Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/P2ekKdUpGK3ZtKiA4a_3-rvv4K4.roa
File: P2ekKdUpGK3ZtKiA4a_3-rvv4K4.roa (raw, json)
Hash identifier: jxrY7SJORem7Ab+yzB77SO9hQB23yjQY8XTpRI+Eqvk=
Subject key identifier: 3F:67:A4:29:D5:29:18:AD:D9:B4:A8:80:E1:AF:F7:FA:BB:EF:E0:AE
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 1974D012
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/P2ekKdUpGK3ZtKiA4a_3-rvv4K4.roa
Signing time: Mon 04 Apr 2022 06:36:43 +0000
ROA not before: Mon 04 Apr 2022 06:36:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62240
IP address blocks: 185.133.192.0/24 maxlen: 24
185.117.22.0/24 maxlen: 24
185.122.56.0/24 maxlen: 32
185.122.57.0/24 maxlen: 24
185.122.58.0/24 maxlen: 32
2a06:82c2::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 427085842 (0x1974d012)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Apr 4 06:36:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3f67a429d52918add9b4a880e1aff7fabbefe0ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:83:ab:cf:63:2f:26:3b:b9:c0:05:57:7e:29:
65:07:a3:0d:bd:e8:30:a8:28:cd:b0:36:3f:a9:05:
a0:7a:22:92:58:93:62:72:59:2a:90:0a:2f:c3:0a:
5d:4f:b8:26:93:85:e1:59:27:a5:c2:4b:54:c0:b4:
c3:e8:7a:f9:f2:b8:75:14:d5:e1:81:84:a2:22:82:
be:68:fd:fa:ca:95:a7:67:63:cc:28:b3:05:e3:b1:
b0:e3:d1:15:6b:ba:22:95:46:fe:0e:4b:2c:51:1a:
4f:68:fe:55:84:82:ca:74:22:ef:20:3d:49:33:9f:
cb:76:5a:1d:91:01:c3:f9:96:eb:45:2a:d4:a2:ae:
f4:bd:4f:24:09:4f:41:71:e9:99:c0:69:cc:62:38:
8a:0f:03:1c:1f:35:e9:d5:e2:6c:00:bb:2a:9d:4e:
2e:a6:46:75:4c:b2:99:ec:5e:35:f5:1c:71:d6:6e:
44:d5:79:8d:3c:4c:83:a3:17:bc:c6:05:06:cc:92:
b5:09:5c:a4:06:8b:bc:83:d2:27:b8:91:a5:55:22:
d9:cd:b3:6b:71:71:ed:92:49:91:0f:45:e3:96:57:
21:5f:20:0a:a6:9c:30:bc:47:0c:ce:89:a2:54:05:
a1:c7:51:96:48:f8:c2:5b:97:0c:92:40:f3:d2:5b:
8d:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:67:A4:29:D5:29:18:AD:D9:B4:A8:80:E1:AF:F7:FA:BB:EF:E0:AE
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/P2ekKdUpGK3ZtKiA4a_3-rvv4K4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.117.22.0/24
185.122.56.0-185.122.58.255
185.133.192.0/24
IPv6:
2a06:82c2::/48
Signature Algorithm: sha256WithRSAEncryption
18:41:63:40:0e:c7:83:c5:70:56:19:f2:a6:fa:10:08:d5:7f:
bb:e4:0f:bc:ee:0f:8a:cf:45:d9:f7:d8:05:af:ca:6d:7a:19:
71:5f:4a:3b:94:3f:16:5a:cb:c6:07:0f:2d:cd:f1:1d:c0:04:
bc:a8:24:24:56:2a:ac:d4:c1:41:bc:96:fb:39:0f:87:ce:af:
3d:1a:4c:94:12:f2:b7:c6:58:78:5c:bf:2a:58:bd:fc:8c:63:
c0:17:28:32:c8:8e:66:e8:db:cd:ad:fd:97:8d:f8:b1:72:d3:
26:05:4e:d4:3d:bc:23:6f:5a:4a:82:74:f6:41:85:7b:b2:4d:
1c:c0:b5:84:14:33:05:a7:db:2a:45:83:aa:19:e7:f6:0c:b8:
10:f5:06:3a:69:10:83:8b:a0:d0:ec:6b:b6:ca:2a:62:55:2e:
a5:31:60:f3:a4:a3:f3:f3:ec:ea:80:9e:07:87:a4:e9:d1:35:
88:9d:6f:75:54:bd:d6:57:26:ce:86:87:65:ff:45:79:b5:e8:
50:b6:bc:40:28:87:b0:19:b0:34:43:08:bb:54:b8:73:8f:ca:
d9:d6:eb:8f:c7:6b:34:ff:e8:6c:b1:f2:aa:5c:eb:05:fc:b5:
78:83:04:95:ee:22:26:a8:66:ea:6a:35:f2:54:14:07:e7:fe:
8f:68:a9:62
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgIEGXTQEjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzhmZDFhOGFlNTk5NmMxZTU2OTJjMWE4YzQyYmZlOWMzYmE1NzQ1MB4XDTIyMDQw
NDA2MzY0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2Y2N2E0MjlkNTI5
MThhZGQ5YjRhODgwZTFhZmY3ZmFiYmVmZTBhZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKqDq89jLyY7ucAFV34pZQejDb3oMKgozbA2P6kFoHoikliT
YnJZKpAKL8MKXU+4JpOF4VknpcJLVMC0w+h6+fK4dRTV4YGEoiKCvmj9+sqVp2dj
zCizBeOxsOPRFWu6IpVG/g5LLFEaT2j+VYSCynQi7yA9STOfy3ZaHZEBw/mW60Uq
1KKu9L1PJAlPQXHpmcBpzGI4ig8DHB816dXibAC7Kp1OLqZGdUyymexeNfUccdZu
RNV5jTxMg6MXvMYFBsyStQlcpAaLvIPSJ7iRpVUi2c2za3Fx7ZJJkQ9F45ZXIV8g
CqacMLxHDM6JolQFocdRlkj4wluXDJJA89JbjekCAwEAAaOCAi4wggIqMB0GA1Ud
DgQWBBQ/Z6Qp1SkYrdm0qIDhr/f6u+/grjAfBgNVHSMEGDAWgBRsj9GorlmWweVp
LBqMQr/pw7pXRTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JJX1JxSzVabHNIbGFTd2FqRUtfNmNPNlYwVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8x
L1AyZWtLZFVwR0szWnRLaUE0YV8zLXJ2djRLNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8xL2JJX1JxSzVabHNI
bGFTd2FqRUtfNmNPNlYwVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBE
BggrBgEFBQcBBwEB/wQ1MDMwIAQCAAEwGgMEALl1FjAMAwQDuXo4AwQAuXo6AwQA
uYXAMA8EAgACMAkDBwAqBoLCAAAwDQYJKoZIhvcNAQELBQADggEBABhBY0AOx4PF
cFYZ8qb6EAjVf7vkD7zuD4rPRdn32AWvym16GXFfSjuUPxZay8YHDy3N8R3ABLyo
JCRWKqzUwUG8lvs5D4fOrz0aTJQS8rfGWHhcvypYvfyMY8AXKDLIjmbo282t/ZeN
+LFy0yYFTtQ9vCNvWkqCdPZBhXuyTRzAtYQUMwWn2ypFg6oZ5/YMuBD1BjppEIOL
oNDsa7bKKmJVLqUxYPOko/Pz7OqAngeHpOnRNYidb3VUvdZXJs6Gh2X/RXm16FC2
vEAoh7AZsDRDCLtUuHOPytnW64/HazT/6Gyx8qpc6wX8tXiDBJXuIiaoZupqNfJU
FAfn/o9oqWI=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:17 2023 by rpki-client on console-fra.rpki-client.org