Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ed821b-3452-427a-8e44-d16e4ae61f80/1/7TL1Oz2c8A0DdObNahrb5ok8Pxg.roa
File: 7TL1Oz2c8A0DdObNahrb5ok8Pxg.roa (raw, json)
Hash identifier: h40wVcALtYDQevHIAZ4EtTyBl+VxGs2u3CCCmHwwG2I=
Subject key identifier: ED:32:F5:3B:3D:9C:F0:0D:03:74:E6:CD:6A:1A:DB:E6:89:3C:3F:18
Certificate issuer: /CN=7d61b8378e8f368ae4998d51c3a9ace64148d6cd
Certificate serial: 06E7D9A4
Authority key identifier: 7D:61:B8:37:8E:8F:36:8A:E4:99:8D:51:C3:A9:AC:E6:41:48:D6:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fWG4N46PNorkmY1Rw6ms5kFI1s0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ed821b-3452-427a-8e44-d16e4ae61f80/1/7TL1Oz2c8A0DdObNahrb5ok8Pxg.roa
Signing time: Sat 01 Jan 2022 12:54:14 +0000
ROA not before: Sat 01 Jan 2022 12:54:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35790
IP address blocks: 213.204.224.0/20 maxlen: 20
213.204.240.0/21 maxlen: 21
213.204.252.0/22 maxlen: 22
213.204.248.0/22 maxlen: 23
185.57.84.0/22 maxlen: 22
213.204.192.0/20 maxlen: 20
213.204.208.0/20 maxlen: 20
185.217.227.0/24 maxlen: 24
185.217.225.0/24 maxlen: 24
185.217.225.128/25 maxlen: 25
185.217.224.0/22 maxlen: 22
185.217.224.0/24 maxlen: 24
2a0b:cdc1::/32 maxlen: 32
2a0b:cdc0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 115857828 (0x6e7d9a4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d61b8378e8f368ae4998d51c3a9ace64148d6cd
Validity
Not Before: Jan 1 12:54:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ed32f53b3d9cf00d0374e6cd6a1adbe6893c3f18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:a1:46:1f:f1:75:3b:a7:c1:c1:82:a2:da:df:
3f:09:5e:fb:78:b2:c9:b9:80:c5:a2:af:5e:8e:9f:
36:ac:ea:9e:d2:4f:cb:3d:03:1f:1a:a6:f9:d8:1d:
ca:45:64:0b:c6:e7:ca:28:5d:9d:cd:64:53:bf:1e:
c6:8f:99:5b:de:67:28:84:b9:06:48:38:91:b5:f3:
93:f8:df:1a:85:c7:81:0d:a9:e1:ea:c3:b3:66:da:
cd:cf:c2:a4:28:72:42:b7:7b:3c:68:e1:cf:fc:f2:
fb:70:e4:1e:96:b1:bd:5b:f4:c8:cd:f8:41:7c:63:
81:4d:37:96:8a:1f:60:02:b0:cb:05:6a:d9:ee:4d:
f6:33:67:cc:75:29:0b:f5:38:93:2a:31:f3:4c:55:
83:fe:cb:7a:14:99:6b:99:45:09:c6:57:cc:26:c9:
70:dc:98:ae:d6:ec:da:8d:fe:75:60:30:12:d3:3d:
89:48:36:c8:24:51:33:96:fe:b0:95:ac:d9:63:02:
5a:b4:f9:93:60:86:f5:f7:5f:78:42:46:16:15:83:
59:d2:3f:1e:ff:e1:39:17:2b:2d:8f:93:65:79:52:
4b:19:8a:f7:2b:87:85:33:81:7a:50:14:89:28:8c:
37:21:e5:69:b6:f8:b9:f0:ad:d9:72:be:31:b4:06:
7e:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:32:F5:3B:3D:9C:F0:0D:03:74:E6:CD:6A:1A:DB:E6:89:3C:3F:18
X509v3 Authority Key Identifier:
keyid:7D:61:B8:37:8E:8F:36:8A:E4:99:8D:51:C3:A9:AC:E6:41:48:D6:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fWG4N46PNorkmY1Rw6ms5kFI1s0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ed821b-3452-427a-8e44-d16e4ae61f80/1/7TL1Oz2c8A0DdObNahrb5ok8Pxg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ed821b-3452-427a-8e44-d16e4ae61f80/1/fWG4N46PNorkmY1Rw6ms5kFI1s0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.57.84.0/22
185.217.224.0/22
213.204.192.0/18
IPv6:
2a0b:cdc0::/31
Signature Algorithm: sha256WithRSAEncryption
4d:f1:f5:07:48:b9:25:e4:2c:75:b7:1a:12:9b:c1:fc:11:66:
1e:73:c3:e5:72:7b:1c:be:62:85:d1:8c:9e:df:a2:ca:57:fe:
fa:91:e4:47:93:dd:68:e5:5c:ac:e7:ef:7f:8a:30:db:b4:a8:
78:04:55:cc:57:8b:43:2d:3c:59:ec:56:8f:d5:d0:c7:09:41:
f2:28:83:0e:79:c3:c7:8f:0d:dd:9a:53:e4:23:af:2e:54:05:
a6:07:30:a6:25:ec:8b:ae:99:22:73:05:7e:2f:ec:5e:6e:5d:
77:9c:47:32:dc:ef:26:7f:62:32:46:59:80:a1:2b:1b:a1:d1:
0c:e1:50:41:89:9f:a9:1f:59:8c:c3:03:3e:26:62:c9:56:96:
bb:c2:5a:4d:64:41:1b:83:17:db:ef:be:3c:eb:f9:71:20:5b:
4b:56:ec:34:0c:48:f0:79:f6:f4:06:86:65:c7:bf:2e:78:c6:
16:18:a7:91:8f:e4:7b:f6:6c:ce:b1:9b:9c:42:cd:2b:63:9b:
7d:f6:cc:be:be:92:6a:ad:54:d6:f0:fb:51:c2:7a:1d:85:d0:
60:f5:d8:03:51:3d:af:f5:bb:ec:e7:87:dd:f4:b1:ce:f3:50:
b0:51:eb:b0:ed:49:fd:be:5d:25:29:bd:a1:a3:9d:c0:54:ad:
d1:17:f6:b9
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEBufZpDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
ZDYxYjgzNzhlOGYzNjhhZTQ5OThkNTFjM2E5YWNlNjQxNDhkNmNkMB4XDTIyMDEw
MTEyNTQxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWQzMmY1M2IzZDlj
ZjAwZDAzNzRlNmNkNmExYWRiZTY4OTNjM2YxODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMihRh/xdTunwcGCotrfPwle+3iyybmAxaKvXo6fNqzqntJP
yz0DHxqm+dgdykVkC8bnyihdnc1kU78exo+ZW95nKIS5Bkg4kbXzk/jfGoXHgQ2p
4erDs2bazc/CpChyQrd7PGjhz/zy+3DkHpaxvVv0yM34QXxjgU03loofYAKwywVq
2e5N9jNnzHUpC/U4kyox80xVg/7LehSZa5lFCcZXzCbJcNyYrtbs2o3+dWAwEtM9
iUg2yCRRM5b+sJWs2WMCWrT5k2CG9fdfeEJGFhWDWdI/Hv/hORcrLY+TZXlSSxmK
9yuHhTOBelAUiSiMNyHlabb4ufCt2XK+MbQGfjkCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBTtMvU7PZzwDQN05s1qGtvmiTw/GDAfBgNVHSMEGDAWgBR9Ybg3jo82iuSZ
jVHDqazmQUjWzTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ZXRzRONDZQTm9ya21ZMVJ3Nm1zNWtGSTFzMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjAvZWQ4MjFiLTM0NTItNDI3YS04ZTQ0LWQxNmU0YWU2MWY4MC8x
LzdUTDFPejJjOEEwRGRPYk5haHJiNW9rOFB4Zy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjAv
ZWQ4MjFiLTM0NTItNDI3YS04ZTQ0LWQxNmU0YWU2MWY4MC8xL2ZXRzRONDZQTm9y
a21ZMVJ3Nm1zNWtGSTFzMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEArk5VAMEArnZ4AMEBtXMwDANBAIA
AjAHAwUBKgvNwDANBgkqhkiG9w0BAQsFAAOCAQEATfH1B0i5JeQsdbcaEpvB/BFm
HnPD5XJ7HL5ihdGMnt+iylf++pHkR5PdaOVcrOfvf4ow27SoeARVzFeLQy08WexW
j9XQxwlB8iiDDnnDx48N3ZpT5COvLlQFpgcwpiXsi66ZInMFfi/sXm5dd5xHMtzv
Jn9iMkZZgKErG6HRDOFQQYmfqR9ZjMMDPiZiyVaWu8JaTWRBG4MX2+++POv5cSBb
S1bsNAxI8Hn29AaGZce/LnjGFhinkY/ke/ZszrGbnELNK2ObffbMvr6Saq1U1vD7
UcJ6HYXQYPXYA1E9r/W77OeH3fSxzvNQsFHrsO1J/b5dJSm9oaOdwFSt0Rf2uQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:15 2023 by rpki-client on console-fra.rpki-client.org