Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/i21VeeAjObzWl_CujaLa-CKj-HU.roa
File: i21VeeAjObzWl_CujaLa-CKj-HU.roa (raw, json)
Hash identifier: LcuDShJKQ4RCq1A+zNd0zgqMAs6ThRFLxB9R4dCWKuw=
Subject key identifier: 8B:6D:55:79:E0:23:39:BC:D6:97:F0:AE:8D:A2:DA:F8:22:A3:F8:75
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 08EB41FC
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/i21VeeAjObzWl_CujaLa-CKj-HU.roa
Signing time: Thu 24 Mar 2022 09:58:08 +0000
ROA not before: Thu 24 Mar 2022 09:58:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204402
IP address blocks: 45.157.200.0/24 maxlen: 24
45.157.201.0/24 maxlen: 24
45.152.10.0/24 maxlen: 24
45.157.35.0/24 maxlen: 24
45.152.38.0/24 maxlen: 24
45.159.192.0/24 maxlen: 24
45.152.39.0/24 maxlen: 24
45.159.193.0/24 maxlen: 24
45.159.194.0/24 maxlen: 24
2a0b:3c40:24::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 149635580 (0x8eb41fc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Mar 24 09:58:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8b6d5579e02339bcd697f0ae8da2daf822a3f875
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:18:be:3a:21:ab:53:d3:64:7f:59:7e:8e:8f:
cc:3d:9f:a2:bc:13:a4:f0:b8:b0:ba:15:64:c7:65:
7c:d8:ac:52:b2:77:47:3c:ed:69:71:26:1d:bb:0d:
29:29:78:92:87:fb:fb:dc:b3:12:fc:7a:c2:42:9e:
6a:bd:d3:8f:d4:f5:31:27:8e:68:69:ac:5a:1e:52:
81:7b:08:d8:54:e5:07:fd:45:ce:ab:34:52:c2:82:
12:ea:23:e7:56:8c:91:c4:ef:9b:de:b4:02:97:0b:
ad:3a:17:20:66:5c:ab:b1:fc:fc:ed:6a:c7:cf:46:
fe:d6:9e:60:cd:83:e3:f5:eb:12:61:b7:71:d2:b7:
62:3e:62:54:e6:e0:17:b8:fe:e3:5f:12:e3:ac:ed:
60:b9:ab:05:9f:13:de:dd:e0:2e:5e:e2:24:1f:0b:
c2:52:23:65:da:66:35:45:08:82:4a:09:18:7c:c3:
0f:47:fd:ab:c0:7a:b4:cf:2d:69:87:31:1a:9a:90:
77:b5:2f:f4:50:37:fd:71:ab:7f:32:e3:c2:77:b8:
7e:81:53:32:d2:70:fe:6a:1e:52:bd:3e:0c:0e:9b:
e6:07:d8:f7:aa:a2:ba:5a:e2:74:7f:9c:fd:fa:61:
9a:38:67:54:1e:ea:1d:be:fd:52:83:c3:b6:2e:8f:
0b:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:6D:55:79:E0:23:39:BC:D6:97:F0:AE:8D:A2:DA:F8:22:A3:F8:75
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/i21VeeAjObzWl_CujaLa-CKj-HU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.152.10.0/24
45.152.38.0/23
45.157.35.0/24
45.157.200.0/23
45.159.192.0-45.159.194.255
IPv6:
2a0b:3c40:24::/48
Signature Algorithm: sha256WithRSAEncryption
01:ab:4b:78:db:78:9c:f1:79:e2:e2:6a:1b:6d:e0:6c:f8:c2:
4a:69:70:a5:10:16:17:a7:8f:bc:bb:8e:d2:50:4a:76:8f:6d:
2a:4b:df:d1:9c:b2:8e:61:be:53:42:26:c2:98:4d:80:41:bd:
dc:a8:29:5e:d7:fa:c0:29:bf:54:80:02:28:03:05:de:f0:68:
14:34:16:25:de:d8:6f:0f:be:4d:a4:b8:35:25:fa:74:3b:78:
b6:77:31:3b:43:1e:91:df:7b:3c:f4:a0:fb:02:f9:6d:5f:21:
d7:4c:c5:a9:0b:05:40:86:78:aa:5e:c2:10:96:a4:66:1c:04:
cd:ca:ff:7a:0f:5e:41:2f:07:ec:da:50:88:03:59:60:4b:c3:
cf:6f:df:ab:94:01:ce:20:69:a7:b0:c6:44:c0:b4:4d:0c:eb:
3b:5a:c3:0f:0b:09:58:f8:6c:7b:5f:91:4e:c0:c2:77:e5:ee:
c1:3e:2e:d9:25:7e:c3:fc:00:22:2d:9d:cb:cc:3e:e1:ed:bc:
ae:a2:2a:e9:85:b5:a6:53:ff:94:28:32:d7:83:d2:0d:b1:4c:
2e:86:67:a5:75:6f:df:d1:5f:8a:27:f6:f2:48:40:1c:04:67:
9e:b4:f7:1f:c0:99:a5:29:99:a0:42:32:1e:83:eb:7f:8c:c5:
f7:79:71:13
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgIECOtB/DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NTU3Y2NkNDNhZmU4MTZlNDk1MzIyOGJmMTRhNzVkYzI5MDE0YjhkMB4XDTIyMDMy
NDA5NTgwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGI2ZDU1NzllMDIz
MzliY2Q2OTdmMGFlOGRhMmRhZjgyMmEzZjg3NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMEYvjohq1PTZH9Zfo6PzD2forwTpPC4sLoVZMdlfNisUrJ3
RzztaXEmHbsNKSl4kof7+9yzEvx6wkKear3Tj9T1MSeOaGmsWh5SgXsI2FTlB/1F
zqs0UsKCEuoj51aMkcTvm960ApcLrToXIGZcq7H8/O1qx89G/taeYM2D4/XrEmG3
cdK3Yj5iVObgF7j+418S46ztYLmrBZ8T3t3gLl7iJB8LwlIjZdpmNUUIgkoJGHzD
D0f9q8B6tM8taYcxGpqQd7Uv9FA3/XGrfzLjwne4foFTMtJw/moeUr0+DA6b5gfY
96qiulridH+c/fphmjhnVB7qHb79UoPDti6PC3UCAwEAAaOCAjowggI2MB0GA1Ud
DgQWBBSLbVV54CM5vNaX8K6Notr4IqP4dTAfBgNVHSMEGDAWgBS1V8zUOv6BbklT
IovxSnXcKQFLjTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RWZk0xRHItZ1c1SlV5S0w4VXAxM0NrQlM0MC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGIvMTkwODQzLTE4MDMtNDQ2Mi1hNzk1LTZiYzc1NTc4YjRjMy8x
L2kyMVZlZUFqT2J6V2xfQ3VqYUxhLUNLai1IVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGIv
MTkwODQzLTE4MDMtNDQ2Mi1hNzk1LTZiYzc1NTc4YjRjMy8xL3RWZk0xRHItZ1c1
SlV5S0w4VXAxM0NrQlM0MC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBQ
BggrBgEFBQcBBwEB/wRBMD8wLAQCAAEwJgMEAC2YCgMEAS2YJgMEAC2dIwMEAS2d
yDAMAwQGLZ/AAwQALZ/CMA8EAgACMAkDBwAqCzxAACQwDQYJKoZIhvcNAQELBQAD
ggEBAAGrS3jbeJzxeeLiahtt4Gz4wkppcKUQFhenj7y7jtJQSnaPbSpL39Gcso5h
vlNCJsKYTYBBvdyoKV7X+sApv1SAAigDBd7waBQ0FiXe2G8Pvk2kuDUl+nQ7eLZ3
MTtDHpHfezz0oPsC+W1fIddMxakLBUCGeKpewhCWpGYcBM3K/3oPXkEvB+zaUIgD
WWBLw89v36uUAc4gaaewxkTAtE0M6ztaww8LCVj4bHtfkU7Awnfl7sE+LtklfsP8
ACItncvMPuHtvK6iKumFtaZT/5QoMteD0g2xTC6GZ6V1b9/RX4on9vJIQBwEZ560
9x/AmaUpmaBCMh6D63+Mxfd5cRM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:17 2024 by rpki-client on console-ams.rpki-client.org