Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/CGgH-WT71PIxNCOP-mHL1gCYjtE.roa
File: CGgH-WT71PIxNCOP-mHL1gCYjtE.roa (raw, json)
Hash identifier: SLxzfz86/NExgPoRMe1XOpatUY+ppPLKjCQuqNR+80c=
Subject key identifier: 08:68:07:F9:64:FB:D4:F2:31:34:23:8F:FA:61:CB:D6:00:98:8E:D1
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 085BF0F2
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/CGgH-WT71PIxNCOP-mHL1gCYjtE.roa
Signing time: Fri 29 Apr 2022 13:18:47 +0000
ROA not before: Fri 29 Apr 2022 13:18:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60721
IP address blocks: 45.13.190.0/24 maxlen: 24
5.181.84.0/24 maxlen: 24
5.181.85.0/24 maxlen: 24
45.151.3.0/24 maxlen: 24
45.144.212.0/24 maxlen: 24
195.177.92.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 140243186 (0x85bf0f2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Apr 29 13:18:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=086807f964fbd4f23134238ffa61cbd600988ed1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:4a:9e:1e:84:ec:cf:72:5c:81:76:39:e8:2c:
16:ab:3e:a2:2a:87:91:10:bc:d7:05:49:0e:6e:11:
ca:40:9c:2a:76:1d:f3:67:4c:6d:9b:bf:1f:c9:3e:
53:fa:d6:ef:7a:35:b9:ab:ed:a7:a7:12:bf:3a:2a:
7f:cc:64:68:b2:f9:3b:36:39:80:6f:72:d3:07:8d:
ef:49:9d:3d:c2:2b:de:77:c0:3a:5c:7b:eb:ea:90:
cb:2b:70:54:af:91:e3:3a:80:05:b0:56:4d:21:a3:
45:d4:71:46:91:19:f7:1b:c3:25:1e:3d:52:f4:30:
a4:56:ab:cd:d0:9e:8a:f4:8c:b2:ef:4d:3a:ce:e3:
b0:9c:8a:44:cb:db:7b:27:87:be:c7:0d:d5:cc:ed:
54:de:ed:7e:79:f2:d0:19:15:25:dd:21:fa:f5:cf:
0f:5d:aa:17:de:3e:f0:ff:d5:bd:00:85:1b:c8:1d:
57:79:0a:d5:90:d1:22:b9:ac:93:ce:d9:59:09:09:
0d:bd:83:61:f0:40:a7:03:a8:4a:73:aa:5f:65:3b:
f3:f1:67:dd:c7:21:be:60:7c:08:cd:7b:73:d2:f1:
9a:ec:6e:84:5a:c8:70:83:23:1b:23:95:12:ad:99:
06:72:70:4d:2d:bb:05:a5:1f:1b:4b:a0:1b:c4:ec:
35:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:68:07:F9:64:FB:D4:F2:31:34:23:8F:FA:61:CB:D6:00:98:8E:D1
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/CGgH-WT71PIxNCOP-mHL1gCYjtE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.84.0/23
45.13.190.0/24
45.144.212.0/24
45.151.3.0/24
195.177.92.0/24
Signature Algorithm: sha256WithRSAEncryption
37:b1:23:f7:55:aa:bb:d0:e6:0a:c7:41:be:3e:b3:74:0d:21:
7b:e2:bb:93:0b:2c:35:6e:e5:f8:de:7b:94:53:9d:77:a2:36:
b6:49:28:2a:ef:7b:b0:ff:b8:c3:bc:d0:85:38:cf:55:29:eb:
23:b2:0d:56:03:2f:b8:35:ca:1c:14:36:b1:55:6a:b2:93:c3:
b8:f4:14:f8:7c:42:0a:a4:41:c0:f5:c4:b5:57:c0:fb:8f:95:
2e:4b:9a:c0:95:78:89:68:ce:56:f0:c9:bd:db:45:54:09:2e:
fa:a1:22:48:7a:2f:d5:11:28:7c:c6:b8:b6:7c:a4:d3:40:55:
cf:64:aa:1f:f9:11:23:2b:e5:d5:ad:24:dc:f3:f1:e5:a5:94:
10:4a:e7:86:38:d3:97:00:be:2d:39:75:c2:91:2d:a9:08:52:
de:55:3a:c9:0f:8e:97:c2:c5:05:e0:3c:c6:c5:0e:e9:ae:78:
c8:d0:4d:da:d7:db:7f:af:fd:53:83:0b:28:cd:8d:d6:a0:4b:
20:b9:0e:28:43:a3:bc:a8:e5:4a:cb:7f:e4:09:b6:0a:74:06:
d5:5a:48:77:2c:11:85:ae:eb:df:20:b2:6f:cd:44:70:3a:ba:
2b:62:c6:5c:d8:f2:d1:30:fd:69:99:ac:ba:f8:ee:89:06:61:
f4:96:be:04
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIECFvw8jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ZDJhNDc4YmIwYjA4ZTY2MWIwYjJmOWZiZTg5MzViYzljMmEyOGExMB4XDTIyMDQy
OTEzMTg0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDg2ODA3Zjk2NGZi
ZDRmMjMxMzQyMzhmZmE2MWNiZDYwMDk4OGVkMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPdKnh6E7M9yXIF2OegsFqs+oiqHkRC81wVJDm4RykCcKnYd
82dMbZu/H8k+U/rW73o1uavtp6cSvzoqf8xkaLL5OzY5gG9y0weN70mdPcIr3nfA
Olx76+qQyytwVK+R4zqABbBWTSGjRdRxRpEZ9xvDJR49UvQwpFarzdCeivSMsu9N
Os7jsJyKRMvbeyeHvscN1cztVN7tfnny0BkVJd0h+vXPD12qF94+8P/VvQCFG8gd
V3kK1ZDRIrmsk87ZWQkJDb2DYfBApwOoSnOqX2U78/Fn3cchvmB8CM17c9Lxmuxu
hFrIcIMjGyOVEq2ZBnJwTS27BaUfG0ugG8TsNWsCAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBQIaAf5ZPvU8jE0I4/6YcvWAJiO0TAfBgNVHSMEGDAWgBSdKkeLsLCOZhsL
L5++iTW8nCoooTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L25TcEhpN0N3am1ZYkN5LWZ2b2sxdkp3cUtLRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTYvNjYzZGY1LTU4MGMtNGYyYy1hNjZjLWVlZjM1MTFmNmM2MC8x
L0NHZ0gtV1Q3MVBJeE5DT1AtbUhMMWdDWWp0RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTYv
NjYzZGY1LTU4MGMtNGYyYy1hNjZjLWVlZjM1MTFmNmM2MC8xL25TcEhpN0N3am1Z
YkN5LWZ2b2sxdkp3cUtLRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAQW1VAMEAC0NvgMEAC2Q1AMEAC2X
AwMEAMOxXDANBgkqhkiG9w0BAQsFAAOCAQEAN7Ej91Wqu9DmCsdBvj6zdA0he+K7
kwssNW7l+N57lFOdd6I2tkkoKu97sP+4w7zQhTjPVSnrI7INVgMvuDXKHBQ2sVVq
spPDuPQU+HxCCqRBwPXEtVfA+4+VLkuawJV4iWjOVvDJvdtFVAku+qEiSHov1REo
fMa4tnyk00BVz2SqH/kRIyvl1a0k3PPx5aWUEErnhjjTlwC+LTl1wpEtqQhS3lU6
yQ+Ol8LFBeA8xsUO6a54yNBN2tfbf6/9U4MLKM2N1qBLILkOKEOjvKjlSst/5Am2
CnQG1VpIdywRha7r3yCyb81EcDq6K2LGXNjy0TD9aZmsuvjuiQZh9Ja+BA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:31 2024 by rpki-client on console-fra.rpki-client.org