Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/b72ORH0muzgguM3CD5v5BXGSB84.roa
File: b72ORH0muzgguM3CD5v5BXGSB84.roa (raw, json)
Hash identifier: FBbDvXSmBrn3V4LTwwsv8rB+lxOPtFZOmq/fino3Mb4=
Subject key identifier: 6F:BD:8E:44:7D:26:BB:38:20:B8:CD:C2:0F:9B:F9:05:71:92:07:CE
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 17997810
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/b72ORH0muzgguM3CD5v5BXGSB84.roa
Signing time: Sat 01 Jan 2022 04:53:56 +0000
ROA not before: Sat 01 Jan 2022 04:53:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 21859
IP address blocks: 91.189.186.0/24 maxlen: 32
37.10.112.0/24 maxlen: 32
185.240.218.0/24 maxlen: 32
5.253.137.0/24 maxlen: 32
185.171.3.0/24 maxlen: 32
79.143.55.0/24 maxlen: 32
193.222.103.0/24 maxlen: 32
195.85.43.0/24 maxlen: 32
46.251.239.0/24 maxlen: 32
147.78.220.0/24 maxlen: 32
193.149.160.0/24 maxlen: 32
185.224.146.0/24 maxlen: 32
185.226.73.0/24 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 395933712 (0x17997810)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jan 1 04:53:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6fbd8e447d26bb3820b8cdc20f9bf905719207ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:81:31:19:8c:d8:f2:b4:b6:82:ce:52:b3:be:
2f:b9:d0:43:63:3d:17:e3:12:45:6e:14:89:be:78:
73:3d:2a:3a:93:dc:63:8a:e7:78:3b:32:dc:2c:df:
c2:5a:c9:a3:b3:54:72:7d:b2:db:a1:42:0c:04:7e:
1a:22:7d:a2:f9:d8:22:5c:0f:87:6f:38:9b:35:54:
3a:ce:4a:b8:84:9d:be:71:53:7e:1c:02:92:2b:b7:
c0:54:d6:2d:35:e2:da:08:3c:70:ba:04:e4:a6:74:
f4:ec:b3:e4:7a:26:fb:2c:80:2e:66:97:5b:ba:99:
b7:9b:83:6f:92:c4:e2:3a:4f:20:d7:e4:65:34:fc:
ed:0b:1c:2e:79:93:5f:35:28:e0:9d:69:9b:79:20:
f5:76:b6:0b:52:ff:86:4f:47:23:48:3c:14:0e:75:
67:01:41:5e:ae:a7:4a:1d:ca:58:fd:e1:ed:57:67:
8c:1b:87:ac:86:cd:d7:5d:20:6a:a6:ac:7a:34:15:
52:55:d5:9f:9a:90:7e:7f:30:94:7d:46:86:c9:29:
01:16:21:f2:51:05:03:99:06:65:55:b7:17:04:56:
d2:06:44:f0:5a:5f:76:37:78:dc:e5:1a:13:06:e5:
72:24:36:97:64:2d:6b:24:68:74:26:f6:ed:e1:84:
cf:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:BD:8E:44:7D:26:BB:38:20:B8:CD:C2:0F:9B:F9:05:71:92:07:CE
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/b72ORH0muzgguM3CD5v5BXGSB84.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.137.0/24
37.10.112.0/24
46.251.239.0/24
79.143.55.0/24
91.189.186.0/24
147.78.220.0/24
185.171.3.0/24
185.224.146.0/24
185.226.73.0/24
185.240.218.0/24
193.149.160.0/24
193.222.103.0/24
195.85.43.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:4f:8a:85:67:ef:e9:00:e1:27:bb:ac:4f:53:4f:3e:cd:2d:
ec:19:be:29:67:b2:8b:80:2b:fb:b2:1a:b0:22:4f:6c:14:ad:
da:63:82:d4:a1:6e:41:2e:57:de:0c:55:73:a1:92:5d:04:d1:
2a:b9:af:16:3a:9a:0e:12:e2:fd:35:88:4c:1d:bf:a5:14:da:
6c:24:81:86:f3:f4:00:d3:5d:cb:9b:c5:c8:9c:39:3e:83:72:
e8:3a:7f:99:f2:c3:03:0f:6d:3e:c8:54:03:0c:e5:ff:58:3f:
3a:cd:f0:2e:a0:3e:2c:de:a3:b9:a5:83:51:d0:42:57:5e:f2:
cb:be:73:47:11:29:3f:c9:95:84:be:f0:37:49:85:de:62:20:
ab:5c:9f:f9:e7:d6:06:c5:b6:0c:b8:8b:aa:9b:9b:1a:cc:b4:
0f:43:5b:a1:e4:cc:b0:32:fb:08:de:cd:b5:ef:22:11:93:e6:
13:85:f4:7b:63:f5:ef:a3:1f:47:ab:74:67:c5:37:97:3a:09:
7b:89:87:5d:f5:41:83:60:4e:90:35:dc:73:52:7a:19:94:99:
47:1d:4f:b4:04:d7:7d:63:e3:cf:42:0b:c3:a6:00:4b:4e:c9:
c3:1e:e3:51:72:49:24:46:c5:51:aa:1c:22:1e:30:09:ab:72:
fa:2a:38:40
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIEF5l4EDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzhmZDFhOGFlNTk5NmMxZTU2OTJjMWE4YzQyYmZlOWMzYmE1NzQ1MB4XDTIyMDEw
MTA0NTM1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmZiZDhlNDQ3ZDI2
YmIzODIwYjhjZGMyMGY5YmY5MDU3MTkyMDdjZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJGBMRmM2PK0toLOUrO+L7nQQ2M9F+MSRW4Uib54cz0qOpPc
Y4rneDsy3CzfwlrJo7NUcn2y26FCDAR+GiJ9ovnYIlwPh284mzVUOs5KuISdvnFT
fhwCkiu3wFTWLTXi2gg8cLoE5KZ09Oyz5Hom+yyALmaXW7qZt5uDb5LE4jpPINfk
ZTT87QscLnmTXzUo4J1pm3kg9Xa2C1L/hk9HI0g8FA51ZwFBXq6nSh3KWP3h7Vdn
jBuHrIbN110gaqasejQVUlXVn5qQfn8wlH1GhskpARYh8lEFA5kGZVW3FwRW0gZE
8Fpfdjd43OUaEwblciQ2l2QtayRodCb27eGEz+ECAwEAAaOCAlEwggJNMB0GA1Ud
DgQWBBRvvY5EfSa7OCC4zcIPm/kFcZIHzjAfBgNVHSMEGDAWgBRsj9GorlmWweVp
LBqMQr/pw7pXRTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JJX1JxSzVabHNIbGFTd2FqRUtfNmNPNlYwVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8x
L2I3Mk9SSDBtdXpnZ3VNM0NENXY1QlhHU0I4NC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8xL2JJX1JxSzVabHNI
bGFTd2FqRUtfNmNPNlYwVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBn
BggrBgEFBQcBBwEB/wRYMFYwVAQCAAEwTgMEAAX9iQMEACUKcAMEAC777wMEAE+P
NwMEAFu9ugMEAJNO3AMEALmrAwMEALngkgMEALniSQMEALnw2gMEAMGVoAMEAMHe
ZwMEAMNVKzANBgkqhkiG9w0BAQsFAAOCAQEAtE+KhWfv6QDhJ7usT1NPPs0t7Bm+
KWeyi4Ar+7IasCJPbBSt2mOC1KFuQS5X3gxVc6GSXQTRKrmvFjqaDhLi/TWITB2/
pRTabCSBhvP0ANNdy5vFyJw5PoNy6Dp/mfLDAw9tPshUAwzl/1g/Os3wLqA+LN6j
uaWDUdBCV17yy75zRxEpP8mVhL7wN0mF3mIgq1yf+efWBsW2DLiLqpubGsy0D0Nb
oeTMsDL7CN7Nte8iEZPmE4X0e2P176MfR6t0Z8U3lzoJe4mHXfVBg2BOkDXcc1J6
GZSZRx1PtATXfWPjz0ILw6YAS07Jwx7jUXJJJEbFUaocIh4wCaty+io4QA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:09 2023 by rpki-client on console-ams.rpki-client.org