Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/cDQRoLt3UnSbV58Vvl4T3yGZB4s.roa
File: cDQRoLt3UnSbV58Vvl4T3yGZB4s.roa (raw, json)
Hash identifier: LeR0DmsXRLsH/jrP7DfGJ8k4/ZcDCy7Y4C51Erhmywg=
Subject key identifier: 70:34:11:A0:BB:77:52:74:9B:57:9F:15:BE:5E:13:DF:21:99:07:8B
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 08927AFC
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/cDQRoLt3UnSbV58Vvl4T3yGZB4s.roa
Signing time: Mon 21 Feb 2022 09:14:35 +0000
ROA not before: Mon 21 Feb 2022 09:14:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208258
IP address blocks: 45.151.112.0/24 maxlen: 24
45.151.156.0/23 maxlen: 24
45.151.158.0/24 maxlen: 24
195.60.176.0/24 maxlen: 24
195.60.177.0/24 maxlen: 24
194.146.48.0/24 maxlen: 24
45.144.244.0/23 maxlen: 24
2a0e:5540:100::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 143817468 (0x8927afc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Feb 21 09:14:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=703411a0bb7752749b579f15be5e13df2199078b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:2d:33:b3:6b:01:a8:ad:9d:c8:d8:be:58:b6:
a2:b6:1d:38:bf:7b:19:01:64:65:a6:ad:94:4a:47:
32:45:35:1c:19:68:96:81:a8:27:8c:8a:5d:d8:65:
e5:a6:04:02:4e:ce:cb:f6:3f:5a:f8:64:98:a7:43:
8e:ba:2c:ec:9c:43:d2:28:88:c3:94:fc:fd:bd:9e:
93:bd:11:dc:8f:cb:61:2f:fc:6d:39:ed:48:f5:78:
69:51:21:26:f6:38:33:67:b5:c1:39:49:27:7a:ba:
5a:c9:6b:c1:7a:f0:23:d4:a4:4b:b5:2a:25:88:0f:
a6:7b:0f:96:1f:98:4b:cb:f8:68:bb:e2:b5:9b:c6:
6a:8a:fd:1d:4f:10:c0:af:53:5d:b7:fc:c6:8d:da:
ae:d4:8d:f7:c8:9d:71:9f:ad:1f:52:95:a4:28:a7:
30:09:85:8c:a0:50:af:e3:d3:0d:f4:de:a3:5e:9a:
ba:d4:83:6e:b4:71:1e:0a:29:6a:6a:bd:1c:48:31:
d5:d7:b5:ea:cf:1a:dd:3b:fa:3f:f2:bb:0d:ab:1f:
64:eb:b4:1e:20:41:e9:06:4f:68:02:88:d1:78:0e:
69:24:ec:d4:4c:0e:09:2d:2f:1b:99:e5:62:ec:bb:
79:56:fc:c6:6b:cf:38:79:9f:85:ca:11:97:7e:10:
14:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:34:11:A0:BB:77:52:74:9B:57:9F:15:BE:5E:13:DF:21:99:07:8B
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/cDQRoLt3UnSbV58Vvl4T3yGZB4s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.244.0/23
45.151.112.0/24
45.151.156.0-45.151.158.255
194.146.48.0/24
195.60.176.0/23
IPv6:
2a0e:5540:100::/48
Signature Algorithm: sha256WithRSAEncryption
6a:1d:bf:a1:2f:0b:9d:d3:21:fb:04:37:1b:26:61:41:e5:82:
af:de:ab:91:bd:c3:66:70:60:d1:25:17:31:20:b8:8a:26:d8:
fd:d1:05:30:a5:9b:09:26:0d:7c:1a:c0:48:7b:b5:58:68:4a:
06:1d:cb:0c:aa:d8:2e:e8:3b:5e:9e:cf:ab:5a:58:91:65:14:
cf:f3:db:5e:a6:82:c7:64:c5:f5:5e:ca:a7:6e:7f:1c:c8:5e:
b9:f7:d8:67:d1:98:1f:7f:21:2d:47:3a:86:51:54:f1:8e:44:
b9:f4:8c:7e:5d:2b:ca:ca:d6:7f:05:40:86:63:f8:4c:0c:81:
f4:c9:09:5f:f3:a5:0c:7d:e0:b6:3a:8f:56:3d:2b:1f:ba:be:
ff:da:15:cc:b6:00:05:6c:c3:f9:eb:b5:d1:49:c6:34:07:50:
f8:9a:a1:01:76:4a:2c:c9:6f:56:82:a6:75:c7:55:ab:db:0d:
31:31:87:18:42:f7:77:4f:43:6a:0a:66:69:de:65:74:fb:29:
ee:10:9a:20:aa:ce:31:31:10:2d:97:e0:90:17:9a:25:16:18:
f4:94:59:4b:08:ca:5e:01:39:05:55:0e:34:5e:20:7c:1e:ff:
fc:d4:71:89:29:21:aa:25:f9:34:ef:b8:79:b7:c4:91:84:52:
05:af:37:e3
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgIECJJ6/DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NTU3Y2NkNDNhZmU4MTZlNDk1MzIyOGJmMTRhNzVkYzI5MDE0YjhkMB4XDTIyMDIy
MTA5MTQzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzAzNDExYTBiYjc3
NTI3NDliNTc5ZjE1YmU1ZTEzZGYyMTk5MDc4YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALctM7NrAaitncjYvli2orYdOL97GQFkZaatlEpHMkU1HBlo
loGoJ4yKXdhl5aYEAk7Oy/Y/WvhkmKdDjros7JxD0iiIw5T8/b2ek70R3I/LYS/8
bTntSPV4aVEhJvY4M2e1wTlJJ3q6WslrwXrwI9SkS7UqJYgPpnsPlh+YS8v4aLvi
tZvGaor9HU8QwK9TXbf8xo3artSN98idcZ+tH1KVpCinMAmFjKBQr+PTDfTeo16a
utSDbrRxHgopamq9HEgx1de16s8a3Tv6P/K7DasfZOu0HiBB6QZPaAKI0XgOaSTs
1EwOCS0vG5nlYuy7eVb8xmvPOHmfhcoRl34QFOMCAwEAAaOCAjowggI2MB0GA1Ud
DgQWBBRwNBGgu3dSdJtXnxW+XhPfIZkHizAfBgNVHSMEGDAWgBS1V8zUOv6BbklT
IovxSnXcKQFLjTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RWZk0xRHItZ1c1SlV5S0w4VXAxM0NrQlM0MC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGIvMTkwODQzLTE4MDMtNDQ2Mi1hNzk1LTZiYzc1NTc4YjRjMy8x
L2NEUVJvTHQzVW5TYlY1OFZ2bDRUM3lHWkI0cy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGIv
MTkwODQzLTE4MDMtNDQ2Mi1hNzk1LTZiYzc1NTc4YjRjMy8xL3RWZk0xRHItZ1c1
SlV5S0w4VXAxM0NrQlM0MC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBQ
BggrBgEFBQcBBwEB/wRBMD8wLAQCAAEwJgMEAS2Q9AMEAC2XcDAMAwQCLZecAwQA
LZeeAwQAwpIwAwQBwzywMA8EAgACMAkDBwAqDlVAAQAwDQYJKoZIhvcNAQELBQAD
ggEBAGodv6EvC53TIfsENxsmYUHlgq/eq5G9w2ZwYNElFzEguIom2P3RBTClmwkm
DXwawEh7tVhoSgYdywyq2C7oO16ez6taWJFlFM/z216mgsdkxfVeyqdufxzIXrn3
2GfRmB9/IS1HOoZRVPGORLn0jH5dK8rK1n8FQIZj+EwMgfTJCV/zpQx94LY6j1Y9
Kx+6vv/aFcy2AAVsw/nrtdFJxjQHUPiaoQF2SizJb1aCpnXHVavbDTExhxhC93dP
Q2oKZmneZXT7Ke4QmiCqzjExEC2X4JAXmiUWGPSUWUsIyl4BOQVVDjReIHwe//zU
cYkpIaol+TTvuHm3xJGEUgWvN+M=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:25 2024 by rpki-client on console-fra.rpki-client.org