Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/2pmtNcLjsiERoBUxYMEp1XAdYhM.roa
File: 2pmtNcLjsiERoBUxYMEp1XAdYhM.roa (raw, json)
Hash identifier: th2Qtk+bYA3gcq6Get46AhnpixGybAe0UolCp0eGzDI=
Subject key identifier: DA:99:AD:35:C2:E3:B2:21:11:A0:15:31:60:C1:29:D5:70:1D:62:13
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 08CED006
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/2pmtNcLjsiERoBUxYMEp1XAdYhM.roa
Signing time: Tue 15 Mar 2022 13:54:44 +0000
ROA not before: Tue 15 Mar 2022 13:54:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208258
IP address blocks: 195.26.7.0/24 maxlen: 24
45.151.156.0/23 maxlen: 24
45.151.158.0/24 maxlen: 24
195.60.176.0/24 maxlen: 24
195.60.177.0/24 maxlen: 24
194.146.48.0/24 maxlen: 24
45.144.244.0/23 maxlen: 24
2a0b:3c40:20::/48 maxlen: 48
2a0e:5540:100::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 147771398 (0x8ced006)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Mar 15 13:54:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=da99ad35c2e3b22111a0153160c129d5701d6213
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:2c:0d:87:1b:53:89:d7:98:69:74:ab:6a:8e:
24:c2:1a:8a:f0:3c:04:e7:ed:c8:43:35:dc:5b:d1:
cd:a8:77:a4:b6:6d:08:30:61:a4:8f:14:5c:58:e9:
03:13:5d:d7:8a:f9:71:ea:a9:25:68:f7:c9:7f:48:
66:77:44:52:19:66:83:80:a9:6e:7b:d9:f6:eb:a5:
b5:64:11:15:c0:15:f8:3c:77:61:8a:e9:ef:34:e7:
96:33:a7:f8:2e:bf:12:5d:1d:42:20:fb:89:2b:2d:
b2:a4:8b:23:6e:a6:c7:5d:f5:bf:ad:29:cf:cb:93:
e8:ba:f2:61:ea:24:ec:32:28:aa:c8:37:4b:e7:da:
c1:91:6e:63:f1:94:e0:8e:c5:b8:ab:37:57:0d:98:
f9:35:26:26:66:d0:fb:28:46:f7:7c:2e:ef:e5:fe:
b7:89:75:8a:0e:eb:b6:5d:ea:74:dd:6d:1c:7e:ba:
8a:bf:41:20:75:79:32:c8:f2:fc:1c:cb:05:43:16:
07:1d:e5:c3:7b:4f:d3:09:73:96:01:dd:cf:6b:3c:
d6:6b:75:99:b7:9a:0c:05:44:9a:77:7e:a3:11:cf:
3f:82:90:b1:2c:d3:7a:db:a0:84:e4:8e:c2:bc:0d:
00:63:74:77:29:03:b8:9f:32:a3:4c:02:fd:4f:86:
66:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:99:AD:35:C2:E3:B2:21:11:A0:15:31:60:C1:29:D5:70:1D:62:13
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/2pmtNcLjsiERoBUxYMEp1XAdYhM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.244.0/23
45.151.156.0-45.151.158.255
194.146.48.0/24
195.26.7.0/24
195.60.176.0/23
IPv6:
2a0b:3c40:20::/48
2a0e:5540:100::/48
Signature Algorithm: sha256WithRSAEncryption
1a:9e:57:97:c2:e0:bf:38:a9:db:00:23:9b:23:2f:43:9e:45:
6b:af:be:fa:77:18:e1:4f:e7:c7:6a:6c:b5:52:5d:fb:07:e5:
d4:b7:ab:d8:1a:79:42:ba:a4:6c:e2:bf:fe:83:4f:c2:66:8f:
c3:3b:c0:67:85:1e:b7:f7:32:5e:34:b4:a4:33:7b:65:a7:8a:
1e:7e:af:74:6e:d8:a8:c8:f1:20:33:f0:f3:34:6d:2a:f1:f1:
07:38:37:7a:e9:98:00:43:29:fd:0b:46:ef:25:5b:b9:a1:ed:
1a:1b:44:b1:43:ae:b6:06:b2:d7:0b:fe:65:74:94:20:c7:b5:
e7:a2:ab:5b:14:1d:15:af:c7:20:43:68:a0:79:c5:f3:07:85:
dd:f1:f3:17:c2:75:68:1d:71:52:36:cb:c2:78:fc:82:c1:72:
b9:0b:23:7e:4a:47:e4:da:6a:e2:45:25:d8:67:9e:09:5a:10:
12:17:33:38:1d:ca:90:7c:3b:b1:13:1b:97:c7:b9:45:40:ae:
d0:d5:8d:52:74:0e:ca:a4:c3:cd:57:8a:0b:f9:c5:09:77:98:
e1:a2:75:fe:06:81:f0:97:0a:1c:8b:c3:e3:44:27:cb:71:60:
8e:69:0b:42:68:82:2e:4a:ae:a6:9e:2c:8a:41:8a:b0:25:ce:
de:e8:41:ef
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgIECM7QBjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NTU3Y2NkNDNhZmU4MTZlNDk1MzIyOGJmMTRhNzVkYzI5MDE0YjhkMB4XDTIyMDMx
NTEzNTQ0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGE5OWFkMzVjMmUz
YjIyMTExYTAxNTMxNjBjMTI5ZDU3MDFkNjIxMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKQsDYcbU4nXmGl0q2qOJMIaivA8BOftyEM13FvRzah3pLZt
CDBhpI8UXFjpAxNd14r5ceqpJWj3yX9IZndEUhlmg4CpbnvZ9uultWQRFcAV+Dx3
YYrp7zTnljOn+C6/El0dQiD7iSstsqSLI26mx131v60pz8uT6LryYeok7DIoqsg3
S+fawZFuY/GU4I7FuKs3Vw2Y+TUmJmbQ+yhG93wu7+X+t4l1ig7rtl3qdN1tHH66
ir9BIHV5Msjy/BzLBUMWBx3lw3tP0wlzlgHdz2s81mt1mbeaDAVEmnd+oxHPP4KQ
sSzTetughOSOwrwNAGN0dykDuJ8yo0wC/U+GZssCAwEAAaOCAkMwggI/MB0GA1Ud
DgQWBBTama01wuOyIRGgFTFgwSnVcB1iEzAfBgNVHSMEGDAWgBS1V8zUOv6BbklT
IovxSnXcKQFLjTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RWZk0xRHItZ1c1SlV5S0w4VXAxM0NrQlM0MC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGIvMTkwODQzLTE4MDMtNDQ2Mi1hNzk1LTZiYzc1NTc4YjRjMy8x
LzJwbXROY0xqc2lFUm9CVXhZTUVwMVhBZFloTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGIv
MTkwODQzLTE4MDMtNDQ2Mi1hNzk1LTZiYzc1NTc4YjRjMy8xL3RWZk0xRHItZ1c1
SlV5S0w4VXAxM0NrQlM0MC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZ
BggrBgEFBQcBBwEB/wRKMEgwLAQCAAEwJgMEAS2Q9DAMAwQCLZecAwQALZeeAwQA
wpIwAwQAwxoHAwQBwzywMBgEAgACMBIDBwAqCzxAACADBwAqDlVAAQAwDQYJKoZI
hvcNAQELBQADggEBABqeV5fC4L84qdsAI5sjL0OeRWuvvvp3GOFP58dqbLVSXfsH
5dS3q9gaeUK6pGziv/6DT8Jmj8M7wGeFHrf3Ml40tKQze2Wnih5+r3Ru2KjI8SAz
8PM0bSrx8Qc4N3rpmABDKf0LRu8lW7mh7RobRLFDrrYGstcL/mV0lCDHteeiq1sU
HRWvxyBDaKB5xfMHhd3x8xfCdWgdcVI2y8J4/ILBcrkLI35KR+TaauJFJdhnngla
EBIXMzgdypB8O7ETG5fHuUVArtDVjVJ0Dsqkw81Xigv5xQl3mOGidf4GgfCXChyL
w+NEJ8txYI5pC0Jogi5KrqaeLIpBirAlzt7oQe8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:17 2024 by rpki-client on console-ams.rpki-client.org