7e:
f8:94:ee:9c:23:85:3c:77:39:40:f2:6c:1c:cd:9c:96:30:93:
fb:a7:b9:e8:a3:a1:c0:b4:e4:cc:66:2e:10:dd:12:14:98:f2:
ee:8f:f8:91:47:1a:79:a6:a4:ec:3e:32:c9:76:a2:e3:b4:80:
c3:3c:73:69:41:2c:ca:e2:58:34:41:ea:56:ae:42:80:1f:85:
ab:e8:be:dc:56:ec:65:c7:b8:ba:60:f4:c6:68:bd:4d:a3:c8:
fa:3a:a4:26
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIEB68QGzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
MDY3ODRjMTA1MDg1YjlkNmFkNWY3M2EwM2IyMGQ5YTVjMTE0Y2FmMB4XDTIyMDQy
ODE5MzMzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWMzMjQ1ZDM5NTY1
YjRkZjc2NjVlMzQzYjIyMTNlN2I0ODJjMmI1ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANdFUMzbH6iOrsXE53xHwdsAls1681nG8Efeiu86qiWbBSnU
uKPoGzeLlS6c51Cjyg5fqfptltbK/p+uzFCtKM4DQxQS4ziErnz2k3DqYW/LyJvX
3EIAbtJtqadB2tgE5jVpUXGV15XT9XXje+pDKE0cWbwTK2fzK1zhCkBJ/dHQxo+8
kFoUsGrEYKbxyjqPKeQCGB6dFmRXnOPyNQwolB1Rx8AGb+O76rSjjPv9PfpXCJqe
jKZCKSZpFNxeE1nn5ZpBuXyaJ7PBhFl+5bc6bVDuUJs6QIz+KFWTTG7Rqq03Ly4D
9crimuDMNtBaMX9vtjyYI6FC4THbh3zJjAeFXf8CAwEAAaOCAkswggJHMB0GA1Ud
DgQWBBTsMkXTlWW033Zl40OyIT57SCwrXjAfBgNVHSMEGDAWgBRgZ4TBBQhbnWrV
9zoDsg2aXBFMrzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1lHZUV3UVVJVzUxcTFmYzZBN0lObWx3UlRLOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvMmI4MzRlLWJhZDItNDlmZi1iYTM4LWI0MzQyYmE5MWFiYy8x
LzdESkYwNVZsdE45MlplTkRzaUUtZTBnc0sxNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
MmI4MzRlLWJhZDItNDlmZi1iYTM4LWI0MzQyYmE5MWFiYy8xL1lHZUV3UVVJVzUx
cTFmYzZBN0lObWx3UlRLOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBh
BggrBgEFBQcBBwEB/wRSMFAwTgQCAAEwSAMEAi0IFAMEArl5DAMEArnCHAMEArnO
+AMEArnhAAMEArniaAMEAbnmNAMEArnqFAMEArnu5AMEAbnweAMEArn2cAMEALn/
fDANBgkqhkiG9w0BAQsFAAOCAQEAL0mAiAar5Yhy0LOY7c0LmPq0Ygzzde8L6CE0
RwfOxFFZX3X2hb/atbBxQorxwytt6rmYG/6TGIpaTfg5igqweICdriqAWVuIcFPw
Pk3zRNzZAy0t7MTnXcQKzXcilFG/V4xIIcNxfLXDS2pcXZ3efQlzrPqNcplk3iFd
yJh6ojehJMAX2aF2yuPZs2blMbMeTUuzzJQ/IzEsRVhsI87v7SZ++JTunCOFPHc5
QPJsHM2cljCT+6e56KOhwLTkzGYuEN0SFJjy7o/4kUcaeaak7D4yyXai47SAwzxz
aUEsyuJYNEHqVq5CgB+Fq+i+3FbsZce4umD0xmi9TaPI+jqkJg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:40 2024 by rpki-client on console-fra.rpki-client.org