Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/lJb9RPaiXQva__MS9zi1VQ9fxeI.roa
File: lJb9RPaiXQva__MS9zi1VQ9fxeI.roa (raw, json)
Hash identifier: 4S02wkUIi6TTN3Mx1HhoWpxI+/jHaC+1DG/8u89+LcI=
Subject key identifier: 94:96:FD:44:F6:A2:5D:0B:DA:FF:F3:12:F7:38:B5:55:0F:5F:C5:E2
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 081D43C1
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/lJb9RPaiXQva__MS9zi1VQ9fxeI.roa
Signing time: Sun 03 Apr 2022 20:27:53 +0000
ROA not before: Sun 03 Apr 2022 20:27:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7029
IP address blocks: 45.13.191.0/24 maxlen: 24
45.151.0.0/23 maxlen: 24
45.151.2.0/24 maxlen: 24
195.211.188.0/22 maxlen: 24
45.144.215.0/24 maxlen: 24
45.144.214.0/24 maxlen: 24
2.56.108.0/22 maxlen: 24
194.15.52.0/23 maxlen: 24
45.88.136.0/24 maxlen: 24
45.88.138.0/24 maxlen: 24
45.88.137.0/24 maxlen: 24
45.88.139.0/24 maxlen: 24
85.209.120.0/24 maxlen: 24
85.209.122.0/24 maxlen: 24
85.209.121.0/24 maxlen: 24
85.209.123.0/24 maxlen: 24
45.144.213.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
195.177.95.0/24 maxlen: 24
77.83.38.0/24 maxlen: 24
195.62.24.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 136135617 (0x81d43c1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Apr 3 20:27:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9496fd44f6a25d0bdafff312f738b5550f5fc5e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:14:28:e2:ae:bb:3c:8c:86:f1:e2:cc:9d:fb:
6b:09:52:9d:40:62:f5:75:59:2e:36:cf:58:62:68:
33:06:db:b3:59:de:da:9f:bf:e2:58:e2:71:52:1b:
42:bd:06:80:bf:7f:62:88:89:90:a1:99:e4:f2:a4:
ab:d5:42:3a:6c:6c:f9:ab:bb:2c:7e:1a:71:7d:64:
93:58:a1:b1:31:81:2b:5b:0b:ea:7f:8b:d9:af:ae:
c1:8f:67:3e:56:9e:16:8b:78:39:9a:f8:d0:b3:00:
f9:dc:72:00:e1:8a:1e:83:6c:3a:63:1b:db:63:df:
0c:5d:55:02:c0:ad:55:2e:0e:ef:3c:66:26:a6:a1:
3e:60:83:d9:10:d5:9f:a2:f0:ce:8e:bf:bf:43:a8:
27:ba:72:5f:af:c1:42:24:5c:5d:9c:96:51:d5:2f:
59:63:45:16:92:00:92:7e:4b:4f:fa:28:8e:9e:36:
f2:49:a4:1f:d2:fd:6a:70:11:38:8a:8a:ec:b5:9d:
4d:2b:3f:c3:62:f8:26:0c:83:75:97:86:27:36:c5:
98:db:2d:ed:71:21:bd:75:6c:9e:7e:1c:49:5a:5c:
70:98:86:5e:3c:ad:09:84:58:ae:aa:f6:a3:55:f1:
f2:26:32:8c:56:e1:1a:c1:5e:64:38:d8:1d:3d:d7:
66:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:96:FD:44:F6:A2:5D:0B:DA:FF:F3:12:F7:38:B5:55:0F:5F:C5:E2
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/lJb9RPaiXQva__MS9zi1VQ9fxeI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.108.0/22
45.13.191.0/24
45.88.136.0/22
45.132.182.0/23
45.144.213.0-45.144.215.255
45.151.0.0-45.151.2.255
77.83.38.0/24
85.209.120.0/22
194.15.52.0/23
195.62.24.0/24
195.177.95.0/24
195.211.188.0/22
Signature Algorithm: sha256WithRSAEncryption
19:90:ad:a2:0c:97:20:3c:d4:b1:aa:08:d1:b0:69:b1:27:7a:
04:e2:23:ba:2a:58:f1:4e:8b:2c:68:f8:00:28:d0:2a:9d:de:
3c:da:08:5a:47:6c:9a:d8:23:25:c9:69:85:8a:72:b7:c6:dc:
d9:4c:cb:bc:43:de:77:ac:3d:bc:73:76:b0:77:7e:a6:ba:a2:
ca:2b:12:63:06:cc:a8:0d:4f:0a:7a:6b:06:c2:30:11:33:44:
fd:c2:87:b3:d3:ca:e4:b8:75:9e:15:af:39:21:64:f5:bc:c4:
f7:1b:4a:cf:2d:ef:c8:c2:41:7d:61:61:7d:a5:44:3b:82:e0:
34:65:60:e4:b7:d8:c3:02:42:9a:e3:43:06:25:46:61:e2:d2:
32:67:97:4e:5b:03:3f:62:07:36:77:15:cf:f4:ea:ac:62:cc:
26:e0:41:9d:f8:c1:22:a9:f1:78:12:45:61:b2:f2:16:03:b4:
04:38:a5:35:b4:98:b9:d2:58:4d:ff:6e:54:c8:c3:db:f5:39:
a6:44:b2:fc:e5:65:4c:f6:8c:00:30:6e:31:ac:9d:0e:db:75:
4d:cf:67:70:7b:61:69:86:91:6d:2c:67:59:ba:1e:46:5a:17:
b3:cb:33:45:4b:e6:17:eb:06:ea:7a:b5:56:a7:90:1a:48:da:
33:45:a7:20
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIECB1DwTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ZDJhNDc4YmIwYjA4ZTY2MWIwYjJmOWZiZTg5MzViYzljMmEyOGExMB4XDTIyMDQw
MzIwMjc1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTQ5NmZkNDRmNmEy
NWQwYmRhZmZmMzEyZjczOGI1NTUwZjVmYzVlMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMwUKOKuuzyMhvHizJ37awlSnUBi9XVZLjbPWGJoMwbbs1ne
2p+/4ljicVIbQr0GgL9/YoiJkKGZ5PKkq9VCOmxs+au7LH4acX1kk1ihsTGBK1sL
6n+L2a+uwY9nPlaeFot4OZr40LMA+dxyAOGKHoNsOmMb22PfDF1VAsCtVS4O7zxm
JqahPmCD2RDVn6Lwzo6/v0OoJ7pyX6/BQiRcXZyWUdUvWWNFFpIAkn5LT/oojp42
8kmkH9L9anAROIqK7LWdTSs/w2L4JgyDdZeGJzbFmNst7XEhvXVsnn4cSVpccJiG
XjytCYRYrqr2o1Xx8iYyjFbhGsFeZDjYHT3XZsUCAwEAAaOCAlowggJWMB0GA1Ud
DgQWBBSUlv1E9qJdC9r/8xL3OLVVD1/F4jAfBgNVHSMEGDAWgBSdKkeLsLCOZhsL
L5++iTW8nCoooTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L25TcEhpN0N3am1ZYkN5LWZ2b2sxdkp3cUtLRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTYvNjYzZGY1LTU4MGMtNGYyYy1hNjZjLWVlZjM1MTFmNmM2MC8x
L2xKYjlSUGFpWFF2YV9fTVM5emkxVlE5ZnhlSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTYv
NjYzZGY1LTU4MGMtNGYyYy1hNjZjLWVlZjM1MTFmNmM2MC8xL25TcEhpN0N3am1Z
YkN5LWZ2b2sxdkp3cUtLRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBw
BggrBgEFBQcBBwEB/wRhMF8wXQQCAAEwVwMEAgI4bAMEAC0NvwMEAi1YiAMEAS2E
tjAMAwQALZDVAwQDLZDQMAsDAwAtlwMEAC2XAgMEAE1TJgMEAlXReAMEAcIPNAME
AMM+GAMEAMOxXwMEAsPTvDANBgkqhkiG9w0BAQsFAAOCAQEAGZCtogyXIDzUsaoI
0bBpsSd6BOIjuipY8U6LLGj4ACjQKp3ePNoIWkdsmtgjJclphYpyt8bc2UzLvEPe
d6w9vHN2sHd+prqiyisSYwbMqA1PCnprBsIwETNE/cKHs9PK5Lh1nhWvOSFk9bzE
9xtKzy3vyMJBfWFhfaVEO4LgNGVg5LfYwwJCmuNDBiVGYeLSMmeXTlsDP2IHNncV
z/TqrGLMJuBBnfjBIqnxeBJFYbLyFgO0BDilNbSYudJYTf9uVMjD2/U5pkSy/OVl
TPaMADBuMaydDtt1Tc9ncHthaYaRbSxnWboeRloXs8szRUvmF+sG6nq1VqeQGkja
M0WnIA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:32 2023 by rpki-client on console-fra.rpki-client.org