Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/a9ff1a-d580-4b42-bd87-5597260f65ee/1/O6rPIunuJl1Oz9T18yrx6E2aQSs.roa
File: O6rPIunuJl1Oz9T18yrx6E2aQSs.roa (raw, json)
Hash identifier: rE2mgcepzbsLliw43J9GpRewz+fjmZDQ5SvCf+fwidY=
Subject key identifier: 3B:AA:CF:22:E9:EE:26:5D:4E:CF:D4:F5:F3:2A:F1:E8:4D:9A:41:2B
Certificate issuer: /CN=1902391799337601331f5a12af11e9f4f6421159
Certificate serial: 17E5B9E2
Authority key identifier: 19:02:39:17:99:33:76:01:33:1F:5A:12:AF:11:E9:F4:F6:42:11:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GQI5F5kzdgEzH1oSrxHp9PZCEVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/a9ff1a-d580-4b42-bd87-5597260f65ee/1/O6rPIunuJl1Oz9T18yrx6E2aQSs.roa
Signing time: Sat 01 Jan 2022 08:04:21 +0000
ROA not before: Sat 01 Jan 2022 08:04:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60427
IP address blocks: 185.87.236.0/24 maxlen: 24
194.5.183.0/24 maxlen: 24
80.240.107.0/24 maxlen: 24
185.64.131.0/24 maxlen: 24
185.64.129.0/24 maxlen: 24
185.64.130.0/24 maxlen: 24
185.64.128.0/24 maxlen: 24
185.64.128.0/22 maxlen: 22
2a03:14a0:2::/48 maxlen: 48
2a03:14a0:3::/48 maxlen: 48
2a03:14a0:1::/48 maxlen: 48
2a03:14a0:1301::/48 maxlen: 48
2a03:14a0:5::/48 maxlen: 48
2a03:14a0::/32 maxlen: 32
2a03:14a0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 400931298 (0x17e5b9e2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1902391799337601331f5a12af11e9f4f6421159
Validity
Not Before: Jan 1 08:04:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3baacf22e9ee265d4ecfd4f5f32af1e84d9a412b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:16:62:c2:a2:8f:68:0b:5b:c5:27:94:1d:73:
9e:9e:36:89:bb:3c:3f:92:cf:6f:85:ee:e3:ea:38:
2b:f7:b3:18:d0:fc:e3:88:3a:ec:fc:0a:6c:2e:b1:
fe:a0:19:e3:ad:59:3e:1b:ce:12:22:b9:88:ca:a0:
eb:d3:67:bb:b4:06:4b:d7:16:04:4f:2b:51:e6:1a:
78:8a:00:d9:f1:cf:d5:69:9e:c0:cc:63:a2:01:5b:
c1:93:ec:06:c4:d6:0c:a2:af:b7:c0:55:0a:24:c9:
70:6e:01:6b:4a:d1:5c:41:a1:b6:8c:38:0c:fb:74:
6c:21:06:37:55:75:83:2d:34:5c:36:03:d7:62:c2:
cd:9b:31:53:b5:04:17:92:7d:a2:e6:29:c6:2d:77:
a9:13:00:3a:7e:12:71:de:40:38:ee:b4:f0:c4:df:
68:45:93:82:5e:10:51:bd:3e:67:ec:aa:2a:1d:18:
7a:4c:5d:21:02:17:25:18:b4:0c:99:ef:c8:a5:26:
17:3b:35:ff:1a:25:44:63:ba:0f:0d:c9:5a:cd:f9:
be:f3:ac:02:b1:f8:0e:4b:94:12:41:fa:58:e2:91:
cc:49:32:85:7e:7b:16:7a:6f:26:3d:82:41:d5:9b:
78:da:a6:bb:9a:5c:54:dd:5b:5d:4e:54:89:14:d0:
5d:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:AA:CF:22:E9:EE:26:5D:4E:CF:D4:F5:F3:2A:F1:E8:4D:9A:41:2B
X509v3 Authority Key Identifier:
keyid:19:02:39:17:99:33:76:01:33:1F:5A:12:AF:11:E9:F4:F6:42:11:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GQI5F5kzdgEzH1oSrxHp9PZCEVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/a9ff1a-d580-4b42-bd87-5597260f65ee/1/O6rPIunuJl1Oz9T18yrx6E2aQSs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/a9ff1a-d580-4b42-bd87-5597260f65ee/1/GQI5F5kzdgEzH1oSrxHp9PZCEVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.240.107.0/24
185.64.128.0/22
185.87.236.0/24
194.5.183.0/24
IPv6:
2a03:14a0::/32
Signature Algorithm: sha256WithRSAEncryption
43:5c:bc:71:96:1f:e8:94:15:36:ea:e5:1c:90:1c:e8:88:9b:
1e:fb:74:e2:2c:bb:3e:89:83:57:bc:82:ee:0a:e8:7b:02:83:
51:08:ff:71:18:a5:ca:d9:37:16:e6:b3:99:25:2c:02:f0:7c:
63:0a:ed:5b:65:18:fc:46:76:20:da:97:39:7b:ad:e8:10:fd:
fe:4d:a7:2d:ed:24:24:b8:79:4b:f6:0e:f7:75:58:a9:2e:f4:
9a:33:41:dd:c3:f4:5e:40:c5:42:83:9a:74:2e:6d:a1:57:cd:
47:b4:d9:b9:34:91:1d:ab:f2:60:67:69:96:86:7d:88:43:ca:
bf:58:0f:7a:32:51:cb:33:1d:d2:ad:c5:4c:11:33:72:7a:00:
61:fb:3d:0b:8e:11:36:34:2a:e5:5d:a3:b8:23:81:88:b3:5b:
06:01:73:01:72:9c:f4:c0:87:78:f7:2c:8f:88:3d:a4:04:27:
81:3a:cc:d0:ad:77:87:95:c0:4e:cb:a5:e4:b4:b4:e1:9f:7b:
a1:35:51:32:0b:73:7c:82:8e:14:04:0d:d8:6b:7b:dc:6f:51:
5a:3b:1f:77:98:45:5c:4c:b7:07:b3:2e:3d:f2:89:69:1f:aa:
40:90:9f:d8:54:6c:de:05:a5:a5:f0:71:25:8b:26:05:46:9a:
5e:68:d8:27
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIEF+W54jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
OTAyMzkxNzk5MzM3NjAxMzMxZjVhMTJhZjExZTlmNGY2NDIxMTU5MB4XDTIyMDEw
MTA4MDQyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2JhYWNmMjJlOWVl
MjY1ZDRlY2ZkNGY1ZjMyYWYxZTg0ZDlhNDEyYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMMWYsKij2gLW8UnlB1znp42ibs8P5LPb4Xu4+o4K/ezGND8
44g67PwKbC6x/qAZ461ZPhvOEiK5iMqg69Nnu7QGS9cWBE8rUeYaeIoA2fHP1Wme
wMxjogFbwZPsBsTWDKKvt8BVCiTJcG4Ba0rRXEGhtow4DPt0bCEGN1V1gy00XDYD
12LCzZsxU7UEF5J9ouYpxi13qRMAOn4Scd5AOO608MTfaEWTgl4QUb0+Z+yqKh0Y
ekxdIQIXJRi0DJnvyKUmFzs1/xolRGO6Dw3JWs35vvOsArH4DkuUEkH6WOKRzEky
hX57FnpvJj2CQdWbeNqmu5pcVN1bXU5UiRTQXVECAwEAAaOCAiowggImMB0GA1Ud
DgQWBBQ7qs8i6e4mXU7P1PXzKvHoTZpBKzAfBgNVHSMEGDAWgBQZAjkXmTN2ATMf
WhKvEen09kIRWTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0dRSTVGNWt6ZGdFekgxb1NyeEhwOVBaQ0VWay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmYvYTlmZjFhLWQ1ODAtNGI0Mi1iZDg3LTU1OTcyNjBmNjVlZS8x
L082clBJdW51SmwxT3o5VDE4eXJ4NkUyYVFTcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmYv
YTlmZjFhLWQ1ODAtNGI0Mi1iZDg3LTU1OTcyNjBmNjVlZS8xL0dRSTVGNWt6ZGdF
ekgxb1NyeEhwOVBaQ0VWay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEAFDwawMEArlAgAMEALlX7AMEAMIF
tzANBAIAAjAHAwUAKgMUoDANBgkqhkiG9w0BAQsFAAOCAQEAQ1y8cZYf6JQVNurl
HJAc6IibHvt04iy7PomDV7yC7groewKDUQj/cRilytk3FuazmSUsAvB8YwrtW2UY
/EZ2INqXOXut6BD9/k2nLe0kJLh5S/YO93VYqS70mjNB3cP0XkDFQoOadC5toVfN
R7TZuTSRHavyYGdploZ9iEPKv1gPejJRyzMd0q3FTBEzcnoAYfs9C44RNjQq5V2j
uCOBiLNbBgFzAXKc9MCHePcsj4g9pAQngTrM0K13h5XATsul5LS04Z97oTVRMgtz
fIKOFAQN2Gt73G9RWjsfd5hFXEy3B7MuPfKJaR+qQJCf2FRs3gWlpfBxJYsmBUaa
XmjYJw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:05 2023 by rpki-client on console-fra.rpki-client.org