Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/2u-a6-xK4R6pG4mJjHev5LU7SOU.roa
File: 2u-a6-xK4R6pG4mJjHev5LU7SOU.roa (raw, json)
Hash identifier: eNGAKyPIUrovcGhQjsz8uTi0tc4k0cfWTrGFEFW7c3I=
Subject key identifier: DA:EF:9A:EB:EC:4A:E1:1E:A9:1B:89:89:8C:77:AF:E4:B5:3B:48:E5
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 0182D5A3BA768636039CB74D5F1537FCB349
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/2u-a6-xK4R6pG4mJjHev5LU7SOU.roa
Signing time: Thu 25 Aug 2022 15:34:13 +0000
ROA not before: Thu 25 Aug 2022 15:34:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44486
IP address blocks: 45.145.227.0/24 maxlen: 24
5.180.252.0/23 maxlen: 23
5.180.254.0/23 maxlen: 23
185.132.55.0/24 maxlen: 24
185.132.54.0/24 maxlen: 24
45.137.71.0/24 maxlen: 24
45.131.109.0/24 maxlen: 24
5.253.244.0/24 maxlen: 24
45.145.224.0/23 maxlen: 23
45.91.251.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:d5:a3:ba:76:86:36:03:9c:b7:4d:5f:15:37:fc:b3:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: Aug 25 15:34:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=daef9aebec4ae11ea91b89898c77afe4b53b48e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:a9:4e:2e:c5:6b:78:95:74:ab:10:12:99:79:
ca:1c:52:4e:0c:02:42:ce:d2:30:e1:2b:82:28:c1:
86:d6:6a:f6:fd:bf:b2:73:05:b2:e2:1c:6d:a9:19:
7a:69:bd:30:a1:e8:8a:b4:ac:0b:77:bc:17:b2:91:
27:86:24:b8:c7:63:b4:67:c3:90:4e:0d:01:d8:6f:
24:ad:c9:bc:5c:5c:4f:62:41:49:b5:13:b4:b2:48:
de:9d:ba:a2:a3:c8:fd:b4:dd:b9:eb:0e:28:5d:bd:
3f:78:35:08:92:95:4e:a7:cc:83:de:2d:41:73:24:
14:97:3d:3b:2c:08:e4:66:53:f8:a0:b2:4b:c7:37:
f6:6b:e9:a4:47:5d:2d:89:0c:0f:1b:2c:25:3c:df:
dc:06:b4:38:8f:ac:d4:fb:76:4b:a6:82:af:ee:78:
c8:b5:e4:2c:29:99:b7:f6:75:64:67:71:d8:bd:0b:
04:53:1b:28:17:b1:90:53:58:f7:a0:4e:d5:b4:98:
33:59:93:41:7c:95:d4:17:e4:76:e9:fe:3d:f5:bf:
c4:12:01:78:b1:d3:54:5b:82:9c:4b:73:1b:44:a6:
f5:ad:08:f5:d2:dd:ce:fb:6c:3b:82:66:5e:f1:da:
19:44:19:a7:17:c1:16:3d:65:c3:52:bf:17:b1:9f:
47:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:EF:9A:EB:EC:4A:E1:1E:A9:1B:89:89:8C:77:AF:E4:B5:3B:48:E5
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/2u-a6-xK4R6pG4mJjHev5LU7SOU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.252.0/22
5.253.244.0/24
45.91.251.0/24
45.131.109.0/24
45.137.71.0/24
45.145.224.0/23
45.145.227.0/24
185.132.54.0/23
Signature Algorithm: sha256WithRSAEncryption
96:56:68:b6:e6:a3:77:bf:e4:91:8f:cb:b4:92:9c:25:be:90:
50:6e:d3:96:b5:ab:e0:e5:23:9d:fd:8b:39:49:a2:d7:37:18:
da:0f:51:3a:79:52:24:e5:6a:4e:42:a5:75:3c:5e:09:d8:56:
3d:8d:ef:07:d6:8e:04:0f:d0:9c:84:23:fa:57:67:64:46:f6:
e4:67:c7:ee:21:34:42:3e:c3:ca:16:43:95:c3:d7:96:c8:2b:
35:14:d3:69:ea:16:6c:1a:27:7a:7b:86:1c:b0:8e:c5:b6:39:
55:87:dc:a6:c7:4d:2e:a4:8f:7a:f3:73:13:26:98:9d:bd:e0:
bc:3b:2e:28:fe:d1:58:c0:dd:5a:19:2a:4b:a1:c0:4e:42:53:
ae:62:61:61:63:b0:bd:4c:70:d6:05:dc:e5:08:a4:b3:b7:e8:
6d:0c:8d:b8:3e:34:7d:a3:9d:e4:6c:9e:fc:12:6c:46:82:49:
65:62:75:1a:db:b0:90:b1:d7:51:d4:dc:0d:43:ba:55:2e:08:
d0:48:9b:ac:8f:26:60:95:0f:5c:c2:b5:6b:e8:04:d2:d1:7d:
af:01:fd:ba:ac:3a:ac:e2:10:26:37:cf:d2:88:a2:d3:bc:31:
55:45:52:d5:f7:53:88:d5:ae:ff:73:25:95:46:3e:3c:c6:8d:
2a:e7:55:9e
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYLVo7p2hjYDnLdNXxU3/LNJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjIwODI1MTUzNDEzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWVmOWFlYmVjNGFlMTFlYTkxYjg5ODk4Yzc3YWZlNGI1M2I0OGU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvKlOLsVreJV0qxASmXnKHFJODAJC
ztIw4SuCKMGG1mr2/b+ycwWy4hxtqRl6ab0woeiKtKwLd7wXspEnhiS4x2O0Z8OQ
Tg0B2G8krcm8XFxPYkFJtRO0skjenbqio8j9tN256w4oXb0/eDUIkpVOp8yD3i1B
cyQUlz07LAjkZlP4oLJLxzf2a+mkR10tiQwPGywlPN/cBrQ4j6zU+3ZLpoKv7njI
teQsKZm39nVkZ3HYvQsEUxsoF7GQU1j3oE7VtJgzWZNBfJXUF+R26f499b/EEgF4
sdNUW4KcS3MbRKb1rQj10t3O+2w7gmZe8doZRBmnF8EWPWXDUr8XsZ9H1QIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFNrvmuvsSuEeqRuJiYx3r+S1O0jlMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvMnUtYTYteEs0UjZwRzRtSmpIZXY1TFU3U09VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQCBbT8AwQA
Bf30AwQALVv7AwQALYNtAwQALYlHAwQBLZHgAwQALZHjAwQBuYQ2MA0GCSqGSIb3
DQEBCwUAA4IBAQCWVmi25qN3v+SRj8u0kpwlvpBQbtOWtavg5SOd/Ys5SaLXNxja
D1E6eVIk5WpOQqV1PF4J2FY9je8H1o4ED9CchCP6V2dkRvbkZ8fuITRCPsPKFkOV
w9eWyCs1FNNp6hZsGid6e4YcsI7FtjlVh9ymx00upI9683MTJpidveC8Oy4o/tFY
wN1aGSpLocBOQlOuYmFhY7C9THDWBdzlCKSzt+htDI24PjR9o53kbJ78EmxGgkll
YnUa27CQsddR1NwNQ7pVLgjQSJusjyZglQ9cwrVr6ATS0X2vAf26rDqs4hAmN8/S
iKLTvDFVRVLV91OI1a7/cyWVRj48xo0q51We
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:30 2023 by rpki-client on console-fra.rpki-client.org