Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/rIoi2vodya65tp7yTlfadWojveU.roa
File: rIoi2vodya65tp7yTlfadWojveU.roa (raw, json)
Hash identifier: 6/Z++3Dd2iPUedcKZk1ZNVUJleLPdyO0oXqw9vKYftg=
Subject key identifier: AC:8A:22:DA:FA:1D:C9:AE:B9:B6:9E:F2:4E:57:DA:75:6A:23:BD:E5
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 19BA3417
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/rIoi2vodya65tp7yTlfadWojveU.roa
Signing time: Fri 15 Apr 2022 02:18:08 +0000
ROA not before: Fri 15 Apr 2022 02:18:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7489
IP address blocks: 185.133.192.0/24 maxlen: 24
185.117.22.0/24 maxlen: 24
185.122.57.0/24 maxlen: 32
2a06:8e00::/48 maxlen: 48
2a06:8ec0:3::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 431633431 (0x19ba3417)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Apr 15 02:18:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ac8a22dafa1dc9aeb9b69ef24e57da756a23bde5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:9c:44:5f:76:f3:df:63:04:a4:9c:55:99:77:
0f:99:a5:df:66:7b:a8:ae:4e:e9:36:37:cb:b7:cb:
0e:6e:24:7f:79:81:58:27:20:63:5d:51:98:bb:3c:
ae:9b:19:4f:84:15:5d:43:b6:30:5a:ae:8e:ac:1e:
e8:93:bc:0c:14:45:b4:f6:d6:0c:3c:98:85:1a:90:
64:cc:76:7e:02:00:35:ad:3a:84:8b:7f:81:04:4a:
bb:15:a4:57:bd:92:df:2b:70:7b:e7:bc:8f:5a:f5:
5d:b1:81:8b:cb:07:e8:51:55:41:7f:5e:55:f0:60:
d7:30:dc:1a:d5:61:8c:e3:30:18:1f:2b:cf:ab:23:
fc:4e:55:e4:74:ae:80:0a:e3:48:09:39:a9:fc:66:
7f:82:1b:ef:3a:a3:1c:44:8a:9b:e6:95:05:46:51:
1c:50:bf:97:e9:c4:68:ea:6a:31:77:99:35:03:57:
63:ef:1c:63:d2:ec:83:e5:1a:9e:f3:c7:aa:d7:24:
6c:6b:91:0d:a8:f7:bc:85:7e:6f:fb:ed:e3:45:f5:
22:54:b8:82:6d:83:75:ee:15:56:65:96:ee:34:83:
ad:9d:c2:63:22:33:34:6a:2d:4c:fc:f6:32:c6:67:
a2:f9:91:9c:b7:3b:3e:66:2c:fb:f9:e7:ed:12:c3:
3b:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:8A:22:DA:FA:1D:C9:AE:B9:B6:9E:F2:4E:57:DA:75:6A:23:BD:E5
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/rIoi2vodya65tp7yTlfadWojveU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.117.22.0/24
185.122.57.0/24
185.133.192.0/24
IPv6:
2a06:8e00::/48
2a06:8ec0:3::/48
Signature Algorithm: sha256WithRSAEncryption
1e:b4:f5:e9:dd:f8:83:99:7e:86:28:fb:63:59:fe:2a:36:8d:
09:bd:f7:37:d6:1d:64:22:c1:e9:57:6f:17:eb:c6:46:89:17:
ec:c1:1e:9c:de:04:ad:87:36:56:a5:2e:b5:4e:88:18:b2:9e:
61:59:e1:d6:f0:a0:65:22:f9:95:bf:04:fa:a1:14:25:38:a9:
a4:58:bd:29:26:3c:b7:06:35:dc:3a:41:b9:54:6a:0a:5c:38:
14:42:5b:76:de:6e:9a:c2:64:c0:2f:2e:d9:7f:9f:8d:b4:37:
1c:db:27:42:d3:3a:4c:cf:5c:5c:a7:87:2a:76:7a:89:bc:bd:
f0:33:53:01:5d:c0:7b:22:e5:b3:46:6a:df:99:1d:09:30:6f:
4e:37:a1:0d:47:36:64:c6:e2:a3:1d:76:d6:39:1f:a4:48:79:
6d:86:c5:dc:0c:9a:86:e8:c9:ce:fa:22:c6:64:53:cb:27:bc:
3a:c3:e7:fd:f1:9c:84:47:46:51:c6:99:bd:32:05:82:78:e9:
c3:ec:d3:99:65:16:4d:c3:09:8e:aa:02:fc:07:e8:66:24:2b:
3d:cd:32:b9:05:97:07:29:92:8e:e2:a2:eb:1f:cd:bb:17:0f:
8d:57:e8:58:63:42:11:9b:a9:6f:14:f4:67:5e:23:39:94:6c:
58:ea:61:f8
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgIEGbo0FzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzhmZDFhOGFlNTk5NmMxZTU2OTJjMWE4YzQyYmZlOWMzYmE1NzQ1MB4XDTIyMDQx
NTAyMTgwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWM4YTIyZGFmYTFk
YzlhZWI5YjY5ZWYyNGU1N2RhNzU2YTIzYmRlNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKKcRF92899jBKScVZl3D5ml32Z7qK5O6TY3y7fLDm4kf3mB
WCcgY11RmLs8rpsZT4QVXUO2MFqujqwe6JO8DBRFtPbWDDyYhRqQZMx2fgIANa06
hIt/gQRKuxWkV72S3ytwe+e8j1r1XbGBi8sH6FFVQX9eVfBg1zDcGtVhjOMwGB8r
z6sj/E5V5HSugArjSAk5qfxmf4Ib7zqjHESKm+aVBUZRHFC/l+nEaOpqMXeZNQNX
Y+8cY9Lsg+UanvPHqtckbGuRDaj3vIV+b/vt40X1IlS4gm2Dde4VVmWW7jSDrZ3C
YyIzNGotTPz2MsZnovmRnLc7PmYs+/nn7RLDO8UCAwEAAaOCAi8wggIrMB0GA1Ud
DgQWBBSsiiLa+h3Jrrm2nvJOV9p1aiO95TAfBgNVHSMEGDAWgBRsj9GorlmWweVp
LBqMQr/pw7pXRTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JJX1JxSzVabHNIbGFTd2FqRUtfNmNPNlYwVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8x
L3JJb2kydm9keWE2NXRwN3lUbGZhZFdvanZlVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8xL2JJX1JxSzVabHNI
bGFTd2FqRUtfNmNPNlYwVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBF
BggrBgEFBQcBBwEB/wQ2MDQwGAQCAAEwEgMEALl1FgMEALl6OQMEALmFwDAYBAIA
AjASAwcAKgaOAAAAAwcAKgaOwAADMA0GCSqGSIb3DQEBCwUAA4IBAQAetPXp3fiD
mX6GKPtjWf4qNo0Jvfc31h1kIsHpV28X68ZGiRfswR6c3gSthzZWpS61TogYsp5h
WeHW8KBlIvmVvwT6oRQlOKmkWL0pJjy3BjXcOkG5VGoKXDgUQlt23m6awmTALy7Z
f5+NtDcc2ydC0zpMz1xcp4cqdnqJvL3wM1MBXcB7IuWzRmrfmR0JMG9ON6ENRzZk
xuKjHXbWOR+kSHlthsXcDJqG6MnO+iLGZFPLJ7w6w+f98ZyER0ZRxpm9MgWCeOnD
7NOZZRZNwwmOqgL8B+hmJCs9zTK5BZcHKZKO4qLrH827Fw+NV+hYY0IRm6lvFPRn
XiM5lGxY6mH4
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:18 2023 by rpki-client on console-fra.rpki-client.org