Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/ANVwlqIQeOxpzjuVq_gNV7kGkBM.roa
File: ANVwlqIQeOxpzjuVq_gNV7kGkBM.roa (raw, json)
Hash identifier: FmupqQVx6JNrmkUI48uzoOalfFUgSByx2plQjJQan0I=
Subject key identifier: 00:D5:70:96:A2:10:78:EC:69:CE:3B:95:AB:F8:0D:57:B9:06:90:13
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: FEC3FE
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/ANVwlqIQeOxpzjuVq_gNV7kGkBM.roa
Signing time: Sat 01 Jan 2022 00:59:25 +0000
ROA not before: Sat 01 Jan 2022 00:59:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34872
IP address blocks: 45.154.97.0/24 maxlen: 24
194.28.98.0/23 maxlen: 24
2a0c:b641:540::/44 maxlen: 48
2a0f:8400::/32 maxlen: 48
2a0c:b641::/44 maxlen: 48
2a0c:b640::/32 maxlen: 48
2a0c:b641:70f::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16696318 (0xfec3fe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Jan 1 00:59:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=00d57096a21078ec69ce3b95abf80d57b9069013
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:7c:be:cd:4c:31:90:79:bd:9e:af:c1:e9:d4:
e5:8c:b0:96:57:33:8d:5a:88:2a:d7:ed:fb:00:51:
e6:e8:e7:a3:d9:df:2d:dd:e5:18:e4:bc:2e:37:b1:
98:eb:54:93:e7:0e:99:f7:2d:f9:e4:3f:40:ce:41:
be:7d:5b:2a:f3:6b:7a:38:3e:19:96:e0:2e:b6:37:
f3:08:bc:0f:d2:2f:6e:c0:56:5e:de:7f:ea:d1:c6:
89:9e:fc:0d:40:4a:63:5e:0a:8a:38:87:e3:3c:09:
c6:35:5d:52:3f:88:7e:b7:d6:c7:21:58:07:37:b3:
73:f4:83:e9:c2:6a:10:14:54:04:ec:33:45:dc:3a:
e9:83:e0:91:4e:78:44:e0:5d:9a:7a:f7:25:d3:51:
dc:f7:ee:68:fb:29:c6:8e:0c:98:a5:56:4c:4d:f3:
38:96:17:01:61:15:99:5e:61:a5:18:85:ae:8c:36:
35:3f:29:19:c6:ff:ac:4d:12:6e:20:30:a7:8d:42:
f6:bf:82:74:f5:2d:37:12:32:11:e0:c6:e8:63:2a:
9d:fb:fd:2f:9c:8b:89:a2:cb:85:a2:8c:6e:a2:c4:
53:07:db:74:27:9d:45:69:5c:ee:f0:dd:f0:c0:15:
a2:bd:56:82:2b:39:08:6c:88:07:90:2c:c4:9d:4b:
96:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:D5:70:96:A2:10:78:EC:69:CE:3B:95:AB:F8:0D:57:B9:06:90:13
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/ANVwlqIQeOxpzjuVq_gNV7kGkBM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.97.0/24
194.28.98.0/23
IPv6:
2a0c:b640::-2a0c:b641:f:ffff:ffff:ffff:ffff:ffff
2a0c:b641:540::/44
2a0c:b641:70f::/48
2a0f:8400::/32
Signature Algorithm: sha256WithRSAEncryption
9c:ce:09:36:d5:4a:d6:09:0d:53:8b:2b:33:ab:16:4b:6c:25:
9c:73:fb:ec:8a:86:e7:74:24:89:4c:4b:51:59:02:bf:54:dd:
06:69:af:d1:96:f9:48:40:bc:f9:3a:9b:98:d1:90:74:ef:a6:
03:45:a5:0e:5d:a9:e3:a1:d1:15:ed:05:56:c3:07:f2:66:2f:
18:b0:25:29:7a:91:de:87:a5:22:49:dc:b7:08:63:01:a4:b6:
6a:e3:44:e7:4c:43:b1:4c:1c:8b:98:b6:26:d3:a0:12:cd:b6:
bf:21:60:b6:77:9a:19:45:aa:7e:22:0c:36:f3:ba:3e:ce:3c:
a8:74:28:e6:05:c3:45:2d:fb:c1:a8:a6:bc:c5:d7:dd:48:be:
7e:75:08:22:f0:15:77:5d:c9:c9:51:ff:94:20:b1:25:42:e8:
78:01:26:5b:dc:b2:90:b6:8f:e4:e7:18:22:c8:06:3e:18:78:
36:dc:ae:1f:2d:b4:12:d2:92:78:dc:2d:24:cf:8e:9f:70:ca:
69:b2:69:11:67:be:3e:07:51:03:29:0b:18:96:aa:2a:00:ee:
0a:9c:73:90:9c:99:cc:1e:12:97:dc:01:c1:de:de:24:2c:2d:
17:8e:37:26:86:48:e5:a3:ed:2d:90:58:62:e8:1a:c9:90:ab:
9c:11:96:68
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIEAP7D/jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NTk3NjgwMTM2M2QzNzU3ODYxNTJlNGQwNjFlNzVjOGJlYjM1MDU4MB4XDTIyMDEw
MTAwNTkyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDBkNTcwOTZhMjEw
NzhlYzY5Y2UzYjk1YWJmODBkNTdiOTA2OTAxMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANl8vs1MMZB5vZ6vwenU5YywllczjVqIKtft+wBR5ujno9nf
Ld3lGOS8LjexmOtUk+cOmfct+eQ/QM5Bvn1bKvNrejg+GZbgLrY38wi8D9IvbsBW
Xt5/6tHGiZ78DUBKY14KijiH4zwJxjVdUj+IfrfWxyFYBzezc/SD6cJqEBRUBOwz
Rdw66YPgkU54ROBdmnr3JdNR3PfuaPspxo4MmKVWTE3zOJYXAWEVmV5hpRiFrow2
NT8pGcb/rE0SbiAwp41C9r+CdPUtNxIyEeDG6GMqnfv9L5yLiaLLhaKMbqLEUwfb
dCedRWlc7vDd8MAVor1Wgis5CGyIB5AsxJ1LlhUCAwEAAaOCAkIwggI+MB0GA1Ud
DgQWBBQA1XCWohB47GnOO5Wr+A1XuQaQEzAfBgNVHSMEGDAWgBQFl2gBNj03V4YV
Lk0GHnXIvrNQWDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JaZG9BVFk5TjFlR0ZTNU5CaDUxeUw2elVGZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjkvMmJhYWRjLTJiN2EtNGVjMC05NWNhLTVlYzhjOGVkNjBmZC8x
L0FOVndscUlRZU94cHpqdVZxX2dOVjdrR2tCTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjkv
MmJhYWRjLTJiN2EtNGVjMC05NWNhLTVlYzhjOGVkNjBmZC8xL0JaZG9BVFk5TjFl
R0ZTNU5CaDUxeUw2elVGZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBY
BggrBgEFBQcBBwEB/wRJMEcwEgQCAAEwDAMEAC2aYQMEAcIcYjAxBAIAAjArMBAD
BQYqDLZAAwcEKgy2QQAAAwcEKgy2QQVAAwcAKgy2QQcPAwUAKg+EADANBgkqhkiG
9w0BAQsFAAOCAQEAnM4JNtVK1gkNU4srM6sWS2wlnHP77IqG53QkiUxLUVkCv1Td
Bmmv0Zb5SEC8+TqbmNGQdO+mA0WlDl2p46HRFe0FVsMH8mYvGLAlKXqR3oelIknc
twhjAaS2auNE50xDsUwci5i2JtOgEs22vyFgtneaGUWqfiIMNvO6Ps48qHQo5gXD
RS37waimvMXX3Ui+fnUIIvAVd13JyVH/lCCxJULoeAEmW9yykLaP5OcYIsgGPhh4
NtyuHy20EtKSeNwtJM+On3DKabJpEWe+PgdRAykLGJaqKgDuCpxzkJyZzB4Sl9wB
wd7eJCwtF443JoZI5aPtLZBYYugayZCrnBGWaA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:37 2023 by rpki-client on console-fra.rpki-client.org