Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/Bh2t4T4zTmZjewpP_qWPmAYvhHo.roa
File: Bh2t4T4zTmZjewpP_qWPmAYvhHo.roa (raw, json)
Hash identifier: Bj1mXseW9Cm3mZeHmM7wmm1hZM5NSLCG1QskDOL1F/Y=
Subject key identifier: 06:1D:AD:E1:3E:33:4E:66:63:7B:0A:4F:FE:A5:8F:98:06:2F:84:7A
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 195EF647
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/Bh2t4T4zTmZjewpP_qWPmAYvhHo.roa
Signing time: Wed 30 Mar 2022 14:58:37 +0000
ROA not before: Wed 30 Mar 2022 14:58:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62240
IP address blocks: 185.133.192.0/24 maxlen: 24
185.117.22.0/24 maxlen: 24
185.122.56.0/24 maxlen: 32
185.122.57.0/24 maxlen: 24
185.122.58.0/24 maxlen: 32
185.122.56.0/22 maxlen: 32
185.122.59.0/24 maxlen: 32
2a06:82c2::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 425653831 (0x195ef647)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Mar 30 14:58:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=061dade13e334e66637b0a4ffea58f98062f847a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:64:f8:8b:35:c4:85:32:d5:19:0b:f2:55:85:
89:48:24:5c:f3:f3:59:17:5d:96:ae:98:74:78:15:
66:81:7c:2e:53:26:91:b8:47:97:7f:7c:25:09:58:
fe:59:5e:13:31:f9:fa:6a:b8:96:b6:b3:b4:44:87:
ab:0f:38:83:f2:23:58:26:b4:4d:e8:3f:14:30:fc:
ba:5a:27:9e:88:c2:0c:62:89:c8:ff:93:4c:37:d7:
90:fd:ce:a0:79:bc:5f:d0:97:36:74:e6:5e:0d:97:
0e:1b:3b:7c:27:1a:8e:43:b1:b1:fd:bc:8d:68:c2:
e8:9f:da:fe:2e:2d:3d:c3:75:05:c2:11:ab:6a:52:
1b:06:2e:36:53:87:dd:e0:e4:6e:49:b3:b5:09:7a:
d0:76:6e:5f:12:ce:1c:c8:ac:08:52:c2:f6:3d:8d:
5f:dc:0e:25:a1:6d:d3:c8:5d:f3:94:24:8c:c8:83:
84:42:e7:32:04:44:ef:f9:97:66:d5:4e:9e:ed:4c:
24:ae:35:f5:f9:83:5d:b3:a7:e5:33:9e:fd:4e:cf:
df:d7:06:e9:ba:25:e6:2f:cc:50:5c:8c:d4:88:d4:
af:9f:60:c4:b1:e9:3c:33:a2:11:4d:25:03:85:d6:
71:38:b3:2c:1f:8b:33:aa:a4:89:5a:60:b5:57:25:
f9:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:1D:AD:E1:3E:33:4E:66:63:7B:0A:4F:FE:A5:8F:98:06:2F:84:7A
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/Bh2t4T4zTmZjewpP_qWPmAYvhHo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.117.22.0/24
185.122.56.0/22
185.133.192.0/24
IPv6:
2a06:82c2::/48
Signature Algorithm: sha256WithRSAEncryption
02:e0:77:a4:31:0c:56:d7:bf:85:f1:15:91:2d:33:37:6e:8d:
ac:fa:57:bd:af:5d:aa:48:61:b0:b0:99:90:f2:b5:49:5a:5d:
f4:57:e3:07:71:01:4e:75:70:b7:8a:04:de:ba:ef:6a:71:92:
33:74:aa:24:30:f7:f8:40:fc:94:fa:88:f5:80:84:2c:57:86:
03:ef:8e:ea:07:c2:b7:df:29:1b:41:25:02:7b:f7:bb:87:b6:
9d:3e:69:36:06:d5:9f:48:bb:58:d1:16:26:a1:15:af:6e:17:
f7:05:1b:93:23:ab:7e:04:33:60:02:fd:39:13:bf:73:7f:e9:
2e:25:d7:34:90:90:b1:b4:8e:69:30:71:b6:ad:1e:98:ef:51:
df:a1:dc:5e:48:ce:e2:39:07:c5:9a:fa:2f:6a:83:a9:5d:24:
5e:94:8f:82:4d:95:ea:d0:65:e3:f2:71:b5:80:f0:88:25:34:
54:1c:97:51:54:56:88:63:8c:d4:32:16:13:89:64:32:85:ca:
ac:f3:aa:92:1e:33:f7:4f:fb:51:7d:2f:99:31:32:09:6b:4f:
47:be:7d:0d:ce:84:51:3d:6a:bb:ea:31:2e:84:80:ca:92:0b:
51:65:22:22:8c:02:64:33:35:fc:da:f1:2c:0d:61:39:01:62:
e3:77:ce:61
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIEGV72RzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzhmZDFhOGFlNTk5NmMxZTU2OTJjMWE4YzQyYmZlOWMzYmE1NzQ1MB4XDTIyMDMz
MDE0NTgzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDYxZGFkZTEzZTMz
NGU2NjYzN2IwYTRmZmVhNThmOTgwNjJmODQ3YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJRk+Is1xIUy1RkL8lWFiUgkXPPzWRddlq6YdHgVZoF8LlMm
kbhHl398JQlY/lleEzH5+mq4lraztESHqw84g/IjWCa0Teg/FDD8ulonnojCDGKJ
yP+TTDfXkP3OoHm8X9CXNnTmXg2XDhs7fCcajkOxsf28jWjC6J/a/i4tPcN1BcIR
q2pSGwYuNlOH3eDkbkmztQl60HZuXxLOHMisCFLC9j2NX9wOJaFt08hd85QkjMiD
hELnMgRE7/mXZtVOnu1MJK419fmDXbOn5TOe/U7P39cG6bol5i/MUFyM1IjUr59g
xLHpPDOiEU0lA4XWcTizLB+LM6qkiVpgtVcl+YsCAwEAAaOCAiYwggIiMB0GA1Ud
DgQWBBQGHa3hPjNOZmN7Ck/+pY+YBi+EejAfBgNVHSMEGDAWgBRsj9GorlmWweVp
LBqMQr/pw7pXRTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JJX1JxSzVabHNIbGFTd2FqRUtfNmNPNlYwVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8x
L0JoMnQ0VDR6VG1aamV3cFBfcVdQbUFZdmhIby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8xL2JJX1JxSzVabHNI
bGFTd2FqRUtfNmNPNlYwVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA8
BggrBgEFBQcBBwEB/wQtMCswGAQCAAEwEgMEALl1FgMEArl6OAMEALmFwDAPBAIA
AjAJAwcAKgaCwgAAMA0GCSqGSIb3DQEBCwUAA4IBAQAC4HekMQxW17+F8RWRLTM3
bo2s+le9r12qSGGwsJmQ8rVJWl30V+MHcQFOdXC3igTeuu9qcZIzdKokMPf4QPyU
+oj1gIQsV4YD747qB8K33ykbQSUCe/e7h7adPmk2BtWfSLtY0RYmoRWvbhf3BRuT
I6t+BDNgAv05E79zf+kuJdc0kJCxtI5pMHG2rR6Y71HfodxeSM7iOQfFmvovaoOp
XSRelI+CTZXq0GXj8nG1gPCIJTRUHJdRVFaIY4zUMhYTiWQyhcqs86qSHjP3T/tR
fS+ZMTIJa09Hvn0NzoRRPWq76jEuhIDKkgtRZSIijAJkMzX82vEsDWE5AWLjd85h
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:17 2023 by rpki-client on console-fra.rpki-client.org