Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/649fdc-0d3a-41ec-a1ce-dce947e294b6/1/4zETSx-1yCrHyTE_wub6hdEzTbc.roa
File: 4zETSx-1yCrHyTE_wub6hdEzTbc.roa (raw, json)
Hash identifier: QvVnzzH8eDpVEaO4rcoTLBJNBj7v59AKmTsVLjfwjQQ=
Subject key identifier: E3:31:13:4B:1F:B5:C8:2A:C7:C9:31:3F:C2:E6:FA:85:D1:33:4D:B7
Certificate issuer: /CN=f4d08a1e1cbc909254e9e6b9c939fd85a268b1e1
Certificate serial: 04A52764
Authority key identifier: F4:D0:8A:1E:1C:BC:90:92:54:E9:E6:B9:C9:39:FD:85:A2:68:B1:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9NCKHhy8kJJU6ea5yTn9haJoseE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/649fdc-0d3a-41ec-a1ce-dce947e294b6/1/4zETSx-1yCrHyTE_wub6hdEzTbc.roa
Signing time: Wed 04 May 2022 12:21:11 +0000
ROA not before: Wed 04 May 2022 12:21:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 395092
IP address blocks: 217.195.152.0/22 maxlen: 22
213.108.246.0/23 maxlen: 23
45.95.16.0/23 maxlen: 23
45.146.220.0/22 maxlen: 22
213.139.204.0/22 maxlen: 22
193.160.8.0/24 maxlen: 24
45.155.36.0/22 maxlen: 22
2a0d:9ec0::/48 maxlen: 48
2a0d:d8c0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77932388 (0x4a52764)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4d08a1e1cbc909254e9e6b9c939fd85a268b1e1
Validity
Not Before: May 4 12:21:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e331134b1fb5c82ac7c9313fc2e6fa85d1334db7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:f6:2d:c2:05:b2:24:07:15:87:1a:82:0b:0e:
ae:c1:2c:56:34:7e:35:3e:6f:85:8e:a6:13:76:33:
ee:f0:22:62:a4:7a:26:56:0e:5f:cc:07:cf:58:25:
4b:81:01:f4:c6:e6:2a:0e:ad:33:18:83:94:5b:fb:
3b:8b:d3:d8:0e:c2:4a:2b:5c:b3:8b:8a:5e:89:10:
ff:62:69:83:1d:d6:d3:60:30:f0:74:da:fa:0c:0e:
46:da:ba:f4:3c:aa:13:85:35:9a:e9:65:49:be:04:
c3:f4:fd:5b:6b:93:40:4b:4b:29:9f:3e:60:3e:7b:
d6:68:04:4a:f4:e8:fa:e5:50:7b:c8:8e:77:fa:25:
74:d0:e5:09:ab:58:fe:8c:70:6c:fb:58:5a:72:89:
b9:12:05:b7:ff:1f:8c:de:99:c5:7e:9d:a0:d0:00:
c4:cc:04:f5:d3:40:5d:c5:af:df:35:e0:84:6e:9d:
02:39:e7:7f:c3:84:d2:38:bc:97:9a:34:6f:aa:73:
6b:a9:e9:18:93:b2:49:f2:f2:0b:ee:b6:ae:0a:85:
84:18:4e:91:af:d0:81:12:bf:df:a4:9e:e0:90:18:
71:12:e8:69:92:f4:3b:8a:ce:75:2d:b9:6c:44:b4:
8e:d5:21:09:f1:6c:f3:42:75:37:8c:4f:28:5b:49:
41:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:31:13:4B:1F:B5:C8:2A:C7:C9:31:3F:C2:E6:FA:85:D1:33:4D:B7
X509v3 Authority Key Identifier:
keyid:F4:D0:8A:1E:1C:BC:90:92:54:E9:E6:B9:C9:39:FD:85:A2:68:B1:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9NCKHhy8kJJU6ea5yTn9haJoseE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/649fdc-0d3a-41ec-a1ce-dce947e294b6/1/4zETSx-1yCrHyTE_wub6hdEzTbc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/649fdc-0d3a-41ec-a1ce-dce947e294b6/1/9NCKHhy8kJJU6ea5yTn9haJoseE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.16.0/23
45.146.220.0/22
45.155.36.0/22
193.160.8.0/24
213.108.246.0/23
213.139.204.0/22
217.195.152.0/22
IPv6:
2a0d:9ec0::/48
2a0d:d8c0::/48
Signature Algorithm: sha256WithRSAEncryption
68:bc:f5:9b:55:b0:6e:c1:93:03:f2:8d:f5:5c:08:c5:68:66:
7e:47:27:79:02:9d:e8:83:c9:93:58:74:4a:fc:1b:10:0d:26:
b5:bc:41:28:5b:01:ed:2b:1c:85:d6:6b:09:e6:c6:d2:0a:b4:
d9:c5:55:25:05:f3:3f:02:c8:9d:99:7a:c0:c5:6f:52:21:0a:
32:7e:89:71:d6:6f:35:fe:6e:b5:92:42:08:ae:86:ac:56:f1:
f8:5d:b7:7d:63:29:b9:76:6d:c9:ed:5b:82:b8:fd:af:a1:4c:
bb:d4:2c:b0:e5:1e:a8:58:0c:2c:2a:17:3b:fc:b2:da:00:eb:
18:a8:4b:db:24:18:bc:af:d8:a4:4e:80:67:55:2b:14:7d:22:
0b:bf:d1:66:5b:48:87:4f:1a:0a:ba:8c:7c:22:61:a5:9c:70:
a5:15:b4:ba:32:7c:da:17:98:c8:32:37:ce:dd:3b:80:aa:e9:
9e:40:d7:8f:87:a2:a1:96:54:fc:fe:08:09:9e:e5:2d:6f:f4:
38:a1:49:8e:ac:a8:60:66:79:e4:05:5e:e8:03:80:44:8f:77:
82:33:9f:e0:1b:33:9c:c6:1c:25:0d:f9:64:ab:d8:72:7f:69:
0b:c6:ba:1e:ca:89:18:f9:a8:a6:4e:06:ba:d0:80:16:ae:6d:
3e:47:ac:c9
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIEBKUnZDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
NGQwOGExZTFjYmM5MDkyNTRlOWU2YjljOTM5ZmQ4NWEyNjhiMWUxMB4XDTIyMDUw
NDEyMjExMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTMzMTEzNGIxZmI1
YzgyYWM3YzkzMTNmYzJlNmZhODVkMTMzNGRiNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMP2LcIFsiQHFYcaggsOrsEsVjR+NT5vhY6mE3Yz7vAiYqR6
JlYOX8wHz1glS4EB9MbmKg6tMxiDlFv7O4vT2A7CSitcs4uKXokQ/2Jpgx3W02Aw
8HTa+gwORtq69DyqE4U1mullSb4Ew/T9W2uTQEtLKZ8+YD571mgESvTo+uVQe8iO
d/oldNDlCatY/oxwbPtYWnKJuRIFt/8fjN6ZxX6doNAAxMwE9dNAXcWv3zXghG6d
Ajnnf8OE0ji8l5o0b6pza6npGJOySfLyC+62rgqFhBhOka/QgRK/36Se4JAYcRLo
aZL0O4rOdS25bES0jtUhCfFs80J1N4xPKFtJQY8CAwEAAaOCAkcwggJDMB0GA1Ud
DgQWBBTjMRNLH7XIKsfJMT/C5vqF0TNNtzAfBgNVHSMEGDAWgBT00IoeHLyQklTp
5rnJOf2Fomix4TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzlOQ0tIaHk4a0pKVTZlYTV5VG45aGFKb3NlRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTYvNjQ5ZmRjLTBkM2EtNDFlYy1hMWNlLWRjZTk0N2UyOTRiNi8x
LzR6RVRTeC0xeUNySHlURV93dWI2aGRFelRiYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTYv
NjQ5ZmRjLTBkM2EtNDFlYy1hMWNlLWRjZTk0N2UyOTRiNi8xLzlOQ0tIaHk4a0pK
VTZlYTV5VG45aGFKb3NlRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBd
BggrBgEFBQcBBwEB/wROMEwwMAQCAAEwKgMEAS1fEAMEAi2S3AMEAi2bJAMEAMGg
CAMEAdVs9gMEAtWLzAMEAtnDmDAYBAIAAjASAwcAKg2ewAAAAwcAKg3YwAAAMA0G
CSqGSIb3DQEBCwUAA4IBAQBovPWbVbBuwZMD8o31XAjFaGZ+Ryd5Ap3og8mTWHRK
/BsQDSa1vEEoWwHtKxyF1msJ5sbSCrTZxVUlBfM/AsidmXrAxW9SIQoyfolx1m81
/m61kkIIroasVvH4Xbd9Yym5dm3J7VuCuP2voUy71Cyw5R6oWAwsKhc7/LLaAOsY
qEvbJBi8r9ikToBnVSsUfSILv9FmW0iHTxoKuox8ImGlnHClFbS6MnzaF5jIMjfO
3TuAqumeQNePh6KhllT8/ggJnuUtb/Q4oUmOrKhgZnnkBV7oA4BEj3eCM5/gGzOc
xhwlDflkq9hyf2kLxroeyokY+aimTga60IAWrm0+R6zJ
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:32 2023 by rpki-client on console-fra.rpki-client.org