Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/cae319-5571-46f9-b57d-be065e1ac067/1/B3Ylqg5u34e5XAz4jgvVC1lFlgw.roa
File: B3Ylqg5u34e5XAz4jgvVC1lFlgw.roa (raw, json)
Hash identifier: 8SvMKk1C/rtPX35ovfNZ1L+5W6EK9lpZzcxqzRd+kcA=
Subject key identifier: 07:76:25:AA:0E:6E:DF:87:B9:5C:0C:F8:8E:0B:D5:0B:59:45:96:0C
Certificate issuer: /CN=ad2cf03e44da28b7319ea7b7b5b110b9b8cb7a70
Certificate serial: 0D170E6D
Authority key identifier: AD:2C:F0:3E:44:DA:28:B7:31:9E:A7:B7:B5:B1:10:B9:B8:CB:7A:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rSzwPkTaKLcxnqe3tbEQubjLenA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/cae319-5571-46f9-b57d-be065e1ac067/1/B3Ylqg5u34e5XAz4jgvVC1lFlgw.roa
Signing time: Sat 01 Jan 2022 10:53:42 +0000
ROA not before: Sat 01 Jan 2022 10:53:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2586
IP address blocks: 194.204.0.0/18 maxlen: 20
178.23.112.0/21 maxlen: 23
81.90.112.0/20 maxlen: 23
194.150.64.0/22 maxlen: 24
185.13.16.0/22 maxlen: 24
95.129.192.0/21 maxlen: 23
87.119.160.0/19 maxlen: 21
94.246.216.0/21 maxlen: 22
146.255.176.0/21 maxlen: 23
2001:1530::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 219614829 (0xd170e6d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad2cf03e44da28b7319ea7b7b5b110b9b8cb7a70
Validity
Not Before: Jan 1 10:53:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=077625aa0e6edf87b95c0cf88e0bd50b5945960c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:27:44:ce:6c:b3:60:15:54:00:50:70:a3:6e:
91:d8:1d:2d:de:45:98:d7:75:ac:ed:ca:b7:94:9f:
82:dd:08:27:c6:13:a0:fd:dc:e7:a1:94:12:1c:63:
c7:7b:6c:38:a6:ab:b9:a9:7f:6c:cc:0f:28:2b:e6:
f6:11:ad:d9:87:72:17:e2:37:82:59:30:3b:53:34:
0b:ed:2f:e5:e7:e4:cf:a6:67:aa:0c:7d:66:98:7f:
a4:1d:6d:b0:f0:e0:fc:9a:f4:96:36:79:31:8f:db:
2e:ab:e1:16:f6:4d:6b:59:22:86:76:a5:c3:1b:8d:
5c:7e:35:69:54:87:db:2a:46:be:00:92:35:55:22:
2e:c6:5c:98:ac:34:14:b0:a0:7d:84:b4:38:95:70:
00:d0:ac:8e:d7:44:4e:ae:84:38:87:4e:1e:6d:ff:
06:f2:c5:2d:af:56:fb:1b:88:40:58:44:54:93:d3:
75:e7:ee:c3:dd:76:23:a2:09:27:48:b6:e6:58:22:
24:f9:8c:1d:93:15:68:20:f5:d8:35:9c:ed:9e:df:
8b:f4:ec:c6:3d:dc:3d:36:26:2c:17:77:15:6d:1b:
46:d4:2b:61:e8:02:f0:ef:70:f2:1a:d0:3a:c2:15:
e2:e5:e6:6b:7b:92:42:3b:e3:25:67:e7:50:95:8b:
ef:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:76:25:AA:0E:6E:DF:87:B9:5C:0C:F8:8E:0B:D5:0B:59:45:96:0C
X509v3 Authority Key Identifier:
keyid:AD:2C:F0:3E:44:DA:28:B7:31:9E:A7:B7:B5:B1:10:B9:B8:CB:7A:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rSzwPkTaKLcxnqe3tbEQubjLenA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/cae319-5571-46f9-b57d-be065e1ac067/1/B3Ylqg5u34e5XAz4jgvVC1lFlgw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/cae319-5571-46f9-b57d-be065e1ac067/1/rSzwPkTaKLcxnqe3tbEQubjLenA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.90.112.0/20
87.119.160.0/19
94.246.216.0/21
95.129.192.0/21
146.255.176.0/21
178.23.112.0/21
185.13.16.0/22
194.150.64.0/22
194.204.0.0/18
IPv6:
2001:1530::/32
Signature Algorithm: sha256WithRSAEncryption
67:2c:43:c8:1b:28:fb:6a:77:8b:ef:0f:f4:2d:27:3a:d4:41:
a8:cf:0d:46:33:d0:11:da:6f:5a:c5:90:8f:33:df:f5:8b:38:
97:eb:9b:4a:be:84:0a:a7:8e:e3:b7:1a:da:11:5e:a2:5e:b5:
c7:ad:8d:83:32:2a:70:87:85:d3:14:e2:6d:1d:ea:b8:0c:cd:
d6:2e:17:49:7e:3b:1f:15:16:e0:52:1a:0c:6a:a7:ed:8b:1d:
7e:42:bc:a2:99:d1:3e:86:b2:a3:0e:b0:a2:bd:83:53:06:4d:
b7:fe:37:95:27:48:53:98:3b:72:be:4b:56:27:e0:3b:b4:4e:
7e:1b:f9:29:0b:fe:af:b3:1a:42:b6:59:a8:0b:f5:38:fc:c0:
56:e4:56:6c:62:4b:03:06:a6:8e:fd:ad:84:2a:72:64:2d:83:
3a:a6:aa:47:0a:30:16:c7:71:98:f3:a3:8a:1e:8c:ee:63:0b:
3e:c6:ef:01:42:f9:45:69:70:79:ee:cd:35:89:af:30:cc:7b:
8a:06:4e:87:fa:67:71:ae:cd:36:f4:58:59:f2:53:1c:40:b0:
1e:e0:f9:1c:ef:a4:bc:a0:28:f0:0d:e1:e2:52:06:80:96:95:
cf:1d:16:ac:05:f6:00:b0:8a:75:43:75:f6:91:7a:69:66:fa:
25:f8:eb:ee
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgIEDRcObTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZDJjZjAzZTQ0ZGEyOGI3MzE5ZWE3YjdiNWIxMTBiOWI4Y2I3YTcwMB4XDTIyMDEw
MTEwNTM0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDc3NjI1YWEwZTZl
ZGY4N2I5NWMwY2Y4OGUwYmQ1MGI1OTQ1OTYwYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKonRM5ss2AVVABQcKNukdgdLd5FmNd1rO3Kt5Sfgt0IJ8YT
oP3c56GUEhxjx3tsOKarual/bMwPKCvm9hGt2YdyF+I3glkwO1M0C+0v5efkz6Zn
qgx9Zph/pB1tsPDg/Jr0ljZ5MY/bLqvhFvZNa1kihnalwxuNXH41aVSH2ypGvgCS
NVUiLsZcmKw0FLCgfYS0OJVwANCsjtdETq6EOIdOHm3/BvLFLa9W+xuIQFhEVJPT
defuw912I6IJJ0i25lgiJPmMHZMVaCD12DWc7Z7fi/Tsxj3cPTYmLBd3FW0bRtQr
YegC8O9w8hrQOsIV4uXma3uSQjvjJWfnUJWL74UCAwEAAaOCAkgwggJEMB0GA1Ud
DgQWBBQHdiWqDm7fh7lcDPiOC9ULWUWWDDAfBgNVHSMEGDAWgBStLPA+RNootzGe
p7e1sRC5uMt6cDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3JTendQa1RhS0xjeG5xZTN0YkVRdWJqTGVuQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjkvY2FlMzE5LTU1NzEtNDZmOS1iNTdkLWJlMDY1ZTFhYzA2Ny8x
L0IzWWxxZzV1MzRlNVhBejRqZ3ZWQzFsRmxndy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjkv
Y2FlMzE5LTU1NzEtNDZmOS1iNTdkLWJlMDY1ZTFhYzA2Ny8xL3JTendQa1RhS0xj
eG5xZTN0YkVRdWJqTGVuQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBe
BggrBgEFBQcBBwEB/wRPME0wPAQCAAEwNgMEBFFacAMEBVd3oAMEA1722AMEA1+B
wAMEA5L/sAMEA7IXcAMEArkNEAMEAsKWQAMEBsLMADANBAIAAjAHAwUAIAEVMDAN
BgkqhkiG9w0BAQsFAAOCAQEAZyxDyBso+2p3i+8P9C0nOtRBqM8NRjPQEdpvWsWQ
jzPf9Ys4l+ubSr6ECqeO47ca2hFeol61x62NgzIqcIeF0xTibR3quAzN1i4XSX47
HxUW4FIaDGqn7YsdfkK8opnRPoayow6wor2DUwZNt/43lSdIU5g7cr5LVifgO7RO
fhv5KQv+r7MaQrZZqAv1OPzAVuRWbGJLAwamjv2thCpyZC2DOqaqRwowFsdxmPOj
ih6M7mMLPsbvAUL5RWlwee7NNYmvMMx7igZOh/pnca7NNvRYWfJTHECwHuD5HO+k
vKAo8A3h4lIGgJaVzx0WrAX2ALCKdUN19pF6aWb6Jfjr7g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:22 2024 by rpki-client on console-fra.rpki-client.org