Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/aA9XxZ0zJjT7Wv6y053WpqJOCpA.roa
File: aA9XxZ0zJjT7Wv6y053WpqJOCpA.roa (raw, json)
Hash identifier: 1s1MJj8q5oK5/IuSE+31XPreRwoEhVpRC5YDKthvFGI=
Subject key identifier: 68:0F:57:C5:9D:33:26:34:FB:5A:FE:B2:D3:9D:D6:A6:A2:4E:0A:90
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 07E91660
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/aA9XxZ0zJjT7Wv6y053WpqJOCpA.roa
Signing time: Wed 11 May 2022 08:50:02 +0000
ROA not before: Wed 11 May 2022 08:50:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 185.121.12.0/22 maxlen: 24
185.226.104.0/22 maxlen: 24
185.230.52.0/23 maxlen: 24
185.255.124.0/24 maxlen: 24
185.234.20.0/22 maxlen: 24
185.234.23.0/24 maxlen: 24
185.194.28.0/22 maxlen: 24
185.194.29.0/24 maxlen: 24
185.240.120.0/23 maxlen: 24
45.8.20.0/22 maxlen: 24
185.246.112.0/22 maxlen: 24
185.238.228.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 132716128 (0x7e91660)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: May 11 08:50:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=680f57c59d332634fb5afeb2d39dd6a6a24e0a90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:39:f6:24:25:12:cf:43:7a:17:72:a7:9b:85:
03:6a:dc:a1:cd:4c:9a:19:c1:52:2a:f3:88:cb:fc:
7b:7d:1a:10:68:04:88:e8:6e:09:ef:0b:6f:22:d5:
81:97:fe:62:2c:46:9c:cd:d6:07:f6:27:76:90:54:
6a:35:2e:88:14:57:81:49:c6:1e:bc:7d:07:14:e7:
a5:54:3a:18:2c:7f:ea:50:67:0c:70:c4:a3:c0:64:
e3:11:01:d7:69:62:7a:d5:65:f5:99:7a:c1:d9:c0:
86:62:c9:31:59:97:c8:2a:43:ee:e8:2f:7f:92:e7:
d4:3f:2f:1a:d2:0b:fa:d0:b0:a9:ac:21:22:9c:3a:
c9:05:4b:4d:3b:31:a6:89:43:a2:ef:8a:23:20:b5:
95:9a:54:09:31:98:9f:e2:a2:35:a2:28:ad:83:67:
70:8d:cb:4b:6b:ed:8d:f5:a4:5b:3a:8c:16:d2:c9:
db:2f:87:fd:63:da:e3:5c:9b:26:ab:f8:d2:33:e3:
75:c1:04:9d:b9:9a:f9:2a:22:8c:07:ef:82:26:43:
16:4f:a0:58:40:a1:3e:5a:23:50:f8:f5:a3:f0:cf:
2e:d7:d7:df:b9:ea:b1:9a:65:20:40:ac:3b:ad:b9:
aa:e7:c2:15:68:92:85:0b:9b:a8:02:44:15:85:20:
a9:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:0F:57:C5:9D:33:26:34:FB:5A:FE:B2:D3:9D:D6:A6:A2:4E:0A:90
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/aA9XxZ0zJjT7Wv6y053WpqJOCpA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.20.0/22
185.121.12.0/22
185.194.28.0/22
185.226.104.0/22
185.230.52.0/23
185.234.20.0/22
185.238.228.0/22
185.240.120.0/23
185.246.112.0/22
185.255.124.0/24
Signature Algorithm: sha256WithRSAEncryption
15:99:9e:6f:cd:3f:dc:63:80:b8:9a:ca:eb:89:ad:1c:74:22:
df:90:6d:bd:ed:c8:d3:97:46:c2:12:ef:3a:c1:f2:05:3e:09:
36:4d:aa:94:b7:8c:e7:89:7b:ed:11:52:54:cc:b8:32:5c:e5:
cc:a0:47:d4:c8:0f:c7:bd:e6:53:41:0b:79:f8:a7:84:47:64:
47:35:a5:fd:29:5e:92:23:a6:d2:56:a6:b6:4d:1f:8b:06:f4:
54:01:8a:ad:40:f1:a2:84:a1:f4:b0:91:b3:52:86:90:e8:2c:
f5:ee:62:5e:41:b5:a6:fe:6f:a1:4f:a3:3e:65:48:de:35:11:
bb:45:60:43:de:41:b5:28:a5:96:95:75:0d:0a:de:c2:d4:92:
b5:82:20:da:81:7b:a3:58:44:cc:40:36:7f:7e:53:38:d9:08:
fe:20:96:f1:18:05:34:a1:44:e9:95:d4:6d:2b:8a:7a:f4:d7:
28:0f:c1:b4:61:9f:34:1d:b6:9a:cf:8c:00:ed:2d:0b:51:31:
ed:e9:33:c2:06:85:19:9f:75:07:b2:7e:59:30:81:9e:65:97:
fe:2c:3c:b2:c6:37:4a:10:95:55:36:26:7b:29:b6:95:90:fa:
80:ee:f4:ba:a5:05:03:32:6f:89:47:0b:43:d9:4c:53:d0:b6:
a4:a7:f0:12
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgIEB+kWYDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
MDY3ODRjMTA1MDg1YjlkNmFkNWY3M2EwM2IyMGQ5YTVjMTE0Y2FmMB4XDTIyMDUx
MTA4NTAwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjgwZjU3YzU5ZDMz
MjYzNGZiNWFmZWIyZDM5ZGQ2YTZhMjRlMGE5MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKY59iQlEs9Dehdyp5uFA2rcoc1MmhnBUirziMv8e30aEGgE
iOhuCe8LbyLVgZf+YixGnM3WB/YndpBUajUuiBRXgUnGHrx9BxTnpVQ6GCx/6lBn
DHDEo8Bk4xEB12lietVl9Zl6wdnAhmLJMVmXyCpD7ugvf5Ln1D8vGtIL+tCwqawh
Ipw6yQVLTTsxpolDou+KIyC1lZpUCTGYn+KiNaIorYNncI3LS2vtjfWkWzqMFtLJ
2y+H/WPa41ybJqv40jPjdcEEnbma+SoijAfvgiZDFk+gWEChPlojUPj1o/DPLtfX
37nqsZplIECsO625qufCFWiShQubqAJEFYUgqacCAwEAAaOCAj8wggI7MB0GA1Ud
DgQWBBRoD1fFnTMmNPta/rLTndamok4KkDAfBgNVHSMEGDAWgBRgZ4TBBQhbnWrV
9zoDsg2aXBFMrzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1lHZUV3UVVJVzUxcTFmYzZBN0lObWx3UlRLOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvMmI4MzRlLWJhZDItNDlmZi1iYTM4LWI0MzQyYmE5MWFiYy8x
L2FBOVh4WjB6SmpUN1d2NnkwNTNXcHFKT0NwQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
MmI4MzRlLWJhZDItNDlmZi1iYTM4LWI0MzQyYmE5MWFiYy8xL1lHZUV3UVVJVzUx
cTFmYzZBN0lObWx3UlRLOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBV
BggrBgEFBQcBBwEB/wRGMEQwQgQCAAEwPAMEAi0IFAMEArl5DAMEArnCHAMEArni
aAMEAbnmNAMEArnqFAMEArnu5AMEAbnweAMEArn2cAMEALn/fDANBgkqhkiG9w0B
AQsFAAOCAQEAFZmeb80/3GOAuJrK64mtHHQi35Btve3I05dGwhLvOsHyBT4JNk2q
lLeM54l77RFSVMy4MlzlzKBH1MgPx73mU0ELefinhEdkRzWl/SlekiOm0lamtk0f
iwb0VAGKrUDxooSh9LCRs1KGkOgs9e5iXkG1pv5voU+jPmVI3jURu0VgQ95BtSil
lpV1DQrewtSStYIg2oF7o1hEzEA2f35TONkI/iCW8RgFNKFE6ZXUbSuKevTXKA/B
tGGfNB22ms+MAO0tC1Ex7ekzwgaFGZ91B7J+WTCBnmWX/iw8ssY3ShCVVTYmeym2
lZD6gO70uqUFAzJviUcLQ9lMU9C2pKfwEg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:42 2024 by rpki-client on console-fra.rpki-client.org