Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/_CEKat-awwS7kqJVW4Tr-a3O7HI.roa
File: _CEKat-awwS7kqJVW4Tr-a3O7HI.roa (raw, json)
Hash identifier: HV65u2x5NYbZFSAo52PRbaWJW7ELLhjCHlGro4IYtUA=
Subject key identifier: FC:21:0A:6A:DF:9A:C3:04:BB:92:A2:55:5B:84:EB:F9:AD:CE:EC:72
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 018716341E63CEF0D64681D75F592040D7A5
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/_CEKat-awwS7kqJVW4Tr-a3O7HI.roa
Signing time: Sat 25 Mar 2023 00:38:46 +0000
ROA not before: Sat 25 Mar 2023 00:38:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34927
IP address blocks: 45.134.88.0/24 maxlen: 24
45.134.91.0/24 maxlen: 24
45.134.89.0/24 maxlen: 24
193.148.251.0/24 maxlen: 24
193.148.250.0/24 maxlen: 24
193.148.249.0/24 maxlen: 24
193.148.248.0/24 maxlen: 24
2a0c:9a40:1024::/48 maxlen: 48
2a0c:9a40:1002::/48 maxlen: 48
2a0c:9a44::/48 maxlen: 48
2a0c:9a40:1000::/44 maxlen: 48
2a0c:9a40:1080::/44 maxlen: 48
2a0c:9a40:1058::/48 maxlen: 48
2a0c:9a40:1001::/48 maxlen: 48
2a0c:9a40:1::/48 maxlen: 48
2a0c:9a40:1055::/48 maxlen: 48
2a0c:9a40:1070::/48 maxlen: 48
2a0c:9a40:1050::/48 maxlen: 48
2a0c:9a40:1054::/48 maxlen: 48
2a0c:9a40:1057::/48 maxlen: 48
2a0c:9a40:1072::/48 maxlen: 48
2a0c:9a40:1070::/44 maxlen: 48
2a0c:9a40:1090::/44 maxlen: 48
2a0c:9a40:1030::/44 maxlen: 48
2a0c:9a40:1051::/48 maxlen: 48
2a0c:9a40:2400::/40 maxlen: 40
2a0c:9a40:2d00::/40 maxlen: 48
2a0c:9a40:2c00::/40 maxlen: 48
2a0c:9a40:2600::/40 maxlen: 48
2a0c:9a40:2800::/40 maxlen: 40
2a0c:9a40:2a00::/40 maxlen: 40
2a0c:9a40:2100::/40 maxlen: 40
2a0c:9a40:2700::/40 maxlen: 40
2a0c:9a40:2200::/40 maxlen: 40
2a0c:9a40:2500::/40 maxlen: 40
2a0c:9a40:1080::/48 maxlen: 48
2a0c:9a40:1060::/48 maxlen: 48
2a0c:9a40:2900::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:16:34:1e:63:ce:f0:d6:46:81:d7:5f:59:20:40:d7:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Mar 25 00:38:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fc210a6adf9ac304bb92a2555b84ebf9adceec72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:74:14:29:b2:6f:a5:f3:22:93:33:c0:c4:84:
33:aa:bc:aa:95:dd:d8:40:9d:b0:83:e3:9b:2b:a9:
ea:9f:52:9a:dc:95:59:ef:8e:08:ef:f3:1a:08:4a:
1e:b9:c5:4e:5e:c5:52:3f:9a:e6:1b:88:eb:b9:ba:
58:34:df:e0:f8:3d:90:c8:8e:43:85:e8:14:5b:bc:
a8:11:0f:d6:51:72:99:88:53:e1:b6:b3:0b:04:98:
29:9e:aa:87:54:d0:88:2b:c9:cd:58:eb:c3:dd:dc:
b9:89:e3:c9:4f:69:03:0e:8e:66:c0:94:64:6f:d5:
6c:e9:04:24:a9:6e:03:3a:f9:87:ac:58:0c:26:23:
7e:13:0f:fc:e8:12:b8:fb:49:3a:19:bf:ec:df:48:
1e:4d:bc:0f:93:a5:59:62:e6:99:c3:23:8f:23:14:
82:a2:f6:3b:04:6e:a7:aa:5a:da:4a:a3:5a:f7:5f:
8b:42:7f:b4:ff:88:93:e0:88:7b:1a:4e:33:17:3f:
09:b0:5e:68:23:ba:22:6d:05:ca:af:42:75:f9:14:
e4:01:54:cf:76:49:05:5f:03:da:ff:90:e5:56:79:
b0:59:d0:ee:c9:12:b7:e6:96:a8:16:d6:e2:cb:b8:
74:f1:26:72:dd:39:79:26:ff:40:22:9d:f7:ea:e5:
2f:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:21:0A:6A:DF:9A:C3:04:BB:92:A2:55:5B:84:EB:F9:AD:CE:EC:72
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/_CEKat-awwS7kqJVW4Tr-a3O7HI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.134.88.0/23
45.134.91.0/24
193.148.248.0/22
IPv6:
2a0c:9a40:1::/48
2a0c:9a40:1000::/44
2a0c:9a40:1024::/48
2a0c:9a40:1030::/44
2a0c:9a40:1050::/47
2a0c:9a40:1054::/47
2a0c:9a40:1057::-2a0c:9a40:1058:ffff:ffff:ffff:ffff:ffff
2a0c:9a40:1060::/48
2a0c:9a40:1070::-2a0c:9a40:109f:ffff:ffff:ffff:ffff:ffff
2a0c:9a40:2100::-2a0c:9a40:22ff:ffff:ffff:ffff:ffff:ffff
2a0c:9a40:2400::-2a0c:9a40:2900:ffff:ffff:ffff:ffff:ffff
2a0c:9a40:2a00::/40
2a0c:9a40:2c00::/39
2a0c:9a44::/48
Signature Algorithm: sha256WithRSAEncryption
6e:8c:13:6c:df:81:40:ae:e8:7d:f2:de:f7:7b:94:5b:b6:d4:
54:dc:8c:48:cf:02:74:6d:d8:fb:03:e2:63:8c:ba:99:25:42:
f2:d8:bd:7e:91:c3:2e:3c:93:c2:7b:8d:99:98:10:3d:2f:e9:
0f:67:53:5c:28:1f:0a:0a:81:ad:b2:34:17:1f:7a:71:e9:56:
1a:7e:06:2d:1b:39:70:10:41:6d:59:60:dd:b3:d4:1f:21:dc:
e1:5a:0f:d9:7e:92:7c:c0:34:89:88:04:69:81:20:26:40:10:
61:35:73:87:8a:9e:db:eb:2e:81:81:a3:87:f0:2f:27:22:75:
2b:9f:16:88:d5:b2:d5:bf:55:c2:d7:9c:e4:c5:86:fa:47:01:
eb:12:09:b9:a5:cc:c8:81:7e:da:7b:d2:70:4c:41:77:f0:02:
e8:35:c9:0c:5a:1c:a7:53:72:fc:4e:7a:a2:66:0d:09:60:3c:
d5:ba:34:b3:2b:3b:47:73:fa:e1:b4:c6:8d:df:2b:87:95:4c:
f6:10:06:99:cd:5a:fc:43:55:e9:62:13:a4:4b:9a:2d:2c:94:
93:4e:d3:64:95:80:74:5a:17:14:ec:c4:d7:09:3f:8d:fb:b5:
c8:e8:a8:ff:29:2b:f3:9b:00:6a:bb:53:9a:b0:af:14:8b:5c:
24:8f:c9:ea
-----BEGIN CERTIFICATE-----
MIIFuzCCBKOgAwIBAgISAYcWNB5jzvDWRoHXX1kgQNelMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjMwMzI1MDAzODQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzIxMGE2YWRmOWFjMzA0YmI5MmEyNTU1Yjg0ZWJmOWFkY2VlYzcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj3QUKbJvpfMikzPAxIQzqryqld3Y
QJ2wg+ObK6nqn1Ka3JVZ744I7/MaCEoeucVOXsVSP5rmG4jrubpYNN/g+D2QyI5D
hegUW7yoEQ/WUXKZiFPhtrMLBJgpnqqHVNCIK8nNWOvD3dy5iePJT2kDDo5mwJRk
b9Vs6QQkqW4DOvmHrFgMJiN+Ew/86BK4+0k6Gb/s30geTbwPk6VZYuaZwyOPIxSC
ovY7BG6nqlraSqNa91+LQn+0/4iT4Ih7Gk4zFz8JsF5oI7oibQXKr0J1+RTkAVTP
dkkFXwPa/5DlVnmwWdDuyRK35paoFtbiy7h08SZy3Tl5Jv9AIp336uUvdwIDAQAB
o4ICxzCCAsMwHQYDVR0OBBYEFPwhCmrfmsMEu5KiVVuE6/mtzuxyMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvX0NFS2F0LWF3d1M3a3FKVlc0VHItYTNPN0hJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHcBggrBgEFBQcBBwEB/wSBzDCByTAYBAIAATASAwQBLYZY
AwQALYZbAwQCwZT4MIGsBAIAAjCBpQMHACoMmkAAAQMHBCoMmkAQAAMHACoMmkAQ
JAMHBCoMmkAQMAMHASoMmkAQUAMHASoMmkAQVDASAwcAKgyaQBBXAwcAKgyaQBBY
AwcAKgyaQBBgMBIDBwQqDJpAEHADBwUqDJpAEIAwEAMGACoMmkAhAwYAKgyaQCIw
EQMGAioMmkAkAwcAKgyaQCkAAwYAKgyaQCoDBgEqDJpALAMHACoMmkQAADANBgkq
hkiG9w0BAQsFAAOCAQEAbowTbN+BQK7offLe93uUW7bUVNyMSM8CdG3Y+wPiY4y6
mSVC8ti9fpHDLjyTwnuNmZgQPS/pD2dTXCgfCgqBrbI0Fx96celWGn4GLRs5cBBB
bVlg3bPUHyHc4VoP2X6SfMA0iYgEaYEgJkAQYTVzh4qe2+sugYGjh/AvJyJ1K58W
iNWy1b9Vwtec5MWG+kcB6xIJuaXMyIF+2nvScExBd/AC6DXJDFocp1Ny/E56omYN
CWA81bo0sys7R3P64bTGjd8rh5VM9hAGmc1a/ENV6WITpEuaLSyUk07TZJWAdFoX
FOzE1wk/jfu1yOio/ykr85sAartTmrCvFItcJI/J6g==
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:51:52 2025 by rpki-client