Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/_5VV7WomYZ32ZUfjAJ1Jop7lPUo.roa
File: _5VV7WomYZ32ZUfjAJ1Jop7lPUo.roa (raw, json)
Hash identifier: QwBlgflXJU9Ad+NXJWJLIQ4vENdRTgmjklkf1aSK9Go=
Subject key identifier: FF:95:55:ED:6A:26:61:9D:F6:65:47:E3:00:9D:49:A2:9E:E5:3D:4A
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0654B9AE
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/_5VV7WomYZ32ZUfjAJ1Jop7lPUo.roa
Signing time: Sat 01 Jan 2022 06:52:47 +0000
ROA not before: Sat 01 Jan 2022 06:52:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213005
IP address blocks: 185.223.220.0/22 maxlen: 22
92.60.34.0/24 maxlen: 24
185.211.180.0/22 maxlen: 22
185.209.72.0/22 maxlen: 22
185.245.34.0/23 maxlen: 23
185.214.100.0/22 maxlen: 22
185.179.228.0/22 maxlen: 22
185.227.128.0/22 maxlen: 22
185.189.64.0/22 maxlen: 24
185.250.180.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106215854 (0x654b9ae)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 1 06:52:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ff9555ed6a26619df66547e3009d49a29ee53d4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:04:1c:82:d4:b1:0f:f6:06:31:d3:a2:25:16:
e5:96:55:c4:b1:c1:db:cb:70:16:cc:6c:07:48:61:
69:36:a2:02:fd:53:02:a3:44:62:38:8c:95:93:71:
0d:b9:a9:51:77:6c:1b:7d:39:a3:e3:d4:99:6a:3d:
d5:f1:c5:59:18:cc:41:9c:ab:ef:de:d6:28:56:a8:
67:34:c3:4a:ce:fc:1d:f7:b1:06:e0:06:cd:78:15:
1d:5c:43:0c:3d:80:70:55:88:68:1f:56:3c:5a:c8:
8e:26:ce:be:6c:74:3e:0c:f8:38:c8:b4:e7:eb:9f:
10:a9:82:58:7e:f1:f9:a4:18:b7:ed:05:fc:bb:c3:
ea:e4:96:1d:f9:b7:5f:86:56:87:9b:d3:e5:50:40:
93:1b:8b:ee:f5:03:56:54:4c:e0:73:3b:5d:1c:9f:
37:c6:86:5c:96:b6:18:13:82:04:89:3b:b9:9e:f6:
12:3a:35:80:80:05:21:ae:d4:d9:6c:67:ee:87:26:
cd:e8:3b:6f:65:5b:69:8a:75:9b:89:cd:7c:6c:e1:
c4:d4:6b:ce:37:91:d9:09:d6:2f:71:5f:1b:c9:7f:
de:c7:bc:73:c5:c3:72:04:6d:50:1c:4c:4c:5a:17:
d8:b6:a7:aa:ea:4f:9a:bc:bd:48:02:4e:a5:ed:ab:
68:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:95:55:ED:6A:26:61:9D:F6:65:47:E3:00:9D:49:A2:9E:E5:3D:4A
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/_5VV7WomYZ32ZUfjAJ1Jop7lPUo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.60.34.0/24
185.179.228.0/22
185.189.64.0/22
185.209.72.0/22
185.211.180.0/22
185.214.100.0/22
185.223.220.0/22
185.227.128.0/22
185.245.34.0/23
185.250.180.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:38:e3:ea:c6:e1:83:60:e1:38:fd:83:0a:1c:46:a1:87:27:
d8:cb:93:51:6a:f5:20:79:e1:bf:64:fd:54:74:f6:d1:fe:a6:
f0:e7:1c:11:8d:78:a9:e8:43:d2:18:67:18:9c:5c:28:6d:56:
db:8e:aa:0a:81:c8:bc:1f:bf:36:f7:05:b6:78:9b:55:8d:0f:
7f:fa:78:2a:f6:67:64:e8:11:aa:51:f7:3e:de:c4:a7:90:f5:
16:c7:44:a8:54:1c:9d:0b:5e:01:37:dc:c3:b9:a9:41:9b:04:
60:14:77:5a:fc:6e:34:ad:69:a4:d5:26:ea:b8:e3:a2:ab:81:
d5:c1:43:73:93:59:8b:74:3c:38:49:09:23:85:aa:c3:70:79:
e4:cc:fe:cd:16:74:cd:79:e3:57:6d:2d:2d:b3:4e:fb:58:83:
e9:50:0f:66:99:73:ed:f7:b8:6e:cd:0b:aa:ad:16:f1:ba:6c:
bf:3a:4e:ff:a0:68:53:70:9f:f2:ee:be:5b:2b:64:33:fc:74:
91:1a:d7:52:4f:16:af:16:d1:b4:ac:08:ad:af:fe:65:11:e8:
de:04:00:7e:7d:52:57:5b:6a:78:c7:e8:de:dc:06:e5:11:d2:
fa:7d:6d:6f:ac:b3:ba:12:70:8f:66:0e:82:58:8f:ab:0b:7f:
94:a7:79:d5
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgIEBlS5rjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
MDY3ODRjMTA1MDg1YjlkNmFkNWY3M2EwM2IyMGQ5YTVjMTE0Y2FmMB4XDTIyMDEw
MTA2NTI0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmY5NTU1ZWQ2YTI2
NjE5ZGY2NjU0N2UzMDA5ZDQ5YTI5ZWU1M2Q0YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALYEHILUsQ/2BjHToiUW5ZZVxLHB28twFsxsB0hhaTaiAv1T
AqNEYjiMlZNxDbmpUXdsG305o+PUmWo91fHFWRjMQZyr797WKFaoZzTDSs78Hfex
BuAGzXgVHVxDDD2AcFWIaB9WPFrIjibOvmx0Pgz4OMi05+ufEKmCWH7x+aQYt+0F
/LvD6uSWHfm3X4ZWh5vT5VBAkxuL7vUDVlRM4HM7XRyfN8aGXJa2GBOCBIk7uZ72
Ejo1gIAFIa7U2Wxn7ocmzeg7b2VbaYp1m4nNfGzhxNRrzjeR2QnWL3FfG8l/3se8
c8XDcgRtUBxMTFoX2LanqupPmry9SAJOpe2raJsCAwEAAaOCAj8wggI7MB0GA1Ud
DgQWBBT/lVXtaiZhnfZlR+MAnUminuU9SjAfBgNVHSMEGDAWgBRgZ4TBBQhbnWrV
9zoDsg2aXBFMrzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1lHZUV3UVVJVzUxcTFmYzZBN0lObWx3UlRLOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvMmI4MzRlLWJhZDItNDlmZi1iYTM4LWI0MzQyYmE5MWFiYy8x
L181VlY3V29tWVozMlpVZmpBSjFKb3A3bFBVby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
MmI4MzRlLWJhZDItNDlmZi1iYTM4LWI0MzQyYmE5MWFiYy8xL1lHZUV3UVVJVzUx
cTFmYzZBN0lObWx3UlRLOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBV
BggrBgEFBQcBBwEB/wRGMEQwQgQCAAEwPAMEAFw8IgMEArmz5AMEArm9QAMEArnR
SAMEArnTtAMEArnWZAMEArnf3AMEArnjgAMEAbn1IgMEALn6tDANBgkqhkiG9w0B
AQsFAAOCAQEATzjj6sbhg2DhOP2DChxGoYcn2MuTUWr1IHnhv2T9VHT20f6m8Occ
EY14qehD0hhnGJxcKG1W246qCoHIvB+/NvcFtnibVY0Pf/p4KvZnZOgRqlH3Pt7E
p5D1FsdEqFQcnQteATfcw7mpQZsEYBR3WvxuNK1ppNUm6rjjoquB1cFDc5NZi3Q8
OEkJI4Wqw3B55Mz+zRZ0zXnjV20tLbNO+1iD6VAPZplz7fe4bs0Lqq0W8bpsvzpO
/6BoU3Cf8u6+WytkM/x0kRrXUk8WrxbRtKwIra/+ZRHo3gQAfn1SV1tqeMfo3twG
5RHS+n1tb6yzuhJwj2YOgliPqwt/lKd51Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:27 2024 by rpki-client on console-ams.rpki-client.org