Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/8efd8b-e516-4c49-92cb-89296ccb35f5/1/4cV_PnRZuQK8E9PnBH29TrDU-S8.roa
File: 4cV_PnRZuQK8E9PnBH29TrDU-S8.roa (raw, json)
Hash identifier: yXd8Bzi+cGgH8bCoEWEMgT22JRDcM024Be0c0gTRpYA=
Subject key identifier: E1:C5:7F:3E:74:59:B9:02:BC:13:D3:E7:04:7D:BD:4E:B0:D4:F9:2F
Certificate issuer: /CN=4d0ade54c27e6fcddace262c4fdf790f320fed9c
Certificate serial: 29293247
Authority key identifier: 4D:0A:DE:54:C2:7E:6F:CD:DA:CE:26:2C:4F:DF:79:0F:32:0F:ED:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TQreVMJ-b83aziYsT995DzIP7Zw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/8efd8b-e516-4c49-92cb-89296ccb35f5/1/4cV_PnRZuQK8E9PnBH29TrDU-S8.roa
Signing time: Sat 01 Jan 2022 12:07:02 +0000
ROA not before: Sat 01 Jan 2022 12:07:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49788
IP address blocks: 91.223.100.0/24 maxlen: 24
151.252.8.0/21 maxlen: 24
91.90.104.0/21 maxlen: 21
193.202.115.0/24 maxlen: 24
91.225.60.0/22 maxlen: 22
91.189.120.0/21 maxlen: 21
91.221.130.0/23 maxlen: 23
45.153.104.0/22 maxlen: 22
91.209.212.0/24 maxlen: 24
185.7.192.0/22 maxlen: 22
91.193.0.0/22 maxlen: 24
176.111.206.0/23 maxlen: 23
185.55.104.0/22 maxlen: 22
185.80.180.0/22 maxlen: 24
91.218.184.0/22 maxlen: 22
2a04:d340::/29 maxlen: 29
2001:67c:206c::/48 maxlen: 48
2a02:d140::/29 maxlen: 29
2a0f:7900::/29 maxlen: 29
2a04:dc80::/29 maxlen: 29
2001:67c:230::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 690565703 (0x29293247)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d0ade54c27e6fcddace262c4fdf790f320fed9c
Validity
Not Before: Jan 1 12:07:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e1c57f3e7459b902bc13d3e7047dbd4eb0d4f92f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:98:5a:59:7e:f6:67:22:a1:a3:62:7d:a1:dd:
45:52:e0:ed:ec:c6:82:e8:7c:42:18:4a:bf:d1:dd:
fb:b3:f8:dc:d6:b4:ca:a3:44:ec:ad:a2:bd:f0:ea:
61:49:34:a9:fd:1a:b6:87:c5:ba:e8:d5:f5:ec:37:
bd:35:e9:2b:1c:7c:85:56:e8:e4:96:5b:f9:eb:6f:
90:fc:c0:24:f1:85:c3:9f:eb:58:99:f7:ad:a0:db:
ae:db:a8:4e:12:2a:27:1c:08:b8:49:ee:14:7e:d1:
d0:a0:d7:49:21:f8:4d:2d:1b:83:d5:81:68:21:b7:
ff:e5:1f:c6:2d:28:01:45:64:76:4a:1c:8a:2b:e0:
53:c4:de:ee:6e:29:84:4b:5b:cc:f6:29:b2:dd:70:
5f:56:10:16:65:75:b8:28:23:e4:ea:5e:50:b1:5f:
23:f0:09:f8:74:00:15:0e:6d:c5:65:11:0d:1d:36:
8d:cb:3e:3d:41:7f:61:77:7b:13:c4:78:5a:65:2a:
2b:28:a4:f2:2c:b7:04:f9:69:df:32:cc:39:36:88:
1b:b0:81:42:24:60:ec:3b:af:7b:1d:ca:12:76:63:
7d:73:61:1d:9c:46:b5:02:e6:a3:07:61:b8:32:c3:
db:36:02:ff:1c:20:4f:39:28:67:59:13:84:2c:48:
84:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:C5:7F:3E:74:59:B9:02:BC:13:D3:E7:04:7D:BD:4E:B0:D4:F9:2F
X509v3 Authority Key Identifier:
keyid:4D:0A:DE:54:C2:7E:6F:CD:DA:CE:26:2C:4F:DF:79:0F:32:0F:ED:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TQreVMJ-b83aziYsT995DzIP7Zw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/8efd8b-e516-4c49-92cb-89296ccb35f5/1/4cV_PnRZuQK8E9PnBH29TrDU-S8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/8efd8b-e516-4c49-92cb-89296ccb35f5/1/TQreVMJ-b83aziYsT995DzIP7Zw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.104.0/22
91.90.104.0/21
91.189.120.0/21
91.193.0.0/22
91.209.212.0/24
91.218.184.0/22
91.221.130.0/23
91.223.100.0/24
91.225.60.0/22
151.252.8.0/21
176.111.206.0/23
185.7.192.0/22
185.55.104.0/22
185.80.180.0/22
193.202.115.0/24
IPv6:
2001:67c:230::/48
2001:67c:206c::/48
2a02:d140::/29
2a04:d340::/29
2a04:dc80::/29
2a0f:7900::/29
Signature Algorithm: sha256WithRSAEncryption
93:6c:c0:c9:e4:87:17:f4:6b:2c:23:c0:2c:57:f7:d6:4f:4e:
fc:69:06:4f:cc:6f:ea:0d:e1:69:77:6d:ae:f7:1b:e1:18:65:
67:1b:d8:71:81:4b:0f:e6:96:44:cf:03:42:04:c8:d4:ea:cd:
ea:88:89:fb:f1:1f:8b:dd:11:66:8d:5d:48:8b:99:4a:19:44:
aa:da:c9:f1:e7:ee:4a:65:67:61:a0:3a:82:69:36:80:04:78:
9b:82:9f:3b:8b:c0:9a:fa:d5:45:fb:17:ca:bd:9f:b4:8b:ac:
57:84:19:04:6e:74:9f:dd:be:71:52:3b:79:50:c2:c1:90:68:
36:c6:45:dc:39:5d:d7:e4:bb:ab:89:9d:5e:39:d9:68:9f:b1:
9a:12:51:3d:e6:ed:6f:99:d6:89:bd:1b:58:45:9e:b3:8f:8e:
d8:d0:9e:9c:6c:02:f9:6d:28:eb:37:e9:47:d0:d1:00:eb:68:
aa:f7:8d:8f:16:29:87:a8:59:8d:a8:c8:7d:fa:c1:6f:df:b1:
ff:61:3d:09:3e:3e:ea:ef:47:3a:97:9e:c1:d7:1e:90:52:03:
49:9f:2d:99:40:f2:04:e1:45:e1:9e:31:c1:77:d2:fa:1b:79:
b6:8b:e0:d3:4c:f2:f4:5e:9d:da:e7:3b:08:eb:08:76:8b:24:
78:71:bc:f2
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgIEKSkyRzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ZDBhZGU1NGMyN2U2ZmNkZGFjZTI2MmM0ZmRmNzkwZjMyMGZlZDljMB4XDTIyMDEw
MTEyMDcwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTFjNTdmM2U3NDU5
YjkwMmJjMTNkM2U3MDQ3ZGJkNGViMGQ0ZjkyZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMaYWll+9mcioaNifaHdRVLg7ezGguh8QhhKv9Hd+7P43Na0
yqNE7K2ivfDqYUk0qf0atofFuujV9ew3vTXpKxx8hVbo5JZb+etvkPzAJPGFw5/r
WJn3raDbrtuoThIqJxwIuEnuFH7R0KDXSSH4TS0bg9WBaCG3/+Ufxi0oAUVkdkoc
iivgU8Te7m4phEtbzPYpst1wX1YQFmV1uCgj5OpeULFfI/AJ+HQAFQ5txWURDR02
jcs+PUF/YXd7E8R4WmUqKyik8iy3BPlp3zLMOTaIG7CBQiRg7Duvex3KEnZjfXNh
HZxGtQLmowdhuDLD2zYC/xwgTzkoZ1kThCxIhF0CAwEAAaOCApYwggKSMB0GA1Ud
DgQWBBThxX8+dFm5ArwT0+cEfb1OsNT5LzAfBgNVHSMEGDAWgBRNCt5Uwn5vzdrO
JixP33kPMg/tnDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1RRcmVWTUotYjgzYXppWXNUOTk1RHpJUDdady5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGQvOGVmZDhiLWU1MTYtNGM0OS05MmNiLTg5Mjk2Y2NiMzVmNS8x
LzRjVl9QblJadVFLOEU5UG5CSDI5VHJEVS1TOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGQv
OGVmZDhiLWU1MTYtNGM0OS05MmNiLTg5Mjk2Y2NiMzVmNS8xL1RRcmVWTUotYjgz
YXppWXNUOTk1RHpJUDdady5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
qwYIKwYBBQUHAQcBAf8EgZswgZgwYAQCAAEwWgMEAi2ZaAMEA1taaAMEA1u9eAME
AlvBAAMEAFvR1AMEAlvauAMEAVvdggMEAFvfZAMEAlvhPAMEA5f8CAMEAbBvzgME
ArkHwAMEArk3aAMEArlQtAMEAMHKczA0BAIAAjAuAwcAIAEGfAIwAwcAIAEGfCBs
AwUDKgLRQAMFAyoE00ADBQMqBNyAAwUDKg95ADANBgkqhkiG9w0BAQsFAAOCAQEA
k2zAyeSHF/RrLCPALFf31k9O/GkGT8xv6g3haXdtrvcb4RhlZxvYcYFLD+aWRM8D
QgTI1OrN6oiJ+/Efi90RZo1dSIuZShlEqtrJ8efuSmVnYaA6gmk2gAR4m4KfO4vA
mvrVRfsXyr2ftIusV4QZBG50n92+cVI7eVDCwZBoNsZF3Dld1+S7q4mdXjnZaJ+x
mhJRPebtb5nWib0bWEWes4+O2NCenGwC+W0o6zfpR9DRAOtoqveNjxYph6hZjajI
ffrBb9+x/2E9CT4+6u9HOpeewdcekFIDSZ8tmUDyBOFF4Z4xwXfS+ht5tovg00zy
9F6d2uc7COsIdoskeHG88g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:59 2024 by rpki-client on console-ams.rpki-client.org