Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/W7c0ab0NhixuHhFfgQR9nqSiOqw.roa
File: W7c0ab0NhixuHhFfgQR9nqSiOqw.roa (raw, json)
Hash identifier: qMSXkHggv8VVBsHzOvbMzxHeUAluXO/D+CnBPsggpb4=
Subject key identifier: 5B:B7:34:69:BD:0D:86:2C:6E:1E:11:5F:81:04:7D:9E:A4:A2:3A:AC
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 01850B19BA2405A5A1A97F1B81C9265AB300
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/W7c0ab0NhixuHhFfgQR9nqSiOqw.roa
Signing time: Tue 13 Dec 2022 10:48:33 +0000
ROA not before: Tue 13 Dec 2022 10:48:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209260
IP address blocks: 185.206.250.0/24 maxlen: 24
185.223.155.0/24 maxlen: 24
45.131.135.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:0b:19:ba:24:05:a5:a1:a9:7f:1b:81:c9:26:5a:b3:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Dec 13 10:48:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5bb73469bd0d862c6e1e115f81047d9ea4a23aac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:66:b2:44:b7:37:e6:fd:5a:d8:37:5c:c7:7d:
28:60:12:be:bb:49:f8:ba:a2:1e:ba:91:a9:0b:4f:
b0:56:df:7d:f9:a8:f1:a7:90:87:89:96:c1:f7:97:
4c:64:2f:08:5b:2b:ba:d7:26:7c:dc:bd:c4:b0:46:
75:65:e2:b3:3b:80:95:70:02:1e:44:9f:32:dd:27:
0e:62:16:62:26:8e:dd:8a:c6:8b:63:d3:60:48:40:
84:66:0f:af:3a:19:7b:e0:d9:35:64:54:19:3d:12:
dc:e2:f9:2e:70:75:47:98:1f:c1:cf:3e:91:59:18:
d8:0b:f5:e2:1f:6d:52:74:db:34:b6:75:2f:e6:79:
3e:06:00:34:f1:13:58:72:4c:df:06:82:13:c4:2f:
a7:48:43:e0:9e:d0:51:bc:3f:0d:9a:09:ff:a3:c2:
1c:08:67:b8:32:60:53:83:8b:a4:ab:2d:96:a5:03:
95:af:ae:90:50:3e:3b:96:ba:6f:a6:0e:0b:03:4f:
15:21:1c:6b:9a:8a:6a:ce:32:87:79:54:fc:b0:16:
d2:37:07:cb:8a:78:af:32:c9:20:9f:6e:75:4b:91:
a2:a0:06:e8:de:0c:bc:90:c0:cd:77:27:93:e1:22:
27:69:46:c1:85:38:49:d3:94:d1:93:d3:ee:9b:3c:
fa:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:B7:34:69:BD:0D:86:2C:6E:1E:11:5F:81:04:7D:9E:A4:A2:3A:AC
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/W7c0ab0NhixuHhFfgQR9nqSiOqw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.131.135.0/24
185.206.250.0/24
185.223.155.0/24
Signature Algorithm: sha256WithRSAEncryption
11:c2:05:41:94:ba:35:88:46:47:b2:93:62:4e:1a:dd:5a:b9:
f3:8c:57:72:b5:d0:a9:66:44:68:48:92:cd:06:80:66:3b:42:
d0:a2:53:02:a9:63:35:45:81:4d:88:ff:f7:e7:f1:a4:43:d4:
74:23:10:5b:c7:ff:b0:af:f0:b1:c5:b4:4d:82:f4:5d:6d:fa:
64:03:5e:62:67:ba:a8:c2:b3:76:30:6b:5d:dd:7d:62:54:a8:
7c:67:da:ee:86:a5:6f:c9:dc:ba:c9:aa:57:d7:55:2f:47:4a:
1d:39:b3:13:7f:8f:8e:9c:7d:07:5c:54:6a:a6:bf:f2:69:2b:
7c:16:ec:2f:07:d7:10:b3:90:e5:91:fd:67:e2:8c:96:30:ff:
10:d7:77:3f:42:64:8c:a8:a9:b9:b0:ee:92:63:46:85:36:8e:
e4:a3:50:be:eb:4f:17:ed:e5:66:e4:3f:27:92:c1:4a:c7:64:
6e:03:1d:ca:ba:7a:cf:f5:31:0d:bc:9a:df:87:be:5e:ac:5a:
df:db:70:09:16:4f:fb:5f:27:6f:5a:96:33:9f:f3:1c:fe:3f:
c8:f1:54:3a:b7:3b:68:6e:8a:81:dd:3f:02:4a:9d:e2:41:d1:
74:d0:81:af:9d:ca:c0:c8:ee:3b:e6:1b:a5:e0:54:ee:9e:27:
c6:ba:25:77
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYULGbokBaWhqX8bgckmWrMAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjIxMjEzMTA0ODMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YmI3MzQ2OWJkMGQ4NjJjNmUxZTExNWY4MTA0N2Q5ZWE0YTIzYWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiWayRLc35v1a2Ddcx30oYBK+u0n4
uqIeupGpC0+wVt99+ajxp5CHiZbB95dMZC8IWyu61yZ83L3EsEZ1ZeKzO4CVcAIe
RJ8y3ScOYhZiJo7disaLY9NgSECEZg+vOhl74Nk1ZFQZPRLc4vkucHVHmB/Bzz6R
WRjYC/XiH21SdNs0tnUv5nk+BgA08RNYckzfBoITxC+nSEPgntBRvD8Nmgn/o8Ic
CGe4MmBTg4ukqy2WpQOVr66QUD47lrpvpg4LA08VIRxrmopqzjKHeVT8sBbSNwfL
inivMskgn251S5GioAbo3gy8kMDNdyeT4SInaUbBhThJ05TRk9Pumzz6mwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFu3NGm9DYYsbh4RX4EEfZ6kojqsMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvVzdjMGFiME5oaXh1SGhGZmdRUjlucVNpT3F3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALYOHAwQA
uc76AwQAud+bMA0GCSqGSIb3DQEBCwUAA4IBAQARwgVBlLo1iEZHspNiThrdWrnz
jFdytdCpZkRoSJLNBoBmO0LQolMCqWM1RYFNiP/35/GkQ9R0IxBbx/+wr/CxxbRN
gvRdbfpkA15iZ7qowrN2MGtd3X1iVKh8Z9ruhqVvydy6yapX11UvR0odObMTf4+O
nH0HXFRqpr/yaSt8FuwvB9cQs5Dlkf1n4oyWMP8Q13c/QmSMqKm5sO6SY0aFNo7k
o1C+608X7eVm5D8nksFKx2RuAx3KunrP9TENvJrfh75erFrf23AJFk/7XydvWpYz
n/Mc/j/I8VQ6tztoboqB3T8CSp3iQdF00IGvncrAyO475hul4FTunifGuiV3
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:27 2024 by rpki-client on console-ams.rpki-client.org