Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/9Id8QkvfqZtg8qaPeoHP29mLNBk.roa
File: 9Id8QkvfqZtg8qaPeoHP29mLNBk.roa (raw, json)
Hash identifier: QPOYqVoaLWkTkBrC2Ek7OmS8nfJtf4IZFt8jANJHspc=
Subject key identifier: F4:87:7C:42:4B:DF:A9:9B:60:F2:A6:8F:7A:81:CF:DB:D9:8B:34:19
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 0181E88FBEACDAC2E56160B34C7B391B4725
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/9Id8QkvfqZtg8qaPeoHP29mLNBk.roa
Signing time: Sun 10 Jul 2022 14:42:23 +0000
ROA not before: Sun 10 Jul 2022 14:42:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213250
IP address blocks: 45.89.124.0/23 maxlen: 23
45.89.126.0/23 maxlen: 23
45.13.224.0/23 maxlen: 23
5.182.206.0/23 maxlen: 23
5.182.204.0/23 maxlen: 23
45.131.66.0/23 maxlen: 23
194.15.36.0/24 maxlen: 24
2.56.245.0/24 maxlen: 24
5.252.103.0/24 maxlen: 24
5.252.100.0/22 maxlen: 22
5.252.100.0/24 maxlen: 24
5.252.101.0/24 maxlen: 24
5.252.102.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:e8:8f:be:ac:da:c2:e5:61:60:b3:4c:7b:39:1b:47:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: Jul 10 14:42:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f4877c424bdfa99b60f2a68f7a81cfdbd98b3419
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:8b:7a:75:5c:f1:9b:34:8c:01:a4:c8:17:a3:
7d:62:0d:3b:9e:c9:62:94:dd:1c:a6:52:6a:36:51:
93:35:b6:1d:12:8f:75:b0:94:73:2c:85:df:3c:41:
3a:2a:31:07:7a:43:12:a5:54:6f:a6:8a:83:cb:55:
69:8f:79:40:48:e9:82:c3:cf:e4:68:0d:da:db:3d:
81:6f:2d:96:63:69:31:cf:b2:de:fe:38:1b:7e:f2:
d2:e0:75:1d:08:7a:1b:69:6a:0e:1d:95:37:0c:db:
a2:00:32:fb:62:94:94:9b:ae:33:31:c4:a5:39:0c:
93:ff:7a:af:20:05:c0:13:f4:3c:1d:6d:bc:e7:5b:
66:e5:57:12:dc:95:b4:ff:57:11:f3:42:dc:d4:86:
09:43:84:50:df:7c:71:9e:f6:90:8a:07:a5:7d:79:
4f:0b:d9:f5:63:6d:20:c0:ae:cb:2b:ef:6f:6d:c8:
a9:b3:49:e7:70:02:4d:4b:78:57:20:78:4e:44:d5:
50:f6:cd:f4:ef:45:d6:b8:f0:6c:fc:e1:4a:67:35:
6e:28:81:cf:0e:50:e0:f8:0d:89:95:0b:a8:ff:69:
10:4c:e5:8a:95:ac:42:a3:19:bd:9f:7e:6e:8b:a5:
5a:94:43:d4:82:09:6b:52:95:2d:84:a3:88:6c:b0:
8a:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:87:7C:42:4B:DF:A9:9B:60:F2:A6:8F:7A:81:CF:DB:D9:8B:34:19
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/9Id8QkvfqZtg8qaPeoHP29mLNBk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.245.0/24
5.182.204.0/22
5.252.100.0/22
45.13.224.0/23
45.89.124.0/22
45.131.66.0/23
194.15.36.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:ae:29:67:4d:30:ae:37:35:09:8a:71:33:e2:af:40:b9:6b:
24:ad:8b:9c:7c:98:5a:cf:d1:0b:de:28:35:1f:11:45:ad:b3:
e2:1f:a9:ea:40:97:52:ed:16:e9:56:76:6b:55:3a:2d:65:20:
25:2e:11:24:2b:23:db:3f:02:ba:8d:8e:14:16:8b:c1:f3:59:
15:b7:07:8d:54:f4:8a:bd:7c:b7:68:9f:ff:06:ea:9c:6d:1e:
f2:67:3a:a9:4f:f5:ba:36:05:a9:a1:79:ec:99:30:8d:12:5d:
48:98:e5:16:df:1a:52:55:d9:8a:1a:13:32:0b:44:dd:76:1b:
b6:95:17:c7:91:8d:a9:21:40:59:37:f5:e9:94:34:7f:b3:f1:
f1:3b:33:45:8a:92:b8:63:63:33:04:2c:ed:65:06:75:43:15:
1f:e2:06:c9:b9:58:11:0d:15:a5:c1:0a:88:e1:1c:79:5c:71:
87:44:ef:34:85:56:13:a1:dd:1b:37:69:9e:ea:03:c1:de:05:
2c:7d:66:11:3e:4b:df:2f:37:ec:ff:09:a3:a4:a9:84:34:72:
2b:d8:ae:4d:b0:a8:66:63:52:6f:02:09:43:ea:99:f0:db:9c:
51:dc:4a:56:8b:44:07:16:4d:7b:50:b2:cc:ab:3d:60:39:c3:
8c:a3:9a:05
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYHoj76s2sLlYWCzTHs5G0clMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjIwNzEwMTQ0MjIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDg3N2M0MjRiZGZhOTliNjBmMmE2OGY3YTgxY2ZkYmQ5OGIzNDE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl4t6dVzxmzSMAaTIF6N9Yg07nsli
lN0cplJqNlGTNbYdEo91sJRzLIXfPEE6KjEHekMSpVRvpoqDy1Vpj3lASOmCw8/k
aA3a2z2Bby2WY2kxz7Le/jgbfvLS4HUdCHobaWoOHZU3DNuiADL7YpSUm64zMcSl
OQyT/3qvIAXAE/Q8HW2851tm5VcS3JW0/1cR80Lc1IYJQ4RQ33xxnvaQigelfXlP
C9n1Y20gwK7LK+9vbcips0nncAJNS3hXIHhORNVQ9s3070XWuPBs/OFKZzVuKIHP
DlDg+A2JlQuo/2kQTOWKlaxCoxm9n35ui6ValEPUgglrUpUthKOIbLCKawIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFPSHfEJL36mbYPKmj3qBz9vZizQZMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvOUlkOFFrdmZxWnRnOHFhUGVvSFAyOW1MTkJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAAjj1AwQC
BbbMAwQCBfxkAwQBLQ3gAwQCLVl8AwQBLYNCAwQAwg8kMA0GCSqGSIb3DQEBCwUA
A4IBAQAPrilnTTCuNzUJinEz4q9AuWskrYucfJhaz9EL3ig1HxFFrbPiH6nqQJdS
7RbpVnZrVTotZSAlLhEkKyPbPwK6jY4UFovB81kVtweNVPSKvXy3aJ//BuqcbR7y
ZzqpT/W6NgWpoXnsmTCNEl1ImOUW3xpSVdmKGhMyC0Tddhu2lRfHkY2pIUBZN/Xp
lDR/s/HxOzNFipK4Y2MzBCztZQZ1QxUf4gbJuVgRDRWlwQqI4Rx5XHGHRO80hVYT
od0bN2me6gPB3gUsfWYRPkvfLzfs/wmjpKmENHIr2K5NsKhmY1JvAglD6pnw25xR
3EpWi0QHFk17ULLMqz1gOcOMo5oF
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:27 2024 by rpki-client on console-fra.rpki-client.org