Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/fe9d1d-4ade-4630-8aba-f8f0c7d662e7/1/9sTu1W8IY6Bf_LV9L2t6ZqjZQ1g.roa
File: 9sTu1W8IY6Bf_LV9L2t6ZqjZQ1g.roa (raw, json)
Hash identifier: m8C2eepTB3LfBF4vjSimxJIS49w8B/DeGHXHjB+Msn8=
Subject key identifier: F6:C4:EE:D5:6F:08:63:A0:5F:FC:B5:7D:2F:6B:7A:66:A8:D9:43:58
Certificate issuer: /CN=3edf7b2d68ba76a0bd1ba7e9d29fac5852316b9c
Certificate serial: 018508BBA591495D48AF9950368D66267206
Authority key identifier: 3E:DF:7B:2D:68:BA:76:A0:BD:1B:A7:E9:D2:9F:AC:58:52:31:6B:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Pt97LWi6dqC9G6fp0p-sWFIxa5w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/fe9d1d-4ade-4630-8aba-f8f0c7d662e7/1/9sTu1W8IY6Bf_LV9L2t6ZqjZQ1g.roa
Signing time: Mon 12 Dec 2022 23:46:33 +0000
ROA not before: Mon 12 Dec 2022 23:46:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44489
IP address blocks: 45.92.236.0/22 maxlen: 22
178.217.144.0/21 maxlen: 21
185.15.144.0/22 maxlen: 22
89.31.40.0/21 maxlen: 21
91.235.200.0/23 maxlen: 23
178.255.168.0/21 maxlen: 21
185.173.248.0/22 maxlen: 22
92.62.224.0/20 maxlen: 20
2a0b:7f00::/29 maxlen: 29
2a02:768::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:08:bb:a5:91:49:5d:48:af:99:50:36:8d:66:26:72:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3edf7b2d68ba76a0bd1ba7e9d29fac5852316b9c
Validity
Not Before: Dec 12 23:46:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f6c4eed56f0863a05ffcb57d2f6b7a66a8d94358
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:d4:cc:71:b5:d0:15:7e:05:10:60:27:2f:1f:
0e:45:0a:49:b4:95:16:ac:1d:5f:4c:d0:9f:53:df:
9f:5f:fa:14:38:54:31:10:8a:d1:50:28:df:51:d9:
a3:08:52:50:e0:9e:a8:ca:19:33:bf:72:70:9f:19:
05:fc:e1:09:03:32:b0:f9:03:d5:89:ff:72:7e:99:
5b:67:bc:91:a9:be:cf:65:53:c0:be:c1:0e:33:47:
aa:6b:de:3a:2f:dc:de:ce:77:76:14:81:20:ce:e2:
47:bc:36:8a:df:8b:78:6c:19:c2:16:fd:5f:bc:cd:
46:77:b1:62:8e:39:d8:e6:31:80:09:83:cf:fb:ad:
82:58:34:d4:43:65:64:0a:ed:8c:8f:35:4f:e4:fd:
bf:95:72:71:6b:33:86:2e:cb:ad:d4:f8:c7:4f:00:
f9:a5:2c:a0:91:7c:f2:04:3a:6a:91:71:56:00:61:
71:34:51:81:2b:8c:b7:47:76:38:6f:26:44:8a:db:
6a:a1:0c:50:44:e9:3f:f1:f0:f9:7a:42:e3:01:1c:
3c:92:b7:b6:c4:7b:e2:ce:68:75:3f:21:f9:67:39:
ce:9d:04:a5:06:12:2a:96:ac:78:20:bc:00:5b:43:
40:e3:24:37:28:ff:98:a4:af:35:ac:fb:3d:f5:cb:
6f:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:C4:EE:D5:6F:08:63:A0:5F:FC:B5:7D:2F:6B:7A:66:A8:D9:43:58
X509v3 Authority Key Identifier:
keyid:3E:DF:7B:2D:68:BA:76:A0:BD:1B:A7:E9:D2:9F:AC:58:52:31:6B:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pt97LWi6dqC9G6fp0p-sWFIxa5w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/fe9d1d-4ade-4630-8aba-f8f0c7d662e7/1/9sTu1W8IY6Bf_LV9L2t6ZqjZQ1g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/fe9d1d-4ade-4630-8aba-f8f0c7d662e7/1/Pt97LWi6dqC9G6fp0p-sWFIxa5w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.92.236.0/22
89.31.40.0/21
91.235.200.0/23
92.62.224.0/20
178.217.144.0/21
178.255.168.0/21
185.15.144.0/22
185.173.248.0/22
IPv6:
2a02:768::/32
2a0b:7f00::/29
Signature Algorithm: sha256WithRSAEncryption
53:c2:ea:12:87:51:e1:8d:9d:78:c2:4e:18:a0:a1:71:27:7f:
cf:5c:fd:36:f5:2a:ee:4a:e4:24:b2:06:fb:a2:53:9e:c3:66:
84:fd:d8:d9:9d:ce:74:a8:34:22:50:ff:da:97:82:73:b9:47:
59:8a:46:28:86:8f:1c:0b:50:f8:d9:2f:86:42:ad:67:df:3b:
51:8a:a3:6b:b4:41:02:c2:5d:4e:00:8b:88:e0:20:c7:c4:e1:
b5:af:fa:9a:25:0d:78:88:f2:92:9a:a7:08:39:fa:6e:1f:e2:
7e:88:20:07:de:a2:0b:e4:a9:78:71:9e:72:94:57:66:6e:08:
00:4d:04:27:fe:37:71:60:1d:94:fa:58:d0:5d:f5:fe:6c:85:
92:c3:8a:b1:c2:1a:7a:97:20:78:4d:94:df:14:ae:e8:be:17:
64:56:4c:86:3b:2c:cc:7d:51:84:fb:66:12:7c:45:02:4a:ec:
8e:f8:1f:42:4c:68:49:3c:c4:8b:3a:19:c2:9f:37:5b:d0:3c:
fd:f0:4e:2c:b5:e7:41:3b:ff:11:23:b7:7e:90:a9:fa:81:7f:
a4:c1:89:5a:87:e9:60:cb:26:40:4f:e0:69:ad:44:7b:77:ea:
2f:db:4d:72:b3:f9:92:57:f0:51:18:f6:ad:4d:3b:ca:5d:d4:
4d:5e:86:12
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAYUIu6WRSV1Ir5lQNo1mJnIGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlZGY3YjJkNjhiYTc2YTBiZDFiYTdlOWQyOWZhYzU4NTIz
MTZiOWMwHhcNMjIxMjEyMjM0NjMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNmM0ZWVkNTZmMDg2M2EwNWZmY2I1N2QyZjZiN2E2NmE4ZDk0MzU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAndTMcbXQFX4FEGAnLx8ORQpJtJUW
rB1fTNCfU9+fX/oUOFQxEIrRUCjfUdmjCFJQ4J6oyhkzv3JwnxkF/OEJAzKw+QPV
if9yfplbZ7yRqb7PZVPAvsEOM0eqa946L9zeznd2FIEgzuJHvDaK34t4bBnCFv1f
vM1Gd7FijjnY5jGACYPP+62CWDTUQ2VkCu2MjzVP5P2/lXJxazOGLsut1PjHTwD5
pSygkXzyBDpqkXFWAGFxNFGBK4y3R3Y4byZEittqoQxQROk/8fD5ekLjARw8kre2
xHvizmh1PyH5ZznOnQSlBhIqlqx4ILwAW0NA4yQ3KP+YpK81rPs99ctvYwIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFPbE7tVvCGOgX/y1fS9remao2UNYMB8GA1UdIwQY
MBaAFD7fey1ounagvRun6dKfrFhSMWucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHQ5N0xXaTZkcUM5RzZmcDBwLXNXRkl4YTV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9mZTlkMWQtNGFkZS00NjMwLThhYmEt
ZjhmMGM3ZDY2MmU3LzEvOXNUdTFXOElZNkJmX0xWOUwydDZacWpaUTFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9mZTlkMWQtNGFkZS00NjMwLThhYmEtZjhmMGM3ZDY2MmU3
LzEvUHQ5N0xXaTZkcUM5RzZmcDBwLXNXRkl4YTV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjA2BAIAATAwAwQCLVzsAwQD
WR8oAwQBW+vIAwQEXD7gAwQDstmQAwQDsv+oAwQCuQ+QAwQCua34MBQEAgACMA4D
BQAqAgdoAwUDKgt/ADANBgkqhkiG9w0BAQsFAAOCAQEAU8LqEodR4Y2deMJOGKCh
cSd/z1z9NvUq7krkJLIG+6JTnsNmhP3Y2Z3OdKg0IlD/2peCc7lHWYpGKIaPHAtQ
+NkvhkKtZ987UYqja7RBAsJdTgCLiOAgx8Thta/6miUNeIjykpqnCDn6bh/ifogg
B96iC+SpeHGecpRXZm4IAE0EJ/43cWAdlPpY0F31/myFksOKscIaepcgeE2U3xSu
6L4XZFZMhjsszH1RhPtmEnxFAkrsjvgfQkxoSTzEizoZwp83W9A8/fBOLLXnQTv/
ESO3fpCp+oF/pMGJWofpYMsmQE/gaa1Ee3fqL9tNcrP5klfwURj2rU07yl3UTV6G
Eg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:27 2024 by rpki-client on console-ams.rpki-client.org