Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/5b92a7-2837-469e-8214-e811e23c1804/1/k9Yg2QcqsPtDYR-TfqCRzBhg4Yc.roa
File: k9Yg2QcqsPtDYR-TfqCRzBhg4Yc.roa (raw, json)
Hash identifier: JMvT1yjH2W4E9zkbdeYFj6AC3R3qCjCb3pf5SpkX3xw=
Subject key identifier: 93:D6:20:D9:07:2A:B0:FB:43:61:1F:93:7E:A0:91:CC:18:60:E1:87
Certificate issuer: /CN=918901662a8ec5ff4d3f48d29099230a0575ec8a
Certificate serial: D4250F
Authority key identifier: 91:89:01:66:2A:8E:C5:FF:4D:3F:48:D2:90:99:23:0A:05:75:EC:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kYkBZiqOxf9NP0jSkJkjCgV17Io.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/5b92a7-2837-469e-8214-e811e23c1804/1/k9Yg2QcqsPtDYR-TfqCRzBhg4Yc.roa
Signing time: Sat 22 Jan 2022 10:39:32 +0000
ROA not before: Sat 22 Jan 2022 10:39:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56902
IP address blocks: 45.142.138.0/24 maxlen: 24
45.142.137.0/24 maxlen: 24
45.142.139.0/24 maxlen: 24
45.142.136.0/24 maxlen: 24
5.100.240.0/24 maxlen: 24
5.100.243.0/24 maxlen: 24
5.100.242.0/24 maxlen: 24
5.100.241.0/24 maxlen: 24
185.128.125.0/24 maxlen: 24
185.128.124.0/24 maxlen: 24
185.187.129.0/24 maxlen: 24
185.187.128.0/24 maxlen: 24
185.187.131.0/24 maxlen: 24
185.187.130.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13903119 (0xd4250f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=918901662a8ec5ff4d3f48d29099230a0575ec8a
Validity
Not Before: Jan 22 10:39:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=93d620d9072ab0fb43611f937ea091cc1860e187
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:7b:60:19:5f:c0:6a:78:39:7b:b2:90:ab:5b:
f3:48:1e:d3:df:6e:ac:80:a0:cf:2d:29:39:7b:94:
95:87:8f:24:bf:8c:ca:a6:3a:40:d0:de:a8:9d:8c:
21:1a:eb:81:b0:8d:91:80:0d:c6:62:4d:ab:21:fb:
79:0f:fe:a3:96:c1:b6:65:06:d7:e0:88:e0:dd:1b:
99:c9:fe:5e:19:1d:70:c7:ab:9e:1e:c3:ba:a3:d8:
be:cc:69:b8:8d:45:cc:d9:15:1b:5d:a1:a4:d5:a3:
8e:56:2a:32:79:ea:1f:c9:4d:b6:31:a2:09:8b:5a:
49:11:23:c2:36:62:f0:7a:08:63:b9:72:c8:e1:a0:
41:d2:ad:f9:f9:b2:d7:fb:c5:3c:54:86:95:09:3e:
7b:ac:68:b5:bf:9a:4b:b5:22:f3:71:8c:62:c6:2c:
09:2f:12:41:b4:82:de:70:1d:7d:bc:73:ef:6a:c8:
e1:73:d9:59:5a:e3:26:8e:34:24:c5:6a:ce:9d:f9:
85:45:42:8b:56:35:a8:a2:24:a3:e2:c0:48:1d:b6:
45:f4:2d:54:15:56:34:2e:1c:9b:2c:3d:fe:70:20:
16:fd:f4:dd:ca:22:49:41:26:e9:7f:a0:cb:dc:0e:
a6:6c:28:0f:c9:37:22:b2:cd:9a:68:ed:98:15:5d:
32:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:D6:20:D9:07:2A:B0:FB:43:61:1F:93:7E:A0:91:CC:18:60:E1:87
X509v3 Authority Key Identifier:
keyid:91:89:01:66:2A:8E:C5:FF:4D:3F:48:D2:90:99:23:0A:05:75:EC:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kYkBZiqOxf9NP0jSkJkjCgV17Io.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/5b92a7-2837-469e-8214-e811e23c1804/1/k9Yg2QcqsPtDYR-TfqCRzBhg4Yc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/5b92a7-2837-469e-8214-e811e23c1804/1/kYkBZiqOxf9NP0jSkJkjCgV17Io.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.100.240.0/22
45.142.136.0/22
185.128.124.0/23
185.187.128.0/22
Signature Algorithm: sha256WithRSAEncryption
62:94:10:d8:f6:4d:4c:d2:60:1f:76:6c:f2:86:3e:b5:bb:90:
87:01:bc:79:49:19:98:44:b3:8d:03:d5:b0:62:6d:da:b4:17:
c0:3a:ed:aa:3b:ce:8f:2f:3a:f4:12:03:1a:08:a4:a8:3b:33:
b3:82:15:8b:df:f8:66:29:fe:f2:fc:0f:14:4a:e7:56:71:73:
ad:b8:61:70:ef:34:42:d1:ec:79:49:c3:5a:0a:fc:5f:ee:8d:
a5:22:1c:4d:3b:7f:69:46:52:62:82:e5:db:63:8a:63:e1:e2:
ae:20:26:95:3a:d4:5b:cc:39:7f:e9:90:76:45:ee:70:40:c7:
2c:aa:ec:f5:39:43:dc:79:3a:a4:97:35:ae:a3:e7:8b:f0:d2:
25:ed:96:f2:ff:57:96:70:b7:f1:26:78:f0:3c:2e:32:4f:da:
b7:ee:24:86:26:9b:8a:20:d2:1d:fe:3e:ca:63:3d:0e:1c:cc:
25:e0:85:e8:f8:59:84:18:f9:c0:8e:9c:63:98:e8:bf:2a:a7:
21:db:08:85:e2:ee:e1:48:be:31:04:96:9a:02:03:a0:df:dd:
e3:d3:5c:2e:d7:82:02:3f:ed:55:62:b4:61:06:98:a8:42:ac:
d7:6c:42:94:b1:a8:d6:90:a5:a1:4b:28:eb:d3:f3:37:d7:51:
90:9b:42:1d
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEANQlDzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MTg5MDE2NjJhOGVjNWZmNGQzZjQ4ZDI5MDk5MjMwYTA1NzVlYzhhMB4XDTIyMDEy
MjEwMzkzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTNkNjIwZDkwNzJh
YjBmYjQzNjExZjkzN2VhMDkxY2MxODYwZTE4NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL57YBlfwGp4OXuykKtb80ge099urICgzy0pOXuUlYePJL+M
yqY6QNDeqJ2MIRrrgbCNkYANxmJNqyH7eQ/+o5bBtmUG1+CI4N0bmcn+XhkdcMer
nh7DuqPYvsxpuI1FzNkVG12hpNWjjlYqMnnqH8lNtjGiCYtaSREjwjZi8HoIY7ly
yOGgQdKt+fmy1/vFPFSGlQk+e6xotb+aS7Ui83GMYsYsCS8SQbSC3nAdfbxz72rI
4XPZWVrjJo40JMVqzp35hUVCi1Y1qKIko+LASB22RfQtVBVWNC4cmyw9/nAgFv30
3coiSUEm6X+gy9wOpmwoD8k3IrLNmmjtmBVdMnUCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBST1iDZByqw+0NhH5N+oJHMGGDhhzAfBgNVHSMEGDAWgBSRiQFmKo7F/00/
SNKQmSMKBXXsijAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2tZa0JaaXFPeGY5TlAwalNrSmtqQ2dWMTdJby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTAvNWI5MmE3LTI4MzctNDY5ZS04MjE0LWU4MTFlMjNjMTgwNC8x
L2s5WWcyUWNxc1B0RFlSLVRmcUNSekJoZzRZYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTAv
NWI5MmE3LTI4MzctNDY5ZS04MjE0LWU4MTFlMjNjMTgwNC8xL2tZa0JaaXFPeGY5
TlAwalNrSmtqQ2dWMTdJby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAgVk8AMEAi2OiAMEAbmAfAMEArm7
gDANBgkqhkiG9w0BAQsFAAOCAQEAYpQQ2PZNTNJgH3Zs8oY+tbuQhwG8eUkZmESz
jQPVsGJt2rQXwDrtqjvOjy869BIDGgikqDszs4IVi9/4Zin+8vwPFErnVnFzrbhh
cO80QtHseUnDWgr8X+6NpSIcTTt/aUZSYoLl22OKY+HiriAmlTrUW8w5f+mQdkXu
cEDHLKrs9TlD3Hk6pJc1rqPni/DSJe2W8v9XlnC38SZ48DwuMk/at+4khiabiiDS
Hf4+ymM9DhzMJeCF6PhZhBj5wI6cY5jovyqnIdsIheLu4Ui+MQSWmgIDoN/d49Nc
LteCAj/tVWK0YQaYqEKs12xClLGo1pCloUso69PzN9dRkJtCHQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:41 2024 by rpki-client on console-ams.rpki-client.org