Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/_8rRwDunkd2XKN_b9_bzXdqjkkU.roa
File: _8rRwDunkd2XKN_b9_bzXdqjkkU.roa (raw, json)
Hash identifier: mkmWaBDzDWFzasy+Ot0cOn2kg4zwha0OO+T76qAdsWs=
Subject key identifier: FF:CA:D1:C0:3B:A7:91:DD:97:28:DF:DB:F7:F6:F3:5D:DA:A3:92:45
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 01840E304C4215106CF480FDAC41904BE947
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/_8rRwDunkd2XKN_b9_bzXdqjkkU.roa
Signing time: Tue 25 Oct 2022 08:09:17 +0000
ROA not before: Tue 25 Oct 2022 08:09:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7029
IP address blocks: 45.13.191.0/24 maxlen: 24
45.151.0.0/23 maxlen: 23
45.151.2.0/24 maxlen: 24
195.211.188.0/22 maxlen: 24
2.56.108.0/22 maxlen: 22
45.88.136.0/24 maxlen: 24
45.88.139.0/24 maxlen: 24
193.30.241.0/24 maxlen: 24
85.209.120.0/23 maxlen: 24
45.132.182.0/23 maxlen: 24
195.177.94.0/24 maxlen: 24
45.138.180.0/22 maxlen: 24
77.83.37.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:0e:30:4c:42:15:10:6c:f4:80:fd:ac:41:90:4b:e9:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Oct 25 08:09:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ffcad1c03ba791dd9728dfdbf7f6f35ddaa39245
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:ed:51:e1:72:db:2b:8d:02:1f:2a:4e:4d:37:
74:89:0f:a1:c5:76:97:c0:a7:33:a1:6b:0b:50:27:
11:ad:69:66:be:8b:c3:ed:71:90:bf:3b:fb:51:04:
c3:ec:90:82:99:cf:e5:31:63:c6:d2:35:2b:44:b6:
1a:dd:98:83:7a:46:63:46:d5:2a:d0:e9:f3:e4:87:
fe:3c:55:32:6d:1b:a3:4d:83:ee:a8:12:47:38:aa:
2e:c8:d4:e5:e2:9f:39:c0:aa:5e:e6:91:35:25:4c:
70:87:13:6b:8e:b5:c1:c7:96:b6:d8:1c:ac:c7:f0:
bd:20:b8:a2:fa:07:05:3c:96:de:4b:8b:41:b9:a2:
13:15:5e:83:89:8d:72:70:66:40:34:fd:27:90:7c:
f8:11:21:8d:88:62:19:44:63:70:59:22:54:b0:43:
8e:94:ac:ae:fa:22:01:63:7e:e9:fc:1a:96:f0:bd:
eb:50:46:65:b1:34:b9:b1:3b:eb:93:b2:0f:29:af:
33:21:8f:34:c4:81:e9:bb:c3:53:fd:e0:0a:94:24:
4f:75:88:5e:2b:2b:9c:68:d1:4c:ec:ed:be:4c:a9:
e5:7e:38:82:b3:22:43:32:3d:f3:dd:52:d6:f6:b6:
50:ab:f2:89:10:38:b0:41:03:1c:c8:d2:54:28:4c:
0b:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:CA:D1:C0:3B:A7:91:DD:97:28:DF:DB:F7:F6:F3:5D:DA:A3:92:45
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/_8rRwDunkd2XKN_b9_bzXdqjkkU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.108.0/22
45.13.191.0/24
45.88.136.0/24
45.88.139.0/24
45.132.182.0/23
45.138.180.0/22
45.151.0.0-45.151.2.255
77.83.37.0/24
85.209.120.0/23
193.30.241.0/24
195.177.94.0/24
195.211.188.0/22
Signature Algorithm: sha256WithRSAEncryption
72:46:07:cc:75:3a:3a:fd:c5:14:ca:0d:23:35:ca:ec:8d:d8:
b3:92:8e:f7:1f:b5:0a:7e:20:5d:d3:d7:9e:bb:af:07:b3:2c:
44:fd:2a:39:d5:15:52:6e:54:b3:9c:91:c8:b8:1e:1b:63:ae:
b3:45:69:94:55:80:3b:02:4f:6d:76:7d:13:f1:aa:8f:de:fd:
e3:3a:cb:26:a8:33:43:cd:e8:94:3a:f5:46:50:e7:ee:8c:81:
01:53:8e:ac:df:c6:70:af:6c:dc:7e:c4:04:75:e8:f5:c7:29:
2e:69:8c:1c:07:87:25:80:1b:ad:db:ef:e6:23:87:35:2a:35:
b9:3b:4e:5d:d0:9d:25:80:d6:74:bb:e1:b9:65:48:44:2f:8e:
d9:88:22:28:54:af:bb:18:7e:dc:fd:45:18:bd:27:ae:50:54:
0a:3a:ed:34:56:6d:fc:8e:30:b1:ae:5e:e6:2f:a3:b8:7a:03:
a0:65:5d:24:c1:c8:db:54:9e:5f:a2:6e:3c:6b:8a:01:ca:b2:
72:c4:71:80:d1:40:3f:61:99:e3:02:90:bf:d9:06:2c:96:40:
6a:fe:d3:51:75:12:0e:94:bd:41:ff:d7:16:1b:df:98:8a:28:
0a:d4:32:60:d3:72:29:0b:11:ae:2b:59:9e:79:22:5f:c5:50:
f7:73:4a:07
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgISAYQOMExCFRBs9ID9rEGQS+lHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjIxMDI1MDgwOTE3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZmNhZDFjMDNiYTc5MWRkOTcyOGRmZGJmN2Y2ZjM1ZGRhYTM5MjQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1u1R4XLbK40CHypOTTd0iQ+hxXaX
wKczoWsLUCcRrWlmvovD7XGQvzv7UQTD7JCCmc/lMWPG0jUrRLYa3ZiDekZjRtUq
0Onz5If+PFUybRujTYPuqBJHOKouyNTl4p85wKpe5pE1JUxwhxNrjrXBx5a22Bys
x/C9ILii+gcFPJbeS4tBuaITFV6DiY1ycGZANP0nkHz4ESGNiGIZRGNwWSJUsEOO
lKyu+iIBY37p/BqW8L3rUEZlsTS5sTvrk7IPKa8zIY80xIHpu8NT/eAKlCRPdYhe
KyucaNFM7O2+TKnlfjiCsyJDMj3z3VLW9rZQq/KJEDiwQQMcyNJUKEwLLQIDAQAB
o4ICUjCCAk4wHQYDVR0OBBYEFP/K0cA7p5Hdlyjf2/f2813ao5JFMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvXzhyUndEdW5rZDJYS05fYjlfYnpYZHFqa2tVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGgGCCsGAQUFBwEHAQH/BFkwVzBVBAIAATBPAwQCAjhsAwQA
LQ2/AwQALViIAwQALViLAwQBLYS2AwQCLYq0MAsDAwAtlwMEAC2XAgMEAE1TJQME
AVXReAMEAMEe8QMEAMOxXgMEAsPTvDANBgkqhkiG9w0BAQsFAAOCAQEAckYHzHU6
Ov3FFMoNIzXK7I3Ys5KO9x+1Cn4gXdPXnruvB7MsRP0qOdUVUm5Us5yRyLgeG2Ou
s0VplFWAOwJPbXZ9E/Gqj9794zrLJqgzQ83olDr1RlDn7oyBAVOOrN/GcK9s3H7E
BHXo9ccpLmmMHAeHJYAbrdvv5iOHNSo1uTtOXdCdJYDWdLvhuWVIRC+O2YgiKFSv
uxh+3P1FGL0nrlBUCjrtNFZt/I4wsa5e5i+juHoDoGVdJMHI21SeX6JuPGuKAcqy
csRxgNFAP2GZ4wKQv9kGLJZAav7TUXUSDpS9Qf/XFhvfmIooCtQyYNNyKQsRritZ
nnkiX8VQ93NKBw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:31 2024 by rpki-client on console-fra.rpki-client.org