Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/A7ZU2ax7F8clQKkAy1UqBwyZ7tc.roa
File: A7ZU2ax7F8clQKkAy1UqBwyZ7tc.roa (raw, json)
Hash identifier: HektkNXxshoJnGP7/DiFQfMHuKNZsa7+Spkg7QHt0gg=
Subject key identifier: 03:B6:54:D9:AC:7B:17:C7:25:40:A9:00:CB:55:2A:07:0C:99:EE:D7
Certificate issuer: /CN=28107ab6921ef8cb2deca3eb766478cff3e5fc6d
Certificate serial: 3EDFB7
Authority key identifier: 28:10:7A:B6:92:1E:F8:CB:2D:EC:A3:EB:76:64:78:CF:F3:E5:FC:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/A7ZU2ax7F8clQKkAy1UqBwyZ7tc.roa
Signing time: Sat 01 Jan 2022 00:56:06 +0000
ROA not before: Sat 01 Jan 2022 00:56:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 193.239.236.0/23 maxlen: 24
95.214.172.0/22 maxlen: 24
45.150.174.0/24 maxlen: 24
45.139.196.0/22 maxlen: 24
95.214.180.0/22 maxlen: 24
193.239.196.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4120503 (0x3edfb7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28107ab6921ef8cb2deca3eb766478cff3e5fc6d
Validity
Not Before: Jan 1 00:56:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=03b654d9ac7b17c72540a900cb552a070c99eed7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:72:ef:5b:a1:8e:ff:f2:55:23:ad:d9:80:da:
5d:7e:23:31:27:6d:b0:10:9c:ba:bc:a7:9e:d8:57:
84:c7:1f:6b:6b:d7:6a:7d:e3:0b:24:4c:d5:01:31:
f6:4d:0b:31:53:5b:08:a5:79:94:58:8f:fa:77:cb:
1b:f0:63:cb:0c:e0:5b:0b:2f:1c:8f:49:6c:ea:ac:
70:a8:e9:46:1f:87:f3:98:4d:ef:53:8e:fe:4e:8d:
1a:ec:b7:ae:dc:d9:b2:75:f4:9e:cd:35:1a:23:5c:
81:7c:6b:b0:e0:1b:f7:46:1b:ba:90:a3:11:8e:39:
bd:d5:c3:a0:49:2f:5d:0f:81:82:bb:b8:b5:c1:f8:
7a:8e:9f:b2:71:bc:a1:ed:98:98:3a:e5:9f:36:57:
9a:76:f8:12:a4:5a:93:e1:23:6c:1f:bd:4f:55:52:
71:17:6a:7f:e3:78:b0:5a:47:43:98:f2:6f:a4:b0:
e0:51:a4:c5:af:bb:ce:23:61:fc:b8:7d:56:0c:16:
20:de:93:9e:e7:eb:28:6e:45:77:88:e3:41:bd:b7:
a2:de:c3:58:3f:31:1a:5a:a3:dc:bd:03:19:96:2f:
25:32:cc:75:b3:53:09:21:35:3a:43:83:24:68:3e:
24:d2:ee:db:c8:c0:63:81:db:73:b7:2c:47:8d:4a:
e8:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:B6:54:D9:AC:7B:17:C7:25:40:A9:00:CB:55:2A:07:0C:99:EE:D7
X509v3 Authority Key Identifier:
keyid:28:10:7A:B6:92:1E:F8:CB:2D:EC:A3:EB:76:64:78:CF:F3:E5:FC:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/A7ZU2ax7F8clQKkAy1UqBwyZ7tc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.196.0/22
45.150.174.0/24
95.214.172.0/22
95.214.180.0/22
193.239.196.0/23
193.239.236.0/23
Signature Algorithm: sha256WithRSAEncryption
92:fd:62:0b:5b:ed:6d:72:6b:52:cf:62:27:6b:c0:51:3d:be:
da:b8:ea:45:3b:23:d8:1b:a3:49:ba:22:15:5f:e8:b9:2c:97:
30:4c:fb:62:0d:0b:77:41:cd:3e:85:10:03:39:02:84:ea:94:
38:9b:44:63:cf:1b:d0:99:a8:90:57:21:3e:91:3a:4b:50:5d:
07:65:d9:c0:8b:bb:ea:bb:08:4a:23:30:b5:72:b3:e9:77:d5:
1c:fb:38:ce:8d:e4:b0:29:51:db:76:ad:69:5d:2e:88:9d:c1:
f5:59:b8:6f:5c:b6:98:8a:e3:fa:19:af:e5:c4:e2:4e:ae:ac:
0a:89:b1:d2:67:28:f7:6f:23:8b:01:31:93:0a:62:96:73:62:
d6:50:70:27:3a:2b:be:60:07:fb:c2:d1:6a:1b:85:fa:68:93:
be:43:f5:bf:e6:12:a8:37:c5:eb:59:04:5e:0a:64:e9:b4:80:
3a:61:ac:6b:5d:3d:e6:ce:3b:5e:c6:dc:de:9e:ec:55:b0:c9:
22:cc:14:fd:4d:e0:66:40:82:31:37:3f:ad:f8:d5:6e:24:42:
3e:83:0e:f4:02:cb:14:e3:50:c3:9b:7a:a3:8f:3d:75:66:89:
7a:e4:a1:27:4d:a2:0e:bc:bf:b3:83:00:17:b3:e9:e2:c6:ee:
7f:33:02:bb
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIDPt+3MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDI4
MTA3YWI2OTIxZWY4Y2IyZGVjYTNlYjc2NjQ3OGNmZjNlNWZjNmQwHhcNMjIwMTAx
MDA1NjA2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygwM2I2NTRkOWFjN2Ix
N2M3MjU0MGE5MDBjYjU1MmEwNzBjOTllZWQ3MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA63LvW6GO//JVI63ZgNpdfiMxJ22wEJy6vKee2FeExx9ra9dq
feMLJEzVATH2TQsxU1sIpXmUWI/6d8sb8GPLDOBbCy8cj0ls6qxwqOlGH4fzmE3v
U47+To0a7Leu3NmydfSezTUaI1yBfGuw4Bv3Rhu6kKMRjjm91cOgSS9dD4GCu7i1
wfh6jp+ycbyh7ZiYOuWfNleadvgSpFqT4SNsH71PVVJxF2p/43iwWkdDmPJvpLDg
UaTFr7vOI2H8uH1WDBYg3pOe5+sobkV3iONBvbei3sNYPzEaWqPcvQMZli8lMsx1
s1MJITU6Q4MkaD4k0u7byMBjgdtztyxHjUroMwIDAQABo4ICJzCCAiMwHQYDVR0O
BBYEFAO2VNmsexfHJUCpAMtVKgcMme7XMB8GA1UdIwQYMBaAFCgQeraSHvjLLeyj
63ZkeM/z5fxtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
S0JCNnRwSWUtTXN0N0tQcmRtUjR6X1BsX0cwLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8yNi8wODgyNmUtNzdkMC00MzdiLWExYzItYzBmYjNlZjc2NDBlLzEv
QTdaVTJheDdGOGNsUUtrQXkxVXFCd3laN3RjLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8w
ODgyNmUtNzdkMC00MzdiLWExYzItYzBmYjNlZjc2NDBlLzEvS0JCNnRwSWUtTXN0
N0tQcmRtUjR6X1BsX0cwLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMD0G
CCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCLYvEAwQALZauAwQCX9asAwQCX9a0
AwQBwe/EAwQBwe/sMA0GCSqGSIb3DQEBCwUAA4IBAQCS/WILW+1tcmtSz2Ina8BR
Pb7auOpFOyPYG6NJuiIVX+i5LJcwTPtiDQt3Qc0+hRADOQKE6pQ4m0RjzxvQmaiQ
VyE+kTpLUF0HZdnAi7vquwhKIzC1crPpd9Uc+zjOjeSwKVHbdq1pXS6IncH1Wbhv
XLaYiuP6Ga/lxOJOrqwKibHSZyj3byOLATGTCmKWc2LWUHAnOiu+YAf7wtFqG4X6
aJO+Q/W/5hKoN8XrWQReCmTptIA6YaxrXT3mzjtextzenuxVsMkizBT9TeBmQIIx
Nz+t+NVuJEI+gw70AssU41DDm3qjjz11Zol65KEnTaIOvL+zgwAXs+nixu5/MwK7
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:43 2024 by rpki-client on console-ams.rpki-client.org