Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/R6P8qQvGzaV6CxQlEpYQTDY06M0.roa
File: R6P8qQvGzaV6CxQlEpYQTDY06M0.roa (raw, json)
Hash identifier: XzDlal6BgZ2I7nMI8b8C7lmQuxp1HxdDYjj+vQL8NNY=
Subject key identifier: 47:A3:FC:A9:0B:C6:CD:A5:7A:0B:14:25:12:96:10:4C:36:34:E8:CD
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 06DAB888
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/R6P8qQvGzaV6CxQlEpYQTDY06M0.roa
Signing time: Sun 13 Feb 2022 12:59:37 +0000
ROA not before: Sun 13 Feb 2022 12:59:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 185.230.52.0/23 maxlen: 24
185.255.124.0/24 maxlen: 24
185.223.76.0/22 maxlen: 24
185.225.0.0/22 maxlen: 22
185.121.12.0/22 maxlen: 24
185.206.248.0/22 maxlen: 24
185.226.104.0/22 maxlen: 24
185.234.20.0/22 maxlen: 24
185.194.28.0/22 maxlen: 24
185.223.152.0/22 maxlen: 22
185.194.29.0/24 maxlen: 24
185.223.153.0/24 maxlen: 24
185.240.120.0/22 maxlen: 24
45.8.20.0/22 maxlen: 24
185.246.112.0/22 maxlen: 24
185.238.228.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 114997384 (0x6dab888)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Feb 13 12:59:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=47a3fca90bc6cda57a0b14251296104c3634e8cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:6a:0f:42:9b:33:92:5f:be:84:0b:37:ee:7d:
b7:02:09:7d:fb:72:97:28:4b:4e:e8:38:a5:a9:89:
48:a6:28:d1:fd:c6:50:f7:ac:f2:7b:9c:f7:92:02:
0c:20:ea:a9:96:3b:b5:97:6b:77:42:ca:85:37:3d:
c0:e9:0f:ca:7c:5d:82:2d:b5:01:cc:bb:6e:ec:fe:
00:b3:de:43:19:fc:27:1a:1a:d4:b5:51:90:6e:45:
17:1b:a6:c1:77:db:6f:6a:d4:c2:3b:33:b9:9b:4d:
13:36:3c:c9:fe:0c:f4:3c:2c:bf:f1:df:a0:ca:2e:
3e:29:e7:b0:9c:08:ba:26:b3:e7:d8:21:a3:4f:48:
ce:3c:a3:0b:46:dd:fc:bf:c6:cd:87:af:bc:34:b8:
a5:22:be:9f:16:13:84:56:11:78:44:96:95:6f:3f:
4e:b8:3e:f1:0d:b1:ee:2e:cd:7f:52:f4:aa:4e:1d:
52:59:e7:a3:aa:41:d3:4e:f4:64:cd:26:d9:bb:8f:
b0:74:d3:3e:b5:9c:b9:fa:fe:58:f5:4d:c3:76:b7:
3b:be:4f:a3:21:aa:e9:00:b8:fc:c0:94:de:c4:37:
c1:7e:3b:a9:9b:99:4e:f9:2c:39:48:e8:12:5a:0a:
cb:2d:82:67:32:87:d2:02:13:31:f7:44:b1:f5:c5:
a6:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:A3:FC:A9:0B:C6:CD:A5:7A:0B:14:25:12:96:10:4C:36:34:E8:CD
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/R6P8qQvGzaV6CxQlEpYQTDY06M0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.20.0/22
185.121.12.0/22
185.194.28.0/22
185.206.248.0/22
185.223.76.0/22
185.223.152.0/22
185.225.0.0/22
185.226.104.0/22
185.230.52.0/23
185.234.20.0/22
185.238.228.0/22
185.240.120.0/22
185.246.112.0/22
185.255.124.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:16:f2:33:2e:0b:46:50:c2:cd:e3:76:e3:d3:34:98:33:1f:
8d:5f:a5:a9:6d:1b:a4:a8:9d:69:ea:bf:ce:4c:34:b0:d5:b2:
13:69:70:fa:ad:05:45:4c:55:54:d0:20:97:fc:43:8e:1d:1d:
0c:0d:ee:15:88:9f:43:ac:52:01:99:95:1a:49:da:1b:28:9e:
39:5f:6b:f1:83:31:3d:3e:97:69:13:ed:22:12:e8:89:fc:01:
7c:ca:59:02:b5:d6:09:69:ff:65:55:e8:36:18:be:15:2a:9b:
9b:ac:71:59:5a:00:4c:e1:86:5b:33:03:fc:06:b9:98:07:7e:
2e:80:9b:16:ca:fc:fd:0d:03:de:dc:e2:0f:9b:3a:02:d9:2a:
fd:90:3d:e1:12:d2:7b:3d:69:8a:51:72:9d:c8:25:d8:65:c0:
4b:e9:50:e8:43:87:95:2f:b8:00:c3:8f:6f:09:2f:78:fc:cd:
fe:5c:72:55:1e:04:11:19:94:f4:02:d7:95:8c:17:96:e9:21:
f4:e4:0c:9f:73:ff:51:4b:92:0f:53:08:6a:b8:8b:91:a1:b2:
5f:d3:e1:79:13:be:a7:9d:8e:35:55:2b:69:db:1e:a6:51:8e:
6b:f1:92:83:d4:51:3a:57:75:18:39:86:04:24:0d:01:05:ed:
2a:7c:80:49
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgIEBtq4iDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
MDY3ODRjMTA1MDg1YjlkNmFkNWY3M2EwM2IyMGQ5YTVjMTE0Y2FmMB4XDTIyMDIx
MzEyNTkzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDdhM2ZjYTkwYmM2
Y2RhNTdhMGIxNDI1MTI5NjEwNGMzNjM0ZThjZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJtqD0KbM5JfvoQLN+59twIJfftylyhLTug4pamJSKYo0f3G
UPes8nuc95ICDCDqqZY7tZdrd0LKhTc9wOkPynxdgi21Acy7buz+ALPeQxn8Jxoa
1LVRkG5FFxumwXfbb2rUwjszuZtNEzY8yf4M9Dwsv/HfoMouPinnsJwIuiaz59gh
o09IzjyjC0bd/L/GzYevvDS4pSK+nxYThFYReESWlW8/Trg+8Q2x7i7Nf1L0qk4d
Ulnno6pB0070ZM0m2buPsHTTPrWcufr+WPVNw3a3O75PoyGq6QC4/MCU3sQ3wX47
qZuZTvksOUjoEloKyy2CZzKH0gITMfdEsfXFpkcCAwEAAaOCAlcwggJTMB0GA1Ud
DgQWBBRHo/ypC8bNpXoLFCUSlhBMNjTozTAfBgNVHSMEGDAWgBRgZ4TBBQhbnWrV
9zoDsg2aXBFMrzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1lHZUV3UVVJVzUxcTFmYzZBN0lObWx3UlRLOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvMmI4MzRlLWJhZDItNDlmZi1iYTM4LWI0MzQyYmE5MWFiYy8x
L1I2UDhxUXZHemFWNkN4UWxFcFlRVERZMDZNMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
MmI4MzRlLWJhZDItNDlmZi1iYTM4LWI0MzQyYmE5MWFiYy8xL1lHZUV3UVVJVzUx
cTFmYzZBN0lObWx3UlRLOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBt
BggrBgEFBQcBBwEB/wReMFwwWgQCAAEwVAMEAi0IFAMEArl5DAMEArnCHAMEArnO
+AMEArnfTAMEArnfmAMEArnhAAMEArniaAMEAbnmNAMEArnqFAMEArnu5AMEArnw
eAMEArn2cAMEALn/fDANBgkqhkiG9w0BAQsFAAOCAQEAPBbyMy4LRlDCzeN249M0
mDMfjV+lqW0bpKidaeq/zkw0sNWyE2lw+q0FRUxVVNAgl/xDjh0dDA3uFYifQ6xS
AZmVGknaGyieOV9r8YMxPT6XaRPtIhLoifwBfMpZArXWCWn/ZVXoNhi+FSqbm6xx
WVoATOGGWzMD/Aa5mAd+LoCbFsr8/Q0D3tziD5s6Atkq/ZA94RLSez1pilFyncgl
2GXAS+lQ6EOHlS+4AMOPbwkvePzN/lxyVR4EERmU9ALXlYwXlukh9OQMn3P/UUuS
D1MIariLkaGyX9PheRO+p52ONVUradseplGOa/GSg9RROld1GDmGBCQNAQXtKnyA
SQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:22 2024 by rpki-client on console-ams.rpki-client.org