Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/6ZlN8rniu2rU4JFMQerQ2dAN5-I.roa
File: 6ZlN8rniu2rU4JFMQerQ2dAN5-I.roa (raw, json)
Hash identifier: cmFHjx5fJRkoRnuGbjEX/xxiQrmn+6KgS5dYsN/WyC0=
Subject key identifier: E9:99:4D:F2:B9:E2:BB:6A:D4:E0:91:4C:41:EA:D0:D9:D0:0D:E7:E2
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 07E68B75
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/6ZlN8rniu2rU4JFMQerQ2dAN5-I.roa
Signing time: Mon 14 Mar 2022 21:36:23 +0000
ROA not before: Mon 14 Mar 2022 21:36:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208485
IP address blocks: 45.13.191.0/24 maxlen: 24
45.9.30.0/24 maxlen: 24
45.132.180.0/24 maxlen: 24
195.177.92.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 132549493 (0x7e68b75)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Mar 14 21:36:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e9994df2b9e2bb6ad4e0914c41ead0d9d00de7e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:25:d7:63:a2:f5:80:cd:ec:50:23:21:7f:d6:
64:83:63:14:d7:f6:33:84:c2:f9:5b:6a:76:ef:bb:
15:4a:e2:5b:66:68:6c:8d:3f:80:2f:58:14:2c:00:
55:9c:b6:4b:34:cb:a9:67:21:c7:f7:ae:4f:e9:49:
2d:43:de:88:76:af:5b:dd:b6:25:57:cc:c5:d4:5a:
dc:3d:24:84:92:71:23:ee:cb:5f:1c:d8:3a:79:1e:
34:6a:9b:ad:42:65:1f:e4:01:75:9d:d9:b3:94:11:
40:93:0c:3a:66:b3:c4:7f:66:17:71:32:f5:ad:d7:
a2:12:db:10:1d:a5:b6:f0:33:bc:a8:44:de:80:a5:
26:cf:b6:41:6b:63:21:10:98:a4:35:f1:e6:a1:be:
91:f0:97:44:6d:d7:cd:0f:f6:aa:10:45:71:4e:e2:
16:9b:a0:b0:d8:99:b0:61:d4:fc:5b:46:be:c9:d6:
61:32:bc:39:0a:d2:48:a3:e3:21:9d:73:67:bc:27:
7e:07:37:16:d3:dd:61:f3:2e:ed:00:69:fc:9d:a2:
96:80:6d:eb:a1:10:ce:21:fa:9f:49:7b:56:5e:6d:
4a:da:4d:79:4b:af:68:b4:da:00:67:52:0d:be:a1:
c1:73:e7:25:f9:57:f0:67:41:1d:4d:9e:21:7e:2f:
53:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:99:4D:F2:B9:E2:BB:6A:D4:E0:91:4C:41:EA:D0:D9:D0:0D:E7:E2
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/6ZlN8rniu2rU4JFMQerQ2dAN5-I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.30.0/24
45.13.191.0/24
45.132.180.0/24
195.177.92.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:a6:2f:d1:15:51:9d:b9:5b:07:05:2d:2c:ff:e9:56:bc:0c:
54:24:69:cf:a0:84:f7:4b:19:4b:48:6e:9b:88:62:11:ef:cf:
43:96:e1:12:08:54:f0:e3:d4:d7:cd:88:9e:40:27:82:7f:f9:
d5:c7:13:92:45:a0:49:ed:ce:24:b4:4a:62:ff:de:8e:b3:c1:
c3:6b:a4:d4:00:c4:95:68:3d:c9:c5:9d:99:9e:72:6c:e4:ee:
32:ad:e5:f6:03:52:9e:d4:64:26:8b:e5:48:06:ae:e0:9d:eb:
ef:63:3e:63:be:2b:98:5d:69:ec:34:1e:dd:ac:b1:d5:ab:e1:
34:c4:af:db:5c:dd:e4:85:dd:75:c1:18:0c:4d:4b:cb:0c:a2:
bf:96:ab:d3:56:09:6e:1e:b0:fd:0b:6a:09:0f:8b:8e:d5:4d:
cf:2c:3f:4a:89:7b:eb:ac:86:21:b2:47:b8:c1:b9:ce:95:a6:
ef:f6:33:c8:2d:56:92:31:e7:df:c7:4a:d0:0f:b0:4f:85:14:
b5:95:c4:13:41:93:7e:e9:d9:78:d7:a9:99:b4:bd:f3:b6:83:
ea:33:d8:dc:de:d6:76:e6:0c:6a:32:6c:1b:04:7a:fb:01:e9:
ee:c1:90:ac:8c:73:34:a2:b4:c5:c5:53:97:8e:2b:d4:b1:20:
58:37:88:82
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEB+aLdTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ZDJhNDc4YmIwYjA4ZTY2MWIwYjJmOWZiZTg5MzViYzljMmEyOGExMB4XDTIyMDMx
NDIxMzYyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTk5OTRkZjJiOWUy
YmI2YWQ0ZTA5MTRjNDFlYWQwZDlkMDBkZTdlMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKIl12Oi9YDN7FAjIX/WZINjFNf2M4TC+Vtqdu+7FUriW2Zo
bI0/gC9YFCwAVZy2SzTLqWchx/euT+lJLUPeiHavW922JVfMxdRa3D0khJJxI+7L
XxzYOnkeNGqbrUJlH+QBdZ3Zs5QRQJMMOmazxH9mF3Ey9a3XohLbEB2ltvAzvKhE
3oClJs+2QWtjIRCYpDXx5qG+kfCXRG3XzQ/2qhBFcU7iFpugsNiZsGHU/FtGvsnW
YTK8OQrSSKPjIZ1zZ7wnfgc3FtPdYfMu7QBp/J2iloBt66EQziH6n0l7Vl5tStpN
eUuvaLTaAGdSDb6hwXPnJflX8GdBHU2eIX4vU5ECAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBTpmU3yueK7atTgkUxB6tDZ0A3n4jAfBgNVHSMEGDAWgBSdKkeLsLCOZhsL
L5++iTW8nCoooTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L25TcEhpN0N3am1ZYkN5LWZ2b2sxdkp3cUtLRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTYvNjYzZGY1LTU4MGMtNGYyYy1hNjZjLWVlZjM1MTFmNmM2MC8x
LzZabE44cm5pdTJyVTRKRk1RZXJRMmRBTjUtSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTYv
NjYzZGY1LTU4MGMtNGYyYy1hNjZjLWVlZjM1MTFmNmM2MC8xL25TcEhpN0N3am1Z
YkN5LWZ2b2sxdkp3cUtLRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAC0JHgMEAC0NvwMEAC2EtAMEAMOx
XDANBgkqhkiG9w0BAQsFAAOCAQEAm6Yv0RVRnblbBwUtLP/pVrwMVCRpz6CE90sZ
S0hum4hiEe/PQ5bhEghU8OPU182InkAngn/51ccTkkWgSe3OJLRKYv/ejrPBw2uk
1ADElWg9ycWdmZ5ybOTuMq3l9gNSntRkJovlSAau4J3r72M+Y74rmF1p7DQe3ayx
1avhNMSv21zd5IXddcEYDE1Lywyiv5ar01YJbh6w/QtqCQ+LjtVNzyw/Sol766yG
IbJHuMG5zpWm7/YzyC1WkjHn38dK0A+wT4UUtZXEE0GTfunZeNepmbS987aD6jPY
3N7WduYMajJsGwR6+wHp7sGQrIxzNKK0xcVTl44r1LEgWDeIgg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:17 2024 by rpki-client on console-ams.rpki-client.org