Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/hasMj7H9R-bmAQLLUsk_oNYkbBI.roa
File: hasMj7H9R-bmAQLLUsk_oNYkbBI.roa (raw, json)
Hash identifier: 3Hk6q+O8YSzHgnKEiRChNpRrfrYJdgupUYU7tdCfnWg=
Subject key identifier: 85:AB:0C:8F:B1:FD:47:E6:E6:01:02:CB:52:C9:3F:A0:D6:24:6C:12
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018456DA654205543759D445EA5DFAA8AF4C
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/hasMj7H9R-bmAQLLUsk_oNYkbBI.roa
Signing time: Tue 08 Nov 2022 10:47:44 +0000
ROA not before: Tue 08 Nov 2022 10:47:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43260
IP address blocks: 77.83.39.0/24 maxlen: 24
85.209.120.0/23 maxlen: 24
45.144.214.0/24 maxlen: 24
45.144.215.0/24 maxlen: 24
45.138.181.0/24 maxlen: 24
45.138.182.0/24 maxlen: 24
45.138.180.0/24 maxlen: 24
45.138.183.0/24 maxlen: 24
77.83.38.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:56:da:65:42:05:54:37:59:d4:45:ea:5d:fa:a8:af:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Nov 8 10:47:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=85ab0c8fb1fd47e6e60102cb52c93fa0d6246c12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:bc:fe:df:d6:71:61:f6:4f:ee:ff:18:e9:de:
1d:62:bf:04:c4:7a:fc:50:26:16:06:b3:93:c1:6e:
12:86:dc:b7:12:81:d6:47:65:d6:3b:e3:a5:62:12:
ac:21:08:10:c3:eb:69:5b:ad:31:90:8a:32:b6:99:
19:9f:09:bd:0a:72:c5:4f:67:75:3f:46:5f:fa:d4:
18:d9:7d:84:ef:b0:fc:61:80:30:0a:7d:cf:63:54:
5c:c5:60:23:d3:02:4c:b2:d0:3d:f2:57:e7:42:4d:
17:1b:f7:b7:69:06:21:b6:e0:0d:dd:18:5d:9a:f6:
71:8c:34:df:c2:af:a9:60:98:0a:f1:8d:c7:9d:b2:
e8:20:59:9e:05:a2:46:b7:67:7f:71:27:b0:3f:94:
1b:98:7f:21:4f:5f:2c:b1:da:eb:9a:27:45:d6:97:
15:b6:47:35:29:f7:8d:aa:1d:ec:95:83:9e:bc:be:
99:ad:87:3e:c5:ef:7f:20:d4:b7:45:e8:06:7f:95:
9c:0e:5d:18:37:5f:63:cc:44:1c:46:3a:d1:d1:4d:
b6:39:f4:be:fe:94:a2:da:e1:f0:e2:3e:cd:63:ad:
9c:47:71:a4:32:3b:0b:55:e8:75:d1:fa:96:e6:34:
e2:09:b7:7c:da:70:ed:2a:1b:fa:56:c4:f1:2e:5c:
92:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:AB:0C:8F:B1:FD:47:E6:E6:01:02:CB:52:C9:3F:A0:D6:24:6C:12
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/hasMj7H9R-bmAQLLUsk_oNYkbBI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.138.180.0/22
45.144.214.0/23
77.83.38.0/23
85.209.120.0/23
Signature Algorithm: sha256WithRSAEncryption
95:10:c7:8e:8a:9f:57:ce:60:6d:04:8b:d2:f5:87:6a:d8:52:
45:6d:49:e5:8d:cf:7d:2e:fd:8a:e7:0f:64:fa:dc:b9:da:8a:
a3:1e:f1:48:e1:96:0e:00:0e:3e:33:d6:cc:8d:9b:75:15:54:
f6:da:52:cc:81:b4:9d:dd:79:01:b8:05:f7:26:88:d5:87:f0:
56:cd:79:46:40:0d:55:4b:c6:61:df:5d:1b:6e:02:d9:d3:93:
7e:25:06:7f:9d:94:b0:b3:e3:91:52:ef:e2:95:e6:fa:33:42:
f6:44:93:06:c2:3a:99:e3:c6:16:8b:1f:47:1b:69:bd:c2:1a:
21:90:8f:ed:61:5e:9c:e6:ba:9a:9d:59:2e:77:0b:0b:b6:dd:
9d:bd:8c:ab:be:b9:11:37:20:4f:a5:8a:14:ef:85:b3:27:e3:
08:f9:b1:a2:1c:4d:0f:1b:c9:fe:e7:28:9c:0f:8c:a6:c0:3f:
d3:18:75:c0:47:98:03:b0:8b:b5:4f:e4:37:4f:01:78:51:5a:
18:3f:70:dc:67:7b:96:34:0c:8a:99:9c:ec:de:10:bd:35:5e:
4d:6e:cc:49:ce:0f:ab:e8:78:06:61:63:3d:5e:d6:2d:f1:98:
2a:8f:c2:5e:7c:3a:aa:56:67:0b:45:ee:7a:b9:11:75:9c:68:
50:97:93:b2
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYRW2mVCBVQ3WdRF6l36qK9MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjIxMTA4MTA0NzQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWFiMGM4ZmIxZmQ0N2U2ZTYwMTAyY2I1MmM5M2ZhMGQ2MjQ2YzEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgLz+39ZxYfZP7v8Y6d4dYr8ExHr8
UCYWBrOTwW4Shty3EoHWR2XWO+OlYhKsIQgQw+tpW60xkIoytpkZnwm9CnLFT2d1
P0Zf+tQY2X2E77D8YYAwCn3PY1RcxWAj0wJMstA98lfnQk0XG/e3aQYhtuAN3Rhd
mvZxjDTfwq+pYJgK8Y3HnbLoIFmeBaJGt2d/cSewP5QbmH8hT18ssdrrmidF1pcV
tkc1KfeNqh3slYOevL6ZrYc+xe9/INS3RegGf5WcDl0YN19jzEQcRjrR0U22OfS+
/pSi2uHw4j7NY62cR3GkMjsLVeh10fqW5jTiCbd82nDtKhv6VsTxLlySSQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIWrDI+x/Ufm5gECy1LJP6DWJGwSMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvaGFzTWo3SDlSLWJtQVFMTFVza19vTllrYkJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCLYq0AwQB
LZDWAwQBTVMmAwQBVdF4MA0GCSqGSIb3DQEBCwUAA4IBAQCVEMeOip9XzmBtBIvS
9Ydq2FJFbUnljc99Lv2K5w9k+ty52oqjHvFI4ZYOAA4+M9bMjZt1FVT22lLMgbSd
3XkBuAX3JojVh/BWzXlGQA1VS8Zh310bbgLZ05N+JQZ/nZSws+ORUu/ileb6M0L2
RJMGwjqZ48YWix9HG2m9whohkI/tYV6c5rqanVkudwsLtt2dvYyrvrkRNyBPpYoU
74WzJ+MI+bGiHE0PG8n+5yicD4ymwD/TGHXAR5gDsIu1T+Q3TwF4UVoYP3DcZ3uW
NAyKmZzs3hC9NV5NbsxJzg+r6HgGYWM9XtYt8Zgqj8JefDqqVmcLRe56uRF1nGhQ
l5Oy
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:32 2024 by rpki-client on console-fra.rpki-client.org