Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/er6LkJ-yD8lu9qrFDfnR-avHzLc.roa
File: er6LkJ-yD8lu9qrFDfnR-avHzLc.roa (raw, json)
Hash identifier: 2DK+tgaPMqk1EEuXVYoTlykXRWktC/BsgBwIUaRlztM=
Subject key identifier: 7A:BE:8B:90:9F:B2:0F:C9:6E:F6:AA:C5:0D:F9:D1:F9:AB:C7:CC:B7
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 09D1AA7C
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/er6LkJ-yD8lu9qrFDfnR-avHzLc.roa
Signing time: Tue 01 Mar 2022 06:21:30 +0000
ROA not before: Tue 01 Mar 2022 06:21:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49870
IP address blocks: 2.56.167.0/24 maxlen: 24
45.140.222.0/23 maxlen: 23
45.81.22.0/23 maxlen: 23
45.81.21.0/24 maxlen: 24
89.190.159.0/24 maxlen: 24
89.190.156.0/24 maxlen: 24
194.50.16.0/23 maxlen: 24
212.107.12.0/24 maxlen: 24
77.83.240.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 164735612 (0x9d1aa7c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Mar 1 06:21:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7abe8b909fb20fc96ef6aac50df9d1f9abc7ccb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:ce:3a:d8:3e:63:8b:5b:b8:3a:4c:3e:2d:0f:
5d:e2:11:a7:32:1c:44:f9:26:59:66:11:bd:44:65:
03:90:4d:6c:26:fc:b8:67:27:a4:79:43:90:b9:35:
1a:3b:35:63:53:9a:20:23:5d:dd:b8:61:2b:3e:ed:
ee:22:fa:9c:de:bf:2f:b8:f3:f5:21:23:fa:b8:82:
16:dd:14:6d:09:51:cc:6f:18:33:8e:23:c7:37:bf:
95:ff:13:bf:e4:b9:20:5e:16:7f:7c:1b:27:d2:33:
c4:d4:3a:c7:1b:89:bf:6f:67:1b:3a:92:44:5d:40:
ee:ca:e6:12:a0:ae:0f:38:00:b4:65:da:7e:47:82:
65:3f:88:a0:f6:fe:a2:36:b7:6f:20:78:ba:d0:8a:
be:03:fe:1c:05:f3:6d:d2:ae:5a:f4:b5:fb:32:49:
0e:c6:1e:9f:52:3d:00:27:53:9e:31:b7:70:3c:fc:
d4:b0:3e:1a:5a:d2:62:15:c7:57:2f:f3:62:e0:48:
a1:85:50:4f:f6:c9:f8:66:09:01:ed:03:dd:39:bc:
e7:3d:f4:94:65:db:3f:0a:8f:c6:48:11:8a:00:90:
20:10:66:2b:92:26:01:44:a7:4e:46:de:d0:6e:48:
b1:ab:9f:5f:ba:2e:27:cf:12:49:34:f3:a3:b1:c0:
c9:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:BE:8B:90:9F:B2:0F:C9:6E:F6:AA:C5:0D:F9:D1:F9:AB:C7:CC:B7
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/er6LkJ-yD8lu9qrFDfnR-avHzLc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.167.0/24
45.81.21.0-45.81.23.255
45.140.222.0/23
77.83.240.0/24
89.190.156.0/24
89.190.159.0/24
194.50.16.0/23
212.107.12.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:b0:69:2f:1c:2e:a0:5b:a9:e8:a7:24:09:9e:80:a5:0f:85:
cd:5b:6e:f0:ab:61:f7:7d:11:b5:09:c4:a7:a9:67:f1:26:39:
92:d1:b1:e0:90:46:d2:b2:ea:cc:1d:7f:41:cc:30:5f:04:1c:
72:4e:e6:30:e1:25:60:ab:f6:ec:35:ae:2b:f9:7d:32:0f:ff:
30:5f:4f:dc:14:d8:f6:20:43:7a:05:76:3d:32:04:7f:cd:07:
85:11:60:7e:47:90:e6:79:42:9c:cb:f2:fe:70:01:c9:e0:15:
ce:33:cb:fd:08:b7:b7:a6:65:61:a0:63:15:fb:3d:48:8a:b7:
76:4a:90:c1:ea:4c:6e:d4:54:df:b1:a2:52:06:2a:4e:55:03:
b0:85:72:62:d4:88:d7:48:d5:2a:5e:42:74:8a:a7:a1:63:a9:
e2:5d:0e:31:63:31:70:ed:62:30:d3:a3:a7:c3:65:b5:63:52:
5f:0c:ed:bc:f6:aa:c4:d5:59:63:27:94:03:5b:22:f3:d4:96:
cd:a7:3a:a7:4a:31:e3:c0:9c:71:c1:6f:e5:49:2f:ff:73:5b:
0f:6e:6b:f9:c5:4f:bb:e4:bb:b1:9d:f2:58:da:9d:18:2c:1f:
d1:14:e8:59:bc:59:ff:74:80:3c:16:69:3c:3b:be:c2:fa:52:
eb:68:3e:00
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgIECdGqfDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MWE3YjBkOGRlODI1MWQzNmQ3YzgzZmFmNmJjN2VmZWM3M2I1MDM0MB4XDTIyMDMw
MTA2MjEzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2FiZThiOTA5ZmIy
MGZjOTZlZjZhYWM1MGRmOWQxZjlhYmM3Y2NiNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN3OOtg+Y4tbuDpMPi0PXeIRpzIcRPkmWWYRvURlA5BNbCb8
uGcnpHlDkLk1Gjs1Y1OaICNd3bhhKz7t7iL6nN6/L7jz9SEj+riCFt0UbQlRzG8Y
M44jxze/lf8Tv+S5IF4Wf3wbJ9IzxNQ6xxuJv29nGzqSRF1A7srmEqCuDzgAtGXa
fkeCZT+IoPb+oja3byB4utCKvgP+HAXzbdKuWvS1+zJJDsYen1I9ACdTnjG3cDz8
1LA+GlrSYhXHVy/zYuBIoYVQT/bJ+GYJAe0D3Tm85z30lGXbPwqPxkgRigCQIBBm
K5ImAUSnTkbe0G5IsaufX7ouJ88SSTTzo7HAyW8CAwEAAaOCAjswggI3MB0GA1Ud
DgQWBBR6vouQn7IPyW72qsUN+dH5q8fMtzAfBgNVHSMEGDAWgBSxp7DY3oJR0218
g/r2vH7+xztQNDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NhZXcyTjZDVWROdGZJUDY5cngtX3NjN1VEUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTcvZjEzNGM4LWY4MTQtNGI3MS05NTdiLTM5NGFjZDIxZjM5Yi8x
L2VyNkxrSi15RDhsdTlxckZEZm5SLWF2SHpMYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTcv
ZjEzNGM4LWY4MTQtNGI3MS05NTdiLTM5NGFjZDIxZjM5Yi8xL3NhZXcyTjZDVWRO
dGZJUDY5cngtX3NjN1VEUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBR
BggrBgEFBQcBBwEB/wRCMEAwPgQCAAEwOAMEAAI4pzAMAwQALVEVAwQDLVEQAwQB
LYzeAwQATVPwAwQAWb6cAwQAWb6fAwQBwjIQAwQA1GsMMA0GCSqGSIb3DQEBCwUA
A4IBAQChsGkvHC6gW6nopyQJnoClD4XNW27wq2H3fRG1CcSnqWfxJjmS0bHgkEbS
surMHX9BzDBfBBxyTuYw4SVgq/bsNa4r+X0yD/8wX0/cFNj2IEN6BXY9MgR/zQeF
EWB+R5DmeUKcy/L+cAHJ4BXOM8v9CLe3pmVhoGMV+z1Iird2SpDB6kxu1FTfsaJS
BipOVQOwhXJi1IjXSNUqXkJ0iqehY6niXQ4xYzFw7WIw06Onw2W1Y1JfDO289qrE
1VljJ5QDWyLz1JbNpzqnSjHjwJxxwW/lSS//c1sPbmv5xU+75LuxnfJY2p0YLB/R
FOhZvFn/dIA8Fmk8O77C+lLraD4A
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:39 2023 by rpki-client on console-fra.rpki-client.org