Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/z0AJIrEv-1ga8vK7HTHbdSSVVwo.roa
File: z0AJIrEv-1ga8vK7HTHbdSSVVwo.roa (raw, json)
Hash identifier: p4RAoF2dKL2aW39fDG/rzZkRySlwsI5VBNb/G6X6EXU=
Subject key identifier: CF:40:09:22:B1:2F:FB:58:1A:F2:F2:BB:1D:31:DB:75:24:95:57:0A
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 1997CA6E
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/z0AJIrEv-1ga8vK7HTHbdSSVVwo.roa
Signing time: Sun 10 Apr 2022 02:10:33 +0000
ROA not before: Sun 10 Apr 2022 02:10:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62240
IP address blocks: 185.133.192.0/24 maxlen: 24
185.117.22.0/24 maxlen: 24
185.122.57.0/24 maxlen: 32
185.122.58.0/24 maxlen: 32
2a06:82c2::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 429378158 (0x1997ca6e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Apr 10 02:10:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cf400922b12ffb581af2f2bb1d31db752495570a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:1c:9f:26:49:a9:ad:29:74:56:3d:6b:0b:04:
41:4a:42:cc:d9:82:8b:1d:43:4d:70:57:8e:e5:5a:
8a:2d:89:5d:a1:16:c6:9a:93:46:54:a6:0c:e7:71:
8e:7e:56:d9:17:ce:b6:19:0e:0f:70:44:20:ec:af:
e7:2a:a8:e9:cf:f5:29:dd:df:6c:ad:71:f6:96:b6:
27:c2:c5:51:5c:10:71:81:bc:fb:ac:54:a3:4f:d2:
9e:57:21:c6:7d:5a:36:27:89:2d:7a:05:09:ad:9b:
73:4f:a2:53:54:ee:18:5f:5c:28:79:40:a1:d8:32:
f6:81:27:17:4f:b5:a3:40:0e:0e:6b:0a:c1:0d:04:
c7:3d:b6:29:7d:67:58:a1:24:88:b9:1b:64:aa:f5:
d5:00:68:4f:61:58:95:ce:60:64:f2:ee:39:1c:c5:
42:d2:4b:8f:ea:30:a5:8e:67:05:eb:3c:d8:ca:02:
cc:45:6b:64:25:c9:30:f1:9a:87:13:e4:8c:52:79:
22:96:93:c8:9f:6c:12:09:fe:24:93:43:4b:39:d7:
77:af:51:97:ce:ae:e1:c1:90:c4:92:df:4a:d1:d5:
cf:a9:82:2b:74:a1:91:7a:dc:49:9d:a2:2d:6b:3c:
2f:62:74:da:df:f1:fe:8b:84:d6:42:2c:d7:3c:eb:
20:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:40:09:22:B1:2F:FB:58:1A:F2:F2:BB:1D:31:DB:75:24:95:57:0A
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/z0AJIrEv-1ga8vK7HTHbdSSVVwo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.117.22.0/24
185.122.57.0-185.122.58.255
185.133.192.0/24
IPv6:
2a06:82c2::/48
Signature Algorithm: sha256WithRSAEncryption
37:c8:a6:90:a7:33:7f:f1:d1:e7:34:15:b4:81:be:24:2a:a6:
21:94:96:41:96:54:99:23:56:34:e9:80:40:c6:1f:4d:74:2a:
ab:7f:0c:de:99:71:c4:bb:6b:3b:fc:b5:ba:2f:da:1f:6e:cf:
e8:c3:28:e4:a4:4f:f1:e3:d7:a5:9d:4d:b5:c2:fd:e8:c7:04:
72:b6:71:6b:6e:b5:d6:9c:86:73:01:cb:69:2c:e9:09:61:dc:
5f:3a:38:1e:0d:0a:5d:b5:57:14:ed:ad:b3:16:8e:6a:76:28:
24:29:0a:60:04:4b:0c:00:26:8a:9a:bd:d7:03:f1:b6:6b:fb:
a3:03:d6:ed:5f:d8:75:ef:22:a6:b2:d3:2d:02:96:03:0c:04:
17:c6:6c:91:c3:fe:81:6b:cf:fb:2a:1a:2f:14:d7:52:ba:1f:
75:7f:05:46:1d:c3:de:6e:67:ec:84:99:f7:b4:c7:50:dc:d4:
9d:78:50:8e:5d:85:12:6b:5b:55:24:a9:e8:59:05:e1:21:71:
29:79:78:6d:06:12:08:55:fc:29:0f:2d:df:98:b2:6c:f2:1e:
85:bd:2e:a2:71:ee:a0:a6:d4:c1:e5:5b:23:4a:db:ad:e8:8b:
dc:d7:eb:51:e7:db:e2:47:c0:aa:f7:ab:36:14:02:4a:27:c2:
e8:0b:7c:5f
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgIEGZfKbjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzhmZDFhOGFlNTk5NmMxZTU2OTJjMWE4YzQyYmZlOWMzYmE1NzQ1MB4XDTIyMDQx
MDAyMTAzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2Y0MDA5MjJiMTJm
ZmI1ODFhZjJmMmJiMWQzMWRiNzUyNDk1NTcwYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALIcnyZJqa0pdFY9awsEQUpCzNmCix1DTXBXjuVaii2JXaEW
xpqTRlSmDOdxjn5W2RfOthkOD3BEIOyv5yqo6c/1Kd3fbK1x9pa2J8LFUVwQcYG8
+6xUo0/Snlchxn1aNieJLXoFCa2bc0+iU1TuGF9cKHlAodgy9oEnF0+1o0AODmsK
wQ0Exz22KX1nWKEkiLkbZKr11QBoT2FYlc5gZPLuORzFQtJLj+owpY5nBes82MoC
zEVrZCXJMPGahxPkjFJ5IpaTyJ9sEgn+JJNDSznXd69Rl86u4cGQxJLfStHVz6mC
K3ShkXrcSZ2iLWs8L2J02t/x/ouE1kIs1zzrIIECAwEAAaOCAi4wggIqMB0GA1Ud
DgQWBBTPQAkisS/7WBry8rsdMdt1JJVXCjAfBgNVHSMEGDAWgBRsj9GorlmWweVp
LBqMQr/pw7pXRTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JJX1JxSzVabHNIbGFTd2FqRUtfNmNPNlYwVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8x
L3owQUpJckV2LTFnYTh2SzdIVEhiZFNTVlZ3by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8xL2JJX1JxSzVabHNI
bGFTd2FqRUtfNmNPNlYwVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBE
BggrBgEFBQcBBwEB/wQ1MDMwIAQCAAEwGgMEALl1FjAMAwQAuXo5AwQAuXo6AwQA
uYXAMA8EAgACMAkDBwAqBoLCAAAwDQYJKoZIhvcNAQELBQADggEBADfIppCnM3/x
0ec0FbSBviQqpiGUlkGWVJkjVjTpgEDGH010Kqt/DN6ZccS7azv8tbov2h9uz+jD
KOSkT/Hj16WdTbXC/ejHBHK2cWtutdachnMBy2ks6Qlh3F86OB4NCl21VxTtrbMW
jmp2KCQpCmAESwwAJoqavdcD8bZr+6MD1u1f2HXvIqay0y0ClgMMBBfGbJHD/oFr
z/sqGi8U11K6H3V/BUYdw95uZ+yEmfe0x1Dc1J14UI5dhRJrW1UkqehZBeEhcSl5
eG0GEghV/CkPLd+YsmzyHoW9LqJx7qCm1MHlWyNK263oi9zX61Hn2+JHwKr3qzYU
AkonwugLfF8=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:18 2023 by rpki-client on console-fra.rpki-client.org