Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/6de7a0-4073-4272-bf44-07a1d65548ba/1/h6PFUmb2iZ8sAfomdy1j-xE1JQE.roa
File: h6PFUmb2iZ8sAfomdy1j-xE1JQE.roa (raw, json)
Hash identifier: LLoigwyadqPkD/qyoKgzVI5533MIPCH1kcXJgTCnpiU=
Subject key identifier: 87:A3:C5:52:66:F6:89:9F:2C:01:FA:26:77:2D:63:FB:11:35:25:01
Certificate issuer: /CN=74aebc154a56c83025cbd8641a9ac315cb551c06
Certificate serial: 08B14F9D
Authority key identifier: 74:AE:BC:15:4A:56:C8:30:25:CB:D8:64:1A:9A:C3:15:CB:55:1C:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dK68FUpWyDAly9hkGprDFctVHAY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/6de7a0-4073-4272-bf44-07a1d65548ba/1/h6PFUmb2iZ8sAfomdy1j-xE1JQE.roa
Signing time: Thu 28 Apr 2022 07:43:40 +0000
ROA not before: Thu 28 Apr 2022 07:43:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9009
IP address blocks: 45.15.21.0/24 maxlen: 24
194.53.136.0/24 maxlen: 24
194.53.137.0/24 maxlen: 24
2a0e:1d80:14::/48 maxlen: 48
2a0e:1d80:12::/48 maxlen: 48
2a0e:1d80:15::/48 maxlen: 48
2a0e:1d80:8::/48 maxlen: 48
2a0e:1d80:10::/48 maxlen: 48
2a0e:1d80:13::/48 maxlen: 48
2a0e:1d80:6::/48 maxlen: 48
2a0e:1d80:9::/48 maxlen: 48
2a0e:1d80:11::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 145837981 (0x8b14f9d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=74aebc154a56c83025cbd8641a9ac315cb551c06
Validity
Not Before: Apr 28 07:43:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=87a3c55266f6899f2c01fa26772d63fb11352501
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:16:3b:18:a9:d3:4a:4e:64:27:d1:61:0a:f2:
65:b9:e0:34:fc:e2:1d:ac:58:d5:a7:6b:da:bf:58:
23:fc:73:8b:fa:90:08:2b:b2:60:15:95:b4:30:d3:
2c:c8:c3:24:8b:72:a4:56:1b:39:8b:57:d5:91:aa:
59:9f:27:6b:5d:9d:e2:23:31:b9:66:59:b1:4f:6e:
fd:17:63:f6:b5:2b:b5:91:0a:45:0d:ca:cf:a0:ee:
dd:84:e9:bb:36:33:e7:bf:2e:76:82:12:3e:3e:b8:
56:57:48:3c:6e:c3:d0:5c:0f:99:da:15:26:16:38:
f4:f5:70:1a:0a:ef:6a:18:5d:d0:fc:4a:f0:f3:cc:
50:a6:5b:31:de:45:6d:08:20:a2:51:a9:1b:a6:f7:
42:e5:1d:a0:ee:47:fe:3c:e6:29:ee:a9:0d:35:9e:
e8:13:e7:a2:b8:cd:a0:f4:15:09:94:54:5b:cd:7e:
dc:dc:98:c9:69:2b:22:a5:4c:19:31:5b:0d:2e:6b:
2f:52:a2:ba:5a:ac:ec:33:2d:aa:a9:e8:c7:47:a1:
e4:35:62:2e:7f:3c:a8:02:13:50:1d:4c:21:7d:81:
19:14:7a:34:95:f7:19:90:46:1a:3d:5d:0b:68:0c:
e6:b1:d2:d3:08:19:7b:f3:4a:e5:d1:f0:c5:8c:86:
af:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:A3:C5:52:66:F6:89:9F:2C:01:FA:26:77:2D:63:FB:11:35:25:01
X509v3 Authority Key Identifier:
keyid:74:AE:BC:15:4A:56:C8:30:25:CB:D8:64:1A:9A:C3:15:CB:55:1C:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dK68FUpWyDAly9hkGprDFctVHAY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/6de7a0-4073-4272-bf44-07a1d65548ba/1/h6PFUmb2iZ8sAfomdy1j-xE1JQE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/6de7a0-4073-4272-bf44-07a1d65548ba/1/dK68FUpWyDAly9hkGprDFctVHAY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.21.0/24
194.53.136.0/23
IPv6:
2a0e:1d80:6::/48
2a0e:1d80:8::/47
2a0e:1d80:10::-2a0e:1d80:15:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
03:8c:db:92:42:3d:73:ff:fe:19:17:3c:1e:ab:69:66:19:9e:
5d:e0:06:ce:cd:7c:02:df:51:78:95:ad:b4:21:24:ac:d8:2e:
88:0e:89:a3:8e:42:a3:97:b6:eb:04:cb:0e:6b:e7:5b:2c:00:
b4:16:fc:ec:c0:fa:1d:25:3c:92:c6:b2:a7:f1:2d:01:c9:53:
ee:0f:dd:ad:2e:52:17:6b:2a:3a:e1:7f:4f:1c:92:d4:6b:7f:
aa:ad:a3:81:26:cc:43:a9:b0:bb:4b:0d:4a:51:65:e0:a5:71:
07:4d:c6:94:86:20:30:e9:d6:f9:4b:01:8b:19:09:3c:41:2b:
c9:d9:eb:fc:e3:0f:3b:b2:c5:b0:c7:0e:be:77:dd:43:65:80:
75:0d:5b:5b:a9:eb:c0:66:73:a5:a1:33:0c:19:1d:21:ce:e1:
10:b3:29:b7:04:90:0c:49:1c:32:35:18:2c:bc:66:40:a0:9d:
17:fb:03:7b:1e:00:68:61:ed:78:95:21:64:9f:ea:54:9b:37:
98:53:e4:c7:46:67:c3:45:37:f3:c3:74:6a:41:2e:db:bc:c4:
8f:1f:e2:82:20:c7:44:29:7e:81:1b:4d:3d:b3:10:60:80:e9:
5f:bf:f2:17:24:52:af:5d:ff:52:d2:2b:b8:e1:0f:df:ce:d0:
e3:f8:58:c8
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgIECLFPnTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NGFlYmMxNTRhNTZjODMwMjVjYmQ4NjQxYTlhYzMxNWNiNTUxYzA2MB4XDTIyMDQy
ODA3NDM0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODdhM2M1NTI2NmY2
ODk5ZjJjMDFmYTI2NzcyZDYzZmIxMTM1MjUwMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMMWOxip00pOZCfRYQryZbngNPziHaxY1adr2r9YI/xzi/qQ
CCuyYBWVtDDTLMjDJItypFYbOYtX1ZGqWZ8na12d4iMxuWZZsU9u/Rdj9rUrtZEK
RQ3Kz6Du3YTpuzYz578udoISPj64VldIPG7D0FwPmdoVJhY49PVwGgrvahhd0PxK
8PPMUKZbMd5FbQggolGpG6b3QuUdoO5H/jzmKe6pDTWe6BPnorjNoPQVCZRUW81+
3NyYyWkrIqVMGTFbDS5rL1Kiulqs7DMtqqnox0eh5DViLn88qAITUB1MIX2BGRR6
NJX3GZBGGj1dC2gM5rHS0wgZe/NK5dHwxYyGrz8CAwEAAaOCAj0wggI5MB0GA1Ud
DgQWBBSHo8VSZvaJnywB+iZ3LWP7ETUlATAfBgNVHSMEGDAWgBR0rrwVSlbIMCXL
2GQamsMVy1UcBjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RLNjhGVXBXeURBbHk5aGtHcHJERmN0VkhBWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTMvNmRlN2EwLTQwNzMtNDI3Mi1iZjQ0LTA3YTFkNjU1NDhiYS8x
L2g2UEZVbWIyaVo4c0Fmb21keTFqLXhFMUpRRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTMv
NmRlN2EwLTQwNzMtNDI3Mi1iZjQ0LTA3YTFkNjU1NDhiYS8xL2RLNjhGVXBXeURB
bHk5aGtHcHJERmN0VkhBWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBT
BggrBgEFBQcBBwEB/wREMEIwEgQCAAEwDAMEAC0PFQMEAcI1iDAsBAIAAjAmAwcA
Kg4dgAAGAwcBKg4dgAAIMBIDBwQqDh2AABADBwEqDh2AABQwDQYJKoZIhvcNAQEL
BQADggEBAAOM25JCPXP//hkXPB6raWYZnl3gBs7NfALfUXiVrbQhJKzYLogOiaOO
QqOXtusEyw5r51ssALQW/OzA+h0lPJLGsqfxLQHJU+4P3a0uUhdrKjrhf08cktRr
f6qto4EmzEOpsLtLDUpRZeClcQdNxpSGIDDp1vlLAYsZCTxBK8nZ6/zjDzuyxbDH
Dr533UNlgHUNW1up68Bmc6WhMwwZHSHO4RCzKbcEkAxJHDI1GCy8ZkCgnRf7A3se
AGhh7XiVIWSf6lSbN5hT5MdGZ8NFN/PDdGpBLtu8xI8f4oIgx0QpfoEbTT2zEGCA
6V+/8hckUq9d/1LSK7jhD9/O0OP4WMg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:58 2024 by rpki-client on console-fra.rpki-client.org