Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/4956df-91dc-4490-8333-1ad61ede0a4a/1/DaAcRUS38aUUbbQ_uyNiTKenMyU.roa
File: DaAcRUS38aUUbbQ_uyNiTKenMyU.roa (raw, json)
Hash identifier: x2u8e252E8xZJ/nFmthWqIc3rMvo8R9Fm2l8zCEMS0w=
Subject key identifier: 0D:A0:1C:45:44:B7:F1:A5:14:6D:B4:3F:BB:23:62:4C:A7:A7:33:25
Certificate issuer: /CN=41e42d830eca98a533f4372da169c9c792c393b2
Certificate serial: 1315A24C
Authority key identifier: 41:E4:2D:83:0E:CA:98:A5:33:F4:37:2D:A1:69:C9:C7:92:C3:93:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QeQtgw7KmKUz9DctoWnJx5LDk7I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/4956df-91dc-4490-8333-1ad61ede0a4a/1/DaAcRUS38aUUbbQ_uyNiTKenMyU.roa
Signing time: Sat 01 Jan 2022 02:58:43 +0000
ROA not before: Sat 01 Jan 2022 02:58:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200548
IP address blocks: 185.159.122.0/24 maxlen: 24
185.159.123.0/24 maxlen: 24
130.0.92.0/22 maxlen: 22
185.189.221.0/24 maxlen: 24
185.189.222.0/24 maxlen: 24
185.189.223.0/24 maxlen: 24
185.189.220.0/24 maxlen: 24
185.189.220.0/22 maxlen: 22
45.87.188.0/22 maxlen: 22
45.87.189.0/24 maxlen: 24
45.87.190.0/24 maxlen: 24
45.87.191.0/24 maxlen: 24
91.230.22.0/24 maxlen: 24
192.76.138.0/24 maxlen: 24
185.174.72.0/22 maxlen: 24
2a0b:f880::/32 maxlen: 32
2a0b:f880::/29 maxlen: 29
2a0b:fb00::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 320184908 (0x1315a24c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41e42d830eca98a533f4372da169c9c792c393b2
Validity
Not Before: Jan 1 02:58:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0da01c4544b7f1a5146db43fbb23624ca7a73325
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:a2:71:98:87:9a:58:22:35:b4:6c:8b:f2:1c:
ac:ea:fa:62:f1:8e:d7:29:11:cf:0c:15:ed:2e:f7:
e1:9b:57:69:09:9a:51:7c:a4:e0:55:e0:bc:e1:7f:
21:4f:b2:2a:62:26:55:45:e7:cf:d9:c3:88:94:8b:
c3:d7:be:b5:e9:f0:2a:8e:9a:9b:4c:6c:66:1e:e3:
ff:a6:81:e5:cc:d7:29:11:ed:fd:10:35:df:02:26:
a3:de:56:ee:74:36:61:04:12:fc:a0:b6:79:54:59:
a3:b9:c1:e6:ab:fe:0a:5a:b5:40:97:f3:6d:ae:01:
5b:6d:a6:55:d2:6f:02:4a:87:1e:df:bf:87:6f:b6:
ce:ca:21:cb:26:1c:0d:68:d7:b8:2a:b0:80:59:f6:
92:ce:16:45:1d:7b:69:12:4a:47:2e:d5:6e:f0:0b:
67:e4:d3:5a:38:72:87:db:6f:a3:1e:4c:5c:9a:79:
89:84:5c:04:3c:30:4f:5a:c8:ac:70:85:33:a8:c1:
7c:3f:d2:b9:c6:a5:74:a3:5a:62:54:6d:19:12:cb:
e8:fe:52:6e:bb:12:54:43:e8:8c:55:52:cb:cb:cd:
76:7d:5e:1e:81:63:e8:a7:a0:16:63:ea:2a:94:d7:
41:82:f8:a5:ee:d8:a0:19:31:b4:71:ba:95:9d:0a:
9a:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:A0:1C:45:44:B7:F1:A5:14:6D:B4:3F:BB:23:62:4C:A7:A7:33:25
X509v3 Authority Key Identifier:
keyid:41:E4:2D:83:0E:CA:98:A5:33:F4:37:2D:A1:69:C9:C7:92:C3:93:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QeQtgw7KmKUz9DctoWnJx5LDk7I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/4956df-91dc-4490-8333-1ad61ede0a4a/1/DaAcRUS38aUUbbQ_uyNiTKenMyU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/4956df-91dc-4490-8333-1ad61ede0a4a/1/QeQtgw7KmKUz9DctoWnJx5LDk7I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.188.0/22
91.230.22.0/24
130.0.92.0/22
185.159.122.0/23
185.174.72.0/22
185.189.220.0/22
192.76.138.0/24
IPv6:
2a0b:f880::/29
2a0b:fb00::/29
Signature Algorithm: sha256WithRSAEncryption
08:13:46:83:28:3e:4e:b5:04:b5:a0:19:9f:c2:77:b2:07:eb:
5e:b4:cc:c0:7e:52:5b:e7:1f:31:54:7e:16:a3:a8:2e:d9:74:
a4:41:f9:dd:99:bd:9a:43:f4:3a:50:4f:99:04:f9:51:bc:d4:
52:2b:ec:5b:c9:35:af:58:a6:af:63:fe:20:17:6b:bf:81:a4:
40:ff:15:d7:91:c4:70:7a:7e:c7:59:c6:0f:08:67:8a:10:32:
22:14:39:9c:44:ff:cb:5a:e3:b1:01:ec:d5:2e:65:01:d9:ec:
18:54:12:ca:68:eb:3c:4c:23:88:1e:f0:e5:75:dd:5b:10:e5:
41:35:67:7a:d1:81:61:07:2a:86:6c:a5:ff:be:43:83:19:27:
7a:f5:dd:df:27:ac:d5:69:0a:85:5b:e0:72:87:d5:23:fc:8c:
f8:3e:41:d5:cb:3e:ca:91:1c:25:60:10:51:a3:02:61:04:27:
68:c8:f0:91:30:85:2b:6d:e7:9e:a5:eb:d3:45:eb:8a:91:fe:
2d:f5:d1:46:cc:ac:33:d9:37:05:d3:0d:43:44:3c:b9:e5:29:
f9:58:ef:d6:dc:c0:e8:d5:05:9e:9d:10:0a:ae:17:4a:2b:e5:
20:f9:bc:7b:fe:d2:38:2e:19:78:d2:0a:a4:ba:d7:8e:e6:ac:
72:18:90:01
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgIEExWiTDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MWU0MmQ4MzBlY2E5OGE1MzNmNDM3MmRhMTY5YzljNzkyYzM5M2IyMB4XDTIyMDEw
MTAyNTg0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGRhMDFjNDU0NGI3
ZjFhNTE0NmRiNDNmYmIyMzYyNGNhN2E3MzMyNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALuicZiHmlgiNbRsi/IcrOr6YvGO1ykRzwwV7S734ZtXaQma
UXyk4FXgvOF/IU+yKmImVUXnz9nDiJSLw9e+tenwKo6am0xsZh7j/6aB5czXKRHt
/RA13wImo95W7nQ2YQQS/KC2eVRZo7nB5qv+Clq1QJfzba4BW22mVdJvAkqHHt+/
h2+2zsohyyYcDWjXuCqwgFn2ks4WRR17aRJKRy7VbvALZ+TTWjhyh9tvox5MXJp5
iYRcBDwwT1rIrHCFM6jBfD/SucaldKNaYlRtGRLL6P5SbrsSVEPojFVSy8vNdn1e
HoFj6KegFmPqKpTXQYL4pe7YoBkxtHG6lZ0KmvECAwEAAaOCAkMwggI/MB0GA1Ud
DgQWBBQNoBxFRLfxpRRttD+7I2JMp6czJTAfBgNVHSMEGDAWgBRB5C2DDsqYpTP0
Ny2hacnHksOTsjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1FlUXRndzdLbUtVejlEY3RvV25KeDVMRGs3SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjQvNDk1NmRmLTkxZGMtNDQ5MC04MzMzLTFhZDYxZWRlMGE0YS8x
L0RhQWNSVVMzOGFVVWJiUV91eU5pVEtlbk15VS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjQv
NDk1NmRmLTkxZGMtNDQ5MC04MzMzLTFhZDYxZWRlMGE0YS8xL1FlUXRndzdLbUtV
ejlEY3RvV25KeDVMRGs3SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZ
BggrBgEFBQcBBwEB/wRKMEgwMAQCAAEwKgMEAi1XvAMEAFvmFgMEAoIAXAMEAbmf
egMEArmuSAMEArm93AMEAMBMijAUBAIAAjAOAwUDKgv4gAMFAyoL+wAwDQYJKoZI
hvcNAQELBQADggEBAAgTRoMoPk61BLWgGZ/Cd7IH6160zMB+UlvnHzFUfhajqC7Z
dKRB+d2ZvZpD9DpQT5kE+VG81FIr7FvJNa9Ypq9j/iAXa7+BpED/FdeRxHB6fsdZ
xg8IZ4oQMiIUOZxE/8ta47EB7NUuZQHZ7BhUEspo6zxMI4ge8OV13VsQ5UE1Z3rR
gWEHKoZspf++Q4MZJ3r13d8nrNVpCoVb4HKH1SP8jPg+QdXLPsqRHCVgEFGjAmEE
J2jI8JEwhStt556l69NF64qR/i310UbMrDPZNwXTDUNEPLnlKflY79bcwOjVBZ6d
EAquF0or5SD5vHv+0jguGXjSCqS6147mrHIYkAE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:33 2024 by rpki-client on console-fra.rpki-client.org