Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/f21ee7-4925-4dd6-b202-64278c0d8ebf/1/s2iygI44HJj3JI-_VF7i_Goxtso.roa
File: s2iygI44HJj3JI-_VF7i_Goxtso.roa (raw, json)
Hash identifier: 9OEDoznFrTlpGHw6+vnyIARZdJCtqVg87Iv65a2xSOA=
Subject key identifier: B3:68:B2:80:8E:38:1C:98:F7:24:8F:BF:54:5E:E2:FC:6A:31:B6:CA
Certificate issuer: /CN=54d6ff134bd656f0ce14d410b02bec551eb69a2c
Certificate serial: 0182821A5C0839BB9355D5CD5458BC6861B1
Authority key identifier: 54:D6:FF:13:4B:D6:56:F0:CE:14:D4:10:B0:2B:EC:55:1E:B6:9A:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VNb_E0vWVvDOFNQQsCvsVR62miw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/f21ee7-4925-4dd6-b202-64278c0d8ebf/1/s2iygI44HJj3JI-_VF7i_Goxtso.roa
Signing time: Tue 09 Aug 2022 10:15:41 +0000
ROA not before: Tue 09 Aug 2022 10:15:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35394
IP address blocks: 185.143.96.0/22 maxlen: 22
185.220.44.0/22 maxlen: 22
185.196.56.0/22 maxlen: 22
185.186.28.0/22 maxlen: 22
185.172.168.0/22 maxlen: 22
185.236.168.0/22 maxlen: 22
185.240.232.0/22 maxlen: 22
130.185.88.0/21 maxlen: 21
185.93.152.0/22 maxlen: 22
193.27.246.0/23 maxlen: 23
193.27.248.0/23 maxlen: 23
193.161.220.0/22 maxlen: 22
80.67.44.0/22 maxlen: 22
213.217.24.0/22 maxlen: 22
185.79.36.0/22 maxlen: 22
194.61.16.0/22 maxlen: 22
45.85.136.0/22 maxlen: 22
185.93.44.0/22 maxlen: 22
185.217.204.0/22 maxlen: 22
185.72.44.0/22 maxlen: 22
2a03:3d60::/29 maxlen: 29
2a09:5000::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:82:1a:5c:08:39:bb:93:55:d5:cd:54:58:bc:68:61:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54d6ff134bd656f0ce14d410b02bec551eb69a2c
Validity
Not Before: Aug 9 10:15:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b368b2808e381c98f7248fbf545ee2fc6a31b6ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:50:ba:4f:89:f2:56:e0:6d:ef:97:a5:75:cd:
41:77:88:d2:da:46:b3:72:e2:9b:6c:05:e0:0d:ce:
da:64:59:8d:fc:8d:4c:f6:b4:b4:d6:f5:4a:07:fe:
65:f4:b9:0d:c3:ec:e9:4a:4b:24:12:a5:4f:fa:26:
e6:40:cc:55:4c:16:92:6c:27:6a:1b:ae:a2:13:df:
af:55:ef:e4:bd:3f:fa:6f:90:4f:76:b0:42:bb:45:
bf:1c:84:2f:9f:cf:31:af:bc:9e:cf:7b:bd:2e:21:
09:b3:7e:8c:47:b5:7e:f1:0d:52:cc:d2:0d:02:b1:
20:0b:1d:02:30:6c:39:9d:e7:77:91:cc:fe:47:8f:
77:d1:d7:20:d2:14:59:ff:39:9b:a1:ad:32:cc:28:
1b:f5:b8:e4:6f:52:4c:6e:a3:66:ba:57:98:4d:19:
57:91:fa:38:9a:b0:8b:22:98:04:f6:97:d7:37:fd:
d1:f2:5f:ef:74:0b:b4:43:8f:1e:44:4f:53:62:ea:
09:39:7f:f6:ea:31:77:3b:57:a7:32:a6:7c:a9:b9:
31:b6:56:ad:07:1b:ac:c9:57:58:a3:d8:6c:49:7b:
b2:95:7f:b3:40:ca:9d:ff:e1:71:0b:0a:22:26:c9:
e9:a3:e9:96:3e:5b:4e:9b:d2:07:d6:41:0b:98:76:
f5:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:68:B2:80:8E:38:1C:98:F7:24:8F:BF:54:5E:E2:FC:6A:31:B6:CA
X509v3 Authority Key Identifier:
keyid:54:D6:FF:13:4B:D6:56:F0:CE:14:D4:10:B0:2B:EC:55:1E:B6:9A:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VNb_E0vWVvDOFNQQsCvsVR62miw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/f21ee7-4925-4dd6-b202-64278c0d8ebf/1/s2iygI44HJj3JI-_VF7i_Goxtso.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/f21ee7-4925-4dd6-b202-64278c0d8ebf/1/VNb_E0vWVvDOFNQQsCvsVR62miw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.136.0/22
80.67.44.0/22
130.185.88.0/21
185.72.44.0/22
185.79.36.0/22
185.93.44.0/22
185.93.152.0/22
185.143.96.0/22
185.172.168.0/22
185.186.28.0/22
185.196.56.0/22
185.217.204.0/22
185.220.44.0/22
185.236.168.0/22
185.240.232.0/22
193.27.246.0-193.27.249.255
193.161.220.0/22
194.61.16.0/22
213.217.24.0/22
IPv6:
2a03:3d60::/29
2a09:5000::/29
Signature Algorithm: sha256WithRSAEncryption
14:4b:44:63:5e:cb:97:01:f0:e8:0c:a0:74:c8:ed:6f:64:08:
40:ba:4e:cb:d6:83:5b:9d:cb:39:65:cb:b6:c1:8f:f9:5f:38:
63:f6:65:0e:6f:ac:ff:37:1b:11:c6:8c:69:df:71:2e:ff:88:
bd:47:a1:22:7a:56:da:d0:8c:a3:43:72:c2:4a:6f:cb:e1:4a:
1e:c6:f4:ce:1a:c3:28:d5:9a:ea:59:8b:cd:67:12:01:5f:da:
3d:78:b6:b0:aa:49:fc:85:5c:62:71:37:a3:c7:24:d8:3e:b3:
0b:87:f7:2c:3a:d4:75:30:c8:7f:13:c5:5e:cd:64:f4:e6:dc:
9b:27:0b:ea:92:64:0b:58:6c:8b:e3:cc:3a:b0:aa:68:9e:da:
09:2c:28:93:ea:1a:af:60:ad:11:09:1a:f5:09:1f:d7:4a:32:
d6:97:e8:70:f4:31:bd:fc:7d:ab:78:5d:6e:ad:27:35:ff:9b:
b8:0c:e4:3f:79:a7:c3:0b:d2:d8:ce:37:e3:53:73:89:c6:a8:
2c:e1:21:4c:f9:b9:89:5a:a1:b8:5b:f8:84:08:55:7f:bc:48:
00:e4:93:10:37:da:3c:3c:4f:52:3f:60:ec:54:aa:f8:99:5d:
27:55:a3:06:22:c5:97:de:2d:d3:8b:07:1d:74:42:4c:45:e7:
a1:49:31:f5
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgISAYKCGlwIObuTVdXNVFi8aGGxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0ZDZmZjEzNGJkNjU2ZjBjZTE0ZDQxMGIwMmJlYzU1MWVi
NjlhMmMwHhcNMjIwODA5MTAxNTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzY4YjI4MDhlMzgxYzk4ZjcyNDhmYmY1NDVlZTJmYzZhMzFiNmNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnFC6T4nyVuBt75eldc1Bd4jS2kaz
cuKbbAXgDc7aZFmN/I1M9rS01vVKB/5l9LkNw+zpSkskEqVP+ibmQMxVTBaSbCdq
G66iE9+vVe/kvT/6b5BPdrBCu0W/HIQvn88xr7yez3u9LiEJs36MR7V+8Q1SzNIN
ArEgCx0CMGw5ned3kcz+R4930dcg0hRZ/zmboa0yzCgb9bjkb1JMbqNmuleYTRlX
kfo4mrCLIpgE9pfXN/3R8l/vdAu0Q48eRE9TYuoJOX/26jF3O1enMqZ8qbkxtlat
BxusyVdYo9hsSXuylX+zQMqd/+FxCwoiJsnpo+mWPltOm9IH1kELmHb1bwIDAQAB
o4IClzCCApMwHQYDVR0OBBYEFLNosoCOOByY9ySPv1Re4vxqMbbKMB8GA1UdIwQY
MBaAFFTW/xNL1lbwzhTUELAr7FUetposMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVk5iX0UwdldWdkRPRk5RUXNDdnNWUjYybWl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9mMjFlZTctNDkyNS00ZGQ2LWIyMDIt
NjQyNzhjMGQ4ZWJmLzEvczJpeWdJNDRISmozSkktX1ZGN2lfR294dHNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy9mMjFlZTctNDkyNS00ZGQ2LWIyMDItNjQyNzhjMGQ4ZWJm
LzEvVk5iX0UwdldWdkRPRk5RUXNDdnNWUjYybWl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGsBggrBgEFBQcBBwEB/wSBnDCBmTCBgAQCAAEwegMEAi1V
iAMEAlBDLAMEA4K5WAMEArlILAMEArlPJAMEArldLAMEArldmAMEArmPYAMEArms
qAMEArm6HAMEArnEOAMEArnZzAMEArncLAMEArnsqAMEArnw6DAMAwQBwRv2AwQB
wRv4AwQCwaHcAwQCwj0QAwQC1dkYMBQEAgACMA4DBQMqAz1gAwUDKglQADANBgkq
hkiG9w0BAQsFAAOCAQEAFEtEY17LlwHw6AygdMjtb2QIQLpOy9aDW53LOWXLtsGP
+V84Y/ZlDm+s/zcbEcaMad9xLv+IvUehInpW2tCMo0Nywkpvy+FKHsb0zhrDKNWa
6lmLzWcSAV/aPXi2sKpJ/IVcYnE3o8ck2D6zC4f3LDrUdTDIfxPFXs1k9ObcmycL
6pJkC1hsi+PMOrCqaJ7aCSwok+oar2CtEQka9Qkf10oy1pfocPQxvfx9q3hdbq0n
Nf+buAzkP3mnwwvS2M4341NzicaoLOEhTPm5iVqhuFv4hAhVf7xIAOSTEDfaPDxP
Uj9g7FSq+JldJ1WjBiLFl94t04sHHXRCTEXnoUkx9Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:32 2024 by rpki-client on console-ams.rpki-client.org