Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/60fec7-0b51-4446-9b5d-c741c27b4e22/1/mV2B9YADIKWTl0Z08bIDh-2r8bg.roa
File: mV2B9YADIKWTl0Z08bIDh-2r8bg.roa (raw, json)
Hash identifier: gTob6MkK+G37eb7BSylAXDN5DJhy7yC9VPHdj6Y4pVM=
Subject key identifier: 99:5D:81:F5:80:03:20:A5:93:97:46:74:F1:B2:03:87:ED:AB:F1:B8
Certificate issuer: /CN=3f96240998fce4124c3cb4dfbacbb0ed1618405a
Certificate serial: 0184BDDA726219D99C6CCE5BBF0680A8EB36
Authority key identifier: 3F:96:24:09:98:FC:E4:12:4C:3C:B4:DF:BA:CB:B0:ED:16:18:40:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P5YkCZj85BJMPLTfusuw7RYYQFo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/60fec7-0b51-4446-9b5d-c741c27b4e22/1/mV2B9YADIKWTl0Z08bIDh-2r8bg.roa
Signing time: Mon 28 Nov 2022 10:48:40 +0000
ROA not before: Mon 28 Nov 2022 10:48:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198101
IP address blocks: 185.52.216.0/24 maxlen: 24
185.52.216.0/22 maxlen: 22
185.52.218.0/24 maxlen: 24
185.52.217.0/24 maxlen: 24
185.52.219.0/24 maxlen: 24
185.74.204.0/22 maxlen: 22
185.74.205.0/24 maxlen: 24
185.74.204.0/24 maxlen: 24
185.74.206.0/24 maxlen: 24
185.74.207.0/24 maxlen: 24
2a03:4760::/32 maxlen: 32
2a03:4760:b::/48 maxlen: 48
2a04:bf80::/29 maxlen: 29
2a03:4760::/29 maxlen: 48
2a03:4760:a::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:bd:da:72:62:19:d9:9c:6c:ce:5b:bf:06:80:a8:eb:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3f96240998fce4124c3cb4dfbacbb0ed1618405a
Validity
Not Before: Nov 28 10:48:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=995d81f5800320a593974674f1b20387edabf1b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:a2:7a:f0:d4:a6:e3:47:e1:e5:4d:2c:50:22:
fb:68:f7:3a:d7:00:76:41:93:9a:44:3a:44:54:89:
82:e4:68:5c:cc:31:17:50:a7:92:99:bc:ab:7c:91:
6c:22:a7:fb:55:59:f4:f5:88:90:d0:8e:03:18:9e:
94:fa:42:33:62:9e:f3:f3:52:b6:c6:83:ba:46:d2:
6f:7c:36:b8:57:2a:01:93:0d:90:8c:5e:ed:32:ce:
ae:44:19:61:f3:fe:4c:e4:f8:8b:66:90:5a:36:9e:
43:a8:b0:24:95:a5:2a:ee:80:5d:29:2d:87:15:3b:
75:40:db:84:d2:80:01:34:13:ed:6c:c2:47:a9:1d:
27:ee:0b:d9:32:77:3e:01:b8:53:f3:14:fb:bd:d2:
5a:99:26:e6:81:f1:ee:e6:f1:1f:f9:9d:27:69:2c:
18:da:43:de:58:35:ca:c4:97:ca:14:1e:5b:ad:c3:
66:f5:b3:e5:fd:41:83:81:00:2b:91:7f:17:14:47:
33:1f:2e:4c:8f:dc:19:ef:a8:97:5a:2d:08:56:ef:
0d:4b:d2:d3:39:9a:28:6d:ad:9e:93:b7:ae:99:20:
16:4f:cc:16:53:34:36:3f:1e:55:f8:13:47:8b:b9:
6a:23:14:fc:a4:22:25:06:75:42:79:75:5c:89:cf:
3a:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:5D:81:F5:80:03:20:A5:93:97:46:74:F1:B2:03:87:ED:AB:F1:B8
X509v3 Authority Key Identifier:
keyid:3F:96:24:09:98:FC:E4:12:4C:3C:B4:DF:BA:CB:B0:ED:16:18:40:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P5YkCZj85BJMPLTfusuw7RYYQFo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/60fec7-0b51-4446-9b5d-c741c27b4e22/1/mV2B9YADIKWTl0Z08bIDh-2r8bg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/60fec7-0b51-4446-9b5d-c741c27b4e22/1/P5YkCZj85BJMPLTfusuw7RYYQFo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.52.216.0/22
185.74.204.0/22
IPv6:
2a03:4760::/29
2a04:bf80::/29
Signature Algorithm: sha256WithRSAEncryption
15:23:5f:74:b8:a8:6e:60:e2:cb:09:a1:06:69:a9:bc:03:f0:
8d:67:bd:e3:c0:15:8f:0c:d9:f5:5a:73:0c:fe:dd:9f:b1:19:
81:f3:f3:36:5c:3e:d0:d8:22:26:70:cb:c2:a3:55:3c:85:45:
94:1f:3a:4f:f6:b1:ea:b6:70:8f:7c:29:60:f1:21:a6:11:2f:
96:d5:73:03:f0:dc:49:da:d5:90:b0:8d:79:ae:62:1e:c9:1b:
ff:ed:88:5a:c6:7a:f2:6e:a3:ab:0d:80:e9:1f:a2:03:7d:53:
7e:04:92:2d:f9:d2:65:f7:70:4a:2d:a9:d3:67:29:35:0a:50:
e5:f1:14:4d:df:b5:88:a8:3b:f9:c4:37:c8:ee:c4:7c:be:fe:
81:99:54:05:3d:ea:32:04:7a:8b:49:19:02:b8:4c:71:2a:30:
d5:ac:f6:fa:2c:dc:ee:cc:fa:af:b3:bd:40:ed:3b:a8:a9:ed:
01:2f:33:8e:9a:5e:8b:ba:68:8b:09:8b:dc:3c:ae:f0:01:0d:
a4:6f:05:25:f4:ef:af:01:08:eb:50:71:83:fe:f6:bd:03:ad:
bd:52:13:fe:6e:46:9b:db:be:68:41:d4:59:51:22:18:d0:2b:
e6:e7:57:fb:b6:de:1f:10:8f:22:eb:b7:68:ec:c9:ed:44:cf:
bf:6b:d5:b7
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYS92nJiGdmcbM5bvwaAqOs2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmOTYyNDA5OThmY2U0MTI0YzNjYjRkZmJhY2JiMGVkMTYx
ODQwNWEwHhcNMjIxMTI4MTA0ODQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTVkODFmNTgwMDMyMGE1OTM5NzQ2NzRmMWIyMDM4N2VkYWJmMWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkqJ68NSm40fh5U0sUCL7aPc61wB2
QZOaRDpEVImC5GhczDEXUKeSmbyrfJFsIqf7VVn09YiQ0I4DGJ6U+kIzYp7z81K2
xoO6RtJvfDa4VyoBkw2QjF7tMs6uRBlh8/5M5PiLZpBaNp5DqLAklaUq7oBdKS2H
FTt1QNuE0oABNBPtbMJHqR0n7gvZMnc+AbhT8xT7vdJamSbmgfHu5vEf+Z0naSwY
2kPeWDXKxJfKFB5brcNm9bPl/UGDgQArkX8XFEczHy5Mj9wZ76iXWi0IVu8NS9LT
OZooba2ek7eumSAWT8wWUzQ2Px5V+BNHi7lqIxT8pCIlBnVCeXVcic86CQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFJldgfWAAyClk5dGdPGyA4ftq/G4MB8GA1UdIwQY
MBaAFD+WJAmY/OQSTDy037rLsO0WGEBaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDVZa0Naajg1QkpNUExUZnVzdXc3UllZUUZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi82MGZlYzctMGI1MS00NDQ2LTliNWQt
Yzc0MWMyN2I0ZTIyLzEvbVYyQjlZQURJS1dUbDBaMDhiSURoLTJyOGJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi82MGZlYzctMGI1MS00NDQ2LTliNWQtYzc0MWMyN2I0ZTIy
LzEvUDVZa0Naajg1QkpNUExUZnVzdXc3UllZUUZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCuTTYAwQC
uUrMMBQEAgACMA4DBQMqA0dgAwUDKgS/gDANBgkqhkiG9w0BAQsFAAOCAQEAFSNf
dLiobmDiywmhBmmpvAPwjWe948AVjwzZ9VpzDP7dn7EZgfPzNlw+0NgiJnDLwqNV
PIVFlB86T/ax6rZwj3wpYPEhphEvltVzA/DcSdrVkLCNea5iHskb/+2IWsZ68m6j
qw2A6R+iA31TfgSSLfnSZfdwSi2p02cpNQpQ5fEUTd+1iKg7+cQ3yO7EfL7+gZlU
BT3qMgR6i0kZArhMcSow1az2+izc7sz6r7O9QO07qKntAS8zjppei7poiwmL3Dyu
8AENpG8FJfTvrwEI61Bxg/72vQOtvVIT/m5Gm9u+aEHUWVEiGNAr5udX+7beHxCP
Iuu3aOzJ7UTPv2vVtw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:11 2024 by rpki-client on console-fra.rpki-client.org