Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/bc676b-c0b6-4fbb-933f-5082c28b715f/1/6mp34DAT8pbWxsOA8OcaVL7fFl8.roa
File: 6mp34DAT8pbWxsOA8OcaVL7fFl8.roa (raw, json)
Hash identifier: KPze7qaSd0VUZJ8UlewWzfZaoG0G868gzS69SMgXJWE=
Subject key identifier: EA:6A:77:E0:30:13:F2:96:D6:C6:C3:80:F0:E7:1A:54:BE:DF:16:5F
Certificate issuer: /CN=90f273a63c51eaf3f9e5ae7b9faafdb2931340df
Certificate serial: 0D09DB98
Authority key identifier: 90:F2:73:A6:3C:51:EA:F3:F9:E5:AE:7B:9F:AA:FD:B2:93:13:40:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kPJzpjxR6vP55a57n6r9spMTQN8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/bc676b-c0b6-4fbb-933f-5082c28b715f/1/6mp34DAT8pbWxsOA8OcaVL7fFl8.roa
Signing time: Sat 01 Jan 2022 07:58:32 +0000
ROA not before: Sat 01 Jan 2022 07:58:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203339
IP address blocks: 185.220.118.0/24 maxlen: 24
185.220.116.0/24 maxlen: 24
185.220.117.0/24 maxlen: 24
84.38.128.0/24 maxlen: 24
2a0b:f6c0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 218749848 (0xd09db98)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90f273a63c51eaf3f9e5ae7b9faafdb2931340df
Validity
Not Before: Jan 1 07:58:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ea6a77e03013f296d6c6c380f0e71a54bedf165f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:cf:20:9c:d7:cd:e4:11:21:0b:26:bb:d1:4c:
c1:08:c9:c7:f6:b0:12:6d:cc:2c:9c:8a:36:f2:8c:
04:ec:8d:66:b0:e9:16:dc:cd:3c:58:6e:20:1f:73:
57:2d:63:28:fb:c5:ec:39:9f:33:50:48:9d:90:dd:
b1:7c:2e:fe:b9:67:b9:33:9a:74:01:46:64:a8:f1:
e5:9c:5b:17:b3:84:5c:bf:69:56:65:f0:90:b4:bb:
f0:e9:1a:c3:b7:57:f9:03:24:3f:ec:ed:9b:6c:9f:
ad:e6:6e:21:3e:0b:3d:ce:4e:8c:0e:3c:c5:1f:75:
ef:59:87:74:0e:5a:bb:54:66:80:ed:cf:1f:e7:f7:
be:20:81:c2:db:8e:15:84:b6:59:d7:ee:7b:5d:c0:
8d:22:82:bb:bd:e8:d2:69:fc:89:4f:4d:2f:b0:32:
6b:9f:7a:eb:b1:84:6c:ac:9b:40:39:99:70:4d:13:
53:eb:1d:ab:39:cd:8f:fc:2e:ef:68:e1:a3:4f:55:
68:02:f2:cc:5a:9d:37:75:b3:32:6a:86:2f:5a:0c:
1f:fa:1e:22:71:d2:a4:5b:e2:fc:45:ce:21:8f:b0:
4d:5b:71:16:97:9a:70:9d:f5:2b:26:1f:74:7b:45:
78:0c:ca:e3:11:bf:3f:bf:b8:67:16:8b:c0:d3:5f:
d1:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:6A:77:E0:30:13:F2:96:D6:C6:C3:80:F0:E7:1A:54:BE:DF:16:5F
X509v3 Authority Key Identifier:
keyid:90:F2:73:A6:3C:51:EA:F3:F9:E5:AE:7B:9F:AA:FD:B2:93:13:40:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kPJzpjxR6vP55a57n6r9spMTQN8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/bc676b-c0b6-4fbb-933f-5082c28b715f/1/6mp34DAT8pbWxsOA8OcaVL7fFl8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/bc676b-c0b6-4fbb-933f-5082c28b715f/1/kPJzpjxR6vP55a57n6r9spMTQN8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.38.128.0/24
185.220.116.0-185.220.118.255
IPv6:
2a0b:f6c0::/48
Signature Algorithm: sha256WithRSAEncryption
2d:46:5c:b6:13:4b:b7:fb:79:af:86:24:eb:40:7f:bc:f0:29:
0f:38:8f:29:e3:48:f3:62:a8:5f:9c:63:b8:7a:ec:c5:30:31:
63:30:0c:a8:82:8c:dc:e3:07:2e:ef:8a:74:ac:ea:a0:41:c5:
cf:72:65:84:1e:21:81:d5:17:ee:0f:65:de:ab:51:98:c0:68:
33:b5:3d:cd:d2:05:fb:98:54:2d:e2:a4:dd:42:93:0c:c0:88:
1e:a4:72:17:1e:4a:90:70:2a:45:e2:99:f5:5c:cc:07:2f:96:
5e:d4:34:f7:5e:8e:e3:c8:c9:0a:40:86:25:25:f9:7f:91:c2:
b9:ba:82:c7:ee:67:a9:16:2c:86:37:20:6c:37:46:0e:18:66:
58:d7:e1:2f:17:7f:ae:ab:7e:32:da:e1:3b:b3:fa:24:46:13:
9f:3c:ad:bc:57:2f:3d:e1:f0:b8:f3:db:88:98:75:fe:46:01:
f8:bf:c6:47:b4:28:a7:59:d3:82:6b:94:a5:a3:80:3f:18:ca:
ec:0d:38:13:79:ad:6d:32:e0:32:2a:91:24:69:63:fd:d3:16:
28:a7:24:44:7e:e4:4d:a4:4e:4b:81:0b:ae:73:ac:04:d4:41:
d9:66:8f:3a:91:8e:76:a9:d5:2d:f5:70:ad:31:e0:df:c1:58:
31:8c:6e:ad
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgIEDQnbmDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MGYyNzNhNjNjNTFlYWYzZjllNWFlN2I5ZmFhZmRiMjkzMTM0MGRmMB4XDTIyMDEw
MTA3NTgzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWE2YTc3ZTAzMDEz
ZjI5NmQ2YzZjMzgwZjBlNzFhNTRiZWRmMTY1ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAODPIJzXzeQRIQsmu9FMwQjJx/awEm3MLJyKNvKMBOyNZrDp
FtzNPFhuIB9zVy1jKPvF7DmfM1BInZDdsXwu/rlnuTOadAFGZKjx5ZxbF7OEXL9p
VmXwkLS78Okaw7dX+QMkP+ztm2yfreZuIT4LPc5OjA48xR9171mHdA5au1RmgO3P
H+f3viCBwtuOFYS2Wdfue13AjSKCu73o0mn8iU9NL7Aya59667GEbKybQDmZcE0T
U+sdqznNj/wu72jho09VaALyzFqdN3WzMmqGL1oMH/oeInHSpFvi/EXOIY+wTVtx
FpeacJ31KyYfdHtFeAzK4xG/P7+4ZxaLwNNf0XkCAwEAAaOCAigwggIkMB0GA1Ud
DgQWBBTqanfgMBPyltbGw4Dw5xpUvt8WXzAfBgNVHSMEGDAWgBSQ8nOmPFHq8/nl
rnufqv2ykxNA3zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2tQSnpwanhSNnZQNTVhNTduNnI5c3BNVFFOOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDcvYmM2NzZiLWMwYjYtNGZiYi05MzNmLTUwODJjMjhiNzE1Zi8x
LzZtcDM0REFUOHBiV3hzT0E4T2NhVkw3ZkZsOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDcv
YmM2NzZiLWMwYjYtNGZiYi05MzNmLTUwODJjMjhiNzE1Zi8xL2tQSnpwanhSNnZQ
NTVhNTduNnI5c3BNVFFOOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA+
BggrBgEFBQcBBwEB/wQvMC0wGgQCAAEwFAMEAFQmgDAMAwQCudx0AwQAudx2MA8E
AgACMAkDBwAqC/bAAAAwDQYJKoZIhvcNAQELBQADggEBAC1GXLYTS7f7ea+GJOtA
f7zwKQ84jynjSPNiqF+cY7h67MUwMWMwDKiCjNzjBy7vinSs6qBBxc9yZYQeIYHV
F+4PZd6rUZjAaDO1Pc3SBfuYVC3ipN1CkwzAiB6kchceSpBwKkXimfVczAcvll7U
NPdejuPIyQpAhiUl+X+Rwrm6gsfuZ6kWLIY3IGw3Rg4YZljX4S8Xf66rfjLa4Tuz
+iRGE588rbxXLz3h8Ljz24iYdf5GAfi/xke0KKdZ04JrlKWjgD8YyuwNOBN5rW0y
4DIqkSRpY/3TFiinJER+5E2kTkuBC65zrATUQdlmjzqRjnap1S31cK0x4N/BWDGM
bq0=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:42 2023 by rpki-client on console-fra.rpki-client.org