Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/rgqhooQ1w4h3cWeAo3U95vb2eZg.roa
File: rgqhooQ1w4h3cWeAo3U95vb2eZg.roa (raw, json)
Hash identifier: n9t4AtnZqJ1BHPxNiFA3kqr7MSahSX8Dnan/cXkERhs=
Subject key identifier: AE:0A:A1:A2:84:35:C3:88:77:71:67:80:A3:75:3D:E6:F6:F6:79:98
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018453576F54B2D53CF84BCC64270B16EF1E
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/rgqhooQ1w4h3cWeAo3U95vb2eZg.roa
Signing time: Mon 07 Nov 2022 18:25:49 +0000
ROA not before: Mon 07 Nov 2022 18:25:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60721
IP address blocks: 45.13.190.0/24 maxlen: 24
5.181.84.0/24 maxlen: 24
5.181.85.0/24 maxlen: 24
45.151.3.0/24 maxlen: 24
5.181.87.0/24 maxlen: 24
45.88.136.0/23 maxlen: 24
193.30.241.0/24 maxlen: 24
85.209.122.0/23 maxlen: 24
194.242.97.0/24 maxlen: 24
45.144.212.0/24 maxlen: 24
45.132.181.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
195.177.92.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
45.81.112.0/22 maxlen: 24
77.83.37.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:53:57:6f:54:b2:d5:3c:f8:4b:cc:64:27:0b:16:ef:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Nov 7 18:25:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ae0aa1a28435c38877716780a3753de6f6f67998
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:8d:ae:c6:af:c0:e8:a4:34:f9:9a:8d:85:30:
d4:d0:19:67:6c:d6:f8:64:34:ad:2c:12:ff:1c:e0:
b5:c2:e3:ff:97:11:41:5b:52:e2:d7:d9:94:50:39:
b3:c1:35:07:ca:c1:57:72:67:05:fd:8b:a6:23:b2:
55:10:35:f8:56:09:19:c7:ae:af:c8:34:05:e5:75:
c1:e0:79:74:9a:cd:27:86:de:61:f1:4f:d6:48:ba:
5f:a3:67:8a:d0:bc:0f:70:a0:71:c1:aa:65:03:4c:
5c:f2:93:f1:e8:8a:37:31:04:ef:b3:17:db:b7:cf:
ef:7c:3f:88:91:7e:c9:aa:9c:ce:53:8d:4f:29:a4:
64:3b:da:30:a0:7f:16:4e:ae:bb:a7:fb:7e:19:7b:
de:98:a6:78:df:98:71:57:fc:c2:81:5c:a8:3f:8d:
16:26:57:9f:6a:49:e2:e5:6d:28:7f:0f:1e:97:9e:
52:b7:a8:aa:ab:bf:bd:f2:54:59:c4:0d:72:42:ac:
f0:b6:01:81:b9:6d:ef:2d:1e:c7:80:d9:bd:a6:e1:
8a:b2:ff:f2:c6:ff:3d:15:59:b3:e4:6a:e9:83:e2:
89:c6:9f:59:24:34:f5:cc:35:61:eb:75:bc:fa:a3:
c5:6f:b8:90:c6:f6:4c:e7:b4:96:1e:be:f1:4c:0e:
1c:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:0A:A1:A2:84:35:C3:88:77:71:67:80:A3:75:3D:E6:F6:F6:79:98
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/rgqhooQ1w4h3cWeAo3U95vb2eZg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.84.0/23
5.181.87.0/24
45.13.190.0/24
45.81.112.0/22
45.88.136.0/23
45.132.181.0-45.132.183.255
45.144.212.0/24
45.151.3.0/24
77.83.37.0/24
85.209.122.0/23
193.30.241.0/24
194.242.97.0/24
195.177.92.0/24
195.177.94.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:18:c7:1c:74:b7:ed:52:fc:e8:fe:d1:39:d4:8f:5f:4c:66:
36:fe:ab:51:fb:ed:62:11:ea:e2:05:8b:b0:d1:c7:9c:49:e6:
e7:16:8a:a2:84:5c:fd:4d:62:16:e9:c5:a8:77:32:43:64:d9:
88:28:95:13:01:6c:d3:91:cf:bc:b7:5e:5a:44:76:5b:51:ce:
f5:f1:0e:e1:f0:49:4b:6c:62:d7:8d:1e:48:94:53:f9:ca:f2:
cd:c0:9f:56:d4:cf:31:d2:08:3b:f0:6c:7c:30:a6:5a:5e:e8:
62:0a:c0:df:d6:4f:4a:3a:e5:17:5b:f6:6c:01:a7:c8:8a:ee:
55:3f:0e:be:09:a4:5b:df:eb:7e:74:d5:d3:1d:3b:1d:e8:5d:
30:20:57:3b:21:54:a4:1e:ae:fe:a2:4b:61:5d:2d:55:b0:93:
53:dc:92:a3:39:4d:31:f3:a0:f0:69:b0:30:57:9a:93:88:5d:
68:8e:59:c7:b0:4b:bb:f6:d5:c1:13:29:bb:f2:5e:24:18:f7:
30:c5:46:62:bf:88:be:f5:18:31:9d:36:ed:c5:da:49:77:01:
4f:2c:94:93:e3:d4:50:19:e5:64:74:c6:13:ac:8c:c1:3a:c1:
97:e0:23:d1:38:a2:5b:86:93:77:07:f1:04:4e:65:e0:52:80:
f8:fd:47:c9
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAYRTV29UstU8+EvMZCcLFu8eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjIxMTA3MTgyNTQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTBhYTFhMjg0MzVjMzg4Nzc3MTY3ODBhMzc1M2RlNmY2ZjY3OTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Y2uxq/A6KQ0+ZqNhTDU0BlnbNb4
ZDStLBL/HOC1wuP/lxFBW1Li19mUUDmzwTUHysFXcmcF/YumI7JVEDX4VgkZx66v
yDQF5XXB4Hl0ms0nht5h8U/WSLpfo2eK0LwPcKBxwaplA0xc8pPx6Io3MQTvsxfb
t8/vfD+IkX7JqpzOU41PKaRkO9owoH8WTq67p/t+GXvemKZ435hxV/zCgVyoP40W
Jlefakni5W0ofw8el55St6iqq7+98lRZxA1yQqzwtgGBuW3vLR7HgNm9puGKsv/y
xv89FVmz5Grpg+KJxp9ZJDT1zDVh63W8+qPFb7iQxvZM57SWHr7xTA4c3wIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFK4KoaKENcOId3FngKN1Peb29nmYMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvcmdxaG9vUTF3NGgzY1dlQW8zVTk1dmIyZVpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDBiBAIAATBcAwQBBbVUAwQA
BbVXAwQALQ2+AwQCLVFwAwQBLViIMAwDBAAthLUDBAMthLADBAAtkNQDBAAtlwMD
BABNUyUDBAFV0XoDBADBHvEDBADC8mEDBADDsVwDBADDsV4wDQYJKoZIhvcNAQEL
BQADggEBAFwYxxx0t+1S/Oj+0TnUj19MZjb+q1H77WIR6uIFi7DRx5xJ5ucWiqKE
XP1NYhbpxah3MkNk2YgolRMBbNORz7y3XlpEdltRzvXxDuHwSUtsYteNHkiUU/nK
8s3An1bUzzHSCDvwbHwwplpe6GIKwN/WT0o65Rdb9mwBp8iK7lU/Dr4JpFvf6350
1dMdOx3oXTAgVzshVKQerv6iS2FdLVWwk1PckqM5TTHzoPBpsDBXmpOIXWiOWcew
S7v21cETKbvyXiQY9zDFRmK/iL71GDGdNu3F2kl3AU8slJPj1FAZ5WR0xhOsjME6
wZfgI9E4oluGk3cH8QROZeBSgPj9R8k=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:33 2023 by rpki-client on console-fra.rpki-client.org