Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/zRVobAv8GMagfOpIRW3anhplXYM.roa
File: zRVobAv8GMagfOpIRW3anhplXYM.roa (raw, json)
Hash identifier: 9JwlyDlMsQ1qMfcG/3t1Br047Xvtf9Fo9wcmRkyIVOg=
Subject key identifier: CD:15:68:6C:0B:FC:18:C6:A0:7C:EA:48:45:6D:DA:9E:1A:65:5D:83
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 083C0C13
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/zRVobAv8GMagfOpIRW3anhplXYM.roa
Signing time: Fri 15 Apr 2022 19:35:18 +0000
ROA not before: Fri 15 Apr 2022 19:35:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7029
IP address blocks: 45.151.0.0/23 maxlen: 24
45.151.2.0/24 maxlen: 24
195.211.188.0/22 maxlen: 24
2.56.108.0/22 maxlen: 24
45.88.136.0/24 maxlen: 24
45.88.138.0/24 maxlen: 24
45.88.137.0/24 maxlen: 24
45.88.139.0/24 maxlen: 24
193.57.41.0/24 maxlen: 24
45.144.213.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
195.62.24.0/24 maxlen: 24
45.13.188.0/24 maxlen: 24
45.13.189.0/24 maxlen: 24
45.13.191.0/24 maxlen: 24
45.144.215.0/24 maxlen: 24
45.144.214.0/24 maxlen: 24
194.15.52.0/23 maxlen: 24
85.209.120.0/24 maxlen: 24
85.209.122.0/24 maxlen: 24
85.209.121.0/24 maxlen: 24
85.209.123.0/24 maxlen: 24
77.83.39.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
195.177.95.0/24 maxlen: 24
77.83.38.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 138152979 (0x83c0c13)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Apr 15 19:35:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cd15686c0bfc18c6a07cea48456dda9e1a655d83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:bd:ed:33:61:86:f1:c0:f4:97:e5:03:c5:e5:
2c:a7:30:5f:75:7c:24:ed:7f:52:58:96:4f:88:b7:
05:b8:36:0e:fc:17:fe:07:0c:2f:54:77:49:20:d0:
0b:58:19:82:94:61:05:e6:c6:54:a5:32:81:f2:9e:
5e:12:2d:76:ea:12:6b:fb:80:31:0d:93:18:02:cb:
26:62:e5:40:59:fe:9c:fe:89:95:21:a6:13:5c:a4:
0c:7d:22:d5:38:6c:33:64:57:fe:d5:98:c6:31:7d:
f0:92:58:3c:ea:f2:03:ae:ff:20:a5:a1:13:82:aa:
16:28:4a:b9:20:ed:f3:a8:46:dd:b8:b5:8d:4a:5b:
96:24:0b:a6:41:03:1e:c7:0c:b6:8c:ca:67:67:33:
d7:bc:1f:cc:e9:b9:1f:0f:12:ca:37:bf:39:a5:4b:
72:87:04:69:56:4d:c4:f7:b6:dd:56:bc:1d:05:0f:
9d:31:62:a7:2b:df:f4:ec:7d:9f:18:b7:0d:f7:15:
46:db:f3:85:a6:17:0c:0e:b4:55:8f:fd:37:e3:07:
3c:ee:0e:0d:a0:35:f1:10:0b:15:91:a4:31:ed:57:
0c:10:c4:46:a3:f5:bc:e0:84:83:7a:13:ab:56:72:
7a:67:79:eb:98:4e:c6:b3:dc:3d:4a:06:48:09:4c:
a4:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:15:68:6C:0B:FC:18:C6:A0:7C:EA:48:45:6D:DA:9E:1A:65:5D:83
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/zRVobAv8GMagfOpIRW3anhplXYM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.108.0/22
45.13.188.0/23
45.13.191.0/24
45.88.136.0/22
45.132.182.0/23
45.144.213.0-45.144.215.255
45.151.0.0-45.151.2.255
77.83.38.0/23
85.209.120.0/22
193.57.41.0/24
194.15.52.0/23
195.62.24.0/24
195.177.93.0/24
195.177.95.0/24
195.211.188.0/22
Signature Algorithm: sha256WithRSAEncryption
53:5c:7e:a7:3e:a2:d8:19:ab:16:96:0d:ea:ed:bd:ea:cd:6a:
a5:9c:15:5e:62:a6:bf:6f:d2:65:ce:68:98:55:3f:60:54:88:
4a:1b:7f:4a:1b:98:7a:8c:9f:9e:d0:67:73:db:d8:33:41:c8:
71:54:53:29:57:4f:25:42:0c:e1:5c:4f:36:51:e9:b4:42:bb:
6f:4d:0f:38:25:30:5c:20:b7:d3:c5:1c:f3:81:4e:9d:86:8b:
70:79:c2:1a:f4:43:8f:2e:69:d4:04:2a:f8:95:fb:8d:98:37:
60:7b:52:df:d7:d2:8d:45:43:ac:0f:80:93:3d:7e:25:35:c4:
9c:a9:fa:7c:f1:a5:ef:40:36:2c:b0:90:e9:e4:94:b3:b1:dc:
be:7d:db:77:90:82:fb:20:2d:7f:f8:56:22:da:21:2d:f7:ac:
cf:2a:5e:b8:53:f8:dd:11:04:7f:1c:79:9e:8c:5d:c1:d6:f0:
d0:c5:2d:51:ab:62:7b:ff:e8:88:3f:a0:e7:99:ec:78:0a:a2:
08:ac:ce:b7:c7:ac:d1:7f:9d:dc:0b:d4:13:89:08:a1:6a:79:
3e:de:c5:84:c5:17:be:ab:7d:24:62:2d:de:eb:35:54:67:9b:
75:db:0c:8d:76:94:d8:27:06:d2:9f:5d:09:f1:c6:db:bf:0e:
d3:22:48:2d
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgIECDwMEzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ZDJhNDc4YmIwYjA4ZTY2MWIwYjJmOWZiZTg5MzViYzljMmEyOGExMB4XDTIyMDQx
NTE5MzUxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2QxNTY4NmMwYmZj
MThjNmEwN2NlYTQ4NDU2ZGRhOWUxYTY1NWQ4MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMS97TNhhvHA9JflA8XlLKcwX3V8JO1/UliWT4i3Bbg2DvwX
/gcML1R3SSDQC1gZgpRhBebGVKUygfKeXhItduoSa/uAMQ2TGALLJmLlQFn+nP6J
lSGmE1ykDH0i1ThsM2RX/tWYxjF98JJYPOryA67/IKWhE4KqFihKuSDt86hG3bi1
jUpbliQLpkEDHscMtozKZ2cz17wfzOm5Hw8Syje/OaVLcocEaVZNxPe23Va8HQUP
nTFipyvf9Ox9nxi3DfcVRtvzhaYXDA60VY/9N+MHPO4ODaA18RALFZGkMe1XDBDE
RqP1vOCEg3oTq1Zyemd565hOxrPcPUoGSAlMpBUCAwEAAaOCAm0wggJpMB0GA1Ud
DgQWBBTNFWhsC/wYxqB86khFbdqeGmVdgzAfBgNVHSMEGDAWgBSdKkeLsLCOZhsL
L5++iTW8nCoooTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L25TcEhpN0N3am1ZYkN5LWZ2b2sxdkp3cUtLRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTYvNjYzZGY1LTU4MGMtNGYyYy1hNjZjLWVlZjM1MTFmNmM2MC8x
L3pSVm9iQXY4R01hZ2ZPcElSVzNhbmhwbFhZTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTYv
NjYzZGY1LTU4MGMtNGYyYy1hNjZjLWVlZjM1MTFmNmM2MC8xL25TcEhpN0N3am1Z
YkN5LWZ2b2sxdkp3cUtLRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
ggYIKwYBBQUHAQcBAf8EczBxMG8EAgABMGkDBAICOGwDBAEtDbwDBAAtDb8DBAIt
WIgDBAEthLYwDAMEAC2Q1QMEAy2Q0DALAwMALZcDBAAtlwIDBAFNUyYDBAJV0XgD
BADBOSkDBAHCDzQDBADDPhgDBADDsV0DBADDsV8DBALD07wwDQYJKoZIhvcNAQEL
BQADggEBAFNcfqc+otgZqxaWDertverNaqWcFV5ipr9v0mXOaJhVP2BUiEobf0ob
mHqMn57QZ3Pb2DNByHFUUylXTyVCDOFcTzZR6bRCu29NDzglMFwgt9PFHPOBTp2G
i3B5whr0Q48uadQEKviV+42YN2B7Ut/X0o1FQ6wPgJM9fiU1xJyp+nzxpe9ANiyw
kOnklLOx3L5923eQgvsgLX/4ViLaIS33rM8qXrhT+N0RBH8ceZ6MXcHW8NDFLVGr
Ynv/6Ig/oOeZ7HgKogiszrfHrNF/ndwL1BOJCKFqeT7exYTFF76rfSRiLd7rNVRn
m3XbDI12lNgnBtKfXQnxxtu/DtMiSC0=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:33 2023 by rpki-client on console-fra.rpki-client.org