Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/lT2muBgrwad0sA9Wu0SuJV1w74g.roa
File: lT2muBgrwad0sA9Wu0SuJV1w74g.roa (raw, json)
Hash identifier: yJ4T4Z6e67DbR55/s3UwQN+5Qxd45MnYoTAb7x78zyI=
Subject key identifier: 95:3D:A6:B8:18:2B:C1:A7:74:B0:0F:56:BB:44:AE:25:5D:70:EF:88
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 01842F28226A6E63F748E8AE92884B370965
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/lT2muBgrwad0sA9Wu0SuJV1w74g.roa
Signing time: Mon 31 Oct 2022 17:47:50 +0000
ROA not before: Mon 31 Oct 2022 17:47:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43260
IP address blocks: 85.209.120.0/23 maxlen: 24
45.13.191.0/24 maxlen: 24
45.151.0.0/23 maxlen: 24
45.151.2.0/24 maxlen: 24
77.83.37.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:2f:28:22:6a:6e:63:f7:48:e8:ae:92:88:4b:37:09:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Oct 31 17:47:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=953da6b8182bc1a774b00f56bb44ae255d70ef88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:c3:57:41:79:da:ad:21:99:e4:a7:06:0b:71:
1a:0b:cc:33:14:22:d6:97:5b:f4:cd:0d:49:08:30:
37:40:a5:34:49:73:11:b9:99:10:7d:94:75:56:5e:
02:14:d6:d8:86:2b:b3:75:dc:27:84:c3:fd:a2:33:
c0:0e:de:ba:55:86:d4:cb:6f:3e:3a:74:40:ed:45:
db:83:94:39:a3:d6:5d:7d:57:d3:7a:6e:bc:e8:bc:
c9:06:a0:a2:c9:28:7d:de:59:2b:f1:4e:d3:ac:f4:
7f:d4:10:c1:4e:40:71:c9:15:99:d6:52:6d:62:20:
b7:39:b6:a0:b9:f9:8b:df:e2:27:bd:67:09:c9:df:
ed:d7:b8:85:a7:59:31:e3:3e:e9:e2:81:b9:99:3b:
05:1d:22:04:f1:4c:22:fd:07:c8:6c:37:d8:e5:ae:
a6:68:cf:47:14:1e:33:c5:e8:ae:11:86:41:8b:be:
ff:8e:41:c8:9a:46:01:65:8c:db:4b:f8:c5:e6:70:
cc:08:c2:1f:7a:ff:94:78:63:f0:1f:d0:bf:5f:d8:
ad:22:56:e9:d6:2b:6a:67:b5:4b:55:d2:5d:83:4d:
b3:cd:9e:c4:da:e1:7e:cf:7f:d1:c7:d9:d7:6c:2d:
22:c3:0f:c7:da:5f:46:bc:34:9f:67:e5:5d:71:5d:
b9:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:3D:A6:B8:18:2B:C1:A7:74:B0:0F:56:BB:44:AE:25:5D:70:EF:88
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/lT2muBgrwad0sA9Wu0SuJV1w74g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.191.0/24
45.151.0.0-45.151.2.255
77.83.37.0/24
85.209.120.0/23
Signature Algorithm: sha256WithRSAEncryption
48:03:ea:69:ec:8f:3c:75:94:fe:c1:db:83:ea:5f:2e:3f:74:
85:d5:bf:9b:a5:31:27:64:90:22:fe:dc:e2:39:38:7c:54:76:
3f:bb:a2:7c:ac:9a:56:f6:ad:48:c9:ca:c9:3d:b2:b5:2b:55:
a0:69:41:22:05:6b:e4:04:48:ce:97:f8:48:81:a8:68:17:70:
dc:d7:10:d0:89:f7:f8:3e:e5:5b:5f:c1:02:27:4b:a6:79:24:
93:a0:e0:90:d2:c9:88:69:c4:b9:9a:47:32:66:ee:96:98:5f:
71:77:7f:fe:db:40:14:9b:fc:d6:94:f4:ce:c0:78:9d:a4:f2:
f6:a0:b4:0d:de:28:a0:6e:8d:25:9b:5d:f9:3f:ea:8c:93:cb:
0c:90:b5:25:9f:69:aa:ef:99:51:d1:30:6f:3b:61:5e:10:35:
e6:93:a8:40:d6:93:b1:3c:df:f3:56:49:40:34:d6:8d:19:88:
6e:70:43:8d:0c:d3:47:22:a8:0f:d7:a3:63:e9:cc:53:cd:d5:
2b:73:ab:e8:29:31:de:35:dc:f8:cb:4f:b7:e7:b8:1e:71:c8:
8b:3b:74:56:18:a8:13:06:1c:ff:72:c8:a9:5e:54:b9:4f:0f:
c2:ff:05:23:f6:f4:1c:63:2f:21:6b:99:8c:b0:34:4d:3f:d8:
7a:17:32:55
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAYQvKCJqbmP3SOiukohLNwllMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjIxMDMxMTc0NzUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTNkYTZiODE4MmJjMWE3NzRiMDBmNTZiYjQ0YWUyNTVkNzBlZjg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAscNXQXnarSGZ5KcGC3EaC8wzFCLW
l1v0zQ1JCDA3QKU0SXMRuZkQfZR1Vl4CFNbYhiuzddwnhMP9ojPADt66VYbUy28+
OnRA7UXbg5Q5o9ZdfVfTem686LzJBqCiySh93lkr8U7TrPR/1BDBTkBxyRWZ1lJt
YiC3ObagufmL3+InvWcJyd/t17iFp1kx4z7p4oG5mTsFHSIE8Uwi/QfIbDfY5a6m
aM9HFB4zxeiuEYZBi77/jkHImkYBZYzbS/jF5nDMCMIfev+UeGPwH9C/X9itIlbp
1itqZ7VLVdJdg02zzZ7E2uF+z3/Rx9nXbC0iww/H2l9GvDSfZ+VdcV25aQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJU9prgYK8GndLAPVrtEriVdcO+IMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvbFQybXVCZ3J3YWQwc0E5V3UwU3VKVjF3NzRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAlBAIAATAfAwQALQ2/MAsD
AwAtlwMEAC2XAgMEAE1TJQMEAVXReDANBgkqhkiG9w0BAQsFAAOCAQEASAPqaeyP
PHWU/sHbg+pfLj90hdW/m6UxJ2SQIv7c4jk4fFR2P7uifKyaVvatSMnKyT2ytStV
oGlBIgVr5ARIzpf4SIGoaBdw3NcQ0In3+D7lW1/BAidLpnkkk6DgkNLJiGnEuZpH
MmbulphfcXd//ttAFJv81pT0zsB4naTy9qC0Dd4ooG6NJZtd+T/qjJPLDJC1JZ9p
qu+ZUdEwbzthXhA15pOoQNaTsTzf81ZJQDTWjRmIbnBDjQzTRyKoD9ejY+nMU83V
K3Or6Ckx3jXc+MtPt+e4HnHIizt0VhioEwYc/3LIqV5UuU8Pwv8FI/b0HGMvIWuZ
jLA0TT/YehcyVQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:32 2023 by rpki-client on console-fra.rpki-client.org