Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/m3BGldKr-5KaOsLNeVliCVmCcC4.roa
File: m3BGldKr-5KaOsLNeVliCVmCcC4.roa (raw, json)
Hash identifier: zVEiYjyMb/05+yoNtYITPLFkAaUNnjpSGceh3/2TbW8=
Subject key identifier: 9B:70:46:95:D2:AB:FB:92:9A:3A:C2:CD:79:59:62:09:59:82:70:2E
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 1896E001
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/m3BGldKr-5KaOsLNeVliCVmCcC4.roa
Signing time: Thu 03 Feb 2022 19:39:09 +0000
ROA not before: Thu 03 Feb 2022 19:39:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62240
IP address blocks: 185.133.192.0/24 maxlen: 24
185.120.7.0/24 maxlen: 24
185.117.22.0/24 maxlen: 24
185.122.56.0/24 maxlen: 24
185.122.57.0/24 maxlen: 24
185.122.59.0/24 maxlen: 32
2a06:82c2::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 412540929 (0x1896e001)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Feb 3 19:39:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9b704695d2abfb929a3ac2cd795962095982702e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:05:3c:14:ed:ba:d4:78:8c:b0:7f:f6:3c:02:
3a:6f:c8:c1:87:8c:0b:c8:0a:66:a9:37:4f:a2:53:
08:b9:a4:e1:1d:a8:bc:80:48:af:bd:e2:2c:44:af:
03:87:e2:35:fa:38:ec:3d:d4:5d:fb:db:f0:25:25:
53:aa:35:a4:ee:ee:1d:b0:cd:3c:a7:f1:ec:29:f9:
16:e6:bf:90:b0:5a:86:0b:ff:15:dc:38:54:85:57:
20:7a:1a:01:d3:33:b4:af:ea:bb:c3:1c:6d:f1:e1:
f1:f2:d4:10:47:fd:7d:64:bc:70:f6:36:62:77:8c:
ea:ee:64:24:30:1e:36:bf:bf:90:56:e6:89:4e:4c:
7f:f9:d5:3a:18:a1:63:c0:64:0b:7d:2c:68:bd:33:
dd:93:d0:1e:76:cd:f3:78:ae:0b:68:9c:7e:d8:cc:
f2:28:e2:f9:f1:10:56:27:de:52:83:61:0a:ef:59:
68:6f:96:4f:2d:87:09:f6:d3:be:82:7f:bb:9c:72:
e9:47:4d:76:7c:0f:39:17:7c:f8:ff:c0:0a:b4:e9:
74:94:0c:9f:db:3f:fc:0e:09:14:6b:5b:a6:79:3b:
ed:36:61:37:ab:81:7b:aa:06:b5:e0:18:64:b7:5e:
5f:91:24:8e:a9:79:60:ad:7d:dc:db:b7:ee:c2:f4:
9b:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:70:46:95:D2:AB:FB:92:9A:3A:C2:CD:79:59:62:09:59:82:70:2E
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/m3BGldKr-5KaOsLNeVliCVmCcC4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.117.22.0/24
185.120.7.0/24
185.122.56.0/23
185.122.59.0/24
185.133.192.0/24
IPv6:
2a06:82c2::/48
Signature Algorithm: sha256WithRSAEncryption
bf:a3:bd:4c:96:5a:4a:f6:fe:01:bd:98:8d:b8:0d:16:82:3d:
85:c8:d2:b7:13:7c:54:d6:59:69:99:60:5d:66:dd:cf:f4:84:
f0:08:d3:29:98:32:53:33:f5:91:1d:c6:b1:7c:4e:5d:6d:61:
9c:e8:df:c4:b8:4c:97:ae:96:3b:d6:e4:cc:fa:20:7b:be:bb:
e3:6d:14:b2:b2:64:0d:50:6a:29:6d:0a:50:05:3b:a8:84:6e:
c0:0f:44:37:69:99:61:ec:f7:2a:93:6b:77:8a:25:74:28:54:
c8:96:6a:fc:3c:b0:45:b2:d2:c3:ae:83:07:98:6f:60:35:69:
21:65:4f:fa:43:3f:9b:f4:6c:3a:c2:30:b3:dd:24:87:72:54:
83:46:8a:06:f8:52:51:68:0a:d3:20:65:d8:02:ff:90:bd:2d:
fa:0a:90:4e:92:f2:5b:08:63:6c:81:8a:7a:3e:91:50:e2:6d:
82:0c:86:78:18:5c:29:5f:d0:9e:ba:bb:f2:26:a1:54:71:5e:
26:2b:0b:35:f7:5e:77:74:50:d6:0f:d0:8e:b1:b7:d7:5a:fe:
20:dc:e1:d4:dc:3c:3c:a8:fc:fb:d5:d8:a5:a9:76:59:5b:5a:
86:0e:87:60:00:5f:5c:4e:c0:b7:74:65:00:9d:ff:9e:2f:86:
f2:98:43:81
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgIEGJbgATANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzhmZDFhOGFlNTk5NmMxZTU2OTJjMWE4YzQyYmZlOWMzYmE1NzQ1MB4XDTIyMDIw
MzE5MzkwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWI3MDQ2OTVkMmFi
ZmI5MjlhM2FjMmNkNzk1OTYyMDk1OTgyNzAyZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALwFPBTtutR4jLB/9jwCOm/IwYeMC8gKZqk3T6JTCLmk4R2o
vIBIr73iLESvA4fiNfo47D3UXfvb8CUlU6o1pO7uHbDNPKfx7Cn5Fua/kLBahgv/
Fdw4VIVXIHoaAdMztK/qu8McbfHh8fLUEEf9fWS8cPY2YneM6u5kJDAeNr+/kFbm
iU5Mf/nVOhihY8BkC30saL0z3ZPQHnbN83iuC2icftjM8iji+fEQVifeUoNhCu9Z
aG+WTy2HCfbTvoJ/u5xy6UdNdnwPORd8+P/ACrTpdJQMn9s//A4JFGtbpnk77TZh
N6uBe6oGteAYZLdeX5Ekjql5YK193Nu37sL0mxkCAwEAAaOCAjIwggIuMB0GA1Ud
DgQWBBSbcEaV0qv7kpo6ws15WWIJWYJwLjAfBgNVHSMEGDAWgBRsj9GorlmWweVp
LBqMQr/pw7pXRTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JJX1JxSzVabHNIbGFTd2FqRUtfNmNPNlYwVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8x
L20zQkdsZEtyLTVLYU9zTE5lVmxpQ1ZtQ2NDNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8xL2JJX1JxSzVabHNI
bGFTd2FqRUtfNmNPNlYwVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBI
BggrBgEFBQcBBwEB/wQ5MDcwJAQCAAEwHgMEALl1FgMEALl4BwMEAbl6OAMEALl6
OwMEALmFwDAPBAIAAjAJAwcAKgaCwgAAMA0GCSqGSIb3DQEBCwUAA4IBAQC/o71M
llpK9v4BvZiNuA0Wgj2FyNK3E3xU1llpmWBdZt3P9ITwCNMpmDJTM/WRHcaxfE5d
bWGc6N/EuEyXrpY71uTM+iB7vrvjbRSysmQNUGopbQpQBTuohG7AD0Q3aZlh7Pcq
k2t3iiV0KFTIlmr8PLBFstLDroMHmG9gNWkhZU/6Qz+b9Gw6wjCz3SSHclSDRooG
+FJRaArTIGXYAv+QvS36CpBOkvJbCGNsgYp6PpFQ4m2CDIZ4GFwpX9CeurvyJqFU
cV4mKws19153dFDWD9COsbfXWv4g3OHU3Dw8qPz71dilqXZZW1qGDodgAF9cTsC3
dGUAnf+eL4bymEOB
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:09 2023 by rpki-client on console-ams.rpki-client.org