Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/Tmo7OCUZ3Z3RLTx_zANTXgmosP4.roa
File: Tmo7OCUZ3Z3RLTx_zANTXgmosP4.roa (raw, json)
Hash identifier: CJ8INBZbfQoVpykzFhMd58a7VnvgKXm8SQi8bsPcOjE=
Subject key identifier: 4E:6A:3B:38:25:19:DD:9D:D1:2D:3C:7F:CC:03:53:5E:09:A8:B0:FE
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 01843050C5653CDA243123BCB3BC84034A71
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/Tmo7OCUZ3Z3RLTx_zANTXgmosP4.roa
Signing time: Mon 31 Oct 2022 23:11:50 +0000
ROA not before: Mon 31 Oct 2022 23:11:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 136620
IP address blocks: 185.214.69.0/24 maxlen: 24
2a06:82c2::/48 maxlen: 48
2a06:82c2:2::/48 maxlen: 48
2a06:82c2:d::/48 maxlen: 48
2a06:82c2:f::/48 maxlen: 48
2a06:82c2:e::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:30:50:c5:65:3c:da:24:31:23:bc:b3:bc:84:03:4a:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Oct 31 23:11:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4e6a3b382519dd9dd12d3c7fcc03535e09a8b0fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:ca:eb:65:66:36:fc:89:5e:1f:df:9c:bf:21:
c6:69:4c:1c:25:e6:5e:95:d1:ab:01:f8:b2:39:2b:
ab:82:ec:5c:b6:7d:21:a2:ad:b6:9c:09:14:68:51:
32:18:80:f9:0c:fb:c0:ac:9b:b8:00:eb:ae:99:53:
cc:9b:3f:35:37:37:13:17:10:bf:7c:e7:3a:f9:bd:
40:24:6d:1e:17:1c:16:b4:ac:ee:aa:5d:59:c8:34:
06:ab:84:c1:26:96:63:3d:79:c9:55:34:0c:e7:d4:
18:08:93:1f:4d:df:13:16:56:d7:9a:f9:e1:75:96:
fa:fb:7a:d1:dd:4d:7e:a7:4c:70:fb:9e:d5:4f:c6:
d3:56:0e:29:cb:c4:9f:ea:81:2b:c6:3b:04:64:26:
26:5c:9c:a1:78:99:37:b2:33:5d:6b:5c:ca:eb:5e:
a2:4f:ae:6a:7e:31:06:9c:10:67:a1:d0:5a:9a:65:
56:c9:6f:2a:1c:86:3f:41:8c:54:58:b0:d9:04:8d:
5b:83:de:52:f6:50:9e:dc:16:8a:57:8a:48:16:ec:
8c:1c:30:73:43:b0:1d:47:de:e9:7a:d9:cc:7e:0b:
74:b1:53:39:e2:a1:09:d7:bb:de:21:2b:96:4f:10:
57:84:b1:8f:e2:a7:64:5e:3a:31:2a:8f:db:13:41:
6b:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:6A:3B:38:25:19:DD:9D:D1:2D:3C:7F:CC:03:53:5E:09:A8:B0:FE
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/Tmo7OCUZ3Z3RLTx_zANTXgmosP4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.214.69.0/24
IPv6:
2a06:82c2::/48
2a06:82c2:2::/48
2a06:82c2:d::-2a06:82c2:f:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
6f:f5:19:3c:90:39:d0:67:73:15:cf:5b:19:68:fe:e9:f7:b2:
94:29:d2:94:7f:3c:a4:9f:a4:47:9a:21:92:8f:ea:77:21:ff:
db:65:a8:00:36:9f:77:48:65:7c:34:d3:f7:0d:cd:05:ce:ff:
06:00:49:3c:e2:26:61:f5:25:51:a4:71:8f:b6:82:3c:6e:c4:
3c:95:88:8b:76:9c:3b:3b:51:5e:fe:11:af:5d:09:7a:88:62:
28:d8:35:91:45:2e:85:eb:ee:d5:9b:ca:5e:80:03:fd:45:d5:
bd:5b:06:cd:22:17:67:e5:20:06:1f:89:6c:3c:24:c5:44:64:
72:c4:eb:8a:ac:5b:04:f6:c5:96:87:78:16:04:c9:c7:3e:7f:
6c:b7:46:ed:d0:81:b6:29:6b:99:c1:dc:9d:1c:9c:82:82:76:
3b:6c:d6:b3:b2:ab:c7:c9:96:75:20:a0:18:0c:1d:02:c3:16:
4b:f1:8c:95:af:ac:6f:17:1a:cb:66:b8:ea:18:cc:e3:05:a4:
45:de:60:16:c9:9b:f0:1c:97:d5:c0:1b:c9:64:e5:c7:84:04:
cd:c7:61:71:2a:7b:5e:64:5e:7d:f2:b6:ad:ad:de:c2:c2:e0:
9f:ac:da:74:a3:2a:10:11:97:fe:01:8f:6d:b4:be:32:30:1e:
6d:be:72:37
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYQwUMVlPNokMSO8s7yEA0pxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjIxMDMxMjMxMTUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTZhM2IzODI1MTlkZDlkZDEyZDNjN2ZjYzAzNTM1ZTA5YThiMGZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3srrZWY2/IleH9+cvyHGaUwcJeZe
ldGrAfiyOSurguxctn0hoq22nAkUaFEyGID5DPvArJu4AOuumVPMmz81NzcTFxC/
fOc6+b1AJG0eFxwWtKzuql1ZyDQGq4TBJpZjPXnJVTQM59QYCJMfTd8TFlbXmvnh
dZb6+3rR3U1+p0xw+57VT8bTVg4py8Sf6oErxjsEZCYmXJyheJk3sjNda1zK616i
T65qfjEGnBBnodBammVWyW8qHIY/QYxUWLDZBI1bg95S9lCe3BaKV4pIFuyMHDBz
Q7AdR97petnMfgt0sVM54qEJ17veISuWTxBXhLGP4qdkXjoxKo/bE0FrSwIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFE5qOzglGd2d0S08f8wDU14JqLD+MB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvVG1vN09DVVozWjNSTFR4X3pBTlRYZ21vc1A0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAMBAIAATAGAwQAudZFMCwE
AgACMCYDBwAqBoLCAAADBwAqBoLCAAIwEgMHACoGgsIADQMHBCoGgsIAADANBgkq
hkiG9w0BAQsFAAOCAQEAb/UZPJA50GdzFc9bGWj+6feylCnSlH88pJ+kR5ohko/q
dyH/22WoADafd0hlfDTT9w3NBc7/BgBJPOImYfUlUaRxj7aCPG7EPJWIi3acOztR
Xv4Rr10JeohiKNg1kUUuhevu1ZvKXoAD/UXVvVsGzSIXZ+UgBh+JbDwkxURkcsTr
iqxbBPbFlod4FgTJxz5/bLdG7dCBtilrmcHcnRycgoJ2O2zWs7Krx8mWdSCgGAwd
AsMWS/GMla+sbxcay2a46hjM4wWkRd5gFsmb8ByX1cAbyWTlx4QEzcdhcSp7XmRe
ffK2ra3ewsLgn6zadKMqEBGX/gGPbbS+MjAebb5yNw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:09 2023 by rpki-client on console-ams.rpki-client.org