Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/7qsHxioJ8hOz_I9px9RxGcRxurA.roa
File: 7qsHxioJ8hOz_I9px9RxGcRxurA.roa (raw, json)
Hash identifier: qu97/g9H7rirxhg7fWMTfnfitFAgZff4A0aKKfLN9rY=
Subject key identifier: EE:AB:07:C6:2A:09:F2:13:B3:FC:8F:69:C7:D4:71:19:C4:71:BA:B0
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 0183FF17B47ADE4F920FDD748050840BACF6
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/7qsHxioJ8hOz_I9px9RxGcRxurA.roa
Signing time: Sat 22 Oct 2022 09:48:07 +0000
ROA not before: Sat 22 Oct 2022 09:48:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7029
IP address blocks: 193.30.241.0/24 maxlen: 24
85.209.120.0/23 maxlen: 23
45.151.0.0/23 maxlen: 23
45.151.2.0/24 maxlen: 24
195.211.188.0/22 maxlen: 24
2.56.108.0/22 maxlen: 22
45.88.139.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
45.138.180.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:ff:17:b4:7a:de:4f:92:0f:dd:74:80:50:84:0b:ac:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Oct 22 09:48:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=eeab07c62a09f213b3fc8f69c7d47119c471bab0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:27:0f:39:26:5d:62:37:a9:75:ff:bd:07:a6:
f1:e4:ee:a7:88:5c:45:c3:54:d0:d8:5a:69:a3:7e:
f9:cc:66:7c:e1:bf:3f:e1:5f:a1:b9:c9:63:84:fc:
a1:ee:89:ff:c2:4e:79:b6:a3:d0:96:37:c2:17:59:
48:4b:d4:bf:db:1c:2e:d5:1d:ba:db:46:d2:f4:1a:
b2:99:17:0e:c2:3d:af:7e:b0:8f:46:9a:87:47:e8:
ba:6a:67:b9:23:a3:86:32:9d:62:db:69:3f:f2:79:
56:cd:fb:59:af:26:7b:0a:73:47:05:05:4d:3a:ad:
81:7e:d2:3f:3a:7a:2f:0b:3f:50:a8:d3:a0:33:2f:
dd:b4:14:74:42:0c:fe:96:2a:df:75:3a:a0:a0:1b:
d5:8c:cf:5b:36:a4:c1:ad:4d:43:72:72:d7:12:56:
14:64:f6:df:62:d5:7f:34:bc:17:8f:3b:e8:75:0e:
e3:bf:2e:d2:bc:71:78:dc:5f:e6:24:43:1b:4e:5a:
e4:aa:41:fb:2e:68:9b:cb:5d:dd:22:00:ee:f6:6e:
90:ef:d3:9b:ba:ad:b1:47:d6:55:21:7d:4b:6a:58:
b3:d3:f3:61:16:6c:36:c2:8a:a0:eb:84:63:fc:d2:
37:35:17:00:c1:f0:a5:ae:0c:22:23:c4:ce:28:b4:
68:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:AB:07:C6:2A:09:F2:13:B3:FC:8F:69:C7:D4:71:19:C4:71:BA:B0
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/7qsHxioJ8hOz_I9px9RxGcRxurA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.108.0/22
45.88.139.0/24
45.138.180.0/22
45.151.0.0-45.151.2.255
85.209.120.0/23
193.30.241.0/24
195.177.94.0/24
195.211.188.0/22
Signature Algorithm: sha256WithRSAEncryption
28:9a:ea:7e:0d:72:05:00:a7:fc:67:22:ed:70:39:eb:a9:2f:
f5:2e:53:88:2b:d4:7c:09:e8:c2:0f:b7:d8:63:ef:3c:73:c9:
8f:25:9d:73:e8:66:c6:76:c4:53:9f:da:eb:42:4b:5c:a4:eb:
76:d8:3f:79:34:b8:24:06:7a:35:80:61:58:e7:9b:54:fb:7b:
2f:11:27:36:65:6c:09:28:fd:cd:02:74:45:a3:30:32:be:f0:
d2:f1:51:52:43:9a:92:f8:de:81:59:1a:68:31:36:ba:c8:c1:
44:42:6e:a4:b2:10:13:8c:de:ff:6e:24:e9:33:d5:39:cd:ad:
bd:9d:7f:15:f6:a4:cd:39:ec:f7:fa:48:1b:6d:f3:ce:b4:ce:
1f:fd:c6:23:52:23:b8:51:dd:73:35:df:22:65:04:2c:c9:70:
8b:b8:eb:54:54:58:3b:cd:75:f7:72:c4:0e:37:f8:ad:c7:4f:
4a:8a:c6:c4:42:15:2b:2d:03:c9:22:f7:a4:db:28:03:04:72:
96:0c:65:2a:5a:f2:ad:52:b8:b3:fd:54:c4:d1:f6:93:c4:26:
07:fe:a5:c6:e9:08:70:4c:d1:66:8a:83:4a:e1:f6:a2:3e:aa:
d5:1b:55:b4:d9:d7:71:63:16:c2:8a:fd:ed:06:e2:62:a4:ac:
da:a1:f7:ae
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAYP/F7R63k+SD910gFCEC6z2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjIxMDIyMDk0ODA3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZWFiMDdjNjJhMDlmMjEzYjNmYzhmNjljN2Q0NzExOWM0NzFiYWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhicPOSZdYjepdf+9B6bx5O6niFxF
w1TQ2Fppo375zGZ84b8/4V+hucljhPyh7on/wk55tqPQljfCF1lIS9S/2xwu1R26
20bS9BqymRcOwj2vfrCPRpqHR+i6ame5I6OGMp1i22k/8nlWzftZryZ7CnNHBQVN
Oq2BftI/OnovCz9QqNOgMy/dtBR0Qgz+lirfdTqgoBvVjM9bNqTBrU1DcnLXElYU
ZPbfYtV/NLwXjzvodQ7jvy7SvHF43F/mJEMbTlrkqkH7Lmiby13dIgDu9m6Q79Ob
uq2xR9ZVIX1Laliz0/NhFmw2woqg64Rj/NI3NRcAwfClrgwiI8TOKLRoTQIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFO6rB8YqCfITs/yPacfUcRnEcbqwMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvN3FzSHhpb0o4aE96X0k5cHg5UnhHY1J4dXJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFAGCCsGAQUFBwEHAQH/BEEwPzA9BAIAATA3AwQCAjhsAwQA
LViLAwQCLYq0MAsDAwAtlwMEAC2XAgMEAVXReAMEAMEe8QMEAMOxXgMEAsPTvDAN
BgkqhkiG9w0BAQsFAAOCAQEAKJrqfg1yBQCn/Gci7XA566kv9S5TiCvUfAnowg+3
2GPvPHPJjyWdc+hmxnbEU5/a60JLXKTrdtg/eTS4JAZ6NYBhWOebVPt7LxEnNmVs
CSj9zQJ0RaMwMr7w0vFRUkOakvjegVkaaDE2usjBREJupLIQE4ze/24k6TPVOc2t
vZ1/FfakzTns9/pIG23zzrTOH/3GI1IjuFHdczXfImUELMlwi7jrVFRYO81193LE
Djf4rcdPSorGxEIVKy0DySL3pNsoAwRylgxlKlryrVK4s/1UxNH2k8QmB/6lxukI
cEzRZoqDSuH2oj6q1RtVtNnXcWMWwor97QbiYqSs2qH3rg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:17 2024 by rpki-client on console-ams.rpki-client.org