Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/2fa86f-7f4e-4aab-9dfd-1b3d98bef1e9/1/DBWFnFnGsFEze4pyedSG-s6Fjv8.roa
File: DBWFnFnGsFEze4pyedSG-s6Fjv8.roa (raw, json)
Hash identifier: K2TDe9a8ZS7CmexAYHqOW/zRkKeyi+A610yBJHGJN0Q=
Subject key identifier: 0C:15:85:9C:59:C6:B0:51:33:7B:8A:72:79:D4:86:FA:CE:85:8E:FF
Certificate issuer: /CN=6d150b438cc68f62dc15d359593161f799de53af
Certificate serial: 327E155E
Authority key identifier: 6D:15:0B:43:8C:C6:8F:62:DC:15:D3:59:59:31:61:F7:99:DE:53:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bRULQ4zGj2LcFdNZWTFh95neU68.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/2fa86f-7f4e-4aab-9dfd-1b3d98bef1e9/1/DBWFnFnGsFEze4pyedSG-s6Fjv8.roa
Signing time: Sat 01 Jan 2022 10:54:03 +0000
ROA not before: Sat 01 Jan 2022 10:54:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35258
IP address blocks: 185.6.252.0/22 maxlen: 22
87.253.184.0/22 maxlen: 22
195.85.72.0/23 maxlen: 23
195.85.38.0/24 maxlen: 24
91.208.244.0/24 maxlen: 24
46.254.120.0/21 maxlen: 21
83.143.208.0/21 maxlen: 21
83.143.208.0/23 maxlen: 24
185.102.105.0/24 maxlen: 24
185.102.104.0/22 maxlen: 22
185.102.106.0/23 maxlen: 23
2a06:23c0::/29 maxlen: 29
2a00:e400::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 847123806 (0x327e155e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d150b438cc68f62dc15d359593161f799de53af
Validity
Not Before: Jan 1 10:54:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0c15859c59c6b051337b8a7279d486face858eff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:cc:1f:4e:8c:1d:8f:ed:4e:47:2a:29:2d:2f:
fd:ac:56:7c:93:35:02:f4:f0:3d:aa:bb:ae:23:b7:
72:84:21:67:84:9e:e4:7f:46:bc:c3:2b:f8:fc:8d:
85:a6:aa:6a:49:fa:8b:6b:2a:03:e2:02:26:55:0c:
4b:bf:ed:e7:6f:25:d9:79:cf:36:a5:5e:73:6a:80:
e0:87:dc:37:6b:8e:9e:29:1b:6b:5b:51:c9:2d:9b:
95:4d:fe:c4:3d:40:2a:cb:0f:dc:02:fa:58:8a:8d:
94:75:1b:11:06:b3:85:3f:ba:6f:b6:f4:4f:91:d4:
b8:fa:e3:a9:cf:f7:f3:3f:be:78:c3:3b:ac:e6:2a:
52:b8:8b:29:47:ad:a6:09:5c:1f:e8:02:29:3c:a5:
65:78:2f:40:86:69:47:5e:e7:bc:3e:32:00:7c:1e:
ef:cd:9c:68:3c:b0:a7:35:37:40:21:0c:d4:46:7e:
01:9b:b2:6b:61:ad:20:bf:11:22:83:b2:cc:4c:34:
44:29:4a:c3:66:a5:30:71:27:98:aa:24:eb:dc:72:
05:8a:f4:da:be:3d:09:f5:5a:1f:de:90:15:d4:81:
55:60:74:06:a5:af:ba:f6:d6:37:1e:ec:b3:db:8a:
9f:1b:08:3a:73:41:66:e1:ab:f1:ca:7a:f8:6b:ba:
59:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:15:85:9C:59:C6:B0:51:33:7B:8A:72:79:D4:86:FA:CE:85:8E:FF
X509v3 Authority Key Identifier:
keyid:6D:15:0B:43:8C:C6:8F:62:DC:15:D3:59:59:31:61:F7:99:DE:53:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bRULQ4zGj2LcFdNZWTFh95neU68.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/2fa86f-7f4e-4aab-9dfd-1b3d98bef1e9/1/DBWFnFnGsFEze4pyedSG-s6Fjv8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/2fa86f-7f4e-4aab-9dfd-1b3d98bef1e9/1/bRULQ4zGj2LcFdNZWTFh95neU68.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.254.120.0/21
83.143.208.0/21
87.253.184.0/22
91.208.244.0/24
185.6.252.0/22
185.102.104.0/22
195.85.38.0/24
195.85.72.0/23
IPv6:
2a00:e400::/29
2a06:23c0::/29
Signature Algorithm: sha256WithRSAEncryption
4b:ea:18:d7:83:d9:ae:60:89:39:ad:b0:04:7a:cf:67:a0:a0:
8a:62:e3:3c:56:7f:80:f6:b0:7f:64:d7:81:29:e3:80:f1:4b:
38:95:9b:ff:63:c0:a6:bd:90:5f:49:5d:d6:a4:93:4f:64:15:
ba:c6:a7:e1:2b:a7:de:1b:04:ad:b9:c1:92:7f:4c:77:0d:2b:
4c:42:dd:0e:c9:5a:88:4b:cb:69:e6:7e:f9:64:98:e8:6a:22:
c9:3a:28:5a:88:c4:fb:35:95:88:be:99:ed:ca:01:5e:3f:d6:
4a:35:c3:f4:43:67:6e:8b:f2:19:f1:9b:79:a8:46:c5:7c:74:
9d:fd:db:9e:6f:a3:8e:76:b2:87:62:ee:9b:f5:f7:78:66:3f:
4b:41:c0:1b:72:9e:26:1b:3e:76:31:7c:cc:f5:a2:04:7d:9f:
30:94:3e:c8:f4:76:7e:6e:d9:dc:d6:26:ef:20:5c:0f:6b:93:
dd:dd:91:ca:aa:de:15:e1:b7:a7:0c:7d:de:55:eb:0c:28:bb:
b0:be:3f:9f:a5:a2:6c:4c:41:b7:87:48:0d:0a:2b:fd:52:b6:
56:79:28:eb:99:e3:35:22:76:35:15:80:89:39:b2:c9:2a:ac:
2c:51:63:d2:43:a5:67:f6:28:7f:69:28:40:29:4e:36:d9:27:
0f:dc:5c:18
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIEMn4VXjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
ZDE1MGI0MzhjYzY4ZjYyZGMxNWQzNTk1OTMxNjFmNzk5ZGU1M2FmMB4XDTIyMDEw
MTEwNTQwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGMxNTg1OWM1OWM2
YjA1MTMzN2I4YTcyNzlkNDg2ZmFjZTg1OGVmZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANnMH06MHY/tTkcqKS0v/axWfJM1AvTwPaq7riO3coQhZ4Se
5H9GvMMr+PyNhaaqakn6i2sqA+ICJlUMS7/t528l2XnPNqVec2qA4IfcN2uOnikb
a1tRyS2blU3+xD1AKssP3AL6WIqNlHUbEQazhT+6b7b0T5HUuPrjqc/38z++eMM7
rOYqUriLKUetpglcH+gCKTylZXgvQIZpR17nvD4yAHwe782caDywpzU3QCEM1EZ+
AZuya2GtIL8RIoOyzEw0RClKw2alMHEnmKok69xyBYr02r49CfVaH96QFdSBVWB0
BqWvuvbWNx7ss9uKnxsIOnNBZuGr8cp6+Gu6WZ8CAwEAAaOCAkkwggJFMB0GA1Ud
DgQWBBQMFYWcWcawUTN7inJ51Ib6zoWO/zAfBgNVHSMEGDAWgBRtFQtDjMaPYtwV
01lZMWH3md5TrzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JSVUxRNHpHajJMY0ZkTlpXVEZoOTVuZVU2OC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGMvMmZhODZmLTdmNGUtNGFhYi05ZGZkLTFiM2Q5OGJlZjFlOS8x
L0RCV0ZuRm5Hc0ZFemU0cHllZFNHLXM2Rmp2OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGMv
MmZhODZmLTdmNGUtNGFhYi05ZGZkLTFiM2Q5OGJlZjFlOS8xL2JSVUxRNHpHajJM
Y0ZkTlpXVEZoOTVuZVU2OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBf
BggrBgEFBQcBBwEB/wRQME4wNgQCAAEwMAMEAy7+eAMEA1OP0AMEAlf9uAMEAFvQ
9AMEArkG/AMEArlmaAMEAMNVJgMEAcNVSDAUBAIAAjAOAwUDKgDkAAMFAyoGI8Aw
DQYJKoZIhvcNAQELBQADggEBAEvqGNeD2a5giTmtsAR6z2egoIpi4zxWf4D2sH9k
14Ep44DxSziVm/9jwKa9kF9JXdakk09kFbrGp+Erp94bBK25wZJ/THcNK0xC3Q7J
WohLy2nmfvlkmOhqIsk6KFqIxPs1lYi+me3KAV4/1ko1w/RDZ26L8hnxm3moRsV8
dJ39255vo452sodi7pv193hmP0tBwBtyniYbPnYxfMz1ogR9nzCUPsj0dn5u2dzW
Ju8gXA9rk93dkcqq3hXht6cMfd5V6wwou7C+P5+lomxMQbeHSA0KK/1StlZ5KOuZ
4zUidjUVgIk5sskqrCxRY9JDpWf2KH9pKEApTjbZJw/cXBg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:43 2024 by rpki-client on console-ams.rpki-client.org