Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/f9caf0-2c2e-4897-8a3b-a26bc653b06b/1/8mOKmPkMwlZCqYcwAuObyt9H52w.roa
File: 8mOKmPkMwlZCqYcwAuObyt9H52w.roa (raw, json)
Hash identifier: N+YlQ4hbGhsEiuUkxbIOL1yt0nglkx+M1cccOOYoHwM=
Subject key identifier: F2:63:8A:98:F9:0C:C2:56:42:A9:87:30:02:E3:9B:CA:DF:47:E7:6C
Certificate issuer: /CN=f6af433974df373b70abd76b13e1c70c775f554b
Certificate serial: 4457BB
Authority key identifier: F6:AF:43:39:74:DF:37:3B:70:AB:D7:6B:13:E1:C7:0C:77:5F:55:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9q9DOXTfNztwq9drE-HHDHdfVUs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/f9caf0-2c2e-4897-8a3b-a26bc653b06b/1/8mOKmPkMwlZCqYcwAuObyt9H52w.roa
Signing time: Sat 01 Jan 2022 00:55:41 +0000
ROA not before: Sat 01 Jan 2022 00:55:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44486
IP address blocks: 45.89.140.0/24 maxlen: 24
45.89.143.0/24 maxlen: 24
45.89.142.0/24 maxlen: 24
45.89.141.0/24 maxlen: 24
45.85.218.0/24 maxlen: 24
45.85.217.0/24 maxlen: 24
45.85.219.0/24 maxlen: 24
45.85.216.0/24 maxlen: 24
2a0e:cb80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4478907 (0x4457bb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f6af433974df373b70abd76b13e1c70c775f554b
Validity
Not Before: Jan 1 00:55:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f2638a98f90cc25642a9873002e39bcadf47e76c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:9c:be:ad:0a:84:0a:70:3f:f2:8a:e8:54:14:
1f:e3:c5:21:78:24:22:4e:c6:f0:f2:57:cc:fd:aa:
b0:50:21:67:58:1b:1d:a6:e0:6a:18:80:3a:5a:1f:
1b:46:a4:a0:85:cd:f5:58:65:cf:5a:f0:17:90:d6:
1b:96:2d:96:d4:a3:8d:32:05:85:6b:d1:8d:58:f2:
6e:b7:2d:61:44:74:c7:ef:26:9b:51:b7:df:f9:3c:
6f:fe:21:79:70:6e:e3:2c:ea:11:8b:9b:37:db:24:
d3:2e:b7:36:9b:71:d5:62:a2:12:2b:f5:b8:eb:93:
9c:f6:36:25:80:72:de:c4:a5:aa:9d:9c:16:e2:6c:
96:0b:13:d3:12:c6:b5:e9:00:4b:66:e4:3f:05:38:
43:4f:2e:47:63:ba:19:51:1e:7d:ec:67:a0:07:12:
08:5a:c9:63:eb:84:77:b8:d5:97:f2:87:d5:df:15:
55:3e:93:f3:71:c9:a5:ca:e1:87:69:06:dc:14:e3:
1f:02:79:3a:2a:67:b0:19:7e:02:45:5c:1b:35:58:
be:f3:24:53:9b:82:d9:e9:84:85:97:95:5e:fd:da:
08:bd:bb:64:2b:ae:6a:46:3e:43:4c:1a:19:22:61:
9f:6e:78:c1:cc:5f:50:de:81:f2:5d:af:dc:18:fd:
3b:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:63:8A:98:F9:0C:C2:56:42:A9:87:30:02:E3:9B:CA:DF:47:E7:6C
X509v3 Authority Key Identifier:
keyid:F6:AF:43:39:74:DF:37:3B:70:AB:D7:6B:13:E1:C7:0C:77:5F:55:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9q9DOXTfNztwq9drE-HHDHdfVUs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/f9caf0-2c2e-4897-8a3b-a26bc653b06b/1/8mOKmPkMwlZCqYcwAuObyt9H52w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/f9caf0-2c2e-4897-8a3b-a26bc653b06b/1/9q9DOXTfNztwq9drE-HHDHdfVUs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.216.0/22
45.89.140.0/22
IPv6:
2a0e:cb80::/29
Signature Algorithm: sha256WithRSAEncryption
6f:f4:cc:65:c8:df:a8:bd:ea:a2:f3:c0:b5:1f:81:c4:00:5f:
51:73:5c:ba:cb:b2:4c:54:04:79:b2:90:b3:a6:a9:e6:b6:0c:
e6:0d:a2:fb:88:42:18:0c:b7:ba:29:65:92:2a:4b:cd:47:e5:
a7:23:37:99:21:21:cf:d9:3c:4e:ed:86:ac:70:b2:51:ff:e8:
55:5f:d5:23:e0:11:ec:4c:92:9b:f7:c7:0f:7a:58:0d:fb:dc:
1d:be:2d:fe:83:14:9f:2b:6e:aa:e6:17:c9:52:be:19:a6:86:
60:ad:c7:8d:90:bb:3f:37:65:c8:62:9a:c0:61:3b:10:40:93:
c2:89:19:74:a3:4e:9e:8e:21:89:74:86:94:9e:de:f5:d4:9c:
83:a2:47:5a:e4:6a:54:25:ac:3d:b5:47:40:27:65:75:f9:2c:
ec:cb:3e:0f:26:9d:7a:e1:ed:13:7b:ec:97:48:69:a6:49:86:
6a:e8:83:66:e7:f9:da:cd:87:9a:0b:5c:8c:94:ff:99:0a:08:
3e:ee:dc:73:af:a9:64:f5:f7:60:6d:13:22:9d:68:a7:b9:0c:
dd:af:da:94:aa:b2:c7:19:33:4a:b5:a7:42:8d:63:81:96:46:
ce:58:36:c7:dc:a3:ba:12:60:7a:ca:3a:e8:80:31:7b:16:fc:
23:d8:6e:d9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIDRFe7MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGY2
YWY0MzM5NzRkZjM3M2I3MGFiZDc2YjEzZTFjNzBjNzc1ZjU1NGIwHhcNMjIwMTAx
MDA1NTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhmMjYzOGE5OGY5MGNj
MjU2NDJhOTg3MzAwMmUzOWJjYWRmNDdlNzZjMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAqZy+rQqECnA/8oroVBQf48UheCQiTsbw8lfM/aqwUCFnWBsd
puBqGIA6Wh8bRqSghc31WGXPWvAXkNYbli2W1KONMgWFa9GNWPJuty1hRHTH7yab
Ubff+Txv/iF5cG7jLOoRi5s32yTTLrc2m3HVYqISK/W465Oc9jYlgHLexKWqnZwW
4myWCxPTEsa16QBLZuQ/BThDTy5HY7oZUR597GegBxIIWslj64R3uNWX8ofV3xVV
PpPzccmlyuGHaQbcFOMfAnk6KmewGX4CRVwbNVi+8yRTm4LZ6YSFl5Ve/doIvbtk
K65qRj5DTBoZImGfbnjBzF9Q3oHyXa/cGP07wwIDAQABo4ICHjCCAhowHQYDVR0O
BBYEFPJjipj5DMJWQqmHMALjm8rfR+dsMB8GA1UdIwQYMBaAFPavQzl03zc7cKvX
axPhxwx3X1VLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
OXE5RE9YVGZOenR3cTlkckUtSEhESGRmVlVzLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jMC9mOWNhZjAtMmMyZS00ODk3LThhM2ItYTI2YmM2NTNiMDZiLzEv
OG1PS21Qa013bFpDcVljd0F1T2J5dDlINTJ3LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC9m
OWNhZjAtMmMyZS00ODk3LThhM2ItYTI2YmM2NTNiMDZiLzEvOXE5RE9YVGZOenR3
cTlkckUtSEhESGRmVlVzLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQG
CCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLVXYAwQCLVmMMA0EAgACMAcDBQMq
DsuAMA0GCSqGSIb3DQEBCwUAA4IBAQBv9MxlyN+oveqi88C1H4HEAF9Rc1y6y7JM
VAR5spCzpqnmtgzmDaL7iEIYDLe6KWWSKkvNR+WnIzeZISHP2TxO7YascLJR/+hV
X9Uj4BHsTJKb98cPelgN+9wdvi3+gxSfK26q5hfJUr4ZpoZgrceNkLs/N2XIYprA
YTsQQJPCiRl0o06ejiGJdIaUnt711JyDokda5GpUJaw9tUdAJ2V1+Szsyz4PJp16
4e0Te+yXSGmmSYZq6INm5/nazYeaC1yMlP+ZCgg+7txzr6lk9fdgbRMinWinuQzd
r9qUqrLHGTNKtadCjWOBlkbOWDbH3KO6EmB6yjrogDF7Fvwj2G7Z
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:31 2024 by rpki-client on console-fra.rpki-client.org