Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/U18dAqNrAyY6obVIOah1YTe0WGM.roa
File: U18dAqNrAyY6obVIOah1YTe0WGM.roa (raw, json)
Hash identifier: OEEwY5UxmLX9WdsXPIEKvpeTjr/p+zlPKFMjB0xUxJA=
Subject key identifier: 53:5F:1D:02:A3:6B:03:26:3A:A1:B5:48:39:A8:75:61:37:B4:58:63
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0726C82D
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/U18dAqNrAyY6obVIOah1YTe0WGM.roa
Signing time: Thu 10 Mar 2022 16:53:22 +0000
ROA not before: Thu 10 Mar 2022 16:53:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 185.230.52.0/23 maxlen: 24
185.255.124.0/24 maxlen: 24
185.223.76.0/22 maxlen: 24
185.225.0.0/22 maxlen: 22
185.121.12.0/22 maxlen: 24
185.206.248.0/22 maxlen: 24
185.226.104.0/22 maxlen: 24
185.234.20.0/22 maxlen: 24
185.194.28.0/22 maxlen: 24
185.194.29.0/24 maxlen: 24
185.240.120.0/23 maxlen: 24
45.8.20.0/22 maxlen: 24
185.246.112.0/22 maxlen: 24
185.238.228.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 119982125 (0x726c82d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Mar 10 16:53:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=535f1d02a36b03263aa1b54839a8756137b45863
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:11:34:3b:35:71:3f:d2:dc:53:8b:b3:8b:1f:
ba:15:bf:fd:1c:9c:2a:36:20:d8:82:04:cd:48:32:
fa:3a:6e:90:5f:51:0b:ce:83:b1:d3:12:42:64:3a:
cf:f6:36:80:c2:e5:17:10:44:09:11:7c:bc:df:cd:
17:3f:47:e6:b1:19:76:82:ed:46:eb:9c:1b:2d:eb:
09:e2:5d:63:59:4c:d2:77:cb:01:b9:a7:3e:8b:a9:
69:14:c9:4b:19:c6:9e:fe:ee:7b:87:75:4c:56:c3:
4b:cd:c9:e9:4a:97:4f:41:ea:53:05:c6:a8:33:51:
cb:17:69:9c:6d:2f:7f:93:53:f6:fd:17:36:55:81:
8c:c1:91:58:0b:9c:24:38:5d:cc:9f:7d:dc:81:9a:
c7:c5:06:13:5f:fc:50:28:65:16:73:11:ab:82:0a:
16:5b:77:ae:a8:b1:6d:4b:0e:38:91:53:e0:63:6a:
5b:87:bc:9a:6f:77:ab:3c:a2:08:1a:46:a6:47:ce:
d0:45:c3:e5:5e:5f:3b:79:fd:f7:49:da:58:f2:e3:
b1:89:ee:8b:5e:e0:bd:6a:70:86:73:f9:a2:90:ae:
b0:90:91:98:cf:a7:1b:2a:b3:2e:f1:c0:84:87:5c:
85:97:5e:e8:fa:f0:c6:c9:47:25:07:ce:26:40:2a:
fb:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:5F:1D:02:A3:6B:03:26:3A:A1:B5:48:39:A8:75:61:37:B4:58:63
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/U18dAqNrAyY6obVIOah1YTe0WGM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.20.0/22
185.121.12.0/22
185.194.28.0/22
185.206.248.0/22
185.223.76.0/22
185.225.0.0/22
185.226.104.0/22
185.230.52.0/23
185.234.20.0/22
185.238.228.0/22
185.240.120.0/23
185.246.112.0/22
185.255.124.0/24
Signature Algorithm: sha256WithRSAEncryption
27:fe:c3:84:2e:af:ed:d7:8d:f8:4c:28:95:66:24:18:13:e0:
dc:6f:b2:2c:1b:dd:a9:07:29:78:12:9b:5d:22:14:77:67:74:
9a:29:89:fd:2a:e6:4f:f8:f8:02:4e:19:ee:c0:bf:f4:c7:46:
4e:6a:12:91:56:13:ea:68:a2:f4:3b:68:83:12:5a:3d:2f:cb:
9f:13:68:4f:14:b2:ef:7b:b7:a0:c6:c1:d8:74:7c:5b:9b:2b:
bc:78:9c:7d:3a:30:a0:7e:b5:07:2d:c2:b3:84:c9:8c:d0:3c:
78:3b:02:04:ea:9c:c1:f3:91:e6:0d:d5:d1:a0:66:07:0a:5f:
58:55:c3:9f:26:61:c4:a6:1e:17:3b:31:09:27:d8:36:7c:13:
16:a3:8f:39:ba:c4:ac:3f:a5:1c:c7:70:4d:ae:d3:7d:52:a2:
36:50:c7:a0:cf:b6:5f:02:52:54:f0:94:a7:36:d4:89:c5:38:
98:37:2e:2d:ae:ba:ea:f9:f1:a2:ba:19:4b:e7:db:8b:f4:7f:
bc:c9:3f:41:54:7e:91:5a:af:b4:b8:61:05:bd:e6:b8:31:87:
ac:8b:53:5e:d5:bf:0f:1a:7e:2a:42:aa:1f:39:7b:22:89:c4:
8f:2f:ea:98:05:a6:de:ea:22:52:ef:3b:28:ca:92:81:ba:cd:
9c:aa:82:b8
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIEBybILTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
MDY3ODRjMTA1MDg1YjlkNmFkNWY3M2EwM2IyMGQ5YTVjMTE0Y2FmMB4XDTIyMDMx
MDE2NTMyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTM1ZjFkMDJhMzZi
MDMyNjNhYTFiNTQ4MzlhODc1NjEzN2I0NTg2MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ8RNDs1cT/S3FOLs4sfuhW//RycKjYg2IIEzUgy+jpukF9R
C86DsdMSQmQ6z/Y2gMLlFxBECRF8vN/NFz9H5rEZdoLtRuucGy3rCeJdY1lM0nfL
AbmnPoupaRTJSxnGnv7ue4d1TFbDS83J6UqXT0HqUwXGqDNRyxdpnG0vf5NT9v0X
NlWBjMGRWAucJDhdzJ993IGax8UGE1/8UChlFnMRq4IKFlt3rqixbUsOOJFT4GNq
W4e8mm93qzyiCBpGpkfO0EXD5V5fO3n990naWPLjsYnui17gvWpwhnP5opCusJCR
mM+nGyqzLvHAhIdchZde6PrwxslHJQfOJkAq+4ECAwEAAaOCAlEwggJNMB0GA1Ud
DgQWBBRTXx0Co2sDJjqhtUg5qHVhN7RYYzAfBgNVHSMEGDAWgBRgZ4TBBQhbnWrV
9zoDsg2aXBFMrzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1lHZUV3UVVJVzUxcTFmYzZBN0lObWx3UlRLOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvMmI4MzRlLWJhZDItNDlmZi1iYTM4LWI0MzQyYmE5MWFiYy8x
L1UxOGRBcU5yQXlZNm9iVklPYWgxWVRlMFdHTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
MmI4MzRlLWJhZDItNDlmZi1iYTM4LWI0MzQyYmE5MWFiYy8xL1lHZUV3UVVJVzUx
cTFmYzZBN0lObWx3UlRLOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBn
BggrBgEFBQcBBwEB/wRYMFYwVAQCAAEwTgMEAi0IFAMEArl5DAMEArnCHAMEArnO
+AMEArnfTAMEArnhAAMEArniaAMEAbnmNAMEArnqFAMEArnu5AMEAbnweAMEArn2
cAMEALn/fDANBgkqhkiG9w0BAQsFAAOCAQEAJ/7DhC6v7deN+EwolWYkGBPg3G+y
LBvdqQcpeBKbXSIUd2d0mimJ/SrmT/j4Ak4Z7sC/9MdGTmoSkVYT6mii9DtogxJa
PS/LnxNoTxSy73u3oMbB2HR8W5srvHicfTowoH61By3Cs4TJjNA8eDsCBOqcwfOR
5g3V0aBmBwpfWFXDnyZhxKYeFzsxCSfYNnwTFqOPObrErD+lHMdwTa7TfVKiNlDH
oM+2XwJSVPCUpzbUicU4mDcuLa666vnxoroZS+fbi/R/vMk/QVR+kVqvtLhhBb3m
uDGHrItTXtW/Dxp+KkKqHzl7IonEjy/qmAWm3uoiUu87KMqSgbrNnKqCuA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:42 2024 by rpki-client on console-fra.rpki-client.org