Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/xqsHtFD5jb40xGVAUnEE-dizq0k.roa
File: xqsHtFD5jb40xGVAUnEE-dizq0k.roa (raw, json)
Hash identifier: cJvjDIZjdrbFRZE31oMlkIj2qJgESn3HS8KpfW9i2+Q=
Subject key identifier: C6:AB:07:B4:50:F9:8D:BE:34:C4:65:40:52:71:04:F9:D8:B3:AB:49
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0182CA07F7478B691A3807627159C2483573
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/xqsHtFD5jb40xGVAUnEE-dizq0k.roa
Signing time: Tue 23 Aug 2022 09:28:15 +0000
ROA not before: Tue 23 Aug 2022 09:28:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 185.230.52.0/23 maxlen: 24
185.255.124.0/24 maxlen: 24
185.255.126.0/24 maxlen: 24
185.223.76.0/24 maxlen: 24
185.121.12.0/22 maxlen: 24
185.206.251.0/24 maxlen: 24
185.206.248.0/24 maxlen: 24
185.226.105.0/24 maxlen: 24
185.226.107.0/24 maxlen: 24
185.234.20.0/22 maxlen: 24
185.234.23.0/24 maxlen: 24
185.223.153.0/24 maxlen: 24
185.240.120.0/23 maxlen: 24
45.8.20.0/22 maxlen: 24
185.238.228.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:ca:07:f7:47:8b:69:1a:38:07:62:71:59:c2:48:35:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Aug 23 09:28:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c6ab07b450f98dbe34c46540527104f9d8b3ab49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:6f:e2:cf:7a:8d:a8:7a:fe:b5:24:5c:d1:72:
08:20:77:dd:87:75:98:ab:0c:c5:7a:7a:75:28:d9:
b5:30:05:0e:26:6f:ea:6a:ff:06:69:f4:a4:46:0b:
76:4a:3d:45:28:13:f7:12:29:8a:42:88:fc:a0:ce:
92:c9:f6:04:bb:1d:2f:47:ad:f3:ed:b0:4e:f8:d6:
e7:24:9a:ef:f4:6d:32:0a:9d:f9:34:2d:f4:f0:52:
47:9c:4e:37:26:fe:ee:9b:e0:c7:e6:ef:b4:ed:71:
a0:e0:1d:0e:bb:06:cb:08:cd:a0:b5:c0:d1:87:91:
72:5b:f6:69:66:28:ea:db:68:bd:8e:91:3a:14:9c:
97:cb:74:10:9c:ee:de:0d:29:c8:5a:00:5c:3b:d5:
ae:5f:7e:db:0b:ff:7a:8f:ad:1c:e6:d8:a6:d4:df:
1f:53:84:fa:42:8c:63:7d:fe:22:87:07:ff:9f:3e:
2d:4c:39:96:0c:e2:d2:27:75:aa:c2:c7:94:25:23:
fa:c7:eb:f3:bd:31:f1:1f:22:7f:b4:35:f9:a2:cf:
06:a4:b5:17:22:a9:3b:bf:c4:e4:ea:8f:7e:b7:72:
b1:1d:da:a5:73:bb:8a:a9:b0:b5:78:3c:39:ca:d0:
3b:d4:e5:6f:77:6e:b5:61:0e:bb:ed:43:db:0a:92:
98:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:AB:07:B4:50:F9:8D:BE:34:C4:65:40:52:71:04:F9:D8:B3:AB:49
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/xqsHtFD5jb40xGVAUnEE-dizq0k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.20.0/22
185.121.12.0/22
185.206.248.0/24
185.206.251.0/24
185.223.76.0/24
185.223.153.0/24
185.226.105.0/24
185.226.107.0/24
185.230.52.0/23
185.234.20.0/22
185.238.228.0/22
185.240.120.0/23
185.255.124.0/24
185.255.126.0/24
Signature Algorithm: sha256WithRSAEncryption
09:f6:42:92:8c:c9:13:c6:f9:41:59:93:f2:8f:5d:0a:fd:4f:
dd:2d:c5:12:4c:95:e4:45:73:42:4a:ba:52:2f:58:6f:98:a0:
1f:72:7e:20:bd:b9:f2:54:68:cb:30:91:94:cd:3a:2b:77:27:
11:44:b6:d6:a3:96:cb:d7:5d:6e:69:96:40:6a:85:f5:ae:38:
db:35:b9:34:a9:87:f3:6a:8a:32:e3:71:0d:22:da:8b:1b:20:
c8:ed:39:97:7a:4e:c8:aa:49:65:5f:ed:e7:2f:7d:d6:d2:75:
4d:94:52:59:66:01:c3:0c:eb:7d:f9:a8:2e:d7:09:b0:a0:68:
4e:1d:99:99:be:bf:01:24:17:19:c7:08:e2:ce:7f:e4:d0:74:
77:83:19:48:5a:ab:a1:17:e7:74:6a:78:29:64:01:5a:43:fb:
98:56:36:b3:32:7e:fd:40:8d:da:14:17:b8:d9:b2:f6:3c:7e:
1f:9d:b2:d5:d4:3b:1c:53:e2:9a:90:b6:c8:37:83:97:f5:55:
12:7e:aa:a3:a9:d4:e3:b9:9c:9d:21:a8:31:27:4b:78:47:29:
fa:60:32:a4:a4:57:03:08:23:ff:d9:26:f6:73:f7:65:e7:88:
b7:81:a2:5b:af:7f:ee:1c:23:9c:99:40:d2:fa:c1:a8:7d:c3:
5f:e9:4d:53
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYLKB/dHi2kaOAdicVnCSDVzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjIwODIzMDkyODE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmFiMDdiNDUwZjk4ZGJlMzRjNDY1NDA1MjcxMDRmOWQ4YjNhYjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiW/iz3qNqHr+tSRc0XIIIHfdh3WY
qwzFenp1KNm1MAUOJm/qav8GafSkRgt2Sj1FKBP3EimKQoj8oM6SyfYEux0vR63z
7bBO+NbnJJrv9G0yCp35NC308FJHnE43Jv7um+DH5u+07XGg4B0OuwbLCM2gtcDR
h5FyW/ZpZijq22i9jpE6FJyXy3QQnO7eDSnIWgBcO9WuX37bC/96j60c5tim1N8f
U4T6Qoxjff4ihwf/nz4tTDmWDOLSJ3WqwseUJSP6x+vzvTHxHyJ/tDX5os8GpLUX
Iqk7v8Tk6o9+t3KxHdqlc7uKqbC1eDw5ytA71OVvd261YQ677UPbCpKYmwIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFMarB7RQ+Y2+NMRlQFJxBPnYs6tJMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEveHFzSHRGRDVqYjQweEdWQVVuRUUtZGl6cTBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQCLQgUAwQC
uXkMAwQAuc74AwQAuc77AwQAud9MAwQAud+ZAwQAueJpAwQAueJrAwQBueY0AwQC
ueoUAwQCue7kAwQBufB4AwQAuf98AwQAuf9+MA0GCSqGSIb3DQEBCwUAA4IBAQAJ
9kKSjMkTxvlBWZPyj10K/U/dLcUSTJXkRXNCSrpSL1hvmKAfcn4gvbnyVGjLMJGU
zTordycRRLbWo5bL111uaZZAaoX1rjjbNbk0qYfzaooy43ENItqLGyDI7TmXek7I
qkllX+3nL33W0nVNlFJZZgHDDOt9+agu1wmwoGhOHZmZvr8BJBcZxwjizn/k0HR3
gxlIWquhF+d0angpZAFaQ/uYVjazMn79QI3aFBe42bL2PH4fnbLV1DscU+KakLbI
N4OX9VUSfqqjqdTjuZydIagxJ0t4Ryn6YDKkpFcDCCP/2Sb2c/dl54i3gaJbr3/u
HCOcmUDS+sGofcNf6U1T
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:44 2024 by rpki-client on console-fra.rpki-client.org