Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/hN_o7zTvnEacWFMtTSs9TRu7Yi4.roa
File: hN_o7zTvnEacWFMtTSs9TRu7Yi4.roa (raw, json)
Hash identifier: 3zPa3vt8ckww+r/rMXT4dBf3DOEhWm1So9fDFAJABaA=
Subject key identifier: 84:DF:E8:EF:34:EF:9C:46:9C:58:53:2D:4D:2B:3D:4D:1B:BB:62:2E
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 188EE225
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/hN_o7zTvnEacWFMtTSs9TRu7Yi4.roa
Signing time: Tue 01 Feb 2022 03:01:20 +0000
ROA not before: Tue 01 Feb 2022 03:01:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7489
IP address blocks: 185.133.192.0/24 maxlen: 24
185.120.7.0/24 maxlen: 24
185.117.22.0/24 maxlen: 24
185.122.56.0/24 maxlen: 24
185.122.57.0/24 maxlen: 24
185.122.58.0/24 maxlen: 32
185.122.56.0/22 maxlen: 32
185.122.59.0/24 maxlen: 24
2a06:8e00::/48 maxlen: 48
2a06:8ec0:3::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 412017189 (0x188ee225)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Feb 1 03:01:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=84dfe8ef34ef9c469c58532d4d2b3d4d1bbb622e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:39:ed:4b:61:e4:35:7c:58:2e:ef:9b:b6:82:
b5:17:cf:05:e9:36:17:28:89:e8:e6:c1:eb:cf:f3:
7b:c4:58:b7:f7:9a:84:90:99:1b:a4:37:82:b2:ec:
82:48:d1:1a:85:2e:00:9a:be:36:de:51:82:6e:9a:
f1:9c:7b:44:71:e5:fc:26:54:b9:71:56:c3:c8:c3:
d2:6c:71:4f:fd:43:69:49:9d:d4:cf:9a:62:ef:69:
b8:52:f2:39:af:f2:ea:96:de:bb:c6:9f:de:2a:c2:
f8:17:1d:85:3f:41:84:40:4f:6a:37:b9:fd:34:6c:
e9:c4:b7:47:33:87:2b:70:c1:79:f2:72:af:6a:59:
de:79:cf:86:d3:c4:0e:4f:f6:68:da:56:13:6b:2e:
b4:23:a2:9e:a5:d8:42:37:c3:b5:b8:b6:92:27:ed:
8d:47:c4:5c:f1:40:34:8d:84:49:b4:94:e5:83:91:
ef:81:b3:48:ad:f5:18:d0:41:bc:0d:e1:c5:c2:f4:
b5:6d:3e:40:0d:48:e6:ff:cb:e1:cf:a4:42:b8:fe:
54:d8:38:52:5f:d1:87:54:d1:fb:5e:94:2f:49:f5:
54:f5:36:5e:09:d0:84:d2:a6:88:2b:bb:a3:be:32:
c1:e7:51:19:76:fe:8a:ee:e4:43:7b:97:c1:97:87:
e4:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:DF:E8:EF:34:EF:9C:46:9C:58:53:2D:4D:2B:3D:4D:1B:BB:62:2E
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/hN_o7zTvnEacWFMtTSs9TRu7Yi4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.117.22.0/24
185.120.7.0/24
185.122.56.0/22
185.133.192.0/24
IPv6:
2a06:8e00::/48
2a06:8ec0:3::/48
Signature Algorithm: sha256WithRSAEncryption
c1:3b:d3:7b:5e:3b:db:7b:75:56:df:40:05:49:7b:9f:4a:34:
d2:e3:d4:9b:ab:cb:db:86:41:8a:2b:af:ef:48:f5:0c:4c:d3:
a9:05:96:33:c4:b8:c9:f4:a8:30:2c:48:5b:ad:63:c8:8b:56:
51:92:18:ed:eb:c2:d8:7b:c5:b4:d5:44:ae:f0:1b:e4:db:03:
ec:4f:da:38:bb:5f:77:a3:bf:e5:e0:59:3b:4c:ae:67:f5:ee:
58:fe:60:a6:9f:4c:a3:0a:a7:9b:cf:05:35:f4:98:6e:39:51:
d3:b3:e2:82:21:11:36:12:6e:eb:df:3d:f7:d2:9a:f6:7b:c2:
d7:f4:7d:d2:48:ad:f5:31:39:71:de:6d:8a:71:a7:84:e0:1b:
dc:3d:8c:94:e2:7b:40:e1:5d:33:d5:18:c3:1c:56:17:01:65:
75:81:15:07:d5:7d:4f:ae:23:39:97:2c:96:a2:e0:4e:19:da:
71:16:aa:d7:af:f6:79:72:6d:6b:d0:fc:06:41:e3:ef:7a:ee:
a0:71:ed:6e:b0:3b:af:59:9b:47:0e:17:4f:ac:94:44:62:5e:
c1:32:6c:c4:4f:a7:2f:b2:f2:b2:8e:32:50:ed:2d:d6:6e:f3:
d1:11:9e:d5:03:fb:a6:53:3e:11:9b:65:f7:99:5c:63:46:84:
ad:5c:43:47
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgIEGI7iJTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzhmZDFhOGFlNTk5NmMxZTU2OTJjMWE4YzQyYmZlOWMzYmE1NzQ1MB4XDTIyMDIw
MTAzMDEyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODRkZmU4ZWYzNGVm
OWM0NjljNTg1MzJkNGQyYjNkNGQxYmJiNjIyZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALY57Uth5DV8WC7vm7aCtRfPBek2FyiJ6ObB68/ze8RYt/ea
hJCZG6Q3grLsgkjRGoUuAJq+Nt5Rgm6a8Zx7RHHl/CZUuXFWw8jD0mxxT/1DaUmd
1M+aYu9puFLyOa/y6pbeu8af3irC+BcdhT9BhEBPaje5/TRs6cS3RzOHK3DBefJy
r2pZ3nnPhtPEDk/2aNpWE2sutCOinqXYQjfDtbi2kiftjUfEXPFANI2ESbSU5YOR
74GzSK31GNBBvA3hxcL0tW0+QA1I5v/L4c+kQrj+VNg4Ul/Rh1TR+16UL0n1VPU2
XgnQhNKmiCu7o74ywedRGXb+iu7kQ3uXwZeH5EUCAwEAAaOCAjUwggIxMB0GA1Ud
DgQWBBSE3+jvNO+cRpxYUy1NKz1NG7tiLjAfBgNVHSMEGDAWgBRsj9GorlmWweVp
LBqMQr/pw7pXRTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JJX1JxSzVabHNIbGFTd2FqRUtfNmNPNlYwVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8x
L2hOX283elR2bkVhY1dGTXRUU3M5VFJ1N1lpNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8xL2JJX1JxSzVabHNI
bGFTd2FqRUtfNmNPNlYwVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBL
BggrBgEFBQcBBwEB/wQ8MDowHgQCAAEwGAMEALl1FgMEALl4BwMEArl6OAMEALmF
wDAYBAIAAjASAwcAKgaOAAAAAwcAKgaOwAADMA0GCSqGSIb3DQEBCwUAA4IBAQDB
O9N7Xjvbe3VW30AFSXufSjTS49Sbq8vbhkGKK6/vSPUMTNOpBZYzxLjJ9KgwLEhb
rWPIi1ZRkhjt68LYe8W01USu8Bvk2wPsT9o4u193o7/l4Fk7TK5n9e5Y/mCmn0yj
CqebzwU19JhuOVHTs+KCIRE2Em7r3z330pr2e8LX9H3SSK31MTlx3m2KcaeE4Bvc
PYyU4ntA4V0z1RjDHFYXAWV1gRUH1X1PriM5lyyWouBOGdpxFqrXr/Z5cm1r0PwG
QePveu6gce1usDuvWZtHDhdPrJREYl7BMmzET6cvsvKyjjJQ7S3WbvPREZ7VA/um
Uz4Rm2X3mVxjRoStXENH
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:18 2023 by rpki-client on console-fra.rpki-client.org