Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/07Hlj8und699JoMnWq5gNNfAuOM.roa
File: 07Hlj8und699JoMnWq5gNNfAuOM.roa (raw, json)
Hash identifier: bdkPb16OmfUGY3iyU/jPJ9z2uQmZnz3Ahij+g/BLtI4=
Subject key identifier: D3:B1:E5:8F:CB:A7:77:AF:7D:26:83:27:5A:AE:60:34:D7:C0:B8:E3
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 07C0E9DB
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/07Hlj8und699JoMnWq5gNNfAuOM.roa
Signing time: Wed 02 Mar 2022 16:54:38 +0000
ROA not before: Wed 02 Mar 2022 16:54:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7029
IP address blocks: 85.209.120.0/24 maxlen: 24
85.209.122.0/24 maxlen: 24
85.209.123.0/24 maxlen: 24
45.151.0.0/23 maxlen: 24
195.211.188.0/22 maxlen: 24
45.144.213.0/24 maxlen: 24
2.56.108.0/22 maxlen: 24
45.132.182.0/23 maxlen: 24
45.88.138.0/24 maxlen: 24
45.88.137.0/24 maxlen: 24
195.177.95.0/24 maxlen: 24
195.62.24.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 130083291 (0x7c0e9db)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Mar 2 16:54:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d3b1e58fcba777af7d2683275aae6034d7c0b8e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:eb:87:e2:2b:19:65:50:5c:08:e0:4d:8b:ac:
e8:79:f5:4a:7e:28:e4:8d:ff:f3:71:54:c3:b4:dd:
fb:8e:d7:d1:80:97:5a:3f:3e:3e:e6:bf:98:31:d4:
c6:cc:6b:e8:9c:e1:ab:8e:b9:36:51:cb:16:8f:02:
57:2d:cf:98:a2:04:c2:bb:f2:d4:ac:f7:ca:c5:de:
94:71:90:a6:08:7e:e1:8e:c5:77:ba:64:ec:c3:29:
ad:21:31:3e:25:a9:60:08:c2:02:b8:f3:6c:71:0c:
19:f7:db:6e:a1:80:f7:c8:b6:f4:04:18:76:50:1e:
f4:ae:30:c3:68:54:41:3f:fb:ad:79:66:44:16:8c:
dd:da:0d:10:d7:24:ff:f1:4b:2b:23:a4:f3:2c:62:
7e:c4:9e:79:7d:03:25:95:86:71:78:ef:68:7f:d8:
b1:a9:3e:b8:12:fa:3e:83:aa:bc:b1:32:cd:1e:6b:
46:75:8b:66:b8:c0:ec:85:fd:17:40:4b:42:8f:44:
75:34:d2:0c:5d:ec:05:32:fa:59:67:53:f0:eb:33:
1d:47:2f:48:ad:ba:b8:84:33:58:fb:11:b4:38:0a:
3b:83:bf:2a:4a:b4:a8:29:ec:f3:e5:24:a7:79:dd:
6c:73:53:10:37:4f:3a:dc:46:c9:65:b0:d6:68:a0:
01:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:B1:E5:8F:CB:A7:77:AF:7D:26:83:27:5A:AE:60:34:D7:C0:B8:E3
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/07Hlj8und699JoMnWq5gNNfAuOM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.108.0/22
45.88.137.0-45.88.138.255
45.132.182.0/23
45.144.213.0/24
45.151.0.0/23
85.209.120.0/24
85.209.122.0/23
195.62.24.0/24
195.177.95.0/24
195.211.188.0/22
Signature Algorithm: sha256WithRSAEncryption
b0:ea:00:6a:70:a5:ea:27:bd:c0:2a:16:70:8e:98:2b:18:7b:
6e:60:5d:3b:57:3d:7a:f0:20:54:2c:6d:76:3d:6f:b3:5f:74:
b5:df:ca:36:d8:fd:de:72:ba:86:7f:86:6d:6f:96:2f:4a:27:
82:e3:99:4f:c5:d9:47:d2:56:6c:54:92:b2:6f:5e:61:76:16:
8e:26:1f:a6:5a:ca:2f:6c:30:8f:ee:6d:72:cd:93:19:60:dc:
4e:1b:39:6e:15:c1:5d:39:fa:0f:4d:c9:e8:0a:d8:d1:1f:bc:
51:c9:6a:40:52:92:c2:bf:b9:a4:26:8c:da:f4:eb:de:69:21:
10:8b:08:42:a4:b6:73:31:0a:d2:14:99:e0:c4:cb:0f:44:90:
74:d1:0e:8b:13:ba:60:8f:20:8e:bd:90:b8:83:f5:a2:1c:ed:
3c:c0:a1:12:e4:f0:ee:d8:96:1d:2e:ce:81:37:33:e3:6e:91:
b6:30:3d:6c:e0:44:4c:c6:c7:47:96:90:dd:b1:83:32:b0:e7:
b4:a7:fb:76:4a:51:4b:0c:94:e2:c7:67:2c:67:28:2c:dc:81:
cb:9a:5c:1b:d2:a1:f7:bc:21:9f:42:42:6f:c4:80:2d:8c:b4:
08:68:ee:c6:04:ea:bf:e1:4b:7c:36:d8:7e:dc:76:27:f1:47:
38:63:35:aa
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIEB8Dp2zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ZDJhNDc4YmIwYjA4ZTY2MWIwYjJmOWZiZTg5MzViYzljMmEyOGExMB4XDTIyMDMw
MjE2NTQzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDNiMWU1OGZjYmE3
NzdhZjdkMjY4MzI3NWFhZTYwMzRkN2MwYjhlMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL7rh+IrGWVQXAjgTYus6Hn1Sn4o5I3/83FUw7Td+47X0YCX
Wj8+Pua/mDHUxsxr6Jzhq465NlHLFo8CVy3PmKIEwrvy1Kz3ysXelHGQpgh+4Y7F
d7pk7MMprSExPiWpYAjCArjzbHEMGffbbqGA98i29AQYdlAe9K4ww2hUQT/7rXlm
RBaM3doNENck//FLKyOk8yxifsSeeX0DJZWGcXjvaH/Ysak+uBL6PoOqvLEyzR5r
RnWLZrjA7IX9F0BLQo9EdTTSDF3sBTL6WWdT8OszHUcvSK26uIQzWPsRtDgKO4O/
Kkq0qCns8+Ukp3ndbHNTEDdPOtxGyWWw1migAUsCAwEAAaOCAkcwggJDMB0GA1Ud
DgQWBBTTseWPy6d3r30mgydarmA018C44zAfBgNVHSMEGDAWgBSdKkeLsLCOZhsL
L5++iTW8nCoooTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L25TcEhpN0N3am1ZYkN5LWZ2b2sxdkp3cUtLRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTYvNjYzZGY1LTU4MGMtNGYyYy1hNjZjLWVlZjM1MTFmNmM2MC8x
LzA3SGxqOHVuZDY5OUpvTW5XcTVnTk5mQXVPTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTYv
NjYzZGY1LTU4MGMtNGYyYy1hNjZjLWVlZjM1MTFmNmM2MC8xL25TcEhpN0N3am1Z
YkN5LWZ2b2sxdkp3cUtLRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBd
BggrBgEFBQcBBwEB/wROMEwwSgQCAAEwRAMEAgI4bDAMAwQALViJAwQALViKAwQB
LYS2AwQALZDVAwQBLZcAAwQAVdF4AwQBVdF6AwQAwz4YAwQAw7FfAwQCw9O8MA0G
CSqGSIb3DQEBCwUAA4IBAQCw6gBqcKXqJ73AKhZwjpgrGHtuYF07Vz168CBULG12
PW+zX3S138o22P3ecrqGf4Ztb5YvSieC45lPxdlH0lZsVJKyb15hdhaOJh+mWsov
bDCP7m1yzZMZYNxOGzluFcFdOfoPTcnoCtjRH7xRyWpAUpLCv7mkJoza9OveaSEQ
iwhCpLZzMQrSFJngxMsPRJB00Q6LE7pgjyCOvZC4g/WiHO08wKES5PDu2JYdLs6B
NzPjbpG2MD1s4ERMxsdHlpDdsYMysOe0p/t2SlFLDJTix2csZygs3IHLmlwb0qH3
vCGfQkJvxIAtjLQIaO7GBOq/4Ut8Nth+3HYn8Uc4YzWq
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:17 2024 by rpki-client on console-ams.rpki-client.org