Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/d96189-eee1-4e9f-9d60-95e8d8293098/1/extPTYREejDZvqUD-NJU1hswSkk.roa
File: extPTYREejDZvqUD-NJU1hswSkk.roa (raw, json)
Hash identifier: hl2iNPE2rO8e3NU84mh8/qEvh/bYaGDJiMcW4qI5UFc=
Subject key identifier: 7B:1B:4F:4D:84:44:7A:30:D9:BE:A5:03:F8:D2:54:D6:1B:30:4A:49
Certificate issuer: /CN=9a8053bcd2c4d8a7a2a325e2b7464166a5e48ddd
Certificate serial: 01D1D415
Authority key identifier: 9A:80:53:BC:D2:C4:D8:A7:A2:A3:25:E2:B7:46:41:66:A5:E4:8D:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/moBTvNLE2KeioyXit0ZBZqXkjd0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/d96189-eee1-4e9f-9d60-95e8d8293098/1/extPTYREejDZvqUD-NJU1hswSkk.roa
Signing time: Sat 01 Jan 2022 01:55:10 +0000
ROA not before: Sat 01 Jan 2022 01:55:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39862
IP address blocks: 193.34.141.0/24 maxlen: 24
193.34.140.0/24 maxlen: 24
194.50.254.0/24 maxlen: 24
45.132.95.0/24 maxlen: 24
45.132.92.0/24 maxlen: 24
45.132.94.0/24 maxlen: 24
45.132.93.0/24 maxlen: 24
2a0e:69c0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 30528533 (0x1d1d415)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a8053bcd2c4d8a7a2a325e2b7464166a5e48ddd
Validity
Not Before: Jan 1 01:55:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7b1b4f4d84447a30d9bea503f8d254d61b304a49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:ea:34:aa:94:33:5c:62:b4:8e:02:78:bc:1b:
f4:1e:0f:50:96:0d:cc:0d:02:dc:9f:22:d2:4b:b9:
af:34:fd:9c:7e:45:de:02:55:51:56:7c:25:eb:23:
68:77:30:f0:39:6c:57:d1:62:8f:f9:30:5f:da:40:
07:44:a7:fd:f2:c3:76:91:b3:0b:ac:16:d7:93:41:
50:26:d3:56:46:9c:02:78:f3:ac:f2:a4:39:f2:37:
20:0c:f6:29:04:b8:7a:c5:ba:74:77:3a:01:d1:7c:
aa:9e:7b:88:67:b6:16:7c:3b:7a:89:6e:3c:e7:65:
20:3d:bd:76:83:89:d8:e8:9d:f6:9e:4d:00:32:f0:
49:91:04:8d:2f:bf:f5:81:14:e5:88:37:1e:ef:88:
76:6b:1c:4f:bc:c0:f7:95:fc:78:3a:04:50:6a:c4:
97:ca:ab:7d:e1:24:23:7f:f4:08:5d:5a:a5:b3:94:
8f:88:c8:00:7b:b2:20:64:85:f0:6d:d4:65:2a:07:
f7:8f:24:2d:d7:b1:ce:fe:4a:fa:85:92:cb:ad:47:
eb:3c:72:e6:e5:bc:2c:86:55:cd:5c:c1:c1:14:2d:
16:1c:b6:31:f3:42:ee:5e:97:41:1f:ea:fd:1e:50:
f3:e0:6e:81:dd:4a:7b:4a:9a:cb:77:b4:b0:d9:f1:
21:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:1B:4F:4D:84:44:7A:30:D9:BE:A5:03:F8:D2:54:D6:1B:30:4A:49
X509v3 Authority Key Identifier:
keyid:9A:80:53:BC:D2:C4:D8:A7:A2:A3:25:E2:B7:46:41:66:A5:E4:8D:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/moBTvNLE2KeioyXit0ZBZqXkjd0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/d96189-eee1-4e9f-9d60-95e8d8293098/1/extPTYREejDZvqUD-NJU1hswSkk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/d96189-eee1-4e9f-9d60-95e8d8293098/1/moBTvNLE2KeioyXit0ZBZqXkjd0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.92.0/22
193.34.140.0/23
194.50.254.0/24
IPv6:
2a0e:69c0::/48
Signature Algorithm: sha256WithRSAEncryption
a4:16:2f:4a:cc:71:26:cb:9c:01:6a:ce:8b:05:ba:44:49:00:
e8:87:d9:38:a1:51:ae:16:02:5a:9c:c9:fa:bc:69:eb:07:39:
d6:ab:79:ef:b8:9c:87:88:ec:bb:50:0f:4f:7c:30:5a:fb:df:
3b:e8:86:47:12:aa:39:96:5c:d2:6f:e0:4b:89:be:9b:a9:6c:
be:c8:e9:24:22:2d:f2:ee:63:60:15:54:a7:60:d7:6a:dc:b9:
e9:47:62:57:3c:7d:99:3e:89:ff:dd:8b:67:3c:19:f2:35:21:
d6:ec:52:75:db:75:58:e3:0f:05:49:ba:1f:15:1e:95:0a:8c:
2d:bf:58:f5:63:be:5e:4d:41:14:15:65:32:b4:6f:8b:e9:c3:
43:01:62:ca:e0:cc:9e:32:7d:7b:85:a9:94:d5:c6:de:98:70:
09:92:46:64:76:3e:30:b6:a2:e1:74:ce:35:df:20:4a:de:04:
15:3b:7c:6b:39:d5:ba:6f:a5:84:f6:c2:c6:ab:04:3a:f7:fb:
09:2c:bc:be:44:cd:ea:89:6f:9d:f0:8f:b3:d9:7a:29:76:df:
65:e7:11:18:d4:96:1e:f7:a1:46:2f:bd:85:1e:99:9a:91:32:
a7:93:cc:93:2f:49:e0:be:32:31:98:f4:fc:90:ec:b0:3a:d0:
b5:8e:1b:47
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIEAdHUFTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
YTgwNTNiY2QyYzRkOGE3YTJhMzI1ZTJiNzQ2NDE2NmE1ZTQ4ZGRkMB4XDTIyMDEw
MTAxNTUxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2IxYjRmNGQ4NDQ0
N2EzMGQ5YmVhNTAzZjhkMjU0ZDYxYjMwNGE0OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALLqNKqUM1xitI4CeLwb9B4PUJYNzA0C3J8i0ku5rzT9nH5F
3gJVUVZ8JesjaHcw8DlsV9Fij/kwX9pAB0Sn/fLDdpGzC6wW15NBUCbTVkacAnjz
rPKkOfI3IAz2KQS4esW6dHc6AdF8qp57iGe2Fnw7eoluPOdlID29doOJ2Oid9p5N
ADLwSZEEjS+/9YEU5Yg3Hu+IdmscT7zA95X8eDoEUGrEl8qrfeEkI3/0CF1apbOU
j4jIAHuyIGSF8G3UZSoH948kLdexzv5K+oWSy61H6zxy5uW8LIZVzVzBwRQtFhy2
MfNC7l6XQR/q/R5Q8+Bugd1Ke0qay3e0sNnxIe0CAwEAAaOCAiYwggIiMB0GA1Ud
DgQWBBR7G09NhER6MNm+pQP40lTWGzBKSTAfBgNVHSMEGDAWgBSagFO80sTYp6Kj
JeK3RkFmpeSN3TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21vQlR2TkxFMktlaW95WGl0MFpCWnFYa2pkMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmYvZDk2MTg5LWVlZTEtNGU5Zi05ZDYwLTk1ZThkODI5MzA5OC8x
L2V4dFBUWVJFZWpEWnZxVUQtTkpVMWhzd1Nray5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmYv
ZDk2MTg5LWVlZTEtNGU5Zi05ZDYwLTk1ZThkODI5MzA5OC8xL21vQlR2TkxFMktl
aW95WGl0MFpCWnFYa2pkMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA8
BggrBgEFBQcBBwEB/wQtMCswGAQCAAEwEgMEAi2EXAMEAcEijAMEAMIy/jAPBAIA
AjAJAwcAKg5pwAAAMA0GCSqGSIb3DQEBCwUAA4IBAQCkFi9KzHEmy5wBas6LBbpE
SQDoh9k4oVGuFgJanMn6vGnrBznWq3nvuJyHiOy7UA9PfDBa+9876IZHEqo5llzS
b+BLib6bqWy+yOkkIi3y7mNgFVSnYNdq3LnpR2JXPH2ZPon/3YtnPBnyNSHW7FJ1
23VY4w8FSbofFR6VCowtv1j1Y75eTUEUFWUytG+L6cNDAWLK4MyeMn17hamU1cbe
mHAJkkZkdj4wtqLhdM413yBK3gQVO3xrOdW6b6WE9sLGqwQ69/sJLLy+RM3qiW+d
8I+z2Xopdt9l5xEY1JYe96FGL72FHpmakTKnk8yTL0ngvjIxmPT8kOywOtC1jhtH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:23 2024 by rpki-client on console-fra.rpki-client.org