Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/xvEdfKeE9hkG37DgwiBgTAf7lQE.roa
File: xvEdfKeE9hkG37DgwiBgTAf7lQE.roa (raw, json)
Hash identifier: n/6e2AOhrM2GVRuJEv1Bf1yCcVJ6GLJVuEwgbuYEODo=
Subject key identifier: C6:F1:1D:7C:A7:84:F6:19:06:DF:B0:E0:C2:20:60:4C:07:FB:95:01
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 0AA98443
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/xvEdfKeE9hkG37DgwiBgTAf7lQE.roa
Signing time: Tue 10 May 2022 13:20:02 +0000
ROA not before: Tue 10 May 2022 13:20:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44486
IP address blocks: 45.145.227.0/24 maxlen: 24
5.180.252.0/23 maxlen: 23
5.180.254.0/23 maxlen: 23
185.132.55.0/24 maxlen: 24
185.132.54.0/24 maxlen: 24
45.137.71.0/24 maxlen: 24
45.131.109.0/24 maxlen: 24
5.253.245.0/24 maxlen: 24
5.253.244.0/24 maxlen: 24
45.145.224.0/23 maxlen: 23
45.91.251.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 178881603 (0xaa98443)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: May 10 13:20:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c6f11d7ca784f61906dfb0e0c220604c07fb9501
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:6e:48:b2:b3:2c:5c:23:e4:83:5f:1c:23:cf:
7d:22:92:bb:ec:ce:a3:19:61:bb:c1:f3:60:cc:08:
bb:1d:f9:76:4a:cb:10:48:17:9a:9c:e9:d7:53:00:
78:62:9c:3c:2c:28:83:a8:dc:db:b3:8d:1e:63:80:
11:49:f9:07:bb:03:1d:1c:af:2c:b2:9b:68:ed:ba:
19:e3:db:30:bf:cd:8e:11:c7:42:a8:18:5e:e5:ac:
88:29:e9:74:72:a9:bd:61:21:c1:01:31:bf:ba:31:
cc:4d:cb:b9:ac:3c:88:4f:14:c4:f7:3f:93:90:42:
cb:17:33:76:74:f0:94:bb:2f:53:7a:0f:f5:ef:b3:
bf:99:f9:52:75:eb:4a:e7:88:72:01:13:e8:27:46:
d1:b6:41:39:4e:4e:f1:43:ed:7e:6b:34:02:1e:26:
6c:da:c1:e6:a9:66:a0:9a:74:60:8e:5b:3d:1d:b7:
3d:5f:a4:01:00:7e:16:9b:f9:0d:ad:6d:f0:32:12:
5b:18:a5:74:f6:b4:34:6b:e0:1f:39:0f:ee:25:24:
11:84:0f:ca:14:a8:f4:21:2d:a4:7c:96:57:4b:fb:
a4:4b:e6:1b:8c:92:1f:3b:de:a3:87:2b:1e:07:23:
5c:5c:0f:96:3a:67:fb:7f:e2:14:6a:99:6d:2f:c1:
da:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:F1:1D:7C:A7:84:F6:19:06:DF:B0:E0:C2:20:60:4C:07:FB:95:01
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/xvEdfKeE9hkG37DgwiBgTAf7lQE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.252.0/22
5.253.244.0/23
45.91.251.0/24
45.131.109.0/24
45.137.71.0/24
45.145.224.0/23
45.145.227.0/24
185.132.54.0/23
Signature Algorithm: sha256WithRSAEncryption
20:21:ca:69:e1:2c:f5:42:b9:ba:fb:cd:bd:a4:4d:96:16:52:
25:0b:e8:64:2a:59:2e:05:d2:ef:eb:91:67:ca:73:06:ea:db:
17:71:d9:47:99:c6:1c:dc:a5:68:dc:d0:15:8f:fd:5f:89:3d:
8c:c4:da:6c:37:e3:b5:2a:19:fe:c9:ab:26:0b:a0:33:73:b2:
9b:a4:06:0d:20:86:1a:a0:27:46:a0:ed:35:99:f2:8a:b0:3b:
70:4e:8c:d9:f5:1e:05:b4:73:6b:fb:d1:df:b3:5b:ae:da:6f:
89:38:e0:ce:d1:f8:db:8b:92:8c:8a:6f:0d:49:e8:6e:c7:e5:
fd:17:3c:6b:89:55:88:5c:06:d7:54:30:07:a8:25:31:41:8b:
86:4b:65:32:06:dc:61:0d:bb:fe:5e:24:e5:c5:ab:53:b8:8d:
af:8f:95:69:82:20:32:1d:c3:f8:45:2a:47:74:77:7e:ae:7a:
7b:5d:90:4c:44:8b:ec:81:61:ea:72:a8:92:e2:5b:11:00:85:
6f:6e:00:f0:e4:e8:52:ee:ab:3e:9d:ef:9a:5f:07:52:2b:48:
44:5a:5a:b0:3c:c1:3e:b0:aa:88:04:e4:a7:34:6d:a7:07:ff:
94:da:f5:1f:3a:39:96:63:08:5c:70:51:8e:00:33:7e:11:9c:
78:99:3d:dc
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgIECqmEQzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
YjA0MTViZmM0M2IzOGU5Y2ZkMWExMjk5NTIwMmU4NzYzNzUyZmRlMB4XDTIyMDUx
MDEzMjAwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzZmMTFkN2NhNzg0
ZjYxOTA2ZGZiMGUwYzIyMDYwNGMwN2ZiOTUwMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKJuSLKzLFwj5INfHCPPfSKSu+zOoxlhu8HzYMwIux35dkrL
EEgXmpzp11MAeGKcPCwog6jc27ONHmOAEUn5B7sDHRyvLLKbaO26GePbML/NjhHH
QqgYXuWsiCnpdHKpvWEhwQExv7oxzE3Luaw8iE8UxPc/k5BCyxczdnTwlLsvU3oP
9e+zv5n5UnXrSueIcgET6CdG0bZBOU5O8UPtfms0Ah4mbNrB5qlmoJp0YI5bPR23
PV+kAQB+Fpv5Da1t8DISWxildPa0NGvgHzkP7iUkEYQPyhSo9CEtpHyWV0v7pEvm
G4ySHzveo4crHgcjXFwPljpn+3/iFGqZbS/B2vMCAwEAAaOCAjMwggIvMB0GA1Ud
DgQWBBTG8R18p4T2GQbfsODCIGBMB/uVATAfBgNVHSMEGDAWgBQbBBW/xDs46c/R
oSmVIC6HY3Uv3jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0d3UVZ2OFE3T09uUDBhRXBsU0F1aDJOMUw5NC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTYvMDk0MDgxLThhZWItNDJiZi1hNTc4LWEzY2EwZGI4MzI1NC8x
L3h2RWRmS2VFOWhrRzM3RGd3aUJnVEFmN2xRRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTYv
MDk0MDgxLThhZWItNDJiZi1hNTc4LWEzY2EwZGI4MzI1NC8xL0d3UVZ2OFE3T09u
UDBhRXBsU0F1aDJOMUw5NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBJ
BggrBgEFBQcBBwEB/wQ6MDgwNgQCAAEwMAMEAgW0/AMEAQX99AMEAC1b+wMEAC2D
bQMEAC2JRwMEAS2R4AMEAC2R4wMEAbmENjANBgkqhkiG9w0BAQsFAAOCAQEAICHK
aeEs9UK5uvvNvaRNlhZSJQvoZCpZLgXS7+uRZ8pzBurbF3HZR5nGHNylaNzQFY/9
X4k9jMTabDfjtSoZ/smrJgugM3Oym6QGDSCGGqAnRqDtNZnyirA7cE6M2fUeBbRz
a/vR37NbrtpviTjgztH424uSjIpvDUnobsfl/Rc8a4lViFwG11QwB6glMUGLhktl
MgbcYQ27/l4k5cWrU7iNr4+VaYIgMh3D+EUqR3R3fq56e12QTESL7IFh6nKokuJb
EQCFb24A8OToUu6rPp3vml8HUitIRFpasDzBPrCqiATkpzRtpwf/lNr1Hzo5lmMI
XHBRjgAzfhGceJk93A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:28 2024 by rpki-client on console-fra.rpki-client.org