Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/Nr8npWxysqPQH6TUyn2BDHpSXio.roa
File: Nr8npWxysqPQH6TUyn2BDHpSXio.roa (raw, json)
Hash identifier: AbOoS0bGGpJz6t91/o1DLTLCM0FreuFga6TCMWFxMCM=
Subject key identifier: 36:BF:27:A5:6C:72:B2:A3:D0:1F:A4:D4:CA:7D:81:0C:7A:52:5E:2A
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 09511CC5
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/Nr8npWxysqPQH6TUyn2BDHpSXio.roa
Signing time: Sat 01 Jan 2022 06:00:41 +0000
ROA not before: Sat 01 Jan 2022 06:00:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 398127
IP address blocks: 45.133.74.0/24 maxlen: 24
45.133.73.0/24 maxlen: 24
45.86.155.0/24 maxlen: 24
45.86.154.0/24 maxlen: 24
45.81.251.0/24 maxlen: 24
45.81.250.0/24 maxlen: 24
45.81.248.0/24 maxlen: 24
152.89.255.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 156310725 (0x9511cc5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: Jan 1 06:00:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=36bf27a56c72b2a3d01fa4d4ca7d810c7a525e2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:76:6a:f4:a2:9c:8f:92:f0:c6:83:db:55:42:
ec:68:1f:72:42:d9:3c:99:c4:2e:17:3e:c5:38:3c:
27:46:30:6e:3b:7c:01:74:da:a3:7f:e5:35:76:b0:
0d:1c:2b:06:40:86:a6:c9:6d:3c:8c:c0:44:3c:96:
9b:02:88:f8:ec:b1:49:38:13:20:37:f2:56:3b:33:
de:11:a2:10:d5:9f:8a:6d:d6:02:51:1c:8e:f6:65:
7d:53:18:7e:00:01:69:2b:59:f1:17:40:55:97:97:
b7:ed:39:ea:20:fb:a7:8b:25:5c:9e:72:e5:78:ac:
7b:5d:5b:72:b8:98:85:48:6f:36:6c:c8:13:f5:09:
08:53:0a:b6:61:c7:58:01:b4:68:b2:01:47:cd:18:
c3:e3:2e:df:24:2b:fd:fa:b7:cc:a0:eb:b0:14:a1:
e5:a2:a9:22:cb:27:02:95:61:fa:2c:98:8e:f3:45:
a5:c9:b3:0a:4a:6a:dd:96:47:e3:b8:d5:cb:79:7f:
bc:6b:3b:2c:ab:0d:a7:ed:af:63:10:a8:69:ff:d4:
09:cd:ad:60:ce:9a:56:2a:60:fb:c9:c9:a9:c0:61:
b8:2a:16:e5:78:c7:8c:4d:78:8e:5a:06:3f:fd:e5:
1d:82:6c:59:65:cd:62:21:0f:4d:1b:12:c4:40:c4:
9e:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:BF:27:A5:6C:72:B2:A3:D0:1F:A4:D4:CA:7D:81:0C:7A:52:5E:2A
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/Nr8npWxysqPQH6TUyn2BDHpSXio.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.248.0/24
45.81.250.0/23
45.86.154.0/23
45.133.73.0-45.133.74.255
152.89.255.0/24
Signature Algorithm: sha256WithRSAEncryption
32:05:79:e6:4d:89:39:b8:40:83:9c:8a:9b:fb:3a:c8:f1:81:
4e:5b:6b:3e:45:3f:2a:9e:d6:28:0e:7c:58:48:58:41:f7:a1:
79:6e:bd:f4:e3:02:19:ea:1a:bb:9a:61:b4:5e:0b:ea:f5:ea:
5b:a5:f8:44:cb:e4:e2:58:97:75:98:2b:df:3d:fb:6b:ff:ef:
99:a4:13:9a:e2:d4:5e:05:46:95:0b:b7:05:59:52:f0:e0:32:
b9:a6:93:5a:e0:12:e1:b0:90:be:e0:0a:65:65:53:6f:8a:1a:
e8:1f:f9:4b:c7:90:f8:d0:c4:61:d9:59:fd:73:f2:49:96:b7:
4a:c2:bf:c5:e2:de:0a:41:fe:1f:9e:ad:31:63:c1:5a:90:39:
df:08:39:dd:00:7e:c5:3f:42:3d:03:8e:2d:7c:53:36:c8:01:
92:3b:46:bf:7a:66:35:63:19:a3:7a:de:c0:4f:5c:93:d1:08:
f8:32:79:41:4f:8f:91:72:98:da:b9:28:ab:c8:a9:75:cd:65:
af:15:13:98:75:3c:b2:65:0c:86:fc:05:92:2e:4f:3b:dd:57:
05:2d:80:e1:dd:95:37:83:9e:bc:ce:bf:b1:ae:18:31:80:19:
c3:59:b2:7f:e9:05:99:61:46:9d:55:40:c9:b1:d8:72:ee:08:
fd:bd:5e:24
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgIECVEcxTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
YjA0MTViZmM0M2IzOGU5Y2ZkMWExMjk5NTIwMmU4NzYzNzUyZmRlMB4XDTIyMDEw
MTA2MDA0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzZiZjI3YTU2Yzcy
YjJhM2QwMWZhNGQ0Y2E3ZDgxMGM3YTUyNWUyYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJR2avSinI+S8MaD21VC7GgfckLZPJnELhc+xTg8J0Ywbjt8
AXTao3/lNXawDRwrBkCGpsltPIzARDyWmwKI+OyxSTgTIDfyVjsz3hGiENWfim3W
AlEcjvZlfVMYfgABaStZ8RdAVZeXt+056iD7p4slXJ5y5Xise11bcriYhUhvNmzI
E/UJCFMKtmHHWAG0aLIBR80Yw+Mu3yQr/fq3zKDrsBSh5aKpIssnApVh+iyYjvNF
pcmzCkpq3ZZH47jVy3l/vGs7LKsNp+2vYxCoaf/UCc2tYM6aVipg+8nJqcBhuCoW
5XjHjE14jloGP/3lHYJsWWXNYiEPTRsSxEDEntsCAwEAAaOCAikwggIlMB0GA1Ud
DgQWBBQ2vyelbHKyo9AfpNTKfYEMelJeKjAfBgNVHSMEGDAWgBQbBBW/xDs46c/R
oSmVIC6HY3Uv3jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0d3UVZ2OFE3T09uUDBhRXBsU0F1aDJOMUw5NC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTYvMDk0MDgxLThhZWItNDJiZi1hNTc4LWEzY2EwZGI4MzI1NC8x
L05yOG5wV3h5c3FQUUg2VFV5bjJCREhwU1hpby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTYv
MDk0MDgxLThhZWItNDJiZi1hNTc4LWEzY2EwZGI4MzI1NC8xL0d3UVZ2OFE3T09u
UDBhRXBsU0F1aDJOMUw5NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA/
BggrBgEFBQcBBwEB/wQwMC4wLAQCAAEwJgMEAC1R+AMEAS1R+gMEAS1WmjAMAwQA
LYVJAwQALYVKAwQAmFn/MA0GCSqGSIb3DQEBCwUAA4IBAQAyBXnmTYk5uECDnIqb
+zrI8YFOW2s+RT8qntYoDnxYSFhB96F5br304wIZ6hq7mmG0Xgvq9epbpfhEy+Ti
WJd1mCvfPftr/++ZpBOa4tReBUaVC7cFWVLw4DK5ppNa4BLhsJC+4AplZVNvihro
H/lLx5D40MRh2Vn9c/JJlrdKwr/F4t4KQf4fnq0xY8FakDnfCDndAH7FP0I9A44t
fFM2yAGSO0a/emY1Yxmjet7AT1yT0Qj4MnlBT4+RcpjauSiryKl1zWWvFROYdTyy
ZQyG/AWSLk873VcFLYDh3ZU3g568zr+xrhgxgBnDWbJ/6QWZYUadVUDJsdhy7gj9
vV4k
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:13 2024 by rpki-client on console-ams.rpki-client.org