Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/xecPi_AFJOI2j0-dxxkN0xgViFE.roa
File: xecPi_AFJOI2j0-dxxkN0xgViFE.roa (raw, json)
Hash identifier: gOp2TthWaJ1TF5oXJzK97BFXWrM/k+H0pL6V4zeWt3U=
Subject key identifier: C5:E7:0F:8B:F0:05:24:E2:36:8F:4F:9D:C7:19:0D:D3:18:15:88:51
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 01849BA338D6E8AB0CBD33E9183AB47AF3B3
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/xecPi_AFJOI2j0-dxxkN0xgViFE.roa
Signing time: Mon 21 Nov 2022 19:21:16 +0000
ROA not before: Mon 21 Nov 2022 19:21:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208485
IP address blocks: 45.13.189.0/24 maxlen: 24
45.13.188.0/24 maxlen: 24
45.9.30.0/24 maxlen: 24
45.132.180.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
45.88.137.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:9b:a3:38:d6:e8:ab:0c:bd:33:e9:18:3a:b4:7a:f3:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Nov 21 19:21:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c5e70f8bf00524e2368f4f9dc7190dd318158851
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:6a:4d:2b:99:2d:39:32:e2:99:db:08:54:e1:
cb:bd:fd:64:b9:83:e1:61:43:35:cc:c2:4e:2e:fb:
2f:ef:6d:13:be:59:2e:0e:b3:8c:2a:fb:33:93:dd:
21:dc:8c:51:79:10:12:c4:30:0e:2c:35:f2:d5:d6:
e6:11:c9:6b:49:98:04:28:43:23:a7:0c:d5:ef:54:
85:04:b7:ae:55:e0:90:a9:3c:9a:bc:3f:23:99:a2:
96:01:f0:a7:82:7b:04:87:b4:20:7a:be:e1:11:97:
32:ae:68:c6:40:7c:b1:ef:00:1f:ef:d9:be:8d:78:
3c:d1:64:7b:5d:cf:19:cb:a7:f9:f4:11:e5:4b:b1:
bf:bd:db:f1:4b:67:4b:5b:96:80:25:31:03:14:73:
e8:c8:a0:3a:7a:0d:e8:99:77:51:22:a4:41:3f:2d:
8e:24:e8:d4:10:1d:53:3d:a2:de:be:ee:0a:81:46:
0e:b7:00:af:3c:e3:e3:d7:45:9b:19:9d:c5:78:75:
27:81:76:01:1c:4e:e8:83:af:ba:28:98:d7:e5:9d:
72:dc:b7:3c:5c:6f:c6:7d:a0:c3:dc:79:07:74:80:
23:af:fc:64:6a:34:06:fe:09:d6:87:9c:fa:c4:c2:
25:08:b0:3a:63:f1:53:47:d8:7f:e8:c9:c7:01:53:
da:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:E7:0F:8B:F0:05:24:E2:36:8F:4F:9D:C7:19:0D:D3:18:15:88:51
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/xecPi_AFJOI2j0-dxxkN0xgViFE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.30.0/24
45.13.188.0/23
45.88.137.0/24
45.132.180.0/24
195.177.94.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:c8:77:93:aa:b5:bb:7c:48:cd:dc:80:d8:ed:41:71:9b:ca:
73:6c:54:df:54:a3:32:87:25:2e:f0:12:a8:9e:15:cf:7b:06:
90:eb:ec:d2:55:eb:f6:38:e5:e7:c6:64:e7:59:16:cb:35:17:
d3:6c:16:bb:4f:f7:34:96:07:46:43:0e:2e:b5:7d:1f:22:ac:
f0:dc:91:e5:c4:9e:5b:4c:b9:04:6b:c2:e1:84:63:b8:5a:da:
60:45:a9:35:3a:6e:11:3e:f5:4d:20:86:87:2b:b3:c7:4d:d7:
b4:9e:f0:e8:11:7f:c6:2d:f8:d9:bd:45:c3:e1:09:b8:cf:56:
2b:a5:8c:69:74:5e:13:2b:a3:e9:3e:58:9f:1d:c3:97:42:61:
5b:f4:5d:90:ee:ad:15:30:07:47:08:e7:97:1a:2d:5b:b3:56:
e2:15:40:e2:44:44:67:f8:85:ee:e5:9b:65:64:08:88:84:0f:
f6:8f:cd:eb:fe:a0:5f:9b:fc:e4:1f:6c:3e:53:c4:43:55:47:
89:c4:38:52:83:94:7e:79:c9:41:c8:79:19:7b:87:96:8a:fc:
8a:10:24:43:ea:6e:48:03:7f:44:7a:dd:2f:bc:1d:00:96:ff:
ca:c7:dd:f1:21:a6:25:05:bc:30:97:42:bc:94:6d:e9:9a:63:
f9:61:de:6d
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYSbozjW6KsMvTPpGDq0evOzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjIxMTIxMTkyMTE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWU3MGY4YmYwMDUyNGUyMzY4ZjRmOWRjNzE5MGRkMzE4MTU4ODUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj2pNK5ktOTLimdsIVOHLvf1kuYPh
YUM1zMJOLvsv720TvlkuDrOMKvszk90h3IxReRASxDAOLDXy1dbmEclrSZgEKEMj
pwzV71SFBLeuVeCQqTyavD8jmaKWAfCngnsEh7Qger7hEZcyrmjGQHyx7wAf79m+
jXg80WR7Xc8Zy6f59BHlS7G/vdvxS2dLW5aAJTEDFHPoyKA6eg3omXdRIqRBPy2O
JOjUEB1TPaLevu4KgUYOtwCvPOPj10WbGZ3FeHUngXYBHE7og6+6KJjX5Z1y3Lc8
XG/GfaDD3HkHdIAjr/xkajQG/gnWh5z6xMIlCLA6Y/FTR9h/6MnHAVPaTQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFMXnD4vwBSTiNo9PnccZDdMYFYhRMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEveGVjUGlfQUZKT0kyajAtZHh4a04weGdWaUZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALQkeAwQB
LQ28AwQALViJAwQALYS0AwQAw7FeMA0GCSqGSIb3DQEBCwUAA4IBAQBuyHeTqrW7
fEjN3IDY7UFxm8pzbFTfVKMyhyUu8BKonhXPewaQ6+zSVev2OOXnxmTnWRbLNRfT
bBa7T/c0lgdGQw4utX0fIqzw3JHlxJ5bTLkEa8LhhGO4WtpgRak1Om4RPvVNIIaH
K7PHTde0nvDoEX/GLfjZvUXD4Qm4z1YrpYxpdF4TK6PpPlifHcOXQmFb9F2Q7q0V
MAdHCOeXGi1bs1biFUDiRERn+IXu5ZtlZAiIhA/2j83r/qBfm/zkH2w+U8RDVUeJ
xDhSg5R+eclByHkZe4eWivyKECRD6m5IA39Eet0vvB0Alv/Kx93xIaYlBbwwl0K8
lG3pmmP5Yd5t
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:33 2023 by rpki-client on console-fra.rpki-client.org