Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/l8rgL6Y0abQ_Dq0FYh6oGqjQsQA.roa
File: l8rgL6Y0abQ_Dq0FYh6oGqjQsQA.roa (raw, json)
Hash identifier: Nhg82Et2VfxjH9az2otXabDHbn/2XXQJSeAouOaUdJU=
Subject key identifier: 97:CA:E0:2F:A6:34:69:B4:3F:0E:AD:05:62:1E:A8:1A:A8:D0:B1:00
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 18FDAE2E
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/l8rgL6Y0abQ_Dq0FYh6oGqjQsQA.roa
Signing time: Fri 04 Mar 2022 07:26:28 +0000
ROA not before: Fri 04 Mar 2022 07:26:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62240
IP address blocks: 185.133.192.0/24 maxlen: 24
185.117.22.0/24 maxlen: 24
185.122.56.0/24 maxlen: 24
185.122.57.0/24 maxlen: 24
185.122.59.0/24 maxlen: 32
2a06:82c2::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 419278382 (0x18fdae2e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Mar 4 07:26:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=97cae02fa63469b43f0ead05621ea81aa8d0b100
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:35:54:3c:82:d3:1a:22:01:ac:f1:43:61:4d:
5f:94:9d:70:a4:51:b2:04:c0:8d:5c:c4:59:ae:30:
92:03:3e:7a:39:8f:9a:05:11:4a:ae:3d:ed:52:4a:
c3:0f:ed:bc:7b:d0:6f:3d:bf:e8:cf:9d:fc:14:af:
58:dc:01:92:9b:e9:95:00:09:3e:e9:2a:45:33:5d:
a2:55:fa:c8:0b:13:68:bf:e6:7b:d2:2a:25:a0:a5:
d7:be:8d:9d:ee:b4:ad:2c:53:a2:fa:b9:d4:66:bf:
34:29:75:e7:8f:b1:aa:36:3d:b3:d4:fe:73:6e:8c:
4c:a4:5d:60:a2:d5:72:e8:40:31:d9:cd:7e:1b:02:
f2:58:3f:2e:60:d0:a5:dc:4c:d2:cf:07:64:d9:72:
69:73:ff:a9:ec:c3:61:ed:0b:40:bf:d2:e2:93:82:
48:51:7d:0e:fa:1f:a3:10:40:8d:1a:b8:4f:80:c4:
5e:fd:a1:08:af:1b:bd:a7:d1:3f:89:a7:c6:b5:45:
c8:45:f3:e5:38:64:83:bc:19:eb:e3:f3:42:f6:93:
06:f3:f2:fd:06:90:c0:4f:07:b4:c6:30:2a:88:fd:
99:cd:15:b0:3b:8e:ba:8e:41:b3:e9:55:70:61:3d:
b8:66:b5:dd:48:d2:a7:13:b7:f9:ee:6e:1b:8b:2e:
ea:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:CA:E0:2F:A6:34:69:B4:3F:0E:AD:05:62:1E:A8:1A:A8:D0:B1:00
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/l8rgL6Y0abQ_Dq0FYh6oGqjQsQA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.117.22.0/24
185.122.56.0/23
185.122.59.0/24
185.133.192.0/24
IPv6:
2a06:82c2::/48
Signature Algorithm: sha256WithRSAEncryption
cf:73:0a:b7:78:55:9b:73:b5:af:2b:6e:18:fd:79:a1:83:ce:
5b:e8:3e:82:42:b1:b4:ac:fd:ac:ac:38:de:3e:bb:76:43:03:
4e:09:59:2f:25:9f:8a:c5:c6:ab:2e:a4:a7:e2:ed:8d:0b:d8:
17:ec:11:24:76:28:ca:72:20:66:c4:9e:a4:a0:08:fa:2f:eb:
c7:5b:3b:25:c6:60:f6:9f:2c:4c:a6:dc:c0:e4:bc:ad:db:74:
2f:35:11:d0:05:91:ef:09:b7:a7:ae:9c:18:f1:2a:13:5e:5c:
45:c1:67:0f:af:fa:45:33:6c:65:49:11:1f:f2:c7:cc:c3:33:
44:8a:45:c0:56:6d:2e:9b:ca:b7:56:82:7b:40:a5:1a:4a:3f:
f6:86:31:12:2f:cd:59:54:96:5d:b0:30:ef:b2:41:b2:9b:09:
c3:af:45:84:90:91:c5:bc:41:6e:4a:cb:b8:00:cf:74:17:f1:
1e:0a:94:11:e6:3f:02:bf:0c:7d:8d:2b:6b:b1:4c:3f:8a:e8:
9c:22:ca:d9:0b:f0:a9:e6:84:21:77:8f:6d:e5:69:84:7e:f8:
5d:f9:28:50:f0:0e:3c:0b:ee:58:fe:68:b9:55:00:ec:db:a7:
36:d2:02:f5:6c:22:f5:5e:0f:f6:26:34:a4:3c:fe:ae:dd:ba:
3c:85:37:cd
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIEGP2uLjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzhmZDFhOGFlNTk5NmMxZTU2OTJjMWE4YzQyYmZlOWMzYmE1NzQ1MB4XDTIyMDMw
NDA3MjYyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTdjYWUwMmZhNjM0
NjliNDNmMGVhZDA1NjIxZWE4MWFhOGQwYjEwMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMc1VDyC0xoiAazxQ2FNX5SdcKRRsgTAjVzEWa4wkgM+ejmP
mgURSq497VJKww/tvHvQbz2/6M+d/BSvWNwBkpvplQAJPukqRTNdolX6yAsTaL/m
e9IqJaCl176Nne60rSxTovq51Ga/NCl154+xqjY9s9T+c26MTKRdYKLVcuhAMdnN
fhsC8lg/LmDQpdxM0s8HZNlyaXP/qezDYe0LQL/S4pOCSFF9DvofoxBAjRq4T4DE
Xv2hCK8bvafRP4mnxrVFyEXz5Thkg7wZ6+PzQvaTBvPy/QaQwE8HtMYwKoj9mc0V
sDuOuo5Bs+lVcGE9uGa13UjSpxO3+e5uG4su6tECAwEAAaOCAiwwggIoMB0GA1Ud
DgQWBBSXyuAvpjRptD8OrQViHqgaqNCxADAfBgNVHSMEGDAWgBRsj9GorlmWweVp
LBqMQr/pw7pXRTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JJX1JxSzVabHNIbGFTd2FqRUtfNmNPNlYwVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8x
L2w4cmdMNlkwYWJRX0RxMEZZaDZvR3FqUXNRQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8xL2JJX1JxSzVabHNI
bGFTd2FqRUtfNmNPNlYwVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBC
BggrBgEFBQcBBwEB/wQzMDEwHgQCAAEwGAMEALl1FgMEAbl6OAMEALl6OwMEALmF
wDAPBAIAAjAJAwcAKgaCwgAAMA0GCSqGSIb3DQEBCwUAA4IBAQDPcwq3eFWbc7Wv
K24Y/Xmhg85b6D6CQrG0rP2srDjePrt2QwNOCVkvJZ+KxcarLqSn4u2NC9gX7BEk
dijKciBmxJ6koAj6L+vHWzslxmD2nyxMptzA5Lyt23QvNRHQBZHvCbenrpwY8SoT
XlxFwWcPr/pFM2xlSREf8sfMwzNEikXAVm0um8q3VoJ7QKUaSj/2hjESL81ZVJZd
sDDvskGymwnDr0WEkJHFvEFuSsu4AM90F/EeCpQR5j8Cvwx9jStrsUw/iuicIsrZ
C/Cp5oQhd49t5WmEfvhd+ShQ8A48C+5Y/mi5VQDs26c20gL1bCL1Xg/2JjSkPP6u
3bo8hTfN
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:18 2023 by rpki-client on console-fra.rpki-client.org