Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/tXvQlyYrQ1EnLm_UkpClkovsato.roa
File: tXvQlyYrQ1EnLm_UkpClkovsato.roa (raw, json)
Hash identifier: SAddUsJiE4icDlykCrLrRBNYQZCQNszIuokcX9lCvhg=
Subject key identifier: B5:7B:D0:97:26:2B:43:51:27:2E:6F:D4:92:90:A5:92:8B:EC:6A:DA
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 0184EBB334463F3799195B058E0C588E47F9
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/tXvQlyYrQ1EnLm_UkpClkovsato.roa
Signing time: Wed 07 Dec 2022 08:28:20 +0000
ROA not before: Wed 07 Dec 2022 08:28:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43260
IP address blocks: 85.209.120.0/23 maxlen: 24
45.13.188.0/24 maxlen: 24
45.13.189.0/24 maxlen: 24
77.83.38.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:eb:b3:34:46:3f:37:99:19:5b:05:8e:0c:58:8e:47:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Dec 7 08:28:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b57bd097262b4351272e6fd49290a5928bec6ada
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:1a:43:c3:c5:ec:f0:65:07:43:93:45:66:3c:
2c:97:17:b3:1d:93:8d:dd:ac:10:75:3b:f7:f3:db:
40:49:7f:b5:d1:73:34:b4:f9:8e:dd:82:64:93:ae:
42:fe:a8:1b:65:c1:9c:c0:bb:74:52:12:42:f7:5a:
20:0c:52:b3:29:12:db:5f:5d:08:2b:18:ad:fd:8e:
22:32:ef:d8:aa:6c:4f:04:48:9f:d8:69:12:e4:df:
bb:3d:a3:b0:e8:bd:0f:59:9a:f6:b4:d3:e4:e1:8a:
d5:d8:a4:4b:3b:06:63:33:90:12:97:76:c8:d0:c4:
26:3e:72:a4:2d:89:be:0b:5f:f0:33:1e:24:2b:95:
b7:e2:a6:e6:59:1f:da:c7:84:31:ca:ac:2a:16:50:
79:66:14:c2:f2:bf:5a:a2:56:c0:dc:df:19:20:3f:
b0:ba:06:e7:2b:f5:f3:61:3c:f5:83:2c:c8:e3:8a:
6f:ec:47:1d:d3:c6:eb:67:dc:7c:5d:83:37:61:73:
77:dd:d6:69:f8:8a:54:fe:11:cd:3a:19:33:ff:6c:
84:27:91:a7:ba:2b:0f:84:cc:4b:eb:a4:66:35:dc:
3c:b8:04:9d:34:47:19:f7:a5:45:79:af:53:dd:00:
79:05:2c:2e:1d:f3:03:15:2c:65:f8:69:5e:8a:7f:
a9:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:7B:D0:97:26:2B:43:51:27:2E:6F:D4:92:90:A5:92:8B:EC:6A:DA
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/tXvQlyYrQ1EnLm_UkpClkovsato.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.188.0/23
77.83.38.0/24
85.209.120.0/23
Signature Algorithm: sha256WithRSAEncryption
ae:24:5d:4e:17:2a:c6:b6:b9:82:3b:3f:5f:72:8f:4e:6c:23:
74:f1:8f:e4:42:ab:9a:94:a5:b5:a5:23:65:39:14:13:a5:f8:
27:22:c7:44:c6:6a:2e:e8:28:b6:17:cd:dc:85:88:5b:9e:71:
87:ab:33:60:0b:02:b3:82:51:37:f0:19:00:2d:00:30:71:07:
fc:09:4f:3e:32:ee:74:0c:49:bc:5f:d4:f2:00:3f:43:79:25:
c7:cd:b4:e9:4d:bb:24:20:0d:c0:17:a0:fd:ec:ab:9b:7f:ef:
c7:f1:1e:24:aa:5a:43:f2:04:3a:56:33:a7:07:2b:80:3b:6c:
a8:53:dd:05:2d:e8:8a:77:e3:3b:c0:7d:05:c3:1b:3f:fe:63:
36:93:a8:bb:3b:1f:07:1a:53:66:0a:19:f3:42:21:c2:31:3a:
cc:80:bd:41:3a:af:16:f3:e2:0b:ae:1e:b2:14:01:1a:81:c1:
72:86:f2:2b:d7:ad:07:b0:68:6d:4f:7e:5f:a8:c7:d7:32:a3:
da:71:b7:62:4f:30:68:01:d4:dc:6e:a3:65:4f:9a:5d:9c:f7:
13:90:8d:b8:b2:64:de:9e:d2:df:b8:9a:86:9a:74:ea:f6:80:
85:03:96:11:7e:7f:da:0a:12:6f:0b:27:94:cf:b9:71:b6:10:
9e:0a:ba:b9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYTrszRGPzeZGVsFjgxYjkf5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjIxMjA3MDgyODIwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTdiZDA5NzI2MmI0MzUxMjcyZTZmZDQ5MjkwYTU5MjhiZWM2YWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAixpDw8Xs8GUHQ5NFZjwslxezHZON
3awQdTv389tASX+10XM0tPmO3YJkk65C/qgbZcGcwLt0UhJC91ogDFKzKRLbX10I
Kxit/Y4iMu/YqmxPBEif2GkS5N+7PaOw6L0PWZr2tNPk4YrV2KRLOwZjM5ASl3bI
0MQmPnKkLYm+C1/wMx4kK5W34qbmWR/ax4QxyqwqFlB5ZhTC8r9aolbA3N8ZID+w
ugbnK/XzYTz1gyzI44pv7Ecd08brZ9x8XYM3YXN33dZp+IpU/hHNOhkz/2yEJ5Gn
uisPhMxL66RmNdw8uASdNEcZ96VFea9T3QB5BSwuHfMDFSxl+Glein+pYQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLV70JcmK0NRJy5v1JKQpZKL7GraMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvdFh2UWx5WXJRMUVuTG1fVWtwQ2xrb3ZzYXRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBLQ28AwQA
TVMmAwQBVdF4MA0GCSqGSIb3DQEBCwUAA4IBAQCuJF1OFyrGtrmCOz9fco9ObCN0
8Y/kQqualKW1pSNlORQTpfgnIsdExmou6Ci2F83chYhbnnGHqzNgCwKzglE38BkA
LQAwcQf8CU8+Mu50DEm8X9TyAD9DeSXHzbTpTbskIA3AF6D97Kubf+/H8R4kqlpD
8gQ6VjOnByuAO2yoU90FLeiKd+M7wH0Fwxs//mM2k6i7Ox8HGlNmChnzQiHCMTrM
gL1BOq8W8+ILrh6yFAEagcFyhvIr160HsGhtT35fqMfXMqPacbdiTzBoAdTcbqNl
T5pdnPcTkI24smTentLfuJqGmnTq9oCFA5YRfn/aChJvCyeUz7lxthCeCrq5
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:32 2024 by rpki-client on console-fra.rpki-client.org