Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/34bb77-c847-4111-96f3-bdd5cc440396/1/kEFTuqhr9lE3AHOr1FtuwlIi8rM.roa
File: kEFTuqhr9lE3AHOr1FtuwlIi8rM.roa (raw, json)
Hash identifier: HvdP1dDARTca0RQe3DnvvQmEoa7f9T3QYZp5k83OaGE=
Subject key identifier: 90:41:53:BA:A8:6B:F6:51:37:00:73:AB:D4:5B:6E:C2:52:22:F2:B3
Certificate issuer: /CN=9b986fc646fda0cf145e10d93fe1b10eb0dee625
Certificate serial: 09D7681B
Authority key identifier: 9B:98:6F:C6:46:FD:A0:CF:14:5E:10:D9:3F:E1:B1:0E:B0:DE:E6:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m5hvxkb9oM8UXhDZP-GxDrDe5iU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/34bb77-c847-4111-96f3-bdd5cc440396/1/kEFTuqhr9lE3AHOr1FtuwlIi8rM.roa
Signing time: Mon 21 Feb 2022 11:06:16 +0000
ROA not before: Mon 21 Feb 2022 11:06:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39761
IP address blocks: 45.14.156.0/22 maxlen: 22
45.87.12.0/22 maxlen: 22
84.246.160.0/21 maxlen: 24
81.90.240.0/20 maxlen: 24
45.83.212.0/22 maxlen: 22
45.11.132.0/22 maxlen: 22
2a0e:6d00::/29 maxlen: 29
2a00:1268::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 165111835 (0x9d7681b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b986fc646fda0cf145e10d93fe1b10eb0dee625
Validity
Not Before: Feb 21 11:06:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=904153baa86bf651370073abd45b6ec25222f2b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:93:61:7a:72:6b:29:31:86:81:93:15:d7:b4:
e3:c8:f0:54:1e:8d:a8:f8:fb:3a:8a:67:b2:5c:88:
64:ec:ff:06:1f:e1:43:09:e9:bc:76:4b:16:7d:19:
f6:50:a8:1b:3f:a9:66:1c:8e:5c:84:e8:42:78:f7:
54:ba:7f:36:d1:06:26:11:1d:d4:d4:64:56:35:81:
6e:ce:a1:6b:51:ca:85:9a:06:88:e4:f0:1b:aa:98:
be:92:7e:e1:8a:c3:f4:88:12:22:6c:b4:9e:39:d1:
fd:d6:28:83:48:ca:be:f8:d1:d5:fb:32:ef:6d:36:
c9:e5:61:c0:e7:30:0c:d2:a6:36:e5:03:21:32:6d:
ff:45:78:05:e9:b8:bf:a9:4e:a0:f9:69:4a:c5:1d:
a3:c5:f1:0d:0c:6e:5b:6c:d0:36:db:0b:a4:3a:f4:
4b:fc:ea:31:94:99:2d:ab:79:eb:c2:07:85:54:35:
7b:0b:b8:d4:71:14:a5:77:1f:a2:07:de:55:f2:ef:
b1:fb:5b:bf:ea:11:58:43:f3:71:76:a8:89:93:b9:
78:08:cc:fc:95:c5:fc:10:1a:b6:90:45:c2:b0:a6:
68:50:f2:ab:30:a4:df:69:ac:38:d5:a5:4b:54:13:
48:bb:e3:29:96:8d:24:62:ef:ed:0d:25:7f:71:c1:
e3:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:41:53:BA:A8:6B:F6:51:37:00:73:AB:D4:5B:6E:C2:52:22:F2:B3
X509v3 Authority Key Identifier:
keyid:9B:98:6F:C6:46:FD:A0:CF:14:5E:10:D9:3F:E1:B1:0E:B0:DE:E6:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m5hvxkb9oM8UXhDZP-GxDrDe5iU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/34bb77-c847-4111-96f3-bdd5cc440396/1/kEFTuqhr9lE3AHOr1FtuwlIi8rM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/34bb77-c847-4111-96f3-bdd5cc440396/1/m5hvxkb9oM8UXhDZP-GxDrDe5iU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.132.0/22
45.14.156.0/22
45.83.212.0/22
45.87.12.0/22
81.90.240.0/20
84.246.160.0/21
IPv6:
2a00:1268::/32
2a0e:6d00::/29
Signature Algorithm: sha256WithRSAEncryption
6b:64:6c:3f:19:0c:9f:18:eb:92:3e:83:fb:9f:2e:ee:d3:da:
fc:2e:52:27:bb:4d:47:f3:42:c7:1e:01:aa:67:03:5e:9c:38:
43:b1:28:fe:96:14:53:c1:60:42:59:5f:dc:9c:ab:e3:7d:cf:
a3:3b:b0:dd:da:74:38:64:54:56:0c:60:a6:19:08:c3:87:b8:
83:79:0d:15:2c:a6:99:41:59:c4:38:98:62:a6:bf:a1:4a:d0:
54:88:d5:f7:a2:56:a4:f2:ae:25:dc:a2:e4:db:7b:6e:30:a1:
38:66:c5:41:5c:14:72:39:02:15:70:89:fa:55:25:fe:b1:2f:
a0:71:a6:52:4e:26:fb:d3:ac:8a:c8:ed:42:2d:ed:5a:a8:b0:
5d:87:e5:0a:1d:30:7e:06:56:85:50:0e:75:62:55:82:d7:bc:
fa:4d:17:45:36:63:b0:b0:67:5f:f6:9d:d4:fe:82:a9:8d:11:
ef:75:a7:ef:6e:14:d8:6d:16:39:6d:42:ef:11:2b:f6:a9:e3:
ef:ad:8c:0f:d2:83:57:e2:9d:bc:6a:24:30:03:24:b2:a9:db:
c9:a2:ff:97:0a:d7:c7:5a:2f:e8:42:ca:06:2d:2f:10:47:2f:
31:1f:3a:78:a2:02:d0:f6:e7:bc:e8:c5:6c:14:7b:51:a0:c4:
98:e6:d0:73
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgIECddoGzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
Yjk4NmZjNjQ2ZmRhMGNmMTQ1ZTEwZDkzZmUxYjEwZWIwZGVlNjI1MB4XDTIyMDIy
MTExMDYxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTA0MTUzYmFhODZi
ZjY1MTM3MDA3M2FiZDQ1YjZlYzI1MjIyZjJiMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKuTYXpyaykxhoGTFde048jwVB6NqPj7OopnslyIZOz/Bh/h
QwnpvHZLFn0Z9lCoGz+pZhyOXIToQnj3VLp/NtEGJhEd1NRkVjWBbs6ha1HKhZoG
iOTwG6qYvpJ+4YrD9IgSImy0njnR/dYog0jKvvjR1fsy7202yeVhwOcwDNKmNuUD
ITJt/0V4Bem4v6lOoPlpSsUdo8XxDQxuW2zQNtsLpDr0S/zqMZSZLat568IHhVQ1
ewu41HEUpXcfogfeVfLvsftbv+oRWEPzcXaoiZO5eAjM/JXF/BAatpBFwrCmaFDy
qzCk32msONWlS1QTSLvjKZaNJGLv7Q0lf3HB4wMCAwEAAaOCAj0wggI5MB0GA1Ud
DgQWBBSQQVO6qGv2UTcAc6vUW27CUiLyszAfBgNVHSMEGDAWgBSbmG/GRv2gzxRe
ENk/4bEOsN7mJTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L201aHZ4a2I5b004VVhoRFpQLUd4RHJEZTVpVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGEvMzRiYjc3LWM4NDctNDExMS05NmYzLWJkZDVjYzQ0MDM5Ni8x
L2tFRlR1cWhyOWxFM0FIT3IxRnR1d2xJaThyTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGEv
MzRiYjc3LWM4NDctNDExMS05NmYzLWJkZDVjYzQ0MDM5Ni8xL201aHZ4a2I5b004
VVhoRFpQLUd4RHJEZTVpVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBT
BggrBgEFBQcBBwEB/wREMEIwKgQCAAEwJAMEAi0LhAMEAi0OnAMEAi1T1AMEAi1X
DAMEBFFa8AMEA1T2oDAUBAIAAjAOAwUAKgASaAMFAyoObQAwDQYJKoZIhvcNAQEL
BQADggEBAGtkbD8ZDJ8Y65I+g/ufLu7T2vwuUie7TUfzQsceAapnA16cOEOxKP6W
FFPBYEJZX9ycq+N9z6M7sN3adDhkVFYMYKYZCMOHuIN5DRUspplBWcQ4mGKmv6FK
0FSI1feiVqTyriXcouTbe24woThmxUFcFHI5AhVwifpVJf6xL6BxplJOJvvTrIrI
7UIt7VqosF2H5QodMH4GVoVQDnViVYLXvPpNF0U2Y7CwZ1/2ndT+gqmNEe91p+9u
FNhtFjltQu8RK/ap4++tjA/Sg1finbxqJDADJLKp28mi/5cK18daL+hCygYtLxBH
LzEfOniiAtD257zoxWwUe1GgxJjm0HM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:20 2024 by rpki-client on console-fra.rpki-client.org