Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/G4mZyt9J7BJGIcpuSbTiB2LO8Uk.roa
File: G4mZyt9J7BJGIcpuSbTiB2LO8Uk.roa (raw, json)
Hash identifier: iqu3M5taIGPIy+GVCtnYAXDhPPE+o+10SjTh91VF/Sw=
Subject key identifier: 1B:89:99:CA:DF:49:EC:12:46:21:CA:6E:49:B4:E2:07:62:CE:F1:49
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 01852F4B0E867CC86B82CEBD55FF854BD783
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/G4mZyt9J7BJGIcpuSbTiB2LO8Uk.roa
Signing time: Tue 20 Dec 2022 11:28:46 +0000
ROA not before: Tue 20 Dec 2022 11:28:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213250
IP address blocks: 45.89.124.0/23 maxlen: 23
45.89.126.0/23 maxlen: 23
212.87.212.0/23 maxlen: 23
45.133.74.0/24 maxlen: 24
45.13.224.0/23 maxlen: 23
5.182.206.0/23 maxlen: 23
5.182.204.0/23 maxlen: 23
45.11.229.0/24 maxlen: 24
45.131.64.0/24 maxlen: 24
45.131.66.0/23 maxlen: 23
37.221.93.0/24 maxlen: 24
194.15.36.0/24 maxlen: 24
2.56.245.0/24 maxlen: 24
5.252.103.0/24 maxlen: 24
5.252.100.0/22 maxlen: 22
5.252.100.0/24 maxlen: 24
5.252.101.0/24 maxlen: 24
5.252.102.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:2f:4b:0e:86:7c:c8:6b:82:ce:bd:55:ff:85:4b:d7:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: Dec 20 11:28:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1b8999cadf49ec124621ca6e49b4e20762cef149
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:09:dc:8e:29:ff:13:e4:8a:24:ce:68:e5:c3:
68:eb:1b:75:5e:f2:96:75:42:d5:f6:ec:bc:78:e1:
41:c1:b1:e8:6e:23:22:88:75:7f:8c:c6:65:f1:d3:
68:99:3d:39:a7:3c:31:a0:5a:ed:16:81:82:10:bd:
4f:3a:e8:92:1b:a9:7b:eb:b6:77:02:c3:de:b0:92:
14:ae:c1:ee:22:3d:15:80:78:3c:e8:52:b5:4a:4c:
fd:24:4d:98:25:bc:c2:80:de:36:66:52:44:42:2b:
c6:72:37:69:3d:cf:c2:96:da:74:4c:56:78:c0:4f:
8c:43:05:42:70:13:35:d5:74:46:60:d4:86:bc:83:
70:eb:a9:79:17:85:9b:71:ac:c2:f0:46:c3:51:90:
f9:e5:02:88:fa:6c:bb:e6:20:5b:d5:a8:46:61:41:
e4:dc:eb:55:d5:1a:0d:18:47:94:cd:92:7e:1c:46:
21:6f:a7:8a:e7:7d:bd:08:ee:6b:b1:9b:70:52:4b:
fb:19:be:8e:45:c5:a3:0b:d0:05:54:07:52:13:c7:
c5:c9:ec:36:62:f5:c9:54:b4:3e:be:95:d4:0c:b0:
25:c4:8c:16:8f:e4:a0:3f:36:0d:71:19:be:a8:20:
66:d2:92:cc:6c:a2:03:01:2c:e3:4c:d2:07:a0:23:
83:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:89:99:CA:DF:49:EC:12:46:21:CA:6E:49:B4:E2:07:62:CE:F1:49
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/G4mZyt9J7BJGIcpuSbTiB2LO8Uk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.245.0/24
5.182.204.0/22
5.252.100.0/22
37.221.93.0/24
45.11.229.0/24
45.13.224.0/23
45.89.124.0/22
45.131.64.0/24
45.131.66.0/23
45.133.74.0/24
194.15.36.0/24
212.87.212.0/23
Signature Algorithm: sha256WithRSAEncryption
66:68:30:bd:c1:df:fb:5b:ac:e1:d7:9f:c5:e9:b0:21:4b:27:
13:3f:64:a9:b3:df:ba:49:23:35:3b:ac:39:bf:d8:43:22:5a:
ba:b6:d7:ab:cb:f0:10:15:e3:1d:19:d6:3a:15:a2:5d:d5:91:
88:78:39:d3:bc:7f:9f:96:cd:c1:83:21:e8:59:93:31:de:10:
c8:73:cf:95:91:b3:7e:44:dd:08:39:6b:ab:bb:70:63:be:db:
2f:82:66:f5:d0:f6:9d:60:6e:17:de:03:81:e3:e1:5d:e2:90:
51:0b:a7:c5:9d:63:d8:6f:ab:3c:fa:39:49:3c:34:1b:8b:eb:
d4:a5:ee:dd:15:9f:20:28:35:9c:15:17:07:83:b1:5e:f9:c5:
e7:76:c9:91:35:fe:75:ed:17:4d:35:a9:5c:44:a0:e2:a2:c5:
a4:eb:44:16:69:80:01:1e:de:1c:a2:d2:4e:52:ae:ef:36:4d:
a9:68:0d:85:29:1a:8e:af:d4:83:2a:c9:8b:1c:2f:96:bc:61:
b5:81:3d:85:08:3a:1d:79:82:56:93:17:66:be:06:a5:37:21:
1b:45:7e:ed:1b:81:63:21:61:3e:13:b9:e3:89:17:56:c1:55:
6f:55:b1:43:71:5a:9e:b5:65:d7:36:38:96:e1:ad:0d:94:1a:
86:dc:d3:0f
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYUvSw6GfMhrgs69Vf+FS9eDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjIxMjIwMTEyODQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjg5OTljYWRmNDllYzEyNDYyMWNhNmU0OWI0ZTIwNzYyY2VmMTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAogncjin/E+SKJM5o5cNo6xt1XvKW
dULV9uy8eOFBwbHobiMiiHV/jMZl8dNomT05pzwxoFrtFoGCEL1POuiSG6l767Z3
AsPesJIUrsHuIj0VgHg86FK1Skz9JE2YJbzCgN42ZlJEQivGcjdpPc/Cltp0TFZ4
wE+MQwVCcBM11XRGYNSGvINw66l5F4WbcazC8EbDUZD55QKI+my75iBb1ahGYUHk
3OtV1RoNGEeUzZJ+HEYhb6eK5329CO5rsZtwUkv7Gb6ORcWjC9AFVAdSE8fFyew2
YvXJVLQ+vpXUDLAlxIwWj+SgPzYNcRm+qCBm0pLMbKIDASzjTNIHoCODDQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFBuJmcrfSewSRiHKbkm04gdizvFJMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvRzRtWnl0OUo3QkpHSWNwdVNiVGlCMkxPOFVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQAAjj1AwQC
BbbMAwQCBfxkAwQAJd1dAwQALQvlAwQBLQ3gAwQCLVl8AwQALYNAAwQBLYNCAwQA
LYVKAwQAwg8kAwQB1FfUMA0GCSqGSIb3DQEBCwUAA4IBAQBmaDC9wd/7W6zh15/F
6bAhSycTP2Sps9+6SSM1O6w5v9hDIlq6ttery/AQFeMdGdY6FaJd1ZGIeDnTvH+f
ls3BgyHoWZMx3hDIc8+VkbN+RN0IOWuru3Bjvtsvgmb10PadYG4X3gOB4+Fd4pBR
C6fFnWPYb6s8+jlJPDQbi+vUpe7dFZ8gKDWcFRcHg7Fe+cXndsmRNf517RdNNalc
RKDiosWk60QWaYABHt4cotJOUq7vNk2paA2FKRqOr9SDKsmLHC+WvGG1gT2FCDod
eYJWkxdmvgalNyEbRX7tG4FjIWE+E7njiRdWwVVvVbFDcVqetWXXNjiW4a0NlBqG
3NMP
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:28 2024 by rpki-client on console-fra.rpki-client.org