Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/b82a06-ab0d-4adf-8a85-97c9aab828f2/1/ay3oU5zwpjF6ZsrA6bNhgKj2m1Y.roa
File: ay3oU5zwpjF6ZsrA6bNhgKj2m1Y.roa (raw, json)
Hash identifier: f2+DtJ/aMCD6NgJSKMY7Bx8ZH6U/LMLLQ566IX1uoLo=
Subject key identifier: 6B:2D:E8:53:9C:F0:A6:31:7A:66:CA:C0:E9:B3:61:80:A8:F6:9B:56
Certificate issuer: /CN=7bbd51272064b63b2c663c0296ba11db5ea238c0
Certificate serial: 120812DE
Authority key identifier: 7B:BD:51:27:20:64:B6:3B:2C:66:3C:02:96:BA:11:DB:5E:A2:38:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e71RJyBktjssZjwClroR216iOMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/b82a06-ab0d-4adf-8a85-97c9aab828f2/1/ay3oU5zwpjF6ZsrA6bNhgKj2m1Y.roa
Signing time: Sat 01 Jan 2022 13:06:03 +0000
ROA not before: Sat 01 Jan 2022 13:06:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49100
IP address blocks: 185.129.230.0/23 maxlen: 23
185.129.228.0/22 maxlen: 22
185.82.28.0/22 maxlen: 22
109.125.128.0/22 maxlen: 22
109.125.128.0/19 maxlen: 19
185.129.184.0/21 maxlen: 21
185.129.196.0/22 maxlen: 22
185.129.197.0/24 maxlen: 24
185.129.200.0/22 maxlen: 22
185.129.212.0/22 maxlen: 22
185.129.216.0/22 maxlen: 22
2a03:54a0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 302519006 (0x120812de)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7bbd51272064b63b2c663c0296ba11db5ea238c0
Validity
Not Before: Jan 1 13:06:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6b2de8539cf0a6317a66cac0e9b36180a8f69b56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:ba:1a:7e:52:23:c7:fc:22:ee:0b:4c:f3:e0:
1d:35:be:12:90:ad:7a:00:b4:ef:b8:18:5d:47:58:
4b:f8:97:73:a2:30:c3:8e:11:3c:c0:60:70:51:6f:
89:49:dc:77:f9:fc:12:d5:1c:13:f2:9a:72:90:d3:
f6:53:c3:33:d1:4c:b5:5c:25:1e:68:e7:ee:2b:4f:
92:bb:39:f6:15:9b:8b:55:0f:b2:66:30:e7:4d:b4:
69:a8:8b:7a:14:28:d7:3e:47:53:30:21:aa:29:0a:
d8:fe:4c:48:f1:71:6a:ee:53:37:6b:f4:7a:7e:ec:
16:4f:19:c3:3c:8d:2d:27:9e:6d:aa:76:78:74:61:
92:d4:59:17:97:db:0b:fd:96:bf:b0:72:eb:a3:09:
b9:be:06:f8:13:5e:cb:70:b3:5e:e0:fa:f2:c3:ce:
a2:75:b1:83:7a:ce:80:68:48:01:c1:96:fb:52:10:
94:82:97:c2:3e:22:0b:91:49:e3:f7:e3:cd:ce:17:
a4:8d:4a:60:3a:a4:20:5d:77:b2:60:d9:22:84:b3:
ef:87:46:da:77:d0:96:ab:43:52:fe:bf:28:ac:d1:
e8:a4:d3:b5:60:c5:ac:66:d8:04:b2:75:2b:a5:d9:
42:1d:98:90:65:16:4b:fe:8e:51:c1:fb:36:e2:b9:
f9:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:2D:E8:53:9C:F0:A6:31:7A:66:CA:C0:E9:B3:61:80:A8:F6:9B:56
X509v3 Authority Key Identifier:
keyid:7B:BD:51:27:20:64:B6:3B:2C:66:3C:02:96:BA:11:DB:5E:A2:38:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e71RJyBktjssZjwClroR216iOMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/b82a06-ab0d-4adf-8a85-97c9aab828f2/1/ay3oU5zwpjF6ZsrA6bNhgKj2m1Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/b82a06-ab0d-4adf-8a85-97c9aab828f2/1/e71RJyBktjssZjwClroR216iOMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.125.128.0/19
185.82.28.0/22
185.129.184.0/21
185.129.196.0-185.129.203.255
185.129.212.0-185.129.219.255
185.129.228.0/22
IPv6:
2a03:54a0::/32
Signature Algorithm: sha256WithRSAEncryption
28:90:70:fc:83:64:74:63:f2:09:91:f6:95:bc:16:be:8a:62:
32:82:83:b1:db:80:75:d8:bd:e9:e0:10:1e:51:b9:0e:a3:88:
3d:0f:e9:9c:a0:86:df:d5:b9:09:66:3d:9b:49:0a:16:e3:ec:
e5:39:f0:c2:0a:37:48:2d:0a:55:1a:1a:e2:23:e8:61:08:ea:
e0:f5:a4:1b:af:fb:e7:0d:7f:a4:37:2b:36:65:a6:56:9d:2a:
55:2c:9a:d7:17:f7:8e:61:a4:5c:e1:3a:72:11:79:b4:60:69:
1a:3d:90:04:b7:a0:2d:16:bc:79:85:e3:e1:81:2c:2f:16:b9:
ae:23:bb:4f:cd:87:6e:51:14:9e:71:58:34:ac:87:1b:fb:4b:
99:fe:27:ab:91:bc:f9:c6:e9:ed:78:50:32:59:3c:e4:a9:aa:
9d:c5:3f:ff:77:16:e7:83:a2:7d:56:74:35:06:0b:4e:4f:5d:
dc:c9:c4:57:c9:26:1b:b2:59:b0:cb:4d:eb:0f:e3:7d:2f:6b:
00:a6:23:0f:5e:9a:62:4c:b2:4e:ba:a3:eb:4e:e8:58:f8:ae:
73:5a:3e:c4:cb:d0:28:18:86:f7:64:03:d5:a9:f1:bc:9b:53:
e5:0e:4c:fe:ea:99:31:8f:c9:70:32:40:41:f2:ad:20:97:92:
c2:ab:2a:04
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIEEggS3jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
YmJkNTEyNzIwNjRiNjNiMmM2NjNjMDI5NmJhMTFkYjVlYTIzOGMwMB4XDTIyMDEw
MTEzMDYwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmIyZGU4NTM5Y2Yw
YTYzMTdhNjZjYWMwZTliMzYxODBhOGY2OWI1NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMe6Gn5SI8f8Iu4LTPPgHTW+EpCtegC077gYXUdYS/iXc6Iw
w44RPMBgcFFviUncd/n8EtUcE/KacpDT9lPDM9FMtVwlHmjn7itPkrs59hWbi1UP
smYw5020aaiLehQo1z5HUzAhqikK2P5MSPFxau5TN2v0en7sFk8ZwzyNLSeebap2
eHRhktRZF5fbC/2Wv7By66MJub4G+BNey3CzXuD68sPOonWxg3rOgGhIAcGW+1IQ
lIKXwj4iC5FJ4/fjzc4XpI1KYDqkIF13smDZIoSz74dG2nfQlqtDUv6/KKzR6KTT
tWDFrGbYBLJ1K6XZQh2YkGUWS/6OUcH7NuK5+QkCAwEAAaOCAkYwggJCMB0GA1Ud
DgQWBBRrLehTnPCmMXpmysDps2GAqPabVjAfBgNVHSMEGDAWgBR7vVEnIGS2Oyxm
PAKWuhHbXqI4wDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2U3MVJKeUJrdGpzc1pqd0Nscm9SMjE2aU9NQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTkvYjgyYTA2LWFiMGQtNGFkZi04YTg1LTk3YzlhYWI4MjhmMi8x
L2F5M29VNXp3cGpGNlpzckE2Yk5oZ0tqMm0xWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTkv
YjgyYTA2LWFiMGQtNGFkZi04YTg1LTk3YzlhYWI4MjhmMi8xL2U3MVJKeUJrdGpz
c1pqd0Nscm9SMjE2aU9NQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBc
BggrBgEFBQcBBwEB/wRNMEswOgQCAAEwNAMEBW19gAMEArlSHAMEA7mBuDAMAwQC
uYHEAwQCuYHIMAwDBAK5gdQDBAK5gdgDBAK5geQwDQQCAAIwBwMFACoDVKAwDQYJ
KoZIhvcNAQELBQADggEBACiQcPyDZHRj8gmR9pW8Fr6KYjKCg7HbgHXYvengEB5R
uQ6jiD0P6Zyght/VuQlmPZtJChbj7OU58MIKN0gtClUaGuIj6GEI6uD1pBuv++cN
f6Q3KzZlpladKlUsmtcX945hpFzhOnIRebRgaRo9kAS3oC0WvHmF4+GBLC8Wua4j
u0/Nh25RFJ5xWDSshxv7S5n+J6uRvPnG6e14UDJZPOSpqp3FP/93FueDon1WdDUG
C05PXdzJxFfJJhuyWbDLTesP430vawCmIw9emmJMsk66o+tO6Fj4rnNaPsTL0CgY
hvdkA9Wp8bybU+UOTP7qmTGPyXAyQEHyrSCXksKrKgQ=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:40 2023 by rpki-client on console-ams.rpki-client.org