Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/8f1968-a79a-4a07-ace6-c1d296f8fd07/1/eDuSGCy2eBdgrZqeQMD3sqKH068.roa
File: eDuSGCy2eBdgrZqeQMD3sqKH068.roa (raw, json)
Hash identifier: d+EMfVD2mn14cT/k/U5y/nlysZKJaruV27xL25L/mz4=
Subject key identifier: 78:3B:92:18:2C:B6:78:17:60:AD:9A:9E:40:C0:F7:B2:A2:87:D3:AF
Certificate issuer: /CN=66e92c341e769443fde1d27566044b4b65159060
Certificate serial: 1136D6E2
Authority key identifier: 66:E9:2C:34:1E:76:94:43:FD:E1:D2:75:66:04:4B:4B:65:15:90:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZuksNB52lEP94dJ1ZgRLS2UVkGA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/8f1968-a79a-4a07-ace6-c1d296f8fd07/1/eDuSGCy2eBdgrZqeQMD3sqKH068.roa
Signing time: Sat 01 Jan 2022 14:58:35 +0000
ROA not before: Sat 01 Jan 2022 14:58:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205072
IP address blocks: 185.149.108.0/22 maxlen: 24
109.109.128.0/20 maxlen: 24
45.155.21.0/24 maxlen: 24
45.155.20.0/22 maxlen: 22
195.5.176.0/24 maxlen: 24
45.137.36.0/22 maxlen: 22
87.239.16.0/21 maxlen: 24
45.147.88.0/22 maxlen: 22
195.5.161.0/24 maxlen: 24
195.5.170.0/24 maxlen: 24
195.5.168.0/24 maxlen: 24
2a0d:da00::/29 maxlen: 29
2a0d:da00::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 288806626 (0x1136d6e2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66e92c341e769443fde1d27566044b4b65159060
Validity
Not Before: Jan 1 14:58:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=783b92182cb6781760ad9a9e40c0f7b2a287d3af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:45:c7:39:dc:7c:aa:68:40:a6:18:77:01:74:
fb:c6:ea:17:0e:1e:13:85:9f:e0:74:43:1d:b6:0b:
2a:f9:f2:15:7c:97:38:70:d3:b7:0a:f2:fd:ff:2c:
ad:81:87:c2:10:45:63:74:80:54:e1:7c:dc:80:0e:
e8:a3:56:33:b7:c0:a0:9f:13:12:14:0b:2d:f7:91:
0b:57:9d:00:82:cb:71:ca:f6:88:0a:82:2c:ce:b4:
9c:0a:72:ea:73:ed:ec:9f:13:a2:21:a2:b4:07:db:
63:46:df:c4:22:f3:94:63:70:4c:55:86:53:1c:2b:
7b:03:23:e2:c7:5a:56:1b:ba:1e:03:f2:84:2b:e8:
f0:80:cd:36:46:48:0a:ef:d6:74:d4:ea:50:83:b5:
98:bd:32:4b:79:97:ee:c0:59:0b:15:41:fb:f4:b1:
77:f5:7d:54:02:c7:bd:95:b2:ce:99:cb:f6:cc:e4:
00:bc:23:ba:d7:1e:cd:a2:da:01:5b:e7:13:81:5f:
ab:be:52:b9:3e:e9:46:5e:29:4b:ac:fe:52:33:81:
d0:8a:44:b1:c3:10:55:07:15:d1:12:98:46:d9:5f:
ee:42:58:61:73:2b:51:83:47:a7:0f:7b:cd:95:ff:
f8:b7:04:41:33:c4:65:4f:aa:75:08:03:1e:39:63:
a5:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:3B:92:18:2C:B6:78:17:60:AD:9A:9E:40:C0:F7:B2:A2:87:D3:AF
X509v3 Authority Key Identifier:
keyid:66:E9:2C:34:1E:76:94:43:FD:E1:D2:75:66:04:4B:4B:65:15:90:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZuksNB52lEP94dJ1ZgRLS2UVkGA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/8f1968-a79a-4a07-ace6-c1d296f8fd07/1/eDuSGCy2eBdgrZqeQMD3sqKH068.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/8f1968-a79a-4a07-ace6-c1d296f8fd07/1/ZuksNB52lEP94dJ1ZgRLS2UVkGA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.36.0/22
45.147.88.0/22
45.155.20.0/22
87.239.16.0/21
109.109.128.0/20
185.149.108.0/22
195.5.161.0/24
195.5.168.0/24
195.5.170.0/24
195.5.176.0/24
IPv6:
2a0d:da00::/29
Signature Algorithm: sha256WithRSAEncryption
23:f7:78:23:e8:f5:61:53:78:6c:7e:f4:59:1d:c1:0a:48:a0:
01:60:0d:bd:c9:18:3d:b8:d5:7a:fc:f8:dd:b2:4e:7a:ab:ee:
56:02:6c:9c:f9:3f:d6:85:46:6c:3c:00:bb:70:bb:71:c0:93:
f6:19:de:91:41:94:e3:8c:23:95:10:42:be:bf:ce:39:1a:2a:
45:41:f7:5f:be:60:be:40:14:76:0c:1a:f4:2e:5f:51:65:03:
5c:04:d1:07:05:dc:84:c1:fc:1e:1d:b8:d6:e3:03:01:88:bd:
0c:f7:ea:9b:f9:11:1b:9e:cd:a9:e9:68:ac:ae:ba:96:f1:ac:
c9:28:72:e1:24:da:b1:84:85:96:c7:ed:d0:d1:50:7a:56:42:
09:64:da:be:da:e6:b8:cd:c8:ee:0d:58:c0:bf:21:bf:61:b5:
f2:e7:04:15:17:b6:36:ea:47:38:99:d2:85:56:09:28:0d:17:
0d:a3:68:69:2e:43:c4:3e:2c:e0:24:be:67:dd:c9:73:fb:56:
c0:da:72:86:9c:89:90:bb:49:2d:1b:0f:b9:88:a9:a2:b7:22:
10:7e:67:0e:ad:32:05:20:83:d6:9c:91:49:37:52:cc:1c:cc:
37:0c:99:11:67:d8:05:0a:5f:37:81:43:72:84:3b:4c:28:f4:
ab:90:57:e3
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIEETbW4jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
NmU5MmMzNDFlNzY5NDQzZmRlMWQyNzU2NjA0NGI0YjY1MTU5MDYwMB4XDTIyMDEw
MTE0NTgzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzgzYjkyMTgyY2I2
NzgxNzYwYWQ5YTllNDBjMGY3YjJhMjg3ZDNhZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKpFxzncfKpoQKYYdwF0+8bqFw4eE4Wf4HRDHbYLKvnyFXyX
OHDTtwry/f8srYGHwhBFY3SAVOF83IAO6KNWM7fAoJ8TEhQLLfeRC1edAILLccr2
iAqCLM60nApy6nPt7J8ToiGitAfbY0bfxCLzlGNwTFWGUxwrewMj4sdaVhu6HgPy
hCvo8IDNNkZICu/WdNTqUIO1mL0yS3mX7sBZCxVB+/Sxd/V9VALHvZWyzpnL9szk
ALwjutcezaLaAVvnE4Ffq75SuT7pRl4pS6z+UjOB0IpEscMQVQcV0RKYRtlf7kJY
YXMrUYNHpw97zZX/+LcEQTPEZU+qdQgDHjljpecCAwEAAaOCAk4wggJKMB0GA1Ud
DgQWBBR4O5IYLLZ4F2Ctmp5AwPeyoofTrzAfBgNVHSMEGDAWgBRm6Sw0HnaUQ/3h
0nVmBEtLZRWQYDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1p1a3NOQjUybEVQOTRkSjFaZ1JMUzJVVmtHQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTkvOGYxOTY4LWE3OWEtNGEwNy1hY2U2LWMxZDI5NmY4ZmQwNy8x
L2VEdVNHQ3kyZUJkZ3JacWVRTUQzc3FLSDA2OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTkv
OGYxOTY4LWE3OWEtNGEwNy1hY2U2LWMxZDI5NmY4ZmQwNy8xL1p1a3NOQjUybEVQ
OTRkSjFaZ1JMUzJVVmtHQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBk
BggrBgEFBQcBBwEB/wRVMFMwQgQCAAEwPAMEAi2JJAMEAi2TWAMEAi2bFAMEA1fv
EAMEBG1tgAMEArmVbAMEAMMFoQMEAMMFqAMEAMMFqgMEAMMFsDANBAIAAjAHAwUD
Kg3aADANBgkqhkiG9w0BAQsFAAOCAQEAI/d4I+j1YVN4bH70WR3BCkigAWANvckY
PbjVevz43bJOeqvuVgJsnPk/1oVGbDwAu3C7ccCT9hnekUGU44wjlRBCvr/OORoq
RUH3X75gvkAUdgwa9C5fUWUDXATRBwXchMH8Hh241uMDAYi9DPfqm/kRG57Nqelo
rK66lvGsyShy4STasYSFlsft0NFQelZCCWTavtrmuM3I7g1YwL8hv2G18ucEFRe2
NupHOJnShVYJKA0XDaNoaS5DxD4s4CS+Z93Jc/tWwNpyhpyJkLtJLRsPuYiporci
EH5nDq0yBSCD1pyRSTdSzBzMNwyZEWfYBQpfN4FDcoQ7TCj0q5BX4w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:22 2024 by rpki-client on console-fra.rpki-client.org