Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/7xLUIy61ruLJpVTbcc9AFs2VtbQ.roa
File: 7xLUIy61ruLJpVTbcc9AFs2VtbQ.roa (raw, json)
Hash identifier: ADTojWgP5mbrPziCqiBlPT2M5qUXpNgDOw8Ag9kBz9w=
Subject key identifier: EF:12:D4:23:2E:B5:AE:E2:C9:A5:54:DB:71:CF:40:16:CD:95:B5:B4
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018533BDF80C163743B1460430C248E1889E
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/7xLUIy61ruLJpVTbcc9AFs2VtbQ.roa
Signing time: Wed 21 Dec 2022 08:12:45 +0000
ROA not before: Wed 21 Dec 2022 08:12:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43260
IP address blocks: 85.209.120.0/23 maxlen: 24
45.13.188.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
77.83.38.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:33:bd:f8:0c:16:37:43:b1:46:04:30:c2:48:e1:88:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Dec 21 08:12:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ef12d4232eb5aee2c9a554db71cf4016cd95b5b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:fb:9b:9e:20:a2:57:d3:22:47:f5:55:8a:cf:
31:d2:b8:2b:29:f9:fc:e5:dc:79:51:6d:d1:19:f4:
83:42:a4:68:7b:38:37:ba:7e:6a:0f:cd:cf:c5:91:
e7:3b:73:af:75:32:d5:d4:fb:87:dc:7a:a0:60:50:
86:8e:8b:9a:13:44:ed:06:1b:35:8d:ca:eb:64:28:
60:f1:54:8b:29:f5:a4:5a:b2:55:98:2a:5e:05:1b:
d0:76:f5:75:3a:fa:5f:20:ec:16:ec:03:0f:b8:bc:
7c:25:b5:07:27:15:98:10:d5:65:09:15:04:fe:8e:
90:b1:d4:2d:ce:55:69:29:3b:24:3c:80:44:dc:db:
30:c5:a1:f6:fb:d6:cf:5c:45:80:a7:1c:64:37:46:
18:d4:6a:fc:e3:bb:e0:8f:51:e0:e1:29:6d:e0:ea:
a9:a3:9d:cd:19:ee:2b:7c:b1:9b:ea:68:85:bc:3c:
3c:c8:06:72:3c:5c:0b:dc:2a:20:3f:f6:44:5b:54:
7b:77:76:24:33:9c:e0:c1:c6:d5:5e:4d:aa:4a:cd:
e7:d5:d4:ff:32:c6:60:aa:3c:b7:ed:ab:de:79:95:
ce:20:28:b5:ef:5b:2c:b8:3e:06:1c:55:f7:a3:32:
35:4d:3b:73:ea:89:04:cc:7b:64:d8:b7:95:3f:62:
20:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:12:D4:23:2E:B5:AE:E2:C9:A5:54:DB:71:CF:40:16:CD:95:B5:B4
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/7xLUIy61ruLJpVTbcc9AFs2VtbQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.188.0/24
77.83.38.0/24
85.209.120.0/23
195.177.94.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:97:7d:a8:23:53:d0:97:0c:9c:ca:ae:29:08:3a:18:d4:00:
d3:b9:97:26:37:08:64:08:46:ec:e4:77:36:df:5e:04:82:97:
53:b8:66:60:f1:b3:e7:62:d4:89:1f:c2:7e:56:1c:89:22:5a:
53:45:93:27:97:cc:b5:96:09:a2:62:11:f9:6a:e1:6d:71:3b:
ce:67:5a:e4:cb:6d:25:6a:7f:24:6a:ae:1d:8b:2b:44:17:59:
a5:91:58:cb:39:51:36:c9:0f:c3:a9:aa:fd:61:64:fc:e7:45:
20:e8:54:dd:01:01:ed:da:23:a6:9b:8c:87:b2:87:f6:0d:97:
88:de:e0:b1:89:23:ab:54:f9:ba:0b:bf:e8:a3:2b:83:57:a3:
2a:56:5a:f9:bb:dd:85:f5:3f:4c:be:39:a6:0f:69:78:39:55:
c4:77:1d:d0:e7:73:5e:ed:13:ae:53:95:08:b7:2c:26:55:a3:
3d:a9:92:26:87:f1:2a:82:1c:c0:76:5b:dd:50:40:6b:c3:27:
5a:1c:52:b7:41:1d:81:b2:8e:a6:a9:7e:e0:40:c2:95:f5:bb:
8c:0b:1a:cf:19:ef:d5:06:99:9a:1f:fc:1e:79:61:54:19:3f:
e9:5b:e8:c4:ca:6d:dd:2e:72:92:45:5f:d8:bf:6d:36:d4:4c:
31:30:2d:e4
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYUzvfgMFjdDsUYEMMJI4YieMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjIxMjIxMDgxMjQ1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjEyZDQyMzJlYjVhZWUyYzlhNTU0ZGI3MWNmNDAxNmNkOTViNWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlfubniCiV9MiR/VVis8x0rgrKfn8
5dx5UW3RGfSDQqRoezg3un5qD83PxZHnO3OvdTLV1PuH3HqgYFCGjouaE0TtBhs1
jcrrZChg8VSLKfWkWrJVmCpeBRvQdvV1OvpfIOwW7AMPuLx8JbUHJxWYENVlCRUE
/o6QsdQtzlVpKTskPIBE3NswxaH2+9bPXEWApxxkN0YY1Gr847vgj1Hg4Slt4Oqp
o53NGe4rfLGb6miFvDw8yAZyPFwL3CogP/ZEW1R7d3YkM5zgwcbVXk2qSs3n1dT/
MsZgqjy37aveeZXOICi171ssuD4GHFX3ozI1TTtz6okEzHtk2LeVP2IgswIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFO8S1CMuta7iyaVU23HPQBbNlbW0MB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvN3hMVUl5NjFydUxKcFZUYmNjOUFGczJWdGJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALQ28AwQA
TVMmAwQBVdF4AwQAw7FeMA0GCSqGSIb3DQEBCwUAA4IBAQAdl32oI1PQlwycyq4p
CDoY1ADTuZcmNwhkCEbs5Hc2314EgpdTuGZg8bPnYtSJH8J+VhyJIlpTRZMnl8y1
lgmiYhH5auFtcTvOZ1rky20lan8kaq4diytEF1mlkVjLOVE2yQ/Dqar9YWT850Ug
6FTdAQHt2iOmm4yHsof2DZeI3uCxiSOrVPm6C7/ooyuDV6MqVlr5u92F9T9Mvjmm
D2l4OVXEdx3Q53Ne7ROuU5UItywmVaM9qZImh/EqghzAdlvdUEBrwydaHFK3QR2B
so6mqX7gQMKV9buMCxrPGe/VBpmaH/weeWFUGT/pW+jEym3dLnKSRV/Yv2021Ewx
MC3k
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:32 2023 by rpki-client on console-fra.rpki-client.org