Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/e61614-ebc5-4731-8560-9d1812999a35/1/x3yA3PrCqsnrpu5CTVscUlfs96M.roa
File: x3yA3PrCqsnrpu5CTVscUlfs96M.roa (raw, json)
Hash identifier: BJ7WGA7k4JEhOgjCR/Jq6jfAqFHSUSNdX/IfIFpfslQ=
Subject key identifier: C7:7C:80:DC:FA:C2:AA:C9:EB:A6:EE:42:4D:5B:1C:52:57:EC:F7:A3
Certificate issuer: /CN=b4a90f6896678442afaee1baaaa6b2a2decacd3b
Certificate serial: 13434994
Authority key identifier: B4:A9:0F:68:96:67:84:42:AF:AE:E1:BA:AA:A6:B2:A2:DE:CA:CD:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tKkPaJZnhEKvruG6qqayot7KzTs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/e61614-ebc5-4731-8560-9d1812999a35/1/x3yA3PrCqsnrpu5CTVscUlfs96M.roa
Signing time: Wed 22 Jun 2022 10:15:34 +0000
ROA not before: Wed 22 Jun 2022 10:15:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203164
IP address blocks: 185.150.62.0/23 maxlen: 23
185.150.62.0/24 maxlen: 24
185.150.60.0/23 maxlen: 23
185.150.60.0/24 maxlen: 24
185.150.60.0/22 maxlen: 22
185.150.63.0/24 maxlen: 24
185.150.61.0/24 maxlen: 24
2a07:6e00::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 323176852 (0x13434994)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4a90f6896678442afaee1baaaa6b2a2decacd3b
Validity
Not Before: Jun 22 10:15:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c77c80dcfac2aac9eba6ee424d5b1c5257ecf7a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:4b:4d:41:f4:19:26:ca:be:59:67:e0:a5:e9:
25:c2:17:d0:4a:c8:77:d0:4b:59:af:03:71:f1:82:
ab:f8:ef:bf:50:5b:8f:01:24:14:75:8c:25:a4:e2:
04:6d:92:6a:37:b0:e3:26:97:b9:16:ee:e1:69:a1:
d4:b0:54:41:e4:cd:d2:79:fc:b3:e1:3e:68:07:6c:
8c:cf:84:79:e1:de:6c:a2:86:1e:ba:87:f7:83:33:
43:85:6a:1d:36:a1:c8:e8:54:96:0b:bb:9a:5e:a3:
eb:25:56:f9:39:76:b7:7b:69:3a:34:c3:32:5c:d7:
2f:f4:3d:4c:c0:13:92:d2:56:d6:cb:ce:c8:51:f8:
6d:e1:b5:0c:45:f6:8b:73:6c:8f:b5:8d:b0:5a:6f:
01:35:45:9f:65:0a:29:8f:7b:2a:7e:d6:43:a2:b5:
58:77:36:75:06:e3:da:dd:81:db:33:f2:40:dd:0d:
10:d7:07:85:21:58:f7:71:5e:26:6e:56:cb:19:0e:
b3:66:cb:81:0c:be:36:94:67:ba:47:33:4a:b8:74:
ee:09:c3:5d:55:a3:e5:51:ec:8a:54:24:db:47:70:
18:b5:17:35:4a:92:50:20:70:39:ee:b4:68:82:a2:
6d:0a:fd:17:c0:a9:db:7b:f3:bf:9a:f6:b8:8f:db:
8a:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:7C:80:DC:FA:C2:AA:C9:EB:A6:EE:42:4D:5B:1C:52:57:EC:F7:A3
X509v3 Authority Key Identifier:
keyid:B4:A9:0F:68:96:67:84:42:AF:AE:E1:BA:AA:A6:B2:A2:DE:CA:CD:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tKkPaJZnhEKvruG6qqayot7KzTs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/e61614-ebc5-4731-8560-9d1812999a35/1/x3yA3PrCqsnrpu5CTVscUlfs96M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/e61614-ebc5-4731-8560-9d1812999a35/1/tKkPaJZnhEKvruG6qqayot7KzTs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.150.60.0/22
IPv6:
2a07:6e00::/29
Signature Algorithm: sha256WithRSAEncryption
9f:24:65:6f:5a:71:f1:8d:30:c2:c4:cf:9d:87:eb:9f:45:db:
71:7d:74:f3:13:0d:76:58:c2:7e:59:9f:01:97:4f:01:b8:39:
5e:76:28:aa:b3:6f:79:37:89:96:66:be:34:52:fb:d9:7b:69:
10:71:22:c2:df:fa:47:ee:af:dc:b3:d6:28:8a:e6:6a:3b:5b:
79:2b:2a:6d:a9:c1:45:de:13:32:4f:2d:e4:f0:12:7f:b7:b7:
9c:40:64:25:08:1e:08:de:72:d4:cb:02:3c:7a:50:20:91:81:
25:bc:38:87:85:a2:e4:aa:3f:fd:24:9e:39:12:d1:d4:31:f0:
29:30:38:e4:ef:25:1e:11:ab:10:a7:45:d0:94:05:c5:d8:76:
0f:7d:bb:91:3a:c2:80:a3:41:16:10:83:0a:26:25:e7:19:a8:
0c:dd:6f:90:11:bd:22:50:cc:2a:12:e0:45:e7:8c:74:83:72:
0b:a0:ac:f3:57:97:c6:d2:fd:2c:b2:7d:8a:b6:a7:4c:93:6b:
81:09:34:96:a7:64:09:d7:18:a3:1a:23:c8:79:aa:f0:52:cb:
4a:17:ef:c8:1c:80:b2:3f:df:48:9f:21:20:3e:ce:b0:e6:1a:
f6:aa:90:3c:f6:40:f2:af:34:ad:50:f4:4c:19:83:bd:03:45:
3b:48:09:65
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEE0NJlDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NGE5MGY2ODk2Njc4NDQyYWZhZWUxYmFhYWE2YjJhMmRlY2FjZDNiMB4XDTIyMDYy
MjEwMTUzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzc3YzgwZGNmYWMy
YWFjOWViYTZlZTQyNGQ1YjFjNTI1N2VjZjdhMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKVLTUH0GSbKvlln4KXpJcIX0ErId9BLWa8DcfGCq/jvv1Bb
jwEkFHWMJaTiBG2Sajew4yaXuRbu4Wmh1LBUQeTN0nn8s+E+aAdsjM+EeeHebKKG
HrqH94MzQ4VqHTahyOhUlgu7ml6j6yVW+Tl2t3tpOjTDMlzXL/Q9TMATktJW1svO
yFH4beG1DEX2i3Nsj7WNsFpvATVFn2UKKY97Kn7WQ6K1WHc2dQbj2t2B2zPyQN0N
ENcHhSFY93FeJm5WyxkOs2bLgQy+NpRnukczSrh07gnDXVWj5VHsilQk20dwGLUX
NUqSUCBwOe60aIKibQr9F8Cp23vzv5r2uI/bioMCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBTHfIDc+sKqyeum7kJNWxxSV+z3ozAfBgNVHSMEGDAWgBS0qQ9olmeEQq+u
4bqqprKi3srNOzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RLa1BhSlpuaEVLdnJ1RzZxcWF5b3Q3S3pUcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjEvZTYxNjE0LWViYzUtNDczMS04NTYwLTlkMTgxMjk5OWEzNS8x
L3gzeUEzUHJDcXNucnB1NUNUVnNjVWxmczk2TS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjEv
ZTYxNjE0LWViYzUtNDczMS04NTYwLTlkMTgxMjk5OWEzNS8xL3RLa1BhSlpuaEVL
dnJ1RzZxcWF5b3Q3S3pUcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArmWPDANBAIAAjAHAwUDKgduADAN
BgkqhkiG9w0BAQsFAAOCAQEAnyRlb1px8Y0wwsTPnYfrn0XbcX108xMNdljCflmf
AZdPAbg5XnYoqrNveTeJlma+NFL72XtpEHEiwt/6R+6v3LPWKIrmajtbeSsqbanB
Rd4TMk8t5PASf7e3nEBkJQgeCN5y1MsCPHpQIJGBJbw4h4Wi5Ko//SSeORLR1DHw
KTA45O8lHhGrEKdF0JQFxdh2D327kTrCgKNBFhCDCiYl5xmoDN1vkBG9IlDMKhLg
ReeMdINyC6Cs81eXxtL9LLJ9iranTJNrgQk0lqdkCdcYoxojyHmq8FLLShfvyByA
sj/fSJ8hID7OsOYa9qqQPPZA8q80rVD0TBmDvQNFO0gJZQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:10 2024 by rpki-client on console-ams.rpki-client.org