Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/649fdc-0d3a-41ec-a1ce-dce947e294b6/1/beAo6DivU86fCyulQTNjgT32z54.roa
File: beAo6DivU86fCyulQTNjgT32z54.roa (raw, json)
Hash identifier: KgzDme8jjDPdoYbEMstteqFdjhZH7WM52ipeCGL6V9M=
Subject key identifier: 6D:E0:28:E8:38:AF:53:CE:9F:0B:2B:A5:41:33:63:81:3D:F6:CF:9E
Certificate issuer: /CN=f4d08a1e1cbc909254e9e6b9c939fd85a268b1e1
Certificate serial: 0181DDC94297E21F6FCADE5E2E6E070B6457
Authority key identifier: F4:D0:8A:1E:1C:BC:90:92:54:E9:E6:B9:C9:39:FD:85:A2:68:B1:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9NCKHhy8kJJU6ea5yTn9haJoseE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/649fdc-0d3a-41ec-a1ce-dce947e294b6/1/beAo6DivU86fCyulQTNjgT32z54.roa
Signing time: Fri 08 Jul 2022 12:29:23 +0000
ROA not before: Fri 08 Jul 2022 12:29:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 395092
IP address blocks: 217.195.152.0/22 maxlen: 22
213.108.246.0/23 maxlen: 23
45.146.220.0/22 maxlen: 22
213.139.204.0/22 maxlen: 22
45.155.36.0/22 maxlen: 22
2a0d:9ec0::/48 maxlen: 48
2a0d:d8c0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:dd:c9:42:97:e2:1f:6f:ca:de:5e:2e:6e:07:0b:64:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4d08a1e1cbc909254e9e6b9c939fd85a268b1e1
Validity
Not Before: Jul 8 12:29:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6de028e838af53ce9f0b2ba5413363813df6cf9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:91:81:6d:5b:37:3c:a2:56:80:3e:4d:ea:fb:
2f:da:fb:f4:7e:58:7a:12:63:57:ab:86:9e:8c:73:
6f:b9:6f:d9:6c:16:f3:65:d3:f7:21:39:5e:eb:45:
90:ba:61:c0:6a:67:7c:2f:9d:cb:b0:9d:b7:6b:45:
c1:49:74:58:83:88:ea:57:d9:0c:17:62:39:ec:f9:
c4:20:09:6a:34:8c:cb:35:94:60:b5:a7:37:26:06:
44:06:9c:47:42:93:87:7d:f4:00:20:e0:ed:6c:41:
1b:e6:bf:46:93:49:66:76:26:0b:3e:2c:e0:e4:91:
65:88:91:ad:ac:7d:88:5a:0e:bf:eb:35:fd:af:8c:
29:a7:88:36:f9:41:7e:d1:f8:2a:4e:91:e6:b6:c4:
aa:68:32:a9:90:4c:39:c7:d2:2d:bd:55:f7:a3:2b:
66:6b:07:46:3b:69:cf:78:35:fa:85:16:54:cf:56:
a5:97:f4:81:75:1a:9b:23:46:14:42:43:c9:0d:29:
0f:ad:20:bb:85:e3:96:5c:7c:06:8c:23:5b:0c:3f:
9a:30:1a:82:f7:2c:87:8d:9b:40:c1:b5:07:48:84:
99:e7:05:bf:f9:85:9c:5f:8b:d4:9d:7a:fc:50:45:
cc:c7:29:30:2c:1a:9e:2b:0e:6f:e8:56:a9:8e:19:
3a:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:E0:28:E8:38:AF:53:CE:9F:0B:2B:A5:41:33:63:81:3D:F6:CF:9E
X509v3 Authority Key Identifier:
keyid:F4:D0:8A:1E:1C:BC:90:92:54:E9:E6:B9:C9:39:FD:85:A2:68:B1:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9NCKHhy8kJJU6ea5yTn9haJoseE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/649fdc-0d3a-41ec-a1ce-dce947e294b6/1/beAo6DivU86fCyulQTNjgT32z54.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/649fdc-0d3a-41ec-a1ce-dce947e294b6/1/9NCKHhy8kJJU6ea5yTn9haJoseE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.220.0/22
45.155.36.0/22
213.108.246.0/23
213.139.204.0/22
217.195.152.0/22
IPv6:
2a0d:9ec0::/48
2a0d:d8c0::/48
Signature Algorithm: sha256WithRSAEncryption
53:d6:93:82:c7:e4:8c:91:d5:e8:42:29:d3:93:00:3e:ac:b2:
3e:4d:53:dd:49:b1:78:2b:26:be:3d:58:8c:73:35:9e:8a:23:
f4:50:45:6f:f9:ab:77:ef:57:d3:36:df:62:35:b6:86:87:76:
cd:93:fc:40:f2:32:ed:9d:1b:b6:a7:3c:97:dc:55:85:6a:cc:
d9:e5:34:cf:ea:10:df:c6:7e:bc:5f:95:91:54:ac:f5:bd:1e:
22:bd:e8:93:d6:3b:3b:fc:b3:55:bd:b4:bd:bb:ba:27:e7:6e:
df:78:3e:8f:12:4c:6d:9b:6a:19:2e:25:f5:f7:d0:80:23:b0:
5d:2d:f6:d2:46:23:e0:8c:f9:10:d1:d2:07:71:e9:db:6c:ee:
33:4c:ae:09:0e:df:c0:99:83:59:24:03:f3:07:8a:be:cd:eb:
99:09:cd:70:3b:d9:20:4b:0c:25:32:5b:39:d3:d2:18:3b:18:
5b:35:84:fe:49:99:0e:0e:ee:7d:81:f6:70:ff:fc:8a:b9:5c:
5c:0c:e0:ad:ef:bd:4b:42:ea:0b:1c:32:a3:0b:31:d7:8c:6e:
75:5d:a1:f8:70:58:0d:16:a3:44:94:4b:39:9e:70:1c:41:56:
0e:a7:46:98:d8:ac:19:36:19:17:55:17:e5:44:04:51:a4:f4:
a1:db:06:d0
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYHdyUKX4h9vyt5eLm4HC2RXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0ZDA4YTFlMWNiYzkwOTI1NGU5ZTZiOWM5MzlmZDg1YTI2
OGIxZTEwHhcNMjIwNzA4MTIyOTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGUwMjhlODM4YWY1M2NlOWYwYjJiYTU0MTMzNjM4MTNkZjZjZjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnJGBbVs3PKJWgD5N6vsv2vv0flh6
EmNXq4aejHNvuW/ZbBbzZdP3ITle60WQumHAamd8L53LsJ23a0XBSXRYg4jqV9kM
F2I57PnEIAlqNIzLNZRgtac3JgZEBpxHQpOHffQAIODtbEEb5r9Gk0lmdiYLPizg
5JFliJGtrH2IWg6/6zX9r4wpp4g2+UF+0fgqTpHmtsSqaDKpkEw5x9ItvVX3oytm
awdGO2nPeDX6hRZUz1all/SBdRqbI0YUQkPJDSkPrSC7heOWXHwGjCNbDD+aMBqC
9yyHjZtAwbUHSISZ5wW/+YWcX4vUnXr8UEXMxykwLBqeKw5v6Fapjhk65QIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFG3gKOg4r1POnwsrpUEzY4E99s+eMB8GA1UdIwQY
MBaAFPTQih4cvJCSVOnmuck5/YWiaLHhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOU5DS0hoeThrSkpVNmVhNXlUbjloYUpvc2VFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NDlmZGMtMGQzYS00MWVjLWExY2Ut
ZGNlOTQ3ZTI5NGI2LzEvYmVBbzZEaXZVODZmQ3l1bFFUTmpnVDMyejU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NDlmZGMtMGQzYS00MWVjLWExY2UtZGNlOTQ3ZTI5NGI2
LzEvOU5DS0hoeThrSkpVNmVhNXlUbjloYUpvc2VFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDAkBAIAATAeAwQCLZLcAwQC
LZskAwQB1Wz2AwQC1YvMAwQC2cOYMBgEAgACMBIDBwAqDZ7AAAADBwAqDdjAAAAw
DQYJKoZIhvcNAQELBQADggEBAFPWk4LH5IyR1ehCKdOTAD6ssj5NU91JsXgrJr49
WIxzNZ6KI/RQRW/5q3fvV9M232I1toaHds2T/EDyMu2dG7anPJfcVYVqzNnlNM/q
EN/GfrxflZFUrPW9HiK96JPWOzv8s1W9tL27uifnbt94Po8STG2bahkuJfX30IAj
sF0t9tJGI+CM+RDR0gdx6dts7jNMrgkO38CZg1kkA/MHir7N65kJzXA72SBLDCUy
WznT0hg7GFs1hP5JmQ4O7n2B9nD//Iq5XFwM4K3vvUtC6gscMqMLMdeMbnVdofhw
WA0Wo0SUSzmecBxBVg6nRpjYrBk2GRdVF+VEBFGk9KHbBtA=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:32 2023 by rpki-client on console-fra.rpki-client.org