Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/iQI1cwxM2VdJSVur8SrmUX8kUds.roa
File: iQI1cwxM2VdJSVur8SrmUX8kUds.roa (raw, json)
Hash identifier: 2ersa8G89uDln+h86EWCVi82gS63AgTmFMK4KzqzLmA=
Subject key identifier: 89:02:35:73:0C:4C:D9:57:49:49:5B:AB:F1:2A:E6:51:7F:24:51:DB
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0181DD0F729631B3AA8F9CBD9253BCF66C1D
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/iQI1cwxM2VdJSVur8SrmUX8kUds.roa
Signing time: Fri 08 Jul 2022 09:06:25 +0000
ROA not before: Fri 08 Jul 2022 09:06:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 185.121.12.0/22 maxlen: 24
185.206.251.0/24 maxlen: 24
185.206.248.0/24 maxlen: 24
185.230.52.0/23 maxlen: 24
185.226.107.0/24 maxlen: 24
185.255.124.0/24 maxlen: 24
185.234.20.0/22 maxlen: 24
185.234.23.0/24 maxlen: 24
185.223.153.0/24 maxlen: 24
185.240.120.0/23 maxlen: 24
45.8.20.0/22 maxlen: 24
185.238.228.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:dd:0f:72:96:31:b3:aa:8f:9c:bd:92:53:bc:f6:6c:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jul 8 09:06:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=890235730c4cd95749495babf12ae6517f2451db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:8a:32:57:71:1c:47:64:67:4b:3d:03:4c:e8:
03:10:8e:23:3e:56:46:d6:d9:19:3c:53:b8:b3:ce:
49:db:ae:00:bd:f4:5f:1e:15:aa:39:82:b8:34:97:
57:7d:29:0f:5c:95:ba:06:f3:c6:36:72:e5:2c:1c:
cc:4e:10:a7:f4:30:31:af:41:c6:d6:b8:57:99:51:
3a:65:08:8a:cb:d8:4e:04:f5:6f:83:41:99:0c:0a:
cd:32:e0:9b:01:13:d2:54:4f:7c:9a:58:ea:44:1b:
40:26:84:90:85:0a:3d:5a:78:be:c3:e2:ef:de:1a:
a6:11:33:cf:84:f8:10:3d:1c:6a:a9:a7:ee:03:77:
a3:d5:9f:b6:22:30:4a:9d:a5:8e:94:1e:e4:dc:7d:
fe:c4:44:ff:b4:c2:c5:27:24:f3:c1:8b:da:0c:e2:
df:2a:32:82:97:2d:3b:16:01:1e:91:6e:e3:6d:75:
ab:9b:f4:73:57:56:02:97:f7:b8:66:9a:a1:25:e6:
74:07:24:db:e8:37:21:03:81:04:3a:6a:fb:f7:7f:
2c:d8:a5:39:d1:af:43:4e:e9:4d:bf:2d:c0:de:05:
7c:72:32:d9:8c:ce:f9:f8:f1:59:c0:75:08:e5:01:
3f:fe:69:c8:cc:8f:d8:87:db:c7:9a:70:07:4a:da:
ff:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:02:35:73:0C:4C:D9:57:49:49:5B:AB:F1:2A:E6:51:7F:24:51:DB
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/iQI1cwxM2VdJSVur8SrmUX8kUds.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.20.0/22
185.121.12.0/22
185.206.248.0/24
185.206.251.0/24
185.223.153.0/24
185.226.107.0/24
185.230.52.0/23
185.234.20.0/22
185.238.228.0/22
185.240.120.0/23
185.255.124.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:e3:c1:f2:c5:40:e4:69:6a:d0:49:e1:28:f6:d2:9a:aa:a5:
f1:2b:ad:ff:ad:7d:da:37:34:41:8e:3d:a1:40:ca:64:3e:af:
0b:ff:0c:f7:10:21:e1:7d:c9:5d:b9:c7:5f:e0:54:22:d0:b0:
4c:a1:5e:8d:77:57:43:85:ab:7e:57:a8:f2:58:24:cf:3e:4b:
56:0a:54:e7:70:1f:42:d3:22:0a:85:0f:45:cc:53:b3:3e:f0:
ad:1b:da:a0:ca:fe:8e:15:5a:44:82:00:b8:cc:88:57:01:ab:
5b:18:ce:07:bc:a4:60:09:c7:48:58:ff:7c:3d:04:24:ed:18:
36:5d:59:08:01:fa:27:d3:5e:ba:23:66:66:8d:19:e2:89:e4:
50:c4:83:7a:40:c9:e7:da:4a:89:fe:98:be:96:15:80:a4:72:
78:49:8e:f1:4a:83:be:53:bc:63:1a:76:5a:b7:50:60:80:e2:
4b:f9:66:46:56:1b:f2:97:e3:e4:9d:b6:93:37:25:82:14:fb:
2a:20:59:66:e8:c3:c0:d7:d9:21:c6:90:f5:ff:f7:d4:d4:2c:
6c:d3:d1:f9:cc:04:9b:f9:8d:b0:b4:9d:ad:cb:1f:78:e0:72:
47:e3:09:d5:9d:ec:9d:81:e1:5d:e3:be:ed:86:aa:7e:e6:92:
13:6b:59:64
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYHdD3KWMbOqj5y9klO89mwdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjIwNzA4MDkwNjI1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTAyMzU3MzBjNGNkOTU3NDk0OTViYWJmMTJhZTY1MTdmMjQ1MWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyYoyV3EcR2RnSz0DTOgDEI4jPlZG
1tkZPFO4s85J264AvfRfHhWqOYK4NJdXfSkPXJW6BvPGNnLlLBzMThCn9DAxr0HG
1rhXmVE6ZQiKy9hOBPVvg0GZDArNMuCbARPSVE98mljqRBtAJoSQhQo9Wni+w+Lv
3hqmETPPhPgQPRxqqafuA3ej1Z+2IjBKnaWOlB7k3H3+xET/tMLFJyTzwYvaDOLf
KjKCly07FgEekW7jbXWrm/RzV1YCl/e4ZpqhJeZ0ByTb6DchA4EEOmr7938s2KU5
0a9DTulNvy3A3gV8cjLZjM75+PFZwHUI5QE//mnIzI/Yh9vHmnAHStr/rwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFIkCNXMMTNlXSUlbq/Eq5lF/JFHbMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvaVFJMWN3eE0yVmRKU1Z1cjhTcm1VWDhrVWRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQCLQgUAwQC
uXkMAwQAuc74AwQAuc77AwQAud+ZAwQAueJrAwQBueY0AwQCueoUAwQCue7kAwQB
ufB4AwQAuf98MA0GCSqGSIb3DQEBCwUAA4IBAQCM48HyxUDkaWrQSeEo9tKaqqXx
K63/rX3aNzRBjj2hQMpkPq8L/wz3ECHhfclducdf4FQi0LBMoV6Nd1dDhat+V6jy
WCTPPktWClTncB9C0yIKhQ9FzFOzPvCtG9qgyv6OFVpEggC4zIhXAatbGM4HvKRg
CcdIWP98PQQk7Rg2XVkIAfon0166I2ZmjRniieRQxIN6QMnn2kqJ/pi+lhWApHJ4
SY7xSoO+U7xjGnZat1BggOJL+WZGVhvyl+PknbaTNyWCFPsqIFlm6MPA19khxpD1
//fU1Cxs09H5zASb+Y2wtJ2tyx944HJH4wnVneydgeFd477thqp+5pITa1lk
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:28 2024 by rpki-client on console-ams.rpki-client.org