Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/3XzJFnNrtV4VY3BW3WsAOwSOlK0.roa
File: 3XzJFnNrtV4VY3BW3WsAOwSOlK0.roa (raw, json)
Hash identifier: 2QMaBFfj0WCMyczkX7W4ftGJ7SiqkhTOoMpPRo+zG0Q=
Subject key identifier: DD:7C:C9:16:73:6B:B5:5E:15:63:70:56:DD:6B:00:3B:04:8E:94:AD
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 18D15E23
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/3XzJFnNrtV4VY3BW3WsAOwSOlK0.roa
Signing time: Sun 20 Feb 2022 14:58:07 +0000
ROA not before: Sun 20 Feb 2022 14:58:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7489
IP address blocks: 185.133.192.0/24 maxlen: 24
185.120.7.0/24 maxlen: 32
185.117.22.0/24 maxlen: 24
185.122.56.0/24 maxlen: 24
185.122.57.0/24 maxlen: 24
185.122.58.0/24 maxlen: 32
185.122.56.0/22 maxlen: 32
185.122.59.0/24 maxlen: 24
2a06:8e00::/48 maxlen: 48
2a06:8ec0:3::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 416374307 (0x18d15e23)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Feb 20 14:58:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dd7cc916736bb55e15637056dd6b003b048e94ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:4b:87:e0:6a:f8:0d:e2:96:c1:c2:0c:dd:d0:
b4:ac:bb:9b:f5:57:14:85:48:e2:9d:9a:87:cc:07:
9a:05:92:88:7c:81:90:76:3d:a6:1a:a6:66:f2:d5:
47:2f:5b:48:23:4f:c6:1f:6f:ac:3d:05:2a:22:c6:
a6:bd:9a:0c:6d:4c:f4:1b:73:2e:5b:f0:a9:c0:d9:
ef:69:f9:76:c1:70:31:4a:80:7e:7f:a8:d4:59:2c:
10:ea:21:46:af:08:8c:76:1b:6e:83:51:03:a9:3a:
65:82:2d:4b:aa:1d:f2:34:1d:41:38:73:99:90:ff:
30:4e:a8:59:c2:60:4b:a3:4d:5e:e2:18:ad:20:16:
28:44:63:7e:9d:d4:cd:05:71:87:98:37:4f:d8:00:
f1:f9:9f:1d:a4:61:31:1b:c3:a8:7d:27:13:b0:b9:
b3:f1:9e:42:48:fd:47:21:14:9e:56:02:8f:2c:e3:
e8:37:33:92:69:af:82:93:44:10:ca:44:de:32:4a:
d1:1b:64:d5:85:e9:55:04:e8:f8:8f:ab:48:a5:00:
83:55:46:d6:c0:51:ff:79:b7:5b:65:4c:5e:e7:14:
a8:5e:62:c4:47:5c:ab:a6:76:d7:4b:08:8a:cf:47:
32:2b:ee:1f:b4:1d:8c:dc:6c:ee:12:c0:04:a9:e3:
8a:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:7C:C9:16:73:6B:B5:5E:15:63:70:56:DD:6B:00:3B:04:8E:94:AD
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/3XzJFnNrtV4VY3BW3WsAOwSOlK0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.117.22.0/24
185.120.7.0/24
185.122.56.0/22
185.133.192.0/24
IPv6:
2a06:8e00::/48
2a06:8ec0:3::/48
Signature Algorithm: sha256WithRSAEncryption
74:13:d4:c0:58:15:e1:64:50:3c:ef:96:ad:4c:7e:ca:61:fa:
e9:de:3b:16:9a:46:09:59:8d:5d:dd:82:52:9d:67:2d:60:e1:
fd:77:c1:9c:54:a3:33:41:f0:7e:a4:9a:bf:f9:aa:0e:fe:72:
7e:de:f2:67:6d:fe:1e:27:0d:ab:15:96:d7:43:19:1e:60:6a:
61:6a:eb:c4:78:dd:4c:cd:4d:c6:a8:9c:73:b6:61:d7:fd:43:
8c:19:19:00:07:9b:4f:94:7b:b2:b5:e9:10:d7:ba:49:95:63:
e5:87:6e:dd:50:8f:1a:34:c1:56:1e:a2:7c:a6:56:4a:6e:52:
c3:87:76:cd:c0:ee:b6:5c:f6:2a:45:d5:f6:e7:65:e0:f2:11:
35:57:3d:dd:a1:00:ee:12:70:1d:8c:d3:26:2b:fd:4f:25:c6:
52:ff:fa:43:8f:47:8a:7b:08:38:38:74:6a:7d:bd:71:71:d3:
8c:ac:b0:41:ae:9b:fa:12:48:92:95:34:94:d5:01:c1:e1:a9:
d1:04:66:f8:50:17:9e:ad:a2:f4:ab:db:f3:6a:22:86:69:7b:
9c:52:de:b5:ee:7f:05:d9:2b:5d:fc:69:6f:3d:e0:14:1d:a2:
50:61:d3:51:86:65:d5:24:61:a8:51:9f:37:50:4c:91:10:48:
c0:22:40:79
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgIEGNFeIzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzhmZDFhOGFlNTk5NmMxZTU2OTJjMWE4YzQyYmZlOWMzYmE1NzQ1MB4XDTIyMDIy
MDE0NTgwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGQ3Y2M5MTY3MzZi
YjU1ZTE1NjM3MDU2ZGQ2YjAwM2IwNDhlOTRhZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKFLh+Bq+A3ilsHCDN3QtKy7m/VXFIVI4p2ah8wHmgWSiHyB
kHY9phqmZvLVRy9bSCNPxh9vrD0FKiLGpr2aDG1M9BtzLlvwqcDZ72n5dsFwMUqA
fn+o1FksEOohRq8IjHYbboNRA6k6ZYItS6od8jQdQThzmZD/ME6oWcJgS6NNXuIY
rSAWKERjfp3UzQVxh5g3T9gA8fmfHaRhMRvDqH0nE7C5s/GeQkj9RyEUnlYCjyzj
6DczkmmvgpNEEMpE3jJK0Rtk1YXpVQTo+I+rSKUAg1VG1sBR/3m3W2VMXucUqF5i
xEdcq6Z210sIis9HMivuH7QdjNxs7hLABKnjiq8CAwEAAaOCAjUwggIxMB0GA1Ud
DgQWBBTdfMkWc2u1XhVjcFbdawA7BI6UrTAfBgNVHSMEGDAWgBRsj9GorlmWweVp
LBqMQr/pw7pXRTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JJX1JxSzVabHNIbGFTd2FqRUtfNmNPNlYwVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8x
LzNYekpGbk5ydFY0VlkzQlczV3NBT3dTT2xLMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8xL2JJX1JxSzVabHNI
bGFTd2FqRUtfNmNPNlYwVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBL
BggrBgEFBQcBBwEB/wQ8MDowHgQCAAEwGAMEALl1FgMEALl4BwMEArl6OAMEALmF
wDAYBAIAAjASAwcAKgaOAAAAAwcAKgaOwAADMA0GCSqGSIb3DQEBCwUAA4IBAQB0
E9TAWBXhZFA875atTH7KYfrp3jsWmkYJWY1d3YJSnWctYOH9d8GcVKMzQfB+pJq/
+aoO/nJ+3vJnbf4eJw2rFZbXQxkeYGphauvEeN1MzU3GqJxztmHX/UOMGRkAB5tP
lHuytekQ17pJlWPlh27dUI8aNMFWHqJ8plZKblLDh3bNwO62XPYqRdX252Xg8hE1
Vz3doQDuEnAdjNMmK/1PJcZS//pDj0eKewg4OHRqfb1xcdOMrLBBrpv6EkiSlTSU
1QHB4anRBGb4UBeeraL0q9vzaiKGaXucUt617n8F2Std/GlvPeAUHaJQYdNRhmXV
JGGoUZ83UEyREEjAIkB5
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:17 2023 by rpki-client on console-fra.rpki-client.org