Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/649fdc-0d3a-41ec-a1ce-dce947e294b6/1/1-4W0PvypH-IqguxUujYnR8dPaf4.roa
File: 1-4W0PvypH-IqguxUujYnR8dPaf4.roa (raw, json)
Hash identifier: B91+2MAmuQaLJ2AV6hg9mFBrXqVuIwbStoEyUQ0onZY=
Subject key identifier: FB:85:B4:3E:FC:A9:1F:E2:2A:82:EC:54:BA:36:27:47:C7:4F:69:FE
Certificate issuer: /CN=f4d08a1e1cbc909254e9e6b9c939fd85a268b1e1
Certificate serial: 03A2A259
Authority key identifier: F4:D0:8A:1E:1C:BC:90:92:54:E9:E6:B9:C9:39:FD:85:A2:68:B1:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9NCKHhy8kJJU6ea5yTn9haJoseE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/649fdc-0d3a-41ec-a1ce-dce947e294b6/1/1-4W0PvypH-IqguxUujYnR8dPaf4.roa
Signing time: Mon 10 Jan 2022 08:47:53 +0000
ROA not before: Mon 10 Jan 2022 08:47:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 395092
IP address blocks: 217.195.152.0/22 maxlen: 22
213.108.246.0/23 maxlen: 23
45.95.16.0/23 maxlen: 23
45.146.220.0/22 maxlen: 22
213.139.204.0/22 maxlen: 22
193.160.8.0/24 maxlen: 24
45.155.36.0/22 maxlen: 22
2a0d:9ec0::/48 maxlen: 48
2a0d:d8c0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60990041 (0x3a2a259)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4d08a1e1cbc909254e9e6b9c939fd85a268b1e1
Validity
Not Before: Jan 10 08:47:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fb85b43efca91fe22a82ec54ba362747c74f69fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:9c:12:20:c3:1e:61:9f:80:52:b1:7d:f4:8b:
87:fe:d8:ea:3c:31:fd:e1:7b:00:6a:78:50:72:e6:
3b:38:80:30:61:a6:c8:46:3a:23:41:68:48:dc:7e:
c7:57:81:5d:ef:0c:b1:9b:7a:d9:5b:42:91:0d:dc:
f0:ec:83:9a:9e:a2:25:6e:40:64:07:dd:cd:e3:b9:
34:3d:89:fd:ac:c6:73:aa:58:da:e2:41:2d:8a:54:
93:0e:13:36:16:62:72:81:94:46:8d:30:60:3b:95:
d1:f9:45:f7:22:a3:52:30:a1:62:aa:5a:ea:b9:91:
45:c9:f6:f7:3c:ac:1b:f4:0a:8d:f1:19:80:45:c9:
a8:8f:6b:b1:a8:55:a0:04:ae:ca:22:c6:d9:5f:7c:
24:0d:c4:bb:66:9e:78:e0:5f:71:96:d7:6c:53:5c:
8d:af:9f:4a:ff:1a:42:eb:95:7f:c8:7c:9a:c4:1e:
9c:33:88:5b:e0:ca:d7:cb:54:91:d9:2e:3a:be:fb:
a7:eb:01:96:dc:9f:25:9f:a8:e1:94:24:0b:91:e3:
24:48:ae:13:e0:1b:63:31:23:9b:7e:1e:55:b1:d0:
7d:11:7b:6c:74:c8:27:da:65:5a:8a:c4:da:50:32:
06:0a:20:c6:d4:45:af:57:93:de:18:aa:bb:13:7c:
8c:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:85:B4:3E:FC:A9:1F:E2:2A:82:EC:54:BA:36:27:47:C7:4F:69:FE
X509v3 Authority Key Identifier:
keyid:F4:D0:8A:1E:1C:BC:90:92:54:E9:E6:B9:C9:39:FD:85:A2:68:B1:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9NCKHhy8kJJU6ea5yTn9haJoseE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/649fdc-0d3a-41ec-a1ce-dce947e294b6/1/1-4W0PvypH-IqguxUujYnR8dPaf4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/649fdc-0d3a-41ec-a1ce-dce947e294b6/1/9NCKHhy8kJJU6ea5yTn9haJoseE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.16.0/23
45.146.220.0/22
45.155.36.0/22
193.160.8.0/24
213.108.246.0/23
213.139.204.0/22
217.195.152.0/22
IPv6:
2a0d:9ec0::/48
2a0d:d8c0::/48
Signature Algorithm: sha256WithRSAEncryption
a0:16:4b:53:b6:9b:dc:d4:3e:e5:2e:70:45:45:c8:75:ad:83:
49:a2:48:a0:9e:1f:b8:a3:66:2a:e0:e1:46:90:30:b0:72:c6:
70:1e:be:03:92:90:08:d7:12:a2:b6:13:ab:d9:34:c9:ac:36:
53:a9:bd:f1:76:e8:c0:b7:c5:8b:fd:cc:21:6d:71:cb:15:c7:
10:09:e1:87:60:df:57:fe:cd:32:ef:f7:5d:6c:31:cf:1c:24:
90:c3:e4:67:ef:33:65:4b:cc:48:4f:26:eb:44:5f:22:95:bd:
eb:8b:1e:ca:c2:c6:43:14:7c:21:00:29:8c:ad:f4:f0:76:2d:
21:a6:ab:ce:d1:8b:1d:c8:dc:8e:42:05:d9:4a:6d:dc:da:b3:
07:5a:e7:1a:6b:0a:d1:07:0b:3d:be:e1:5e:8d:7e:f3:cb:94:
30:75:02:b5:d4:00:cf:8a:c9:f1:29:34:a4:26:c7:80:99:08:
3d:93:2b:03:a2:c6:d6:33:d4:d7:32:b2:06:68:e3:f7:90:1d:
ca:32:9a:d1:d7:13:f3:20:2e:34:f4:94:3d:7f:e5:57:5f:ac:
81:f2:b7:8f:94:6f:91:7b:b0:fe:1b:fc:01:04:73:6d:63:4a:
36:f5:78:21:b3:71:a8:2f:50:6a:fa:79:67:29:b8:69:8b:88:
c8:94:1d:98
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgIEA6KiWTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
NGQwOGExZTFjYmM5MDkyNTRlOWU2YjljOTM5ZmQ4NWEyNjhiMWUxMB4XDTIyMDEx
MDA4NDc1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmI4NWI0M2VmY2E5
MWZlMjJhODJlYzU0YmEzNjI3NDdjNzRmNjlmZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK6cEiDDHmGfgFKxffSLh/7Y6jwx/eF7AGp4UHLmOziAMGGm
yEY6I0FoSNx+x1eBXe8MsZt62VtCkQ3c8OyDmp6iJW5AZAfdzeO5ND2J/azGc6pY
2uJBLYpUkw4TNhZicoGURo0wYDuV0flF9yKjUjChYqpa6rmRRcn29zysG/QKjfEZ
gEXJqI9rsahVoASuyiLG2V98JA3Eu2aeeOBfcZbXbFNcja+fSv8aQuuVf8h8msQe
nDOIW+DK18tUkdkuOr77p+sBltyfJZ+o4ZQkC5HjJEiuE+AbYzEjm34eVbHQfRF7
bHTIJ9plWorE2lAyBgogxtRFr1eT3hiquxN8jGsCAwEAAaOCAkgwggJEMB0GA1Ud
DgQWBBT7hbQ+/Kkf4iqC7FS6NidHx09p/jAfBgNVHSMEGDAWgBT00IoeHLyQklTp
5rnJOf2Fomix4TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzlOQ0tIaHk4a0pKVTZlYTV5VG45aGFKb3NlRS5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTYvNjQ5ZmRjLTBkM2EtNDFlYy1hMWNlLWRjZTk0N2UyOTRiNi8x
LzEtNFcwUHZ5cEgtSXFndXhVdWpZblI4ZFBhZjQucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzE2
LzY0OWZkYy0wZDNhLTQxZWMtYTFjZS1kY2U5NDdlMjk0YjYvMS85TkNLSGh5OGtK
SlU2ZWE1eVRuOWhhSm9zZUUuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
XQYIKwYBBQUHAQcBAf8ETjBMMDAEAgABMCoDBAEtXxADBAItktwDBAItmyQDBADB
oAgDBAHVbPYDBALVi8wDBALZw5gwGAQCAAIwEgMHACoNnsAAAAMHACoN2MAAADAN
BgkqhkiG9w0BAQsFAAOCAQEAoBZLU7ab3NQ+5S5wRUXIda2DSaJIoJ4fuKNmKuDh
RpAwsHLGcB6+A5KQCNcSorYTq9k0yaw2U6m98XbowLfFi/3MIW1xyxXHEAnhh2Df
V/7NMu/3XWwxzxwkkMPkZ+8zZUvMSE8m60RfIpW964seysLGQxR8IQApjK308HYt
IaarztGLHcjcjkIF2Upt3NqzB1rnGmsK0QcLPb7hXo1+88uUMHUCtdQAz4rJ8Sk0
pCbHgJkIPZMrA6LG1jPU1zKyBmjj95AdyjKa0dcT8yAuNPSUPX/lV1+sgfK3j5Rv
kXuw/hv8AQRzbWNKNvV4IbNxqC9Qavp5Zym4aYuIyJQdmA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:30 2024 by rpki-client on console-fra.rpki-client.org