Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/9KVl3tnaRIoYrkFkxec4l5J3vDs.roa
File: 9KVl3tnaRIoYrkFkxec4l5J3vDs.roa (raw, json)
Hash identifier: lYt5ZC+xfUF+jIYggKM8TGgK+aMvdtiHgKESy9G5u+I=
Subject key identifier: F4:A5:65:DE:D9:DA:44:8A:18:AE:41:64:C5:E7:38:97:92:77:BC:3B
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 018433A08ACACFE955B69D30251EB5A53767
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/9KVl3tnaRIoYrkFkxec4l5J3vDs.roa
Signing time: Tue 01 Nov 2022 14:37:50 +0000
ROA not before: Tue 01 Nov 2022 14:37:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49870
IP address blocks: 45.140.222.0/23 maxlen: 23
45.81.21.0/24 maxlen: 24
2.56.167.0/24 maxlen: 24
45.81.22.0/23 maxlen: 23
89.190.159.0/24 maxlen: 24
89.190.156.0/24 maxlen: 24
185.242.226.0/24 maxlen: 24
194.50.16.0/23 maxlen: 24
212.107.12.0/24 maxlen: 24
77.83.240.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:33:a0:8a:ca:cf:e9:55:b6:9d:30:25:1e:b5:a5:37:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Nov 1 14:37:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f4a565ded9da448a18ae4164c5e738979277bc3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:17:e6:8b:1c:50:8e:e9:de:fc:59:2f:5d:55:
3b:0e:dc:0d:f7:bb:7e:3c:96:d8:36:79:2e:56:a6:
40:72:e4:2b:cb:86:b6:32:c2:2a:90:1f:84:b0:30:
4b:94:e0:60:24:41:6f:37:63:8b:44:4a:cc:0f:60:
3e:a7:d7:18:80:63:27:80:77:0e:53:18:92:e2:e9:
e5:55:cd:64:e8:9d:cf:86:6d:d8:a1:7e:b0:13:c0:
5a:5b:aa:27:ca:dd:3e:41:fa:c8:82:fe:eb:e8:0a:
3c:31:42:c4:1c:ae:26:28:e8:a2:3c:cf:3a:88:e7:
60:f4:70:ff:99:7f:a0:26:7d:b6:6a:fd:5b:02:9e:
45:cd:0b:eb:c1:b1:5f:69:61:60:37:48:3b:1c:94:
ea:77:69:3b:0c:0d:0e:37:59:f2:d4:b6:92:93:9f:
ec:7e:ac:fb:85:74:dc:be:f3:70:43:62:63:12:b9:
02:36:28:9e:25:1c:7c:5f:8f:0f:2c:83:47:c8:99:
e1:2a:b3:75:40:59:f9:09:6a:a0:6b:98:da:8b:2e:
df:6c:94:04:24:14:cb:3a:cf:4b:c9:57:6b:db:26:
14:c5:d5:fc:b2:f6:f8:ff:eb:5e:5a:5b:2f:16:ee:
db:71:11:72:92:50:3a:00:57:33:69:a2:4b:8c:78:
1b:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:A5:65:DE:D9:DA:44:8A:18:AE:41:64:C5:E7:38:97:92:77:BC:3B
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/9KVl3tnaRIoYrkFkxec4l5J3vDs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.167.0/24
45.81.21.0-45.81.23.255
45.140.222.0/23
77.83.240.0/24
89.190.156.0/24
89.190.159.0/24
185.242.226.0/24
194.50.16.0/23
212.107.12.0/24
Signature Algorithm: sha256WithRSAEncryption
b8:37:b1:12:b3:0c:39:fa:37:b9:41:a0:e5:f4:e3:b9:3c:3a:
a8:af:6f:d5:76:29:40:14:f1:7b:90:65:40:45:5c:e1:66:df:
6e:85:9b:7d:7d:d9:1e:e1:23:05:29:7a:b5:3a:7a:45:e7:53:
28:6f:60:bd:e6:a7:1d:be:05:2b:fe:38:ca:b5:e5:b6:05:14:
38:ad:d8:44:df:b4:74:0f:f2:4a:de:6c:54:5c:97:ab:8a:e4:
da:97:1d:dc:fa:9c:d1:48:90:c1:7a:b9:84:9b:e3:75:60:38:
0f:5f:1f:35:54:51:bb:72:2e:02:9a:ac:f8:a5:71:2d:82:44:
c4:c5:89:01:dc:e2:34:36:4c:24:51:6f:52:1c:a1:0f:f3:8b:
6f:96:73:95:c4:d9:2e:73:a6:d7:6e:b3:ea:68:f3:86:63:f4:
99:35:61:c8:93:cf:3a:69:99:b7:33:11:64:04:e2:3b:38:51:
6f:41:15:35:ab:f8:c9:61:b1:1c:79:d7:33:d2:48:40:72:ef:
61:a2:7b:19:db:32:99:a2:c3:6b:1d:90:89:84:e4:5a:b8:2d:
22:4b:49:f0:ee:30:8e:a3:dd:b2:53:76:c4:4e:2c:54:ce:40:
69:cc:80:a4:d8:43:15:bc:f7:f3:1f:8f:41:5f:93:2e:f8:e0:
e5:8d:6e:8e
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYQzoIrKz+lVtp0wJR61pTdnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjIxMTAxMTQzNzUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGE1NjVkZWQ5ZGE0NDhhMThhZTQxNjRjNWU3Mzg5NzkyNzdiYzNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArxfmixxQjune/FkvXVU7DtwN97t+
PJbYNnkuVqZAcuQry4a2MsIqkB+EsDBLlOBgJEFvN2OLRErMD2A+p9cYgGMngHcO
UxiS4unlVc1k6J3Phm3YoX6wE8BaW6onyt0+QfrIgv7r6Ao8MULEHK4mKOiiPM86
iOdg9HD/mX+gJn22av1bAp5FzQvrwbFfaWFgN0g7HJTqd2k7DA0ON1ny1LaSk5/s
fqz7hXTcvvNwQ2JjErkCNiieJRx8X48PLINHyJnhKrN1QFn5CWqga5jaiy7fbJQE
JBTLOs9LyVdr2yYUxdX8svb4/+teWlsvFu7bcRFyklA6AFczaaJLjHgbqQIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFPSlZd7Z2kSKGK5BZMXnOJeSd7w7MB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvOUtWbDN0bmFSSW9ZcmtGa3hlYzRsNUozdkRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQAAjinMAwD
BAAtURUDBAMtURADBAEtjN4DBABNU/ADBABZvpwDBABZvp8DBAC58uIDBAHCMhAD
BADUawwwDQYJKoZIhvcNAQELBQADggEBALg3sRKzDDn6N7lBoOX047k8Oqivb9V2
KUAU8XuQZUBFXOFm326Fm3192R7hIwUperU6ekXnUyhvYL3mpx2+BSv+OMq15bYF
FDit2ETftHQP8krebFRcl6uK5NqXHdz6nNFIkMF6uYSb43VgOA9fHzVUUbtyLgKa
rPilcS2CRMTFiQHc4jQ2TCRRb1IcoQ/zi2+Wc5XE2S5zptdus+po84Zj9Jk1YciT
zzppmbczEWQE4js4UW9BFTWr+MlhsRx51zPSSEBy72GiexnbMpmiw2sdkImE5Fq4
LSJLSfDuMI6j3bJTdsROLFTOQGnMgKTYQxW89/Mfj0Ffky744OWNbo4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:48 2024 by rpki-client on console-fra.rpki-client.org