Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/6O0hI9Hmvtly-pzf7j6TSBLyEYs.roa
File: 6O0hI9Hmvtly-pzf7j6TSBLyEYs.roa (raw, json)
Hash identifier: sb4kgwMAsQ8f4g0vaKUP1M2X7XxTMxUrI+P+dgu/yss=
Subject key identifier: E8:ED:21:23:D1:E6:BE:D9:72:FA:9C:DF:EE:3E:93:48:12:F2:11:8B
Certificate issuer: /CN=fd37cc8f16b3c6cbd3346aa3ed61771f3e83ac97
Certificate serial: 01829F397FF3FDA02395CC6C2DB1BCEDB305
Authority key identifier: FD:37:CC:8F:16:B3:C6:CB:D3:34:6A:A3:ED:61:77:1F:3E:83:AC:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_TfMjxazxsvTNGqj7WF3Hz6DrJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/6O0hI9Hmvtly-pzf7j6TSBLyEYs.roa
Signing time: Mon 15 Aug 2022 01:58:41 +0000
ROA not before: Mon 15 Aug 2022 01:58:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1299
IP address blocks: 89.37.174.0/24 maxlen: 24
185.158.242.0/24 maxlen: 24
109.70.145.0/24 maxlen: 24
185.121.137.0/24 maxlen: 24
109.69.104.0/24 maxlen: 24
195.206.167.0/24 maxlen: 24
109.69.111.0/24 maxlen: 24
185.216.146.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:9f:39:7f:f3:fd:a0:23:95:cc:6c:2d:b1:bc:ed:b3:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fd37cc8f16b3c6cbd3346aa3ed61771f3e83ac97
Validity
Not Before: Aug 15 01:58:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e8ed2123d1e6bed972fa9cdfee3e934812f2118b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:67:c5:c3:13:a5:72:27:84:2a:a5:97:0c:0a:
2b:18:6c:eb:f0:98:78:b4:00:ac:5f:c4:6d:4f:ba:
15:ea:58:55:28:df:b6:53:39:ba:4c:4c:e1:0e:96:
9d:15:b0:b4:a3:a1:19:bd:7f:21:35:e3:15:43:c4:
ed:d6:5e:da:a4:f4:39:59:33:c3:05:42:2a:80:ac:
4c:7c:38:11:76:d5:d2:13:f4:9c:60:e7:7b:56:ae:
55:39:15:0c:a8:a8:28:71:9c:b9:30:d5:4f:30:cf:
a0:35:63:83:bf:b2:52:75:28:bd:a0:90:f3:bb:3d:
44:db:cf:58:c8:36:c7:a4:2b:89:30:93:79:18:1c:
db:f2:76:17:98:89:8f:27:a9:0f:dd:ed:b0:59:fa:
8a:06:3b:90:ed:2d:cb:b2:94:96:40:23:eb:c7:f8:
59:1c:f8:e5:5b:a7:50:72:ef:ed:6f:a9:ec:08:69:
6e:c2:db:53:21:2d:27:ee:b8:80:57:56:e2:10:23:
3a:09:dc:72:02:c8:5c:bb:fa:2b:3d:1b:92:fd:67:
6a:d0:32:43:f0:03:3d:aa:1c:9f:8a:bf:e4:02:9e:
b5:5b:50:98:c5:48:55:22:0d:10:62:51:0c:9c:80:
c9:fc:78:98:4f:60:20:b0:77:f3:35:01:b8:8e:48:
9c:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:ED:21:23:D1:E6:BE:D9:72:FA:9C:DF:EE:3E:93:48:12:F2:11:8B
X509v3 Authority Key Identifier:
keyid:FD:37:CC:8F:16:B3:C6:CB:D3:34:6A:A3:ED:61:77:1F:3E:83:AC:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_TfMjxazxsvTNGqj7WF3Hz6DrJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/6O0hI9Hmvtly-pzf7j6TSBLyEYs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/_TfMjxazxsvTNGqj7WF3Hz6DrJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.37.174.0/24
109.69.104.0/24
109.69.111.0/24
109.70.145.0/24
185.121.137.0/24
185.158.242.0/24
185.216.146.0/24
195.206.167.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:4e:69:fc:8c:41:5a:ba:42:06:2d:0d:10:a0:18:69:18:56:
03:ed:56:e0:3f:dc:7e:69:f1:6a:3f:60:8e:c0:34:0a:86:dd:
bb:f8:ae:cc:5a:8e:ca:c1:ec:af:16:3b:45:88:7d:61:f9:c3:
4b:81:16:65:b3:2d:c2:e6:50:6e:26:47:1d:41:22:e9:c7:7a:
58:25:fc:5d:3c:66:5f:1c:2b:15:04:57:3e:1f:4f:7f:78:c1:
84:5e:0e:10:b3:6f:89:90:7a:0a:c2:48:95:ad:bc:8d:af:57:
36:d3:58:68:8f:d5:d3:5f:c9:b2:84:5b:19:52:86:e3:3a:e6:
34:6e:b7:22:66:b4:a7:0c:ef:42:f6:a5:c2:54:4e:0a:af:29:
97:f3:15:61:18:cc:e9:4c:f8:f9:70:f7:b4:01:b2:fa:a2:36:
c3:33:e7:d2:ae:e9:ec:96:12:7f:66:59:b4:ba:bf:2e:5e:4d:
2b:f5:e3:89:20:3e:a0:b5:b3:86:83:9e:b5:4a:3b:e6:2d:f6:
c2:e9:fe:cf:f4:55:ea:6d:c4:56:b3:1a:cf:ea:d9:fc:c8:ff:
65:9e:40:2b:89:7f:19:7a:57:44:8a:7e:3f:c0:29:7f:a6:b0:
59:e4:f8:e6:e6:56:42:c6:c1:bb:89:bc:de:2e:c1:f0:79:8e:
c7:d7:18:4b
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYKfOX/z/aAjlcxsLbG87bMFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkMzdjYzhmMTZiM2M2Y2JkMzM0NmFhM2VkNjE3NzFmM2U4
M2FjOTcwHhcNMjIwODE1MDE1ODQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOGVkMjEyM2QxZTZiZWQ5NzJmYTljZGZlZTNlOTM0ODEyZjIxMThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt2fFwxOlcieEKqWXDAorGGzr8Jh4
tACsX8RtT7oV6lhVKN+2Uzm6TEzhDpadFbC0o6EZvX8hNeMVQ8Tt1l7apPQ5WTPD
BUIqgKxMfDgRdtXSE/ScYOd7Vq5VORUMqKgocZy5MNVPMM+gNWODv7JSdSi9oJDz
uz1E289YyDbHpCuJMJN5GBzb8nYXmImPJ6kP3e2wWfqKBjuQ7S3LspSWQCPrx/hZ
HPjlW6dQcu/tb6nsCGluwttTIS0n7riAV1biECM6CdxyAshcu/orPRuS/Wdq0DJD
8AM9qhyfir/kAp61W1CYxUhVIg0QYlEMnIDJ/HiYT2AgsHfzNQG4jkicFwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFOjtISPR5r7Zcvqc3+4+k0gS8hGLMB8GA1UdIwQY
MBaAFP03zI8Ws8bL0zRqo+1hdx8+g6yXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1RmTWp4YXp4c3ZUTkdxajdXRjNIejZEckpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8wNWUxN2YtZDMxZi00MzFmLWE4YmMt
N2UwNWFiNDFiNmU0LzEvNk8waEk5SG12dGx5LXB6ZjdqNlRTQkx5RVlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8wNWUxN2YtZDMxZi00MzFmLWE4YmMtN2UwNWFiNDFiNmU0
LzEvX1RmTWp4YXp4c3ZUTkdxajdXRjNIejZEckpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAWSWuAwQA
bUVoAwQAbUVvAwQAbUaRAwQAuXmJAwQAuZ7yAwQAudiSAwQAw86nMA0GCSqGSIb3
DQEBCwUAA4IBAQANTmn8jEFaukIGLQ0QoBhpGFYD7VbgP9x+afFqP2COwDQKht27
+K7MWo7KweyvFjtFiH1h+cNLgRZlsy3C5lBuJkcdQSLpx3pYJfxdPGZfHCsVBFc+
H09/eMGEXg4Qs2+JkHoKwkiVrbyNr1c201hoj9XTX8myhFsZUobjOuY0brciZrSn
DO9C9qXCVE4KrymX8xVhGMzpTPj5cPe0AbL6ojbDM+fSrunslhJ/Zlm0ur8uXk0r
9eOJID6gtbOGg561SjvmLfbC6f7P9FXqbcRWsxrP6tn8yP9lnkAriX8ZeldEin4/
wCl/prBZ5Pjm5lZCxsG7ibzeLsHweY7H1xhL
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:00 2024 by rpki-client on console-fra.rpki-client.org