Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/ZxI1CM6GzfG1M4n-yQ6c_8sjolM.roa
File: ZxI1CM6GzfG1M4n-yQ6c_8sjolM.roa (raw, json)
Hash identifier: VkdulLmj5L222lZtYcyD01ARAOrDFj+jThB4DR99vMM=
Subject key identifier: 67:12:35:08:CE:86:CD:F1:B5:33:89:FE:C9:0E:9C:FF:CB:23:A2:53
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 01830E2516D058BF020D2EBE659708A16BC7
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/ZxI1CM6GzfG1M4n-yQ6c_8sjolM.roa
Signing time: Mon 05 Sep 2022 14:54:15 +0000
ROA not before: Mon 05 Sep 2022 14:54:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213250
IP address blocks: 45.89.124.0/23 maxlen: 23
45.89.126.0/23 maxlen: 23
212.87.212.0/23 maxlen: 23
45.13.224.0/23 maxlen: 23
5.182.206.0/23 maxlen: 23
5.182.204.0/23 maxlen: 23
45.11.229.0/24 maxlen: 24
45.131.66.0/23 maxlen: 23
194.15.36.0/24 maxlen: 24
2.56.245.0/24 maxlen: 24
5.252.103.0/24 maxlen: 24
5.252.100.0/22 maxlen: 22
5.252.100.0/24 maxlen: 24
5.252.101.0/24 maxlen: 24
5.252.102.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:0e:25:16:d0:58:bf:02:0d:2e:be:65:97:08:a1:6b:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: Sep 5 14:54:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=67123508ce86cdf1b53389fec90e9cffcb23a253
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:96:cf:42:ec:28:61:4d:73:53:93:fd:b1:44:
44:89:bc:ab:27:fd:e5:6f:9b:95:25:3a:68:8e:29:
fd:77:82:3f:4f:2f:03:6f:42:a5:7f:82:5f:6c:1a:
6a:f5:b7:95:e2:f5:57:c3:b1:a9:31:7e:03:76:32:
4a:8d:75:9b:fb:62:9d:1b:67:26:c7:36:09:94:6d:
95:ab:b8:3d:f0:f1:4e:01:6f:ba:8b:68:f5:f7:e6:
c8:d1:49:a2:fc:65:ca:73:95:05:83:c8:fc:63:c1:
42:f9:32:45:ba:41:1a:f2:cb:5e:e9:74:e0:4d:95:
7c:7e:0a:9b:92:2f:d6:29:2e:b7:47:02:05:e8:52:
a7:92:e0:b5:5b:16:f0:61:3f:0b:52:31:1c:ec:41:
6e:5a:e8:15:c9:d7:ba:81:0a:85:af:55:0a:87:21:
29:ce:09:ac:a7:e1:54:a2:23:82:9f:cf:05:6c:fc:
f0:5c:08:e3:ad:d0:7f:38:7c:3d:33:4f:94:eb:82:
48:a5:58:a6:1d:16:f3:3e:42:90:91:14:09:2b:49:
78:60:ee:1a:69:41:01:1e:12:44:1c:5a:b5:a1:20:
c3:0f:64:7f:78:ec:4b:3b:92:f7:25:87:19:f0:00:
c3:21:45:77:41:25:36:55:af:3b:8b:f3:08:a5:2f:
04:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:12:35:08:CE:86:CD:F1:B5:33:89:FE:C9:0E:9C:FF:CB:23:A2:53
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/ZxI1CM6GzfG1M4n-yQ6c_8sjolM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.245.0/24
5.182.204.0/22
5.252.100.0/22
45.11.229.0/24
45.13.224.0/23
45.89.124.0/22
45.131.66.0/23
194.15.36.0/24
212.87.212.0/23
Signature Algorithm: sha256WithRSAEncryption
a2:f9:99:c9:fb:17:c1:7b:90:7b:cd:fd:b4:44:04:09:b0:39:
20:e9:64:a2:69:34:f4:74:9d:0e:91:7d:15:52:c5:29:d1:5f:
e6:7e:8b:34:b8:59:00:f0:8c:eb:83:3f:56:2d:59:dd:16:e7:
ca:5e:3a:a0:71:1b:eb:30:55:22:63:68:cc:1b:11:15:f3:1c:
42:66:03:db:5c:5e:bd:79:02:e1:52:ed:b9:d2:80:83:ef:9d:
ce:be:db:59:6f:62:1d:d9:82:23:25:36:75:82:1d:3d:e4:40:
f5:72:0c:b2:18:69:e9:18:5c:79:69:c1:40:7c:9f:28:82:8a:
6c:ba:6d:ea:12:f0:37:76:a2:08:72:69:c1:bb:29:ec:fd:88:
3d:16:43:0f:f6:fb:01:29:6f:a1:18:ce:d3:9e:a2:d2:73:65:
82:d8:9a:f7:0c:4f:05:d3:7e:11:c2:78:dd:54:cc:fa:13:89:
f4:4c:01:31:b5:20:fc:44:e5:df:92:6e:16:0e:a4:40:62:8d:
a6:32:a7:10:75:74:5b:27:3c:b6:c0:80:4d:f5:26:43:81:66:
f7:9b:e2:33:3c:04:fa:cb:d4:9d:0e:e0:68:f9:d1:56:6e:6b:
32:68:79:81:dd:9b:3a:36:31:31:88:7a:15:01:f9:0e:08:4c:
51:f5:9a:b5
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYMOJRbQWL8CDS6+ZZcIoWvHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjIwOTA1MTQ1NDE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzEyMzUwOGNlODZjZGYxYjUzMzg5ZmVjOTBlOWNmZmNiMjNhMjUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvpbPQuwoYU1zU5P9sUREibyrJ/3l
b5uVJTpojin9d4I/Ty8Db0Klf4JfbBpq9beV4vVXw7GpMX4DdjJKjXWb+2KdG2cm
xzYJlG2Vq7g98PFOAW+6i2j19+bI0Umi/GXKc5UFg8j8Y8FC+TJFukEa8ste6XTg
TZV8fgqbki/WKS63RwIF6FKnkuC1WxbwYT8LUjEc7EFuWugVyde6gQqFr1UKhyEp
zgmsp+FUoiOCn88FbPzwXAjjrdB/OHw9M0+U64JIpVimHRbzPkKQkRQJK0l4YO4a
aUEBHhJEHFq1oSDDD2R/eOxLO5L3JYcZ8ADDIUV3QSU2Va87i/MIpS8E1wIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFGcSNQjOhs3xtTOJ/skOnP/LI6JTMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvWnhJMUNNNkd6ZkcxTTRuLXlRNmNfOHNqb2xNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAAjj1AwQC
BbbMAwQCBfxkAwQALQvlAwQBLQ3gAwQCLVl8AwQBLYNCAwQAwg8kAwQB1FfUMA0G
CSqGSIb3DQEBCwUAA4IBAQCi+ZnJ+xfBe5B7zf20RAQJsDkg6WSiaTT0dJ0OkX0V
UsUp0V/mfos0uFkA8Izrgz9WLVndFufKXjqgcRvrMFUiY2jMGxEV8xxCZgPbXF69
eQLhUu250oCD753OvttZb2Id2YIjJTZ1gh095ED1cgyyGGnpGFx5acFAfJ8ogops
um3qEvA3dqIIcmnBuyns/Yg9FkMP9vsBKW+hGM7TnqLSc2WC2Jr3DE8F034Rwnjd
VMz6E4n0TAExtSD8ROXfkm4WDqRAYo2mMqcQdXRbJzy2wIBN9SZDgWb3m+IzPAT6
y9SdDuBo+dFWbmsyaHmB3Zs6NjExiHoVAfkOCExR9Zq1
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:19 2023 by rpki-client on console-ams.rpki-client.org