Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/Tj-EOglSmiJJi0QMjMJ_cz4NLSI.roa
File: Tj-EOglSmiJJi0QMjMJ_cz4NLSI.roa (raw, json)
Hash identifier: OUOcDeYFYi8/9x44Q5Q0zny9iXJVZGGztntwehBzFT4=
Subject key identifier: 4E:3F:84:3A:09:52:9A:22:49:8B:44:0C:8C:C2:7F:73:3E:0D:2D:22
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 08C1DA76
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/Tj-EOglSmiJJi0QMjMJ_cz4NLSI.roa
Signing time: Thu 09 Jun 2022 08:02:12 +0000
ROA not before: Thu 09 Jun 2022 08:02:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7029
IP address blocks: 45.151.0.0/23 maxlen: 24
45.151.2.0/24 maxlen: 24
195.211.188.0/22 maxlen: 24
2.56.108.0/22 maxlen: 24
45.88.136.0/24 maxlen: 24
45.88.138.0/24 maxlen: 24
45.88.137.0/24 maxlen: 24
45.88.139.0/24 maxlen: 24
193.57.41.0/24 maxlen: 24
45.144.213.0/24 maxlen: 24
45.132.181.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
195.62.24.0/24 maxlen: 24
45.13.188.0/24 maxlen: 24
45.13.189.0/24 maxlen: 24
45.13.191.0/24 maxlen: 24
45.144.215.0/24 maxlen: 24
45.144.214.0/24 maxlen: 24
194.15.52.0/23 maxlen: 24
193.30.241.0/24 maxlen: 24
85.209.120.0/24 maxlen: 24
85.209.122.0/24 maxlen: 24
85.209.121.0/24 maxlen: 24
85.209.123.0/24 maxlen: 24
77.83.39.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
195.177.95.0/24 maxlen: 24
77.83.38.0/24 maxlen: 24
77.83.37.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 146922102 (0x8c1da76)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Jun 9 08:02:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4e3f843a09529a22498b440c8cc27f733e0d2d22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:3e:de:54:68:21:78:cf:0c:e0:ad:8b:e6:f4:
34:cd:d2:9a:1d:64:67:ab:5c:a2:c1:c6:99:8d:67:
2d:96:07:b5:d3:3c:c7:44:06:be:25:31:a3:de:ef:
73:78:68:23:fb:b9:4d:dd:57:04:59:17:20:88:f7:
2c:4b:b0:a4:ed:ad:68:55:cf:ca:10:f4:3c:8f:8f:
70:e1:f6:ae:2e:ae:c3:52:35:a5:50:35:60:11:a0:
58:47:9c:01:5c:9c:c0:b7:16:20:8b:96:af:7f:59:
38:db:83:28:9c:d9:2f:29:a8:6e:e0:22:93:93:ee:
91:ab:e0:fb:8b:16:65:8a:a8:86:66:3e:e2:32:28:
8a:c5:cc:31:85:33:e3:75:ab:80:c6:d8:6c:6b:37:
c7:7c:cc:0d:62:b5:9c:25:21:b5:be:f6:d2:c9:88:
69:d6:77:81:26:8d:7c:49:cf:c2:b3:3c:62:a2:ae:
a8:a8:28:eb:6f:2e:8c:70:2b:40:e9:00:96:f2:02:
88:6a:e5:f0:c8:18:19:c5:52:ee:2d:07:84:b0:4f:
d4:c2:28:27:9c:d9:25:e2:78:f6:d8:4b:fb:ce:76:
79:3c:87:30:0f:fc:36:ad:d9:40:0b:23:67:59:44:
a8:0c:44:21:85:f2:84:7f:85:43:ea:fb:8e:75:c6:
3c:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:3F:84:3A:09:52:9A:22:49:8B:44:0C:8C:C2:7F:73:3E:0D:2D:22
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/Tj-EOglSmiJJi0QMjMJ_cz4NLSI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.108.0/22
45.13.188.0/23
45.13.191.0/24
45.88.136.0/22
45.132.181.0-45.132.183.255
45.144.213.0-45.144.215.255
45.151.0.0-45.151.2.255
77.83.37.0-77.83.39.255
85.209.120.0/22
193.30.241.0/24
193.57.41.0/24
194.15.52.0/23
195.62.24.0/24
195.177.93.0-195.177.95.255
195.211.188.0/22
Signature Algorithm: sha256WithRSAEncryption
74:bb:ab:cb:7a:f5:c5:c4:af:ff:fe:85:6c:0f:86:d7:c7:f9:
b6:4b:f2:88:0f:e3:b3:36:a7:42:ed:e4:c1:58:df:1e:09:ad:
e8:23:19:73:ef:96:f2:42:9a:6a:04:7d:06:05:0f:ca:a8:ca:
9c:d1:cc:b7:a7:68:82:f2:6e:83:b8:fc:fc:c3:3b:64:04:d0:
2f:f8:f6:64:24:a7:ca:32:ff:16:d0:0d:63:21:ed:22:88:4e:
1a:6c:2e:c0:1f:e1:66:77:10:02:5c:bd:e1:32:ac:c3:41:18:
34:7d:98:7b:5b:3e:f6:a7:0f:4e:a9:3e:8f:37:d5:4e:09:3b:
fd:99:56:bd:56:88:b7:06:d1:10:43:a4:18:55:90:7e:ca:47:
72:82:ce:16:2d:30:fb:49:2b:d8:84:27:68:8a:35:60:ab:6a:
c7:a8:93:f1:26:b5:7b:1d:97:87:c4:31:c6:ec:ec:d7:93:07:
b0:32:83:c4:70:a5:a7:9c:42:f8:d8:a6:8e:5b:0e:77:87:08:
07:9f:d0:f9:8c:a0:a1:be:55:a2:18:74:e5:29:4b:92:1d:e7:
7a:29:6c:e6:17:0d:0c:f3:fe:21:52:d2:89:95:a0:98:e4:7c:
eb:37:e3:bf:e1:f3:92:14:76:dd:be:93:70:78:48:ee:be:95:
ca:30:0c:2e
-----BEGIN CERTIFICATE-----
MIIFbzCCBFegAwIBAgIECMHadjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ZDJhNDc4YmIwYjA4ZTY2MWIwYjJmOWZiZTg5MzViYzljMmEyOGExMB4XDTIyMDYw
OTA4MDIxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGUzZjg0M2EwOTUy
OWEyMjQ5OGI0NDBjOGNjMjdmNzMzZTBkMmQyMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALA+3lRoIXjPDOCti+b0NM3Smh1kZ6tcosHGmY1nLZYHtdM8
x0QGviUxo97vc3hoI/u5Td1XBFkXIIj3LEuwpO2taFXPyhD0PI+PcOH2ri6uw1I1
pVA1YBGgWEecAVycwLcWIIuWr39ZONuDKJzZLymobuAik5Pukavg+4sWZYqohmY+
4jIoisXMMYUz43WrgMbYbGs3x3zMDWK1nCUhtb720smIadZ3gSaNfEnPwrM8YqKu
qKgo628ujHArQOkAlvICiGrl8MgYGcVS7i0HhLBP1MIoJ5zZJeJ49thL+852eTyH
MA/8Nq3ZQAsjZ1lEqAxEIYXyhH+FQ+r7jnXGPAMCAwEAAaOCAokwggKFMB0GA1Ud
DgQWBBROP4Q6CVKaIkmLRAyMwn9zPg0tIjAfBgNVHSMEGDAWgBSdKkeLsLCOZhsL
L5++iTW8nCoooTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L25TcEhpN0N3am1ZYkN5LWZ2b2sxdkp3cUtLRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTYvNjYzZGY1LTU4MGMtNGYyYy1hNjZjLWVlZjM1MTFmNmM2MC8x
L1RqLUVPZ2xTbWlKSmkwUU1qTUpfY3o0TkxTSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTYv
NjYzZGY1LTU4MGMtNGYyYy1hNjZjLWVlZjM1MTFmNmM2MC8xL25TcEhpN0N3am1Z
YkN5LWZ2b2sxdkp3cUtLRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
ngYIKwYBBQUHAQcBAf8EgY4wgYswgYgEAgABMIGBAwQCAjhsAwQBLQ28AwQALQ2/
AwQCLViIMAwDBAAthLUDBAMthLAwDAMEAC2Q1QMEAy2Q0DALAwMALZcDBAAtlwIw
DAMEAE1TJQMEA01TIAMEAlXReAMEAMEe8QMEAME5KQMEAcIPNAMEAMM+GDAMAwQA
w7FdAwQFw7FAAwQCw9O8MA0GCSqGSIb3DQEBCwUAA4IBAQB0u6vLevXFxK///oVs
D4bXx/m2S/KID+OzNqdC7eTBWN8eCa3oIxlz75byQppqBH0GBQ/KqMqc0cy3p2iC
8m6DuPz8wztkBNAv+PZkJKfKMv8W0A1jIe0iiE4abC7AH+FmdxACXL3hMqzDQRg0
fZh7Wz72pw9OqT6PN9VOCTv9mVa9Voi3BtEQQ6QYVZB+ykdygs4WLTD7SSvYhCdo
ijVgq2rHqJPxJrV7HZeHxDHG7OzXkwewMoPEcKWnnEL42KaOWw53hwgHn9D5jKCh
vlWiGHTlKUuSHed6KWzmFw0M8/4hUtKJlaCY5HzrN+O/4fOSFHbdvpNweEjuvpXK
MAwu
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:20 2023 by rpki-client on console-ams.rpki-client.org