Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/RsPpFhGxkosGWTr2NdWrntuWuwM.roa
File: RsPpFhGxkosGWTr2NdWrntuWuwM.roa (raw, json)
Hash identifier: lDKP1r0wCwI6Mah0/ZWfneSnRbhM4ZLUsKBneDfa9kw=
Subject key identifier: 46:C3:E9:16:11:B1:92:8B:06:59:3A:F6:35:D5:AB:9E:DB:96:BB:03
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 0715A77C
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/RsPpFhGxkosGWTr2NdWrntuWuwM.roa
Signing time: Tue 04 Jan 2022 18:45:16 +0000
ROA not before: Tue 04 Jan 2022 18:45:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62206
IP address blocks: 195.211.190.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
194.242.96.0/22 maxlen: 22
193.57.43.0/24 maxlen: 24
193.57.41.0/24 maxlen: 24
45.144.212.0/24 maxlen: 24
195.62.24.0/24 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
85.209.123.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
85.209.122.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
85.209.120.0/24 maxlen: 24
193.30.241.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
195.177.95.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
2a10:dfc0::/29 maxlen: 29
2a07:9200::/29 maxlen: 29
2a11:580::/29 maxlen: 29
2a0c:a580::/29 maxlen: 29
2a01:7120::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 118859644 (0x715a77c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Jan 4 18:45:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=46c3e91611b1928b06593af635d5ab9edb96bb03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:59:d7:7d:8f:8a:7e:aa:53:b4:43:ac:0c:b0:
77:8f:c5:c8:17:3d:fd:85:71:cb:6f:e9:9d:ef:4f:
9e:d0:fa:e7:5f:be:d0:48:51:3d:5a:dd:6a:06:26:
56:aa:b2:4b:b3:0d:28:ff:5c:10:85:94:ef:d0:45:
36:b5:b2:fa:ab:ae:0f:3f:4c:7f:f9:27:42:1a:2f:
6e:2e:74:32:65:c3:11:f6:58:2d:1f:90:ef:a3:36:
50:fe:21:e7:b9:35:52:9d:a0:f3:57:fc:ae:3d:94:
ab:f1:c2:0d:3f:aa:ce:41:9a:0d:67:11:88:4d:d4:
90:25:47:80:8d:bb:51:1a:d2:fe:6c:4d:4b:4b:71:
7b:79:a6:4c:dd:93:0f:4c:71:82:8f:f3:0c:7b:6c:
9a:b4:b2:53:8d:3f:08:b6:d7:1a:c1:ec:3a:9a:7d:
11:70:bc:a4:4b:a3:8b:5e:ad:2d:ef:18:1c:64:29:
39:ff:c6:4e:b1:4f:37:82:c9:da:5c:ba:c8:14:62:
70:9c:a6:5e:85:2c:45:db:20:fe:f2:b3:6e:a0:0c:
16:95:35:00:d9:2e:6c:d8:f5:fa:38:df:55:6a:c3:
96:71:f5:09:11:40:bc:6a:f8:9f:ed:09:a6:15:86:
9d:6e:2b:50:ed:2a:a9:a5:e6:f8:8b:3b:cf:8a:83:
42:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:C3:E9:16:11:B1:92:8B:06:59:3A:F6:35:D5:AB:9E:DB:96:BB:03
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/RsPpFhGxkosGWTr2NdWrntuWuwM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.29.0/24
45.144.212.0/24
85.209.120.0/24
85.209.122.0/23
185.43.248.0/23
185.43.251.0/24
185.200.62.0/24
193.30.240.0/22
193.57.41.0/24
193.57.43.0/24
194.242.96.0/22
195.62.24.0/24
195.177.93.0/24
195.177.95.0/24
195.211.190.0/24
IPv6:
2a01:7120::/32
2a07:9200::/29
2a0c:a580::/29
2a10:dfc0::/29
2a11:580::/29
Signature Algorithm: sha256WithRSAEncryption
8d:37:83:ae:38:5c:a1:c2:ff:8d:26:4f:d6:c4:2f:e7:82:e8:
dc:b3:dc:99:9b:a4:1d:88:7f:77:4a:9d:29:41:9b:49:36:bc:
ec:cb:f6:47:23:cd:11:5a:07:7a:75:5c:90:91:eb:ab:6d:3f:
82:12:63:5c:dc:1d:03:08:99:60:23:96:36:06:50:de:9f:4f:
ac:db:ac:d6:0e:90:4a:de:a2:d1:d1:b5:cc:81:67:74:1e:37:
9f:55:ee:84:3b:8c:8a:89:5f:26:e1:52:7e:c0:d3:ce:a5:99:
03:14:ab:52:98:e8:32:8e:16:1a:b5:20:bc:2a:84:3b:20:47:
1d:05:48:83:57:56:1d:7f:cc:b2:a4:6a:bc:7c:7f:0a:b3:de:
df:43:e0:aa:f9:82:9f:d9:c0:4c:53:a9:23:55:5a:a8:4a:4f:
3a:25:3d:14:85:1b:8a:0e:12:25:25:2c:09:ba:f3:a5:c4:b6:
ac:cc:5f:07:05:b3:d8:f6:49:4c:13:e2:5b:e2:87:88:65:cc:
49:5a:39:3d:ba:b9:42:ef:53:05:9b:1f:dd:1b:c0:17:26:0c:
c3:36:4b:0a:ed:c9:81:af:54:81:74:01:76:af:1e:84:85:9a:
d8:aa:41:0b:26:d3:d9:24:60:2f:7a:ef:1c:05:cf:3b:27:c6:
6d:2e:a3:90
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgIEBxWnfDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ZDJhNDc4YmIwYjA4ZTY2MWIwYjJmOWZiZTg5MzViYzljMmEyOGExMB4XDTIyMDEw
NDE4NDUxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDZjM2U5MTYxMWIx
OTI4YjA2NTkzYWY2MzVkNWFiOWVkYjk2YmIwMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJVZ132Pin6qU7RDrAywd4/FyBc9/YVxy2/pne9PntD651++
0EhRPVrdagYmVqqyS7MNKP9cEIWU79BFNrWy+quuDz9Mf/knQhovbi50MmXDEfZY
LR+Q76M2UP4h57k1Up2g81f8rj2Uq/HCDT+qzkGaDWcRiE3UkCVHgI27URrS/mxN
S0txe3mmTN2TD0xxgo/zDHtsmrSyU40/CLbXGsHsOpp9EXC8pEuji16tLe8YHGQp
Of/GTrFPN4LJ2ly6yBRicJymXoUsRdsg/vKzbqAMFpU1ANkubNj1+jjfVWrDlnH1
CRFAvGr4n+0JphWGnW4rUO0qqaXm+Is7z4qDQkUCAwEAAaOCAoswggKHMB0GA1Ud
DgQWBBRGw+kWEbGSiwZZOvY11aue25a7AzAfBgNVHSMEGDAWgBSdKkeLsLCOZhsL
L5++iTW8nCoooTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L25TcEhpN0N3am1ZYkN5LWZ2b2sxdkp3cUtLRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTYvNjYzZGY1LTU4MGMtNGYyYy1hNjZjLWVlZjM1MTFmNmM2MC8x
L1JzUHBGaEd4a29zR1dUcjJOZFdybnR1V3V3TS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTYv
NjYzZGY1LTU4MGMtNGYyYy1hNjZjLWVlZjM1MTFmNmM2MC8xL25TcEhpN0N3am1Z
YkN5LWZ2b2sxdkp3cUtLRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
oAYIKwYBBQUHAQcBAf8EgZAwgY0wYAQCAAEwWgMEAC0JHQMEAC2Q1AMEAFXReAME
AVXRegMEAbkr+AMEALkr+wMEALnIPgMEAsEe8AMEAME5KQMEAME5KwMEAsLyYAME
AMM+GAMEAMOxXQMEAMOxXwMEAMPTvjApBAIAAjAjAwUAKgFxIAMFAyoHkgADBQMq
DKWAAwUDKhDfwAMFAyoRBYAwDQYJKoZIhvcNAQELBQADggEBAI03g644XKHC/40m
T9bEL+eC6Nyz3JmbpB2If3dKnSlBm0k2vOzL9kcjzRFaB3p1XJCR66ttP4ISY1zc
HQMImWAjljYGUN6fT6zbrNYOkEreotHRtcyBZ3QeN59V7oQ7jIqJXybhUn7A086l
mQMUq1KY6DKOFhq1ILwqhDsgRx0FSINXVh1/zLKkarx8fwqz3t9D4Kr5gp/ZwExT
qSNVWqhKTzolPRSFG4oOEiUlLAm686XEtqzMXwcFs9j2SUwT4lvih4hlzElaOT26
uULvUwWbH90bwBcmDMM2SwrtyYGvVIF0AXavHoSFmtiqQQsm09kkYC967xwFzzsn
xm0uo5A=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:31 2024 by rpki-client on console-fra.rpki-client.org