Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/01a103-5b25-4442-a892-0fe8399de727/1/6CVk2QuU0ACk0I7QXdpc7Fps3bg.roa
File: 6CVk2QuU0ACk0I7QXdpc7Fps3bg.roa (raw, json)
Hash identifier: yksm6LyT/EXM2nSRNBDQgDZAHFeqVfoq+RN6bQ4Szuc=
Subject key identifier: E8:25:64:D9:0B:94:D0:00:A4:D0:8E:D0:5D:DA:5C:EC:5A:6C:DD:B8
Certificate issuer: /CN=d28fcbdf572bcaf93e1544de10a176cb301106bb
Certificate serial: 050EF2FB
Authority key identifier: D2:8F:CB:DF:57:2B:CA:F9:3E:15:44:DE:10:A1:76:CB:30:11:06:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0o_L31cryvk-FUTeEKF2yzARBrs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/01a103-5b25-4442-a892-0fe8399de727/1/6CVk2QuU0ACk0I7QXdpc7Fps3bg.roa
Signing time: Sat 01 Jan 2022 11:56:33 +0000
ROA not before: Sat 01 Jan 2022 11:56:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20677
IP address blocks: 46.17.244.0/22 maxlen: 22
185.113.152.0/22 maxlen: 22
185.38.52.0/22 maxlen: 22
185.113.148.0/22 maxlen: 22
212.87.128.0/19 maxlen: 19
185.145.220.0/22 maxlen: 22
2a00:fac0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84865787 (0x50ef2fb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d28fcbdf572bcaf93e1544de10a176cb301106bb
Validity
Not Before: Jan 1 11:56:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e82564d90b94d000a4d08ed05dda5cec5a6cddb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:ed:b0:8f:7c:31:b8:da:79:d8:07:39:e5:98:
35:7a:26:1d:e1:15:51:bc:8f:4c:95:26:44:13:14:
1c:c6:dc:c7:c5:45:c1:93:94:b0:67:72:25:7b:1f:
bb:0b:cf:5d:88:a2:4b:31:f3:2b:be:63:3f:d4:38:
d3:6f:7b:85:77:4e:d3:d6:2a:ef:b6:75:fe:f9:3b:
2b:08:b3:1e:47:e4:f7:fe:b9:87:73:3c:6f:d9:5a:
e1:e8:44:72:89:8a:b1:54:ac:48:a9:61:69:0c:1e:
6c:b6:ce:d6:65:f4:94:5d:8e:1a:a9:94:f2:50:e9:
1e:f1:11:9c:36:7b:a1:24:f1:49:8c:07:77:25:3c:
8c:26:59:03:b1:68:09:bd:e0:c7:1a:56:53:1d:d7:
c4:3e:6e:61:7e:54:98:bf:65:d6:a2:b1:10:ce:f4:
f6:ce:7b:80:f3:74:e6:78:67:af:89:5b:ad:83:89:
d0:5a:ac:9d:dd:d4:f6:bc:10:e2:e2:47:ad:b4:30:
14:f9:ba:ac:0e:ec:14:ad:d7:0b:c8:9e:78:6b:df:
d8:81:9b:ed:cc:bb:4a:0c:7a:0b:0e:e9:3a:2c:2a:
b0:a1:67:cc:5f:77:06:74:65:39:9d:2c:a9:6b:63:
22:7f:6c:2d:d7:6c:89:64:24:f1:80:1e:61:bc:0b:
ac:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:25:64:D9:0B:94:D0:00:A4:D0:8E:D0:5D:DA:5C:EC:5A:6C:DD:B8
X509v3 Authority Key Identifier:
keyid:D2:8F:CB:DF:57:2B:CA:F9:3E:15:44:DE:10:A1:76:CB:30:11:06:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0o_L31cryvk-FUTeEKF2yzARBrs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/01a103-5b25-4442-a892-0fe8399de727/1/6CVk2QuU0ACk0I7QXdpc7Fps3bg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/01a103-5b25-4442-a892-0fe8399de727/1/0o_L31cryvk-FUTeEKF2yzARBrs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.17.244.0/22
185.38.52.0/22
185.113.148.0-185.113.155.255
185.145.220.0/22
212.87.128.0/19
IPv6:
2a00:fac0::/32
Signature Algorithm: sha256WithRSAEncryption
87:c3:42:c9:e6:1b:25:d7:e4:78:42:d9:59:35:89:7a:52:94:
f8:d7:63:50:1b:a2:13:ae:22:9a:11:be:89:bb:16:01:37:31:
4e:b6:19:7e:96:ba:88:38:be:d7:3f:f5:0f:b7:10:57:ff:fa:
3f:f3:f6:7e:1e:80:23:83:ff:5d:45:99:b8:fa:57:f2:94:c3:
08:45:b9:9b:56:20:89:1f:e5:31:19:89:90:c5:a6:97:08:84:
eb:ef:8b:13:90:c2:1d:8b:27:3c:9e:ab:62:77:29:78:32:02:
e4:59:8f:54:57:c8:47:ff:0f:f4:33:58:2b:ee:17:9c:c2:4b:
ec:57:96:d0:81:c7:42:d7:bf:c0:49:f6:2a:37:fc:94:d0:5a:
0d:2c:43:5f:ec:1a:28:34:73:30:8a:fa:98:e8:8e:62:94:41:
6f:c5:cf:b0:f0:7e:70:a2:66:f2:6d:7b:0f:c0:ab:16:fa:80:
99:f5:16:62:16:31:89:a4:f7:cc:23:5a:41:6b:e5:bc:c6:e9:
ae:60:f1:d0:37:f2:6e:70:40:51:b4:cd:fe:a9:d4:60:66:2e:
19:25:6e:60:08:c9:95:30:e8:ef:ff:f4:ac:d6:72:cc:a2:6a:
be:93:f9:49:7a:3d:2f:a6:30:1b:00:07:22:f1:1b:72:7d:0c:
d9:ae:25:9d
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgIEBQ7y+zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MjhmY2JkZjU3MmJjYWY5M2UxNTQ0ZGUxMGExNzZjYjMwMTEwNmJiMB4XDTIyMDEw
MTExNTYzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTgyNTY0ZDkwYjk0
ZDAwMGE0ZDA4ZWQwNWRkYTVjZWM1YTZjZGRiODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL3tsI98MbjaedgHOeWYNXomHeEVUbyPTJUmRBMUHMbcx8VF
wZOUsGdyJXsfuwvPXYiiSzHzK75jP9Q40297hXdO09Yq77Z1/vk7KwizHkfk9/65
h3M8b9la4ehEcomKsVSsSKlhaQwebLbO1mX0lF2OGqmU8lDpHvERnDZ7oSTxSYwH
dyU8jCZZA7FoCb3gxxpWUx3XxD5uYX5UmL9l1qKxEM709s57gPN05nhnr4lbrYOJ
0Fqsnd3U9rwQ4uJHrbQwFPm6rA7sFK3XC8ieeGvf2IGb7cy7Sgx6Cw7pOiwqsKFn
zF93BnRlOZ0sqWtjIn9sLddsiWQk8YAeYbwLrBsCAwEAAaOCAjgwggI0MB0GA1Ud
DgQWBBToJWTZC5TQAKTQjtBd2lzsWmzduDAfBgNVHSMEGDAWgBTSj8vfVyvK+T4V
RN4QoXbLMBEGuzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzBvX0wzMWNyeXZrLUZVVGVFS0YyeXpBUkJycy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmQvMDFhMTAzLTViMjUtNDQ0Mi1hODkyLTBmZTgzOTlkZTcyNy8x
LzZDVmsyUXVVMEFDazBJN1FYZHBjN0ZwczNiZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmQv
MDFhMTAzLTViMjUtNDQ0Mi1hODkyLTBmZTgzOTlkZTcyNy8xLzBvX0wzMWNyeXZr
LUZVVGVFS0YyeXpBUkJycy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBO
BggrBgEFBQcBBwEB/wQ/MD0wLAQCAAEwJgMEAi4R9AMEArkmNDAMAwQCuXGUAwQC
uXGYAwQCuZHcAwQF1FeAMA0EAgACMAcDBQAqAPrAMA0GCSqGSIb3DQEBCwUAA4IB
AQCHw0LJ5hsl1+R4QtlZNYl6UpT412NQG6ITriKaEb6JuxYBNzFOthl+lrqIOL7X
P/UPtxBX//o/8/Z+HoAjg/9dRZm4+lfylMMIRbmbViCJH+UxGYmQxaaXCITr74sT
kMIdiyc8nqtidyl4MgLkWY9UV8hH/w/0M1gr7hecwkvsV5bQgcdC17/ASfYqN/yU
0FoNLENf7BooNHMwivqY6I5ilEFvxc+w8H5wombybXsPwKsW+oCZ9RZiFjGJpPfM
I1pBa+W8xumuYPHQN/JucEBRtM3+qdRgZi4ZJW5gCMmVMOjv//Ss1nLMomq+k/lJ
ej0vpjAbAAci8RtyfQzZriWd
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:51 2024 by rpki-client on console-fra.rpki-client.org