Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7d21ee-a460-4c39-9e6f-c99795f3885f/1/bkT5Kd5N9AIPLnBouFn17T6UfRs.roa
File: bkT5Kd5N9AIPLnBouFn17T6UfRs.roa (raw, json)
Hash identifier: tYq4dJxqLs5XkuL88iY/aX1tlyt6iFH8O2RcltoiDLg=
Subject key identifier: 6E:44:F9:29:DE:4D:F4:02:0F:2E:70:68:B8:59:F5:ED:3E:94:7D:1B
Certificate issuer: /CN=d832da8d458849d5f40ba6f0b9208f8585d9e23e
Certificate serial: 36C9BB66
Authority key identifier: D8:32:DA:8D:45:88:49:D5:F4:0B:A6:F0:B9:20:8F:85:85:D9:E2:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2DLajUWISdX0C6bwuSCPhYXZ4j4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7d21ee-a460-4c39-9e6f-c99795f3885f/1/bkT5Kd5N9AIPLnBouFn17T6UfRs.roa
Signing time: Sat 01 Jan 2022 16:06:21 +0000
ROA not before: Sat 01 Jan 2022 16:06:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50295
IP address blocks: 185.66.80.0/22 maxlen: 22
185.47.112.0/22 maxlen: 22
37.203.216.0/21 maxlen: 21
93.187.8.0/21 maxlen: 24
185.101.60.0/22 maxlen: 22
2a01:8ee0::/32 maxlen: 32
2a00:1f00::/32 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 919190374 (0x36c9bb66)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d832da8d458849d5f40ba6f0b9208f8585d9e23e
Validity
Not Before: Jan 1 16:06:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6e44f929de4df4020f2e7068b859f5ed3e947d1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:d7:8f:7e:50:cc:d8:95:c7:f3:6f:c6:af:0e:
9e:8a:14:89:de:2d:a1:db:ff:65:cb:af:dd:cf:b5:
13:fd:76:48:40:3a:17:4c:ab:c7:7b:34:d0:04:5d:
aa:9a:ef:f4:ea:27:aa:c1:d5:af:ef:be:5c:7b:ee:
82:d4:53:99:3e:49:15:db:db:7b:36:e4:09:5f:4f:
3a:6b:7b:01:3e:75:b3:26:ac:62:31:ae:4d:3d:85:
8e:ed:ae:95:50:f0:01:f1:4f:fc:f2:b0:fa:f7:be:
e3:ba:b2:06:ac:57:05:86:2e:b3:a6:b7:64:b7:60:
5d:55:b1:77:ab:ae:74:ee:c8:dc:c3:a6:d1:24:5c:
28:7b:94:13:ce:a4:e7:64:8d:d9:c2:8a:fe:8a:5e:
28:21:af:e5:74:09:3c:44:ae:59:06:aa:9e:2f:5c:
28:ff:ec:59:50:20:e9:8f:e7:94:19:72:76:a5:16:
06:c1:c2:d5:fa:08:57:53:57:30:56:44:de:2b:5b:
90:fb:5b:1b:f4:91:40:fd:50:d3:44:1d:fe:7a:df:
10:be:72:d8:97:44:56:3a:d4:23:36:b1:b2:4c:b7:
8a:c3:dd:1b:af:5f:7e:d5:5b:6c:b5:62:a5:99:3f:
82:95:eb:7b:8a:2c:9a:c3:0d:03:fd:c7:f8:d8:c2:
80:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:44:F9:29:DE:4D:F4:02:0F:2E:70:68:B8:59:F5:ED:3E:94:7D:1B
X509v3 Authority Key Identifier:
keyid:D8:32:DA:8D:45:88:49:D5:F4:0B:A6:F0:B9:20:8F:85:85:D9:E2:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2DLajUWISdX0C6bwuSCPhYXZ4j4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7d21ee-a460-4c39-9e6f-c99795f3885f/1/bkT5Kd5N9AIPLnBouFn17T6UfRs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7d21ee-a460-4c39-9e6f-c99795f3885f/1/2DLajUWISdX0C6bwuSCPhYXZ4j4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.203.216.0/21
93.187.8.0/21
185.47.112.0/22
185.66.80.0/22
185.101.60.0/22
IPv6:
2a00:1f00::/32
2a01:8ee0::/32
Signature Algorithm: sha256WithRSAEncryption
90:ac:06:2c:31:6e:fb:0c:1f:43:4f:55:f0:2c:a7:27:86:8a:
0e:68:42:83:41:08:7c:99:8b:7b:a3:89:a9:1a:0b:e8:3f:f7:
f0:80:80:94:ce:d6:d4:3c:f1:3c:2e:db:b3:30:c7:6e:aa:f0:
13:e4:fa:c6:c6:68:09:f9:49:5e:5c:d0:0d:05:65:34:db:dc:
6e:fa:5b:75:14:45:06:4c:64:24:f8:52:5c:27:19:98:21:0f:
4e:88:67:bd:ce:7e:3f:78:81:ea:28:22:2d:c8:10:b6:f6:13:
cd:3f:f8:26:3a:8f:f5:93:d9:8f:93:94:98:4e:9d:39:7a:ea:
e5:be:aa:75:2b:5f:a4:13:5d:7d:87:b6:eb:76:77:99:8d:cc:
8c:cf:d1:0c:96:d7:1e:40:12:e2:6e:1c:3a:83:00:74:ac:91:
be:b8:5d:8e:c2:b1:9d:26:f7:1b:dd:02:89:76:a0:8a:6b:50:
cd:ed:8c:6e:ee:c4:f9:20:bd:fe:59:37:88:11:69:8d:6f:ab:
a2:ed:4f:1e:3f:4f:64:1f:3e:b6:f7:7f:b4:a3:20:88:8b:82:
02:a9:2e:4e:0d:7d:58:92:eb:18:68:1c:d5:86:47:92:cf:a4:
35:79:7f:23:c8:fd:e0:48:31:29:a3:fb:57:1e:2d:7a:e9:d4:
73:e1:36:ac
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgIENsm7ZjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
ODMyZGE4ZDQ1ODg0OWQ1ZjQwYmE2ZjBiOTIwOGY4NTg1ZDllMjNlMB4XDTIyMDEw
MTE2MDYyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmU0NGY5MjlkZTRk
ZjQwMjBmMmU3MDY4Yjg1OWY1ZWQzZTk0N2QxYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKbXj35QzNiVx/Nvxq8OnooUid4todv/Zcuv3c+1E/12SEA6
F0yrx3s00ARdqprv9OonqsHVr+++XHvugtRTmT5JFdvbezbkCV9POmt7AT51syas
YjGuTT2Fju2ulVDwAfFP/PKw+ve+47qyBqxXBYYus6a3ZLdgXVWxd6uudO7I3MOm
0SRcKHuUE86k52SN2cKK/opeKCGv5XQJPESuWQaqni9cKP/sWVAg6Y/nlBlydqUW
BsHC1foIV1NXMFZE3itbkPtbG/SRQP1Q00Qd/nrfEL5y2JdEVjrUIzaxsky3isPd
G69fftVbbLVipZk/gpXre4osmsMNA/3H+NjCgLMCAwEAAaOCAjcwggIzMB0GA1Ud
DgQWBBRuRPkp3k30Ag8ucGi4WfXtPpR9GzAfBgNVHSMEGDAWgBTYMtqNRYhJ1fQL
pvC5II+FhdniPjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJETGFqVVdJU2RYMEM2Ynd1U0NQaFlYWjRqNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWIvN2QyMWVlLWE0NjAtNGMzOS05ZTZmLWM5OTc5NWYzODg1Zi8x
L2JrVDVLZDVOOUFJUExuQm91Rm4xN1Q2VWZScy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWIv
N2QyMWVlLWE0NjAtNGMzOS05ZTZmLWM5OTc5NWYzODg1Zi8xLzJETGFqVVdJU2RY
MEM2Ynd1U0NQaFlYWjRqNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBN
BggrBgEFBQcBBwEB/wQ+MDwwJAQCAAEwHgMEAyXL2AMEA127CAMEArkvcAMEArlC
UAMEArllPDAUBAIAAjAOAwUAKgAfAAMFACoBjuAwDQYJKoZIhvcNAQELBQADggEB
AJCsBiwxbvsMH0NPVfAspyeGig5oQoNBCHyZi3ujiakaC+g/9/CAgJTO1tQ88Twu
27Mwx26q8BPk+sbGaAn5SV5c0A0FZTTb3G76W3UURQZMZCT4UlwnGZghD06IZ73O
fj94geooIi3IELb2E80/+CY6j/WT2Y+TlJhOnTl66uW+qnUrX6QTXX2Htut2d5mN
zIzP0QyW1x5AEuJuHDqDAHSskb64XY7CsZ0m9xvdAol2oIprUM3tjG7uxPkgvf5Z
N4gRaY1vq6LtTx4/T2QfPrb3f7SjIIiLggKpLk4NfViS6xhoHNWGR5LPpDV5fyPI
/eBIMSmj+1ceLXrp1HPhNqw=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:21 2023 by rpki-client on console.sobornost.net