Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/6-VXfpGZICpW-B9hoPQNjNNX8rM.roa
File: 6-VXfpGZICpW-B9hoPQNjNNX8rM.roa (raw, json)
Hash identifier: mRKOO3DboIH9M9xK9ai3SKaRjOglb83xx5CT0biQtnQ=
Subject key identifier: EB:E5:57:7E:91:99:20:2A:56:F8:1F:61:A0:F4:0D:8C:D3:57:F2:B3
Certificate issuer: /CN=bdfad23e11cf0d24a477594eba09f99acc6f1fff
Certificate serial: 0841BDB3
Authority key identifier: BD:FA:D2:3E:11:CF:0D:24:A4:77:59:4E:BA:09:F9:9A:CC:6F:1F:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vfrSPhHPDSSkd1lOugn5msxvH_8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/6-VXfpGZICpW-B9hoPQNjNNX8rM.roa
Signing time: Tue 29 Mar 2022 08:36:40 +0000
ROA not before: Tue 29 Mar 2022 08:36:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39494
IP address blocks: 89.104.64.0/19 maxlen: 19
89.104.76.0/24 maxlen: 24
89.111.128.0/18 maxlen: 18
79.174.72.0/22 maxlen: 22
89.111.144.0/20 maxlen: 20
89.111.160.0/20 maxlen: 24
89.111.176.0/20 maxlen: 20
89.111.177.0/24 maxlen: 24
89.111.176.0/22 maxlen: 22
2a01:d8::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 138526131 (0x841bdb3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bdfad23e11cf0d24a477594eba09f99acc6f1fff
Validity
Not Before: Mar 29 08:36:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ebe5577e9199202a56f81f61a0f40d8cd357f2b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:67:0d:15:c2:99:12:45:69:85:48:ce:06:47:
d1:0d:79:b7:56:b4:99:13:d8:50:ee:d6:e2:38:72:
7a:c7:b8:0c:88:c0:d5:fd:94:8f:3c:84:d7:87:f3:
30:2f:ca:d7:a5:13:14:3d:a4:e9:26:03:e7:95:91:
58:a8:21:70:2b:e8:5d:9c:b2:da:78:b3:f4:05:ab:
44:53:12:84:1e:8e:b5:c7:93:a7:2f:40:47:80:65:
a5:0b:07:1f:0e:79:a2:da:42:88:23:88:6a:47:6a:
79:11:67:ee:01:0a:7f:d7:11:0a:36:bd:f4:06:49:
0b:39:a1:88:9f:de:2f:fd:12:87:63:fa:01:d1:ea:
06:b8:b4:89:e9:5c:38:a7:04:ad:a2:89:3c:4f:b7:
5b:f3:ef:8d:d4:06:62:3e:cd:be:0e:d5:ce:51:79:
3f:49:7b:c3:ce:dc:5f:9c:20:a4:30:51:81:ba:9d:
ad:93:30:03:31:d4:88:6f:84:cb:af:42:15:14:3c:
d0:66:62:00:2b:19:64:bf:31:7d:a0:09:59:94:6b:
54:4d:f8:77:ee:d1:17:1d:66:81:60:91:9a:ad:96:
81:0a:b6:c6:25:a6:13:a9:dc:f3:42:ba:9f:50:8a:
84:41:ca:d7:18:78:9d:a6:f9:18:fa:5d:c3:c5:02:
0d:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:E5:57:7E:91:99:20:2A:56:F8:1F:61:A0:F4:0D:8C:D3:57:F2:B3
X509v3 Authority Key Identifier:
keyid:BD:FA:D2:3E:11:CF:0D:24:A4:77:59:4E:BA:09:F9:9A:CC:6F:1F:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vfrSPhHPDSSkd1lOugn5msxvH_8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/6-VXfpGZICpW-B9hoPQNjNNX8rM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/vfrSPhHPDSSkd1lOugn5msxvH_8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.174.72.0/22
89.104.64.0/19
89.111.128.0/18
IPv6:
2a01:d8::/32
Signature Algorithm: sha256WithRSAEncryption
76:47:1f:50:c0:b3:49:a3:80:3b:88:50:8b:77:35:02:92:98:
dd:18:77:06:d7:10:6e:85:ea:7c:a5:35:01:db:20:bc:62:c5:
37:3b:43:ee:07:90:f7:63:f1:03:40:f1:d4:ae:0a:ef:77:77:
b5:e6:21:09:29:8e:cd:d9:90:d2:fe:ee:1b:a7:c9:6e:97:9f:
7e:61:82:81:84:4d:97:01:69:f3:36:f0:a6:1f:2f:b3:0e:86:
f5:ec:fe:6e:8d:49:c4:6c:e6:4d:f1:ba:07:39:e8:f9:82:ed:
58:05:cf:ba:b3:76:04:c5:dd:12:b2:71:11:b2:88:7a:83:11:
82:e2:f7:85:3a:0f:71:4c:34:0b:f4:27:52:ce:21:09:63:59:
b2:d0:63:b5:dc:bf:40:d2:28:19:db:8c:db:3e:80:d2:9b:d4:
6f:42:c2:a7:b6:c3:98:4d:9b:b1:6d:ab:ef:65:26:11:05:1e:
9a:7a:be:03:bb:fc:64:9a:e0:de:5e:89:d8:83:99:cd:25:b1:
95:84:70:a6:28:5c:b9:d6:e9:38:e5:e6:66:1b:90:6a:83:e4:
56:21:2a:91:a6:19:cd:25:7d:8a:68:c2:d0:7c:5a:c1:e1:46:
2a:43:60:e4:05:ec:e0:f6:cf:04:20:43:e7:6d:76:3b:2f:6f:
c4:fc:7c:17
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIECEG9szANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
ZGZhZDIzZTExY2YwZDI0YTQ3NzU5NGViYTA5Zjk5YWNjNmYxZmZmMB4XDTIyMDMy
OTA4MzY0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWJlNTU3N2U5MTk5
MjAyYTU2ZjgxZjYxYTBmNDBkOGNkMzU3ZjJiMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIRnDRXCmRJFaYVIzgZH0Q15t1a0mRPYUO7W4jhyese4DIjA
1f2UjzyE14fzMC/K16UTFD2k6SYD55WRWKghcCvoXZyy2niz9AWrRFMShB6OtceT
py9AR4BlpQsHHw55otpCiCOIakdqeRFn7gEKf9cRCja99AZJCzmhiJ/eL/0Sh2P6
AdHqBri0ielcOKcEraKJPE+3W/PvjdQGYj7Nvg7VzlF5P0l7w87cX5wgpDBRgbqd
rZMwAzHUiG+Ey69CFRQ80GZiACsZZL8xfaAJWZRrVE34d+7RFx1mgWCRmq2WgQq2
xiWmE6nc80K6n1CKhEHK1xh4nab5GPpdw8UCDRsCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBTr5Vd+kZkgKlb4H2Gg9A2M01fyszAfBgNVHSMEGDAWgBS9+tI+Ec8NJKR3
WU66CfmazG8f/zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3ZmclNQaEhQRFNTa2QxbE91Z241bXN4dkhfOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDMvZTI1MjM5LTZhYjAtNDkxOS1hNzZhLTRmNGU3MWUzMjA4NC8x
LzYtVlhmcEdaSUNwVy1COWhvUFFOak5OWDhyTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDMv
ZTI1MjM5LTZhYjAtNDkxOS1hNzZhLTRmNGU3MWUzMjA4NC8xL3ZmclNQaEhQRFNT
a2QxbE91Z241bXN4dkhfOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEAk+uSAMEBVloQAMEBllvgDANBAIA
AjAHAwUAKgEA2DANBgkqhkiG9w0BAQsFAAOCAQEAdkcfUMCzSaOAO4hQi3c1ApKY
3Rh3BtcQboXqfKU1AdsgvGLFNztD7geQ92PxA0Dx1K4K73d3teYhCSmOzdmQ0v7u
G6fJbpeffmGCgYRNlwFp8zbwph8vsw6G9ez+bo1JxGzmTfG6Bzno+YLtWAXPurN2
BMXdErJxEbKIeoMRguL3hToPcUw0C/QnUs4hCWNZstBjtdy/QNIoGduM2z6A0pvU
b0LCp7bDmE2bsW2r72UmEQUemnq+A7v8ZJrg3l6J2IOZzSWxlYRwpihcudbpOOXm
ZhuQaoPkViEqkaYZzSV9imjC0HxaweFGKkNg5AXs4PbPBCBD5212Oy9vxPx8Fw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:29 2023 by rpki-client on console-fra.rpki-client.org