Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/11da2b-77bd-41c7-bbf3-560c9e7c0747/1/0nCvMd6tq9NERhphuVaNEjeJ5mw.roa
File: 0nCvMd6tq9NERhphuVaNEjeJ5mw.roa (raw, json)
Hash identifier: vjWb7Yvfwa9IeRX+x7AOZqffjAaag1n4TawZ/bN2+9s=
Subject key identifier: D2:70:AF:31:DE:AD:AB:D3:44:46:1A:61:B9:56:8D:12:37:89:E6:6C
Certificate issuer: /CN=0321bfea0305c48e949e6c249f4810b46905c886
Certificate serial: 098A07BF
Authority key identifier: 03:21:BF:EA:03:05:C4:8E:94:9E:6C:24:9F:48:10:B4:69:05:C8:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AyG_6gMFxI6Unmwkn0gQtGkFyIY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/11da2b-77bd-41c7-bbf3-560c9e7c0747/1/0nCvMd6tq9NERhphuVaNEjeJ5mw.roa
Signing time: Sun 12 Jun 2022 02:13:02 +0000
ROA not before: Sun 12 Jun 2022 02:13:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 393262
IP address blocks: 91.231.3.0/24 maxlen: 24
91.92.32.0/24 maxlen: 24
91.92.37.0/24 maxlen: 24
91.92.36.0/24 maxlen: 24
89.44.34.0/24 maxlen: 24
95.214.78.0/24 maxlen: 24
45.10.131.0/24 maxlen: 24
95.214.77.0/24 maxlen: 24
95.214.76.0/24 maxlen: 24
77.81.141.0/24 maxlen: 24
95.214.79.0/24 maxlen: 24
78.159.151.0/24 maxlen: 24
212.11.95.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 160040895 (0x98a07bf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0321bfea0305c48e949e6c249f4810b46905c886
Validity
Not Before: Jun 12 02:13:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d270af31deadabd344461a61b9568d123789e66c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:61:03:01:71:82:cc:83:15:1a:7b:f2:52:70:
98:32:19:70:5e:11:84:85:be:3d:3e:6e:08:2c:a5:
59:80:9c:cc:a4:f2:46:e0:cb:1c:20:7c:84:db:4a:
d8:14:e2:0b:9c:c6:3c:cc:1f:2e:f4:69:d4:0e:91:
ef:2f:36:55:2c:5a:f2:5f:0e:63:52:a4:d9:fa:80:
bf:d4:75:82:20:4f:40:64:0a:54:4d:2d:69:20:8a:
75:6a:5f:b9:fa:2e:5c:28:61:15:33:45:fb:32:6e:
d1:65:bf:dc:41:8c:49:dd:5a:55:b1:15:e0:6d:e1:
63:7c:31:cf:e3:37:9f:46:60:cc:59:44:4b:16:8d:
cc:0a:84:f2:81:9d:bc:05:02:d9:63:96:08:bf:15:
95:e0:e7:5f:c2:7d:5a:67:5e:b4:92:6c:05:3b:01:
60:0b:88:6d:3f:a4:f9:18:82:30:82:92:94:5c:fa:
f4:a9:ec:c6:8d:3a:8d:e0:09:d1:d0:61:91:91:2d:
68:58:08:51:44:1b:59:79:32:c9:96:60:3d:a7:e9:
b5:58:f3:58:aa:f6:08:0a:fa:a9:59:f0:a9:dc:89:
6b:99:00:6e:4e:7f:b2:15:75:82:ea:5e:3c:20:2a:
43:25:fe:40:3a:73:4f:f1:52:c3:2e:b1:86:dc:eb:
23:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:70:AF:31:DE:AD:AB:D3:44:46:1A:61:B9:56:8D:12:37:89:E6:6C
X509v3 Authority Key Identifier:
keyid:03:21:BF:EA:03:05:C4:8E:94:9E:6C:24:9F:48:10:B4:69:05:C8:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AyG_6gMFxI6Unmwkn0gQtGkFyIY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/11da2b-77bd-41c7-bbf3-560c9e7c0747/1/0nCvMd6tq9NERhphuVaNEjeJ5mw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/11da2b-77bd-41c7-bbf3-560c9e7c0747/1/AyG_6gMFxI6Unmwkn0gQtGkFyIY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.131.0/24
77.81.141.0/24
78.159.151.0/24
89.44.34.0/24
91.92.32.0/24
91.92.36.0/23
91.231.3.0/24
95.214.76.0/22
212.11.95.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:0f:52:f4:c4:28:cd:f8:b0:96:98:09:3a:a2:aa:ff:c1:3c:
e7:eb:77:34:a0:74:ab:33:77:39:af:00:32:0f:9b:59:33:e1:
b3:25:f5:d1:23:d4:96:5d:b7:17:05:24:a7:c1:c2:8c:0a:75:
fb:80:9b:ef:c2:9c:27:5a:ab:75:6f:c8:02:64:65:b8:a7:55:
f7:16:57:0b:78:22:74:70:e8:3b:a4:da:0c:8a:a1:1d:ad:a9:
0b:18:f2:fa:20:69:e7:9f:58:00:25:ac:85:d0:36:49:c6:2c:
43:c5:77:35:ea:a4:c7:c0:73:7e:3c:14:97:a3:3f:8d:53:f3:
a0:82:78:19:04:d7:16:1a:c0:f2:5f:1f:33:dc:76:1a:5e:7a:
44:ae:37:ed:d0:1e:14:f2:d8:b0:a7:d2:dd:41:c9:97:91:6f:
be:3a:a3:d8:6a:b1:1a:7d:ab:06:62:cc:13:89:ac:21:98:9a:
cb:2d:46:7d:87:34:4b:29:ab:3e:b7:fb:be:51:28:22:09:35:
dc:9d:a4:55:8e:fb:26:70:c9:7b:f3:58:82:9d:ba:21:c3:d3:
c5:eb:0b:78:0e:4e:82:ba:91:7e:27:37:72:2f:e0:29:5e:49:
b6:5b:e9:f1:0e:96:4f:cb:c2:de:ac:76:4c:e2:31:7c:2c:bc:
a3:c7:4b:37
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgIECYoHvzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MzIxYmZlYTAzMDVjNDhlOTQ5ZTZjMjQ5ZjQ4MTBiNDY5MDVjODg2MB4XDTIyMDYx
MjAyMTMwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDI3MGFmMzFkZWFk
YWJkMzQ0NDYxYTYxYjk1NjhkMTIzNzg5ZTY2YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALxhAwFxgsyDFRp78lJwmDIZcF4RhIW+PT5uCCylWYCczKTy
RuDLHCB8hNtK2BTiC5zGPMwfLvRp1A6R7y82VSxa8l8OY1Kk2fqAv9R1giBPQGQK
VE0taSCKdWpfufouXChhFTNF+zJu0WW/3EGMSd1aVbEV4G3hY3wxz+M3n0ZgzFlE
SxaNzAqE8oGdvAUC2WOWCL8VleDnX8J9WmdetJJsBTsBYAuIbT+k+RiCMIKSlFz6
9Knsxo06jeAJ0dBhkZEtaFgIUUQbWXkyyZZgPafptVjzWKr2CAr6qVnwqdyJa5kA
bk5/shV1gupePCAqQyX+QDpzT/FSwy6xhtzrIz8CAwEAAaOCAjkwggI1MB0GA1Ud
DgQWBBTScK8x3q2r00RGGmG5Vo0SN4nmbDAfBgNVHSMEGDAWgBQDIb/qAwXEjpSe
bCSfSBC0aQXIhjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0F5R182Z01GeEk2VW5td2tuMGdRdEdrRnlJWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWEvMTFkYTJiLTc3YmQtNDFjNy1iYmYzLTU2MGM5ZTdjMDc0Ny8x
LzBuQ3ZNZDZ0cTlORVJocGh1VmFORWplSjVtdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWEv
MTFkYTJiLTc3YmQtNDFjNy1iYmYzLTU2MGM5ZTdjMDc0Ny8xL0F5R182Z01GeEk2
VW5td2tuMGdRdEdrRnlJWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBP
BggrBgEFBQcBBwEB/wRAMD4wPAQCAAEwNgMEAC0KgwMEAE1RjQMEAE6flwMEAFks
IgMEAFtcIAMEAVtcJAMEAFvnAwMEAl/WTAMEANQLXzANBgkqhkiG9w0BAQsFAAOC
AQEALQ9S9MQozfiwlpgJOqKq/8E85+t3NKB0qzN3Oa8AMg+bWTPhsyX10SPUll23
FwUkp8HCjAp1+4Cb78KcJ1qrdW/IAmRluKdV9xZXC3gidHDoO6TaDIqhHa2pCxjy
+iBp559YACWshdA2ScYsQ8V3Neqkx8BzfjwUl6M/jVPzoIJ4GQTXFhrA8l8fM9x2
Gl56RK437dAeFPLYsKfS3UHJl5Fvvjqj2GqxGn2rBmLME4msIZiayy1GfYc0Symr
Prf7vlEoIgk13J2kVY77JnDJe/NYgp26IcPTxesLeA5OgrqRfic3ci/gKV5Jtlvp
8Q6WT8vC3qx2TOIxfCy8o8dLNw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:56:34 2024 by rpki-client on console-ams.rpki-client.org