Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/4fa4b4-7c96-4eb7-9940-3f2316b553f5/1/RulnjLV-ea4VF1AKx-TbSR7yZEk.roa
File: RulnjLV-ea4VF1AKx-TbSR7yZEk.roa (raw, json)
Hash identifier: ra/Uvlw21rpEWdVWY/w5eOVUmV5ae4Ah3DOa+EPB9FY=
Subject key identifier: 46:E9:67:8C:B5:7E:79:AE:15:17:50:0A:C7:E4:DB:49:1E:F2:64:49
Certificate issuer: /CN=f9503c075a690556bd462122b24699e1b6b19278
Certificate serial: 0184229269DB231EFC9885BC19D1ACADF0A2
Authority key identifier: F9:50:3C:07:5A:69:05:56:BD:46:21:22:B2:46:99:E1:B6:B1:92:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-VA8B1ppBVa9RiEiskaZ4baxkng.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/4fa4b4-7c96-4eb7-9940-3f2316b553f5/1/RulnjLV-ea4VF1AKx-TbSR7yZEk.roa
Signing time: Sat 29 Oct 2022 07:08:51 +0000
ROA not before: Sat 29 Oct 2022 07:08:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60350
IP address blocks: 195.189.178.0/23 maxlen: 24
193.164.2.0/24 maxlen: 24
193.164.2.0/23 maxlen: 23
185.45.180.0/22 maxlen: 24
193.148.6.0/23 maxlen: 24
185.183.112.0/22 maxlen: 22
185.183.112.0/24 maxlen: 24
185.183.113.0/24 maxlen: 24
193.161.254.0/23 maxlen: 23
91.221.146.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:22:92:69:db:23:1e:fc:98:85:bc:19:d1:ac:ad:f0:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f9503c075a690556bd462122b24699e1b6b19278
Validity
Not Before: Oct 29 07:08:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=46e9678cb57e79ae1517500ac7e4db491ef26449
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:69:b3:98:7b:4f:0e:a5:2a:a7:2f:83:2b:02:
2c:c8:73:a7:55:6b:fc:1c:2e:61:65:13:fa:a7:8c:
b1:cc:0b:f1:10:6d:02:a1:db:00:a8:86:3f:ad:0c:
3a:5c:f8:5c:06:df:85:96:0a:23:2d:9f:82:4b:06:
f1:10:d5:11:06:42:d8:28:df:73:47:87:84:c1:9a:
37:16:4e:c1:c6:e5:e4:b9:da:c1:d7:d0:cf:32:9c:
05:ae:16:65:44:eb:76:53:d1:c6:4f:2c:1f:f8:56:
45:d3:34:49:76:74:9b:99:c4:a9:bf:7e:74:6b:b6:
43:81:ab:a7:ab:e4:ee:35:9d:13:69:06:00:26:df:
1e:bd:f1:d7:36:f2:d8:3b:9c:d4:c0:39:2f:b0:f1:
4c:af:5e:3d:0f:ff:30:47:05:f3:7f:8f:3f:a5:b4:
8c:e7:82:7b:5d:1d:20:95:2d:00:71:fe:04:0a:ce:
7b:39:08:69:86:8b:fb:8e:95:d4:1a:fb:cb:1d:ce:
96:dc:1d:53:d9:fe:23:6e:08:a7:4a:9d:9d:fa:9d:
32:49:04:bd:90:63:44:df:35:ed:10:d1:2c:fa:ed:
bc:23:e1:30:44:a9:52:cf:5c:4e:4a:ee:04:60:e9:
fb:85:3d:84:5d:77:d6:10:ad:9e:ef:e5:20:5e:19:
d2:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:E9:67:8C:B5:7E:79:AE:15:17:50:0A:C7:E4:DB:49:1E:F2:64:49
X509v3 Authority Key Identifier:
keyid:F9:50:3C:07:5A:69:05:56:BD:46:21:22:B2:46:99:E1:B6:B1:92:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-VA8B1ppBVa9RiEiskaZ4baxkng.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/4fa4b4-7c96-4eb7-9940-3f2316b553f5/1/RulnjLV-ea4VF1AKx-TbSR7yZEk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/4fa4b4-7c96-4eb7-9940-3f2316b553f5/1/1-VA8B1ppBVa9RiEiskaZ4baxkng.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.221.146.0/23
185.45.180.0/22
185.183.112.0/22
193.148.6.0/23
193.161.254.0/23
193.164.2.0/23
195.189.178.0/23
Signature Algorithm: sha256WithRSAEncryption
51:33:b5:61:a7:40:df:46:d6:84:97:ab:8d:9c:e1:d7:cc:3a:
01:26:99:52:1c:47:92:dc:1d:8f:46:a1:26:0b:36:2f:94:5a:
07:7f:36:e4:f3:fa:7f:37:5e:1d:23:76:75:a4:01:87:c6:f7:
13:ae:5b:b4:a0:cd:38:10:fa:8b:ac:5a:1a:c3:ca:db:9c:2e:
21:8b:34:0b:d7:3a:47:a9:d0:50:7a:6c:4e:6f:ee:40:96:c0:
8f:ca:e0:0a:2a:eb:e9:ad:b8:f2:64:00:49:37:2c:be:bd:be:
85:23:7a:e3:50:5d:dd:45:de:1a:7e:1a:4e:95:7c:fd:d2:9d:
fd:bb:0f:00:77:df:db:52:b4:61:eb:d7:20:cc:0b:4b:36:0c:
2b:43:89:b7:02:09:97:f1:0e:85:0d:e4:44:be:23:48:10:81:
fe:c6:4e:e8:7a:f1:33:b9:8b:5c:85:dd:3a:cc:3c:45:e4:aa:
89:51:a5:5a:ea:4b:13:2d:fa:12:45:7b:85:08:87:78:f4:20:
51:fd:bb:ae:57:fc:ba:d9:2b:43:13:a5:9a:1c:61:72:98:c3:
7e:13:f3:8e:5b:ee:24:1d:2a:d6:16:af:10:9c:2c:62:77:f9:
64:17:21:92:d7:ba:64:a7:77:27:54:0d:f4:01:20:8c:85:be:
de:bf:3c:d4
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYQikmnbIx78mIW8GdGsrfCiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5NTAzYzA3NWE2OTA1NTZiZDQ2MjEyMmIyNDY5OWUxYjZi
MTkyNzgwHhcNMjIxMDI5MDcwODUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NmU5Njc4Y2I1N2U3OWFlMTUxNzUwMGFjN2U0ZGI0OTFlZjI2NDQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkmmzmHtPDqUqpy+DKwIsyHOnVWv8
HC5hZRP6p4yxzAvxEG0CodsAqIY/rQw6XPhcBt+FlgojLZ+CSwbxENURBkLYKN9z
R4eEwZo3Fk7BxuXkudrB19DPMpwFrhZlROt2U9HGTywf+FZF0zRJdnSbmcSpv350
a7ZDgaunq+TuNZ0TaQYAJt8evfHXNvLYO5zUwDkvsPFMr149D/8wRwXzf48/pbSM
54J7XR0glS0Acf4ECs57OQhphov7jpXUGvvLHc6W3B1T2f4jbginSp2d+p0ySQS9
kGNE3zXtENEs+u28I+EwRKlSz1xOSu4EYOn7hT2EXXfWEK2e7+UgXhnSYQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFEbpZ4y1fnmuFRdQCsfk20ke8mRJMB8GA1UdIwQY
MBaAFPlQPAdaaQVWvUYhIrJGmeG2sZJ4MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1WQThCMXBwQlZhOVJpRWlza2FaNGJheGtuZy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzUvNGZhNGI0LTdjOTYtNGViNy05OTQw
LTNmMjMxNmI1NTNmNS8xL1J1bG5qTFYtZWE0VkYxQUt4LVRiU1I3eVpFay5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzUvNGZhNGI0LTdjOTYtNGViNy05OTQwLTNmMjMxNmI1NTNm
NS8xLzEtVkE4QjFwcEJWYTlSaUVpc2thWjRiYXhrbmcuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwQwYIKwYBBQUHAQcBAf8ENDAyMDAEAgABMCoDBAFb3ZID
BAK5LbQDBAK5t3ADBAHBlAYDBAHBof4DBAHBpAIDBAHDvbIwDQYJKoZIhvcNAQEL
BQADggEBAFEztWGnQN9G1oSXq42c4dfMOgEmmVIcR5LcHY9GoSYLNi+UWgd/NuTz
+n83Xh0jdnWkAYfG9xOuW7SgzTgQ+ousWhrDytucLiGLNAvXOkep0FB6bE5v7kCW
wI/K4Aoq6+mtuPJkAEk3LL69voUjeuNQXd1F3hp+Gk6VfP3Snf27DwB339tStGHr
1yDMC0s2DCtDibcCCZfxDoUN5ES+I0gQgf7GTuh68TO5i1yF3TrMPEXkqolRpVrq
SxMt+hJFe4UIh3j0IFH9u65X/LrZK0MTpZocYXKYw34T845b7iQdKtYWrxCcLGJ3
+WQXIZLXumSndydUDfQBIIyFvt6/PNQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:12 2024 by rpki-client on console-fra.rpki-client.org