Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/8ytceWeugTY8bf04MAoGOHJmzLM.roa
File: 8ytceWeugTY8bf04MAoGOHJmzLM.roa (raw, json)
Hash identifier: vNz3bdYrjc9GIxrkdw2BBaTY3d3u1fzJOtE0YIezZjU=
Subject key identifier: F3:2B:5C:79:67:AE:81:36:3C:6D:FD:38:30:0A:06:38:72:66:CC:B3
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 06417DCE
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/8ytceWeugTY8bf04MAoGOHJmzLM.roa
Signing time: Sat 01 Jan 2022 06:52:37 +0000
ROA not before: Sat 01 Jan 2022 06:52:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 185.230.52.0/23 maxlen: 24
185.223.76.0/22 maxlen: 24
185.225.0.0/22 maxlen: 22
185.121.12.0/22 maxlen: 24
185.206.248.0/22 maxlen: 24
185.226.104.0/22 maxlen: 24
185.234.20.0/22 maxlen: 24
185.194.28.0/22 maxlen: 22
185.223.152.0/22 maxlen: 22
185.223.153.0/24 maxlen: 24
185.240.120.0/22 maxlen: 24
45.8.20.0/22 maxlen: 24
185.246.112.0/22 maxlen: 24
185.238.228.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 104955342 (0x6417dce)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 1 06:52:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f32b5c7967ae81363c6dfd38300a06387266ccb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:b7:1a:b5:3a:da:f9:30:9f:44:2c:09:02:4e:
3a:d1:6f:02:2f:b4:79:b1:04:7c:95:66:58:cd:f6:
6d:fd:92:e7:0d:92:00:b0:30:d2:e1:0f:7e:8f:3d:
e0:58:da:82:7a:f4:be:25:c4:be:8a:85:30:b5:3a:
a6:af:ed:2b:47:e9:28:23:55:9b:25:5f:49:c0:8f:
12:15:36:3a:81:2d:8b:63:f9:f3:15:90:c1:de:10:
84:9b:2b:79:40:e5:98:11:24:08:88:59:48:08:50:
05:fb:fa:e6:ed:65:d5:a7:8c:fe:96:4f:d3:1a:dc:
0e:42:06:49:3c:82:89:11:3a:a9:0a:c0:da:92:b2:
24:07:53:d7:6a:2f:f9:f0:c9:31:6e:54:ed:8f:b5:
30:39:81:22:e2:33:91:8b:2b:bf:81:19:24:1e:1a:
a7:88:0d:75:8d:fd:42:bf:5f:3e:ab:c5:99:65:f5:
2d:20:82:4a:79:75:df:9a:57:8c:27:61:b2:96:34:
8e:b0:46:24:b0:e8:37:c3:00:2b:36:54:44:e8:77:
1d:f2:cf:a4:86:19:50:79:8b:1c:71:42:42:53:d6:
a8:fb:68:29:60:f3:51:e4:1a:f0:bc:98:fd:79:fc:
94:79:ef:6d:f4:1a:7a:08:7d:e5:83:79:f7:bb:25:
26:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:2B:5C:79:67:AE:81:36:3C:6D:FD:38:30:0A:06:38:72:66:CC:B3
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/8ytceWeugTY8bf04MAoGOHJmzLM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.20.0/22
185.121.12.0/22
185.194.28.0/22
185.206.248.0/22
185.223.76.0/22
185.223.152.0/22
185.225.0.0/22
185.226.104.0/22
185.230.52.0/23
185.234.20.0/22
185.238.228.0/22
185.240.120.0/22
185.246.112.0/22
Signature Algorithm: sha256WithRSAEncryption
5c:e5:c4:50:5b:21:9e:72:67:df:56:1f:f1:1e:75:cb:25:44:
84:f8:e7:38:a6:9d:0e:e8:18:c2:1c:62:d9:b9:03:ec:52:32:
5b:8d:ad:95:d3:d6:43:ee:ed:d9:fd:d1:d2:8c:25:21:0e:9d:
da:40:b5:df:90:c7:9a:23:4b:a1:6f:dc:91:4e:d6:d5:e7:21:
18:4a:1d:ef:47:7b:83:08:7e:6f:37:a1:b5:dc:e5:63:c5:bc:
23:0c:06:48:e4:2d:11:7a:4a:4e:c4:87:5e:75:a4:b6:a0:08:
43:23:a4:a8:e7:02:96:66:cb:b8:6d:88:92:46:96:90:68:55:
f5:2b:ab:b2:28:e4:9a:6c:7f:0d:43:35:f2:5d:67:5b:7b:b3:
6e:3e:46:bb:84:3d:03:47:9a:13:cd:f5:f9:47:81:df:d2:a8:
a8:07:8b:2c:d9:2d:10:c0:3e:c2:f8:6c:22:28:46:a0:a2:fc:
aa:d4:21:74:72:22:c0:87:99:df:06:aa:07:2b:1d:14:9a:24:
f7:e0:62:93:b3:c5:4c:af:7d:f0:27:38:52:d5:7c:bb:6d:11:
8c:ad:35:8a:83:cf:74:a9:e1:22:b2:9c:78:4c:7f:3d:a9:fa:
93:9c:91:b5:42:72:c9:7b:cb:5f:a2:35:66:cf:22:38:e3:fb:
57:86:0d:f8
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIEBkF9zjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
MDY3ODRjMTA1MDg1YjlkNmFkNWY3M2EwM2IyMGQ5YTVjMTE0Y2FmMB4XDTIyMDEw
MTA2NTIzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjMyYjVjNzk2N2Fl
ODEzNjNjNmRmZDM4MzAwYTA2Mzg3MjY2Y2NiMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMq3GrU62vkwn0QsCQJOOtFvAi+0ebEEfJVmWM32bf2S5w2S
ALAw0uEPfo894Fjagnr0viXEvoqFMLU6pq/tK0fpKCNVmyVfScCPEhU2OoEti2P5
8xWQwd4QhJsreUDlmBEkCIhZSAhQBfv65u1l1aeM/pZP0xrcDkIGSTyCiRE6qQrA
2pKyJAdT12ov+fDJMW5U7Y+1MDmBIuIzkYsrv4EZJB4ap4gNdY39Qr9fPqvFmWX1
LSCCSnl135pXjCdhspY0jrBGJLDoN8MAKzZUROh3HfLPpIYZUHmLHHFCQlPWqPto
KWDzUeQa8LyY/Xn8lHnvbfQaegh95YN597slJlECAwEAAaOCAlEwggJNMB0GA1Ud
DgQWBBTzK1x5Z66BNjxt/TgwCgY4cmbMszAfBgNVHSMEGDAWgBRgZ4TBBQhbnWrV
9zoDsg2aXBFMrzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1lHZUV3UVVJVzUxcTFmYzZBN0lObWx3UlRLOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvMmI4MzRlLWJhZDItNDlmZi1iYTM4LWI0MzQyYmE5MWFiYy8x
Lzh5dGNlV2V1Z1RZOGJmMDRNQW9HT0hKbXpMTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
MmI4MzRlLWJhZDItNDlmZi1iYTM4LWI0MzQyYmE5MWFiYy8xL1lHZUV3UVVJVzUx
cTFmYzZBN0lObWx3UlRLOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBn
BggrBgEFBQcBBwEB/wRYMFYwVAQCAAEwTgMEAi0IFAMEArl5DAMEArnCHAMEArnO
+AMEArnfTAMEArnfmAMEArnhAAMEArniaAMEAbnmNAMEArnqFAMEArnu5AMEArnw
eAMEArn2cDANBgkqhkiG9w0BAQsFAAOCAQEAXOXEUFshnnJn31Yf8R51yyVEhPjn
OKadDugYwhxi2bkD7FIyW42tldPWQ+7t2f3R0owlIQ6d2kC135DHmiNLoW/ckU7W
1echGEod70d7gwh+bzehtdzlY8W8IwwGSOQtEXpKTsSHXnWktqAIQyOkqOcClmbL
uG2IkkaWkGhV9Sursijkmmx/DUM18l1nW3uzbj5Gu4Q9A0eaE831+UeB39KoqAeL
LNktEMA+wvhsIihGoKL8qtQhdHIiwIeZ3waqBysdFJok9+Bik7PFTK998Cc4UtV8
u20RjK01ioPPdKnhIrKceEx/Pan6k5yRtUJyyXvLX6I1Zs8iOOP7V4YN+A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:20 2024 by rpki-client on console-ams.rpki-client.org