Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/811b1b-3a72-4402-b4fd-fa4dd21ae3dc/1/iDyaFK-cVaNpuqnp3xuYRDXwS6k.roa
File: iDyaFK-cVaNpuqnp3xuYRDXwS6k.roa (raw, json)
Hash identifier: W77HO1FXiimWOtwvzt35o2/4WuTnE1lufzidnMB0DA0=
Subject key identifier: 88:3C:9A:14:AF:9C:55:A3:69:BA:A9:E9:DF:1B:98:44:35:F0:4B:A9
Certificate issuer: /CN=2cfb476fcf313cff295de0d1709156af0253d7cf
Certificate serial: 074A9248
Authority key identifier: 2C:FB:47:6F:CF:31:3C:FF:29:5D:E0:D1:70:91:56:AF:02:53:D7:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LPtHb88xPP8pXeDRcJFWrwJT188.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/811b1b-3a72-4402-b4fd-fa4dd21ae3dc/1/iDyaFK-cVaNpuqnp3xuYRDXwS6k.roa
Signing time: Sat 01 Jan 2022 11:03:05 +0000
ROA not before: Sat 01 Jan 2022 11:03:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39093
IP address blocks: 45.158.144.0/22 maxlen: 22
185.46.252.0/22 maxlen: 22
88.81.96.0/19 maxlen: 19
2a02:3d8::/32 maxlen: 32
2a0f:6380::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 122327624 (0x74a9248)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2cfb476fcf313cff295de0d1709156af0253d7cf
Validity
Not Before: Jan 1 11:03:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=883c9a14af9c55a369baa9e9df1b984435f04ba9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:c4:71:1a:5f:03:af:66:df:d0:48:cb:64:92:
98:46:13:c7:96:54:fd:62:e2:2a:6d:1e:cc:4d:62:
67:6d:63:15:a5:85:f0:28:84:c5:34:12:a2:fd:9d:
2e:15:57:7c:1e:ae:22:be:6f:3f:68:f5:31:53:19:
ac:ae:0a:f1:3b:3d:58:18:28:32:74:5e:a8:5b:94:
5a:16:f5:c9:b1:4f:45:ea:59:f9:85:54:4f:bb:8e:
13:10:b0:91:55:1a:af:8a:05:f3:07:df:dc:af:cc:
3a:8f:75:3d:83:68:10:17:4d:0d:eb:75:60:5e:e8:
fa:be:e7:ce:86:5d:9f:5b:4a:d9:ae:29:ab:4b:72:
bb:63:6a:b7:ca:61:ef:03:be:57:dd:88:08:3f:ce:
3b:4b:de:88:dc:cc:60:f5:14:21:a0:f4:25:a4:48:
6a:72:d0:c8:5e:93:7f:cf:e8:bc:11:d1:84:05:ac:
56:b4:5b:32:c5:05:6e:f9:30:42:71:8c:6f:9c:7e:
66:47:2e:fb:36:ce:3f:47:3f:6f:fa:49:7f:03:e4:
5c:a7:39:29:1f:59:0b:0e:cb:2f:d3:26:c8:3f:d6:
05:52:1a:55:56:96:b8:d9:47:8f:76:90:88:63:3c:
30:b3:bb:bd:39:e5:0f:ac:b2:d7:ed:6f:0f:c5:4b:
47:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:3C:9A:14:AF:9C:55:A3:69:BA:A9:E9:DF:1B:98:44:35:F0:4B:A9
X509v3 Authority Key Identifier:
keyid:2C:FB:47:6F:CF:31:3C:FF:29:5D:E0:D1:70:91:56:AF:02:53:D7:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LPtHb88xPP8pXeDRcJFWrwJT188.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/811b1b-3a72-4402-b4fd-fa4dd21ae3dc/1/iDyaFK-cVaNpuqnp3xuYRDXwS6k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/811b1b-3a72-4402-b4fd-fa4dd21ae3dc/1/LPtHb88xPP8pXeDRcJFWrwJT188.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.158.144.0/22
88.81.96.0/19
185.46.252.0/22
IPv6:
2a02:3d8::/32
2a0f:6380::/29
Signature Algorithm: sha256WithRSAEncryption
5a:eb:a0:60:3d:c9:3b:2d:0a:c6:74:fc:43:2e:a9:46:33:86:
fe:e5:40:1b:10:ca:77:9e:60:38:de:b7:a3:0c:1f:8f:32:a5:
52:27:05:d6:b4:ec:81:02:5e:dd:66:c3:ae:e0:34:df:73:f3:
d6:48:c6:ab:b4:37:c7:2e:30:b1:70:34:11:0d:04:35:da:fb:
11:d1:0b:38:29:6c:c4:e6:53:16:29:97:a1:78:5b:45:76:65:
56:1d:7e:75:31:35:89:af:aa:20:d2:56:41:8d:de:9b:2e:9f:
89:96:69:b2:2a:e5:59:af:be:74:e0:67:0d:8e:f5:4d:ce:5b:
68:ca:90:e0:b6:a9:4e:e9:6c:9e:d6:d6:b8:a5:2d:f0:34:8e:
f4:b4:05:75:2e:00:0d:01:95:33:3f:e7:24:27:96:6d:30:b4:
89:f7:14:9f:55:d1:b8:3c:39:c6:8d:16:f5:ad:b7:4f:2f:2e:
07:e7:ae:6c:e9:00:c8:12:5d:75:53:ce:f8:b3:07:9c:38:80:
f7:e3:4f:e4:25:65:7e:71:a3:c4:b4:9a:37:74:74:7f:2b:56:
51:5d:61:ad:29:12:05:d2:7d:6e:f8:00:02:da:2f:a0:58:3b:
96:cf:ba:0d:a1:e8:46:0b:3a:3f:ec:ac:ed:44:92:20:3d:86:
89:06:6d:de
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIEB0qSSDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
Y2ZiNDc2ZmNmMzEzY2ZmMjk1ZGUwZDE3MDkxNTZhZjAyNTNkN2NmMB4XDTIyMDEw
MTExMDMwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODgzYzlhMTRhZjlj
NTVhMzY5YmFhOWU5ZGYxYjk4NDQzNWYwNGJhOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJXEcRpfA69m39BIy2SSmEYTx5ZU/WLiKm0ezE1iZ21jFaWF
8CiExTQSov2dLhVXfB6uIr5vP2j1MVMZrK4K8Ts9WBgoMnReqFuUWhb1ybFPRepZ
+YVUT7uOExCwkVUar4oF8wff3K/MOo91PYNoEBdNDet1YF7o+r7nzoZdn1tK2a4p
q0tyu2Nqt8ph7wO+V92ICD/OO0veiNzMYPUUIaD0JaRIanLQyF6Tf8/ovBHRhAWs
VrRbMsUFbvkwQnGMb5x+Zkcu+zbOP0c/b/pJfwPkXKc5KR9ZCw7LL9MmyD/WBVIa
VVaWuNlHj3aQiGM8MLO7vTnlD6yy1+1vD8VLR0sCAwEAAaOCAiswggInMB0GA1Ud
DgQWBBSIPJoUr5xVo2m6qenfG5hENfBLqTAfBgNVHSMEGDAWgBQs+0dvzzE8/yld
4NFwkVavAlPXzzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0xQdEhiODh4UFA4cFhlRFJjSkZXcndKVDE4OC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjIvODExYjFiLTNhNzItNDQwMi1iNGZkLWZhNGRkMjFhZTNkYy8x
L2lEeWFGSy1jVmFOcHVxbnAzeHVZUkRYd1M2ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjIv
ODExYjFiLTNhNzItNDQwMi1iNGZkLWZhNGRkMjFhZTNkYy8xL0xQdEhiODh4UFA4
cFhlRFJjSkZXcndKVDE4OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBB
BggrBgEFBQcBBwEB/wQyMDAwGAQCAAEwEgMEAi2ekAMEBVhRYAMEArku/DAUBAIA
AjAOAwUAKgID2AMFAyoPY4AwDQYJKoZIhvcNAQELBQADggEBAFrroGA9yTstCsZ0
/EMuqUYzhv7lQBsQyneeYDjet6MMH48ypVInBda07IECXt1mw67gNN9z89ZIxqu0
N8cuMLFwNBENBDXa+xHRCzgpbMTmUxYpl6F4W0V2ZVYdfnUxNYmvqiDSVkGN3psu
n4mWabIq5VmvvnTgZw2O9U3OW2jKkOC2qU7pbJ7W1rilLfA0jvS0BXUuAA0BlTM/
5yQnlm0wtIn3FJ9V0bg8OcaNFvWtt08vLgfnrmzpAMgSXXVTzvizB5w4gPfjT+Ql
ZX5xo8S0mjd0dH8rVlFdYa0pEgXSfW74AALaL6BYO5bPug2h6EYLOj/srO1EkiA9
hokGbd4=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:14 2023 by rpki-client on console-fra.rpki-client.org