Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/h2_kGLJsufn35SmRuIVNm3V3E6M.roa
File: h2_kGLJsufn35SmRuIVNm3V3E6M.roa (raw, json)
Hash identifier: 3E1EfZpTSpHY0fziVAY3tpggo3aXLQNfKElqQmqw07c=
Subject key identifier: 87:6F:E4:18:B2:6C:B9:F9:F7:E5:29:91:B8:85:4D:9B:75:77:13:A3
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 01848B50C1D9427E2B240CFB7B2B0E072D82
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/h2_kGLJsufn35SmRuIVNm3V3E6M.roa
Signing time: Fri 18 Nov 2022 15:17:16 +0000
ROA not before: Fri 18 Nov 2022 15:17:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60721
IP address blocks: 45.13.190.0/24 maxlen: 24
45.151.3.0/24 maxlen: 24
5.181.84.0/24 maxlen: 24
5.181.85.0/24 maxlen: 24
5.181.87.0/24 maxlen: 24
45.88.136.0/23 maxlen: 24
85.209.122.0/23 maxlen: 24
194.242.97.0/24 maxlen: 24
45.144.212.0/24 maxlen: 24
45.132.181.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
195.177.92.0/24 maxlen: 24
45.81.112.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:8b:50:c1:d9:42:7e:2b:24:0c:fb:7b:2b:0e:07:2d:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Nov 18 15:17:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=876fe418b26cb9f9f7e52991b8854d9b757713a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:44:1b:25:4f:66:97:fd:cc:03:0a:0e:bf:41:
d7:ad:d7:fc:ec:e4:14:ad:61:7d:f1:dc:f0:a8:50:
77:5e:a5:44:46:c8:dd:65:f4:0c:a4:2f:b2:24:eb:
47:0a:48:07:c9:cd:a6:b9:f4:b5:2e:fb:f3:19:30:
5b:d6:6c:ae:3b:dd:67:72:bd:b3:67:44:ca:4b:b4:
dc:2d:5f:2b:0c:bd:8a:e9:5f:00:93:19:05:20:3d:
44:6d:bd:8b:e0:e4:34:8f:f6:0d:f8:f8:a7:ee:8d:
b2:0c:0b:ef:46:05:9b:a2:20:2e:51:45:42:0e:06:
b1:7b:88:26:46:5d:9f:e6:13:9e:7b:67:4d:bd:06:
4f:f7:a2:de:f1:85:ef:8b:d1:73:3d:b2:90:6c:af:
2c:6f:83:96:08:32:a7:02:d5:e4:9b:0b:f9:9c:f5:
90:4d:c1:c7:9d:52:9b:28:5a:ac:e9:4c:56:09:aa:
7e:3c:47:0e:1e:b2:fe:43:6d:e4:b6:b0:b6:1a:4a:
cb:13:13:9d:5c:fe:ad:53:8c:c8:0b:71:e1:20:a4:
a9:f8:32:68:23:16:07:b7:99:20:6d:7c:b2:64:81:
e5:31:f9:74:3e:1d:5d:52:1f:70:a1:03:f6:1d:78:
4e:64:b8:24:60:2b:b0:b1:0d:5e:9f:46:ea:95:5f:
37:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:6F:E4:18:B2:6C:B9:F9:F7:E5:29:91:B8:85:4D:9B:75:77:13:A3
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/h2_kGLJsufn35SmRuIVNm3V3E6M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.84.0/23
5.181.87.0/24
45.13.190.0/24
45.81.112.0/22
45.88.136.0/23
45.132.181.0-45.132.183.255
45.144.212.0/24
45.151.3.0/24
85.209.122.0/23
194.242.97.0/24
195.177.92.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:67:8b:aa:7d:18:a1:81:4c:14:96:fc:f6:19:b1:d4:5c:c6:
80:f8:7d:9f:65:2d:ef:8b:66:00:5d:5a:8f:2a:23:34:70:83:
3c:b7:cb:d6:e8:39:05:e4:43:1c:3d:e8:87:86:42:37:02:a2:
4f:a6:58:cb:20:31:c2:f6:e0:12:4e:81:31:45:5e:30:e5:b2:
60:42:90:24:0e:94:b2:0b:48:62:71:e0:32:de:d7:e4:60:89:
ef:66:96:51:33:a1:ed:31:bf:fc:71:15:48:ca:3c:bf:ef:da:
f1:b9:31:49:8b:b3:ef:24:04:34:52:ed:88:2b:28:49:94:2f:
c1:5f:e3:7f:1b:fb:bb:63:b9:7d:af:3e:55:18:7b:74:59:04:
9f:88:f5:2d:5f:ab:3f:bc:5a:ad:35:0c:97:e1:83:d5:5a:6a:
dc:40:b2:12:85:89:0b:2c:fc:55:1c:52:57:e5:44:90:43:b6:
42:3a:36:0d:dd:2c:58:30:bc:a9:5f:6c:9e:dc:d9:b6:e6:9b:
42:74:3b:4f:1e:66:21:8a:21:f4:db:dc:c7:3d:d6:15:dc:6f:
27:5e:87:0c:7d:e3:13:ee:40:ff:6c:ee:7b:82:7c:be:51:26:
af:4a:fd:37:1a:4d:07:b7:ca:bf:52:c5:a5:91:c0:56:c5:93:
ce:dd:05:2d
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAYSLUMHZQn4rJAz7eysOBy2CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjIxMTE4MTUxNzE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzZmZTQxOGIyNmNiOWY5ZjdlNTI5OTFiODg1NGQ5Yjc1NzcxM2EzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgEQbJU9ml/3MAwoOv0HXrdf87OQU
rWF98dzwqFB3XqVERsjdZfQMpC+yJOtHCkgHyc2mufS1LvvzGTBb1myuO91ncr2z
Z0TKS7TcLV8rDL2K6V8AkxkFID1Ebb2L4OQ0j/YN+Pin7o2yDAvvRgWboiAuUUVC
Dgaxe4gmRl2f5hOee2dNvQZP96Le8YXvi9FzPbKQbK8sb4OWCDKnAtXkmwv5nPWQ
TcHHnVKbKFqs6UxWCap+PEcOHrL+Q23ktrC2GkrLExOdXP6tU4zIC3HhIKSp+DJo
IxYHt5kgbXyyZIHlMfl0Ph1dUh9woQP2HXhOZLgkYCuwsQ1en0bqlV831wIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFIdv5BiybLn59+UpkbiFTZt1dxOjMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvaDJfa0dMSnN1Zm4zNVNtUnVJVk5tM1YzRTZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAATBKAwQBBbVUAwQA
BbVXAwQALQ2+AwQCLVFwAwQBLViIMAwDBAAthLUDBAMthLADBAAtkNQDBAAtlwMD
BAFV0XoDBADC8mEDBADDsVwwDQYJKoZIhvcNAQELBQADggEBADtni6p9GKGBTBSW
/PYZsdRcxoD4fZ9lLe+LZgBdWo8qIzRwgzy3y9boOQXkQxw96IeGQjcCok+mWMsg
McL24BJOgTFFXjDlsmBCkCQOlLILSGJx4DLe1+Rgie9mllEzoe0xv/xxFUjKPL/v
2vG5MUmLs+8kBDRS7YgrKEmUL8Ff438b+7tjuX2vPlUYe3RZBJ+I9S1fqz+8Wq01
DJfhg9VaatxAshKFiQss/FUcUlflRJBDtkI6Ng3dLFgwvKlfbJ7c2bbmm0J0O08e
ZiGKIfTb3Mc91hXcbydehwx94xPuQP9s7nuCfL5RJq9K/TcaTQe3yr9SxaWRwFbF
k87dBS0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:19 2024 by rpki-client on console-ams.rpki-client.org