Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/1RHpYAT_hLe18l-ZX--JLXSLqmI.roa
File: 1RHpYAT_hLe18l-ZX--JLXSLqmI.roa (raw, json)
Hash identifier: 5mIE5iHmHbKApjIg9BgSOsF1ziLVP4xROIH3O1i78Qk=
Subject key identifier: D5:11:E9:60:04:FF:84:B7:B5:F2:5F:99:5F:EF:89:2D:74:8B:AA:62
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 0184D40EC5A3E087DEFD7DC7E93C82F913A5
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/1RHpYAT_hLe18l-ZX--JLXSLqmI.roa
Signing time: Fri 02 Dec 2022 18:17:28 +0000
ROA not before: Fri 02 Dec 2022 18:17:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35346
IP address blocks: 194.114.144.0/24 maxlen: 25
194.114.144.128/27 maxlen: 27
45.67.116.0/24 maxlen: 24
91.242.103.0/24 maxlen: 24
91.242.108.0/22 maxlen: 22
91.242.112.0/20 maxlen: 24
91.242.112.0/21 maxlen: 24
91.242.120.0/21 maxlen: 21
178.175.176.0/22 maxlen: 24
91.242.70.0/23 maxlen: 24
91.242.64.0/18 maxlen: 24
91.242.72.0/23 maxlen: 24
91.242.74.0/24 maxlen: 24
91.242.75.0/24 maxlen: 24
2a07:5540::/29 maxlen: 29
2a09:4440::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:d4:0e:c5:a3:e0:87:de:fd:7d:c7:e9:3c:82:f9:13:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Dec 2 18:17:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d511e96004ff84b7b5f25f995fef892d748baa62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:0a:e6:98:8f:eb:3c:bf:01:2d:5e:af:e7:b4:
64:83:64:6d:4d:b7:4a:02:d8:e7:4b:d0:7c:76:46:
ee:ac:3d:3f:b3:5b:9a:18:71:81:8a:5c:ec:7b:c8:
59:2c:bc:9d:86:d8:1a:c6:16:a0:bf:00:ae:25:a6:
b7:a0:33:b3:bb:47:52:f8:11:6e:1f:87:0d:bb:2b:
51:a8:50:52:25:17:55:99:a9:1b:5b:2d:bc:ab:3e:
51:d6:2c:23:d8:d6:30:c8:fc:78:33:60:7f:c6:ca:
6c:27:b1:b9:f3:8c:bb:ff:78:0d:d5:74:10:13:3b:
6d:60:1f:59:20:08:51:3f:68:d0:ad:8b:a2:64:11:
ce:c7:e9:8a:a4:e2:e3:20:2f:30:a4:95:56:e0:8e:
0a:62:46:25:56:6d:7c:be:6b:67:77:2e:e7:af:83:
c2:29:05:b4:bb:a5:ee:9a:ab:e5:a1:f7:7b:f4:80:
31:0b:71:fa:c3:f0:e8:38:f0:c4:c3:24:ed:57:6d:
c3:e5:27:c8:28:42:a4:ff:fb:98:0f:d5:cd:94:10:
74:fc:6a:1e:ff:75:39:bd:74:73:f1:9a:fa:04:5b:
d7:06:69:22:14:13:37:f7:f0:68:01:67:90:4d:9e:
99:19:ec:07:5f:db:17:af:e9:5b:1b:ae:1e:7e:23:
08:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:11:E9:60:04:FF:84:B7:B5:F2:5F:99:5F:EF:89:2D:74:8B:AA:62
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/1RHpYAT_hLe18l-ZX--JLXSLqmI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.116.0/24
91.242.64.0/18
178.175.176.0/22
194.114.144.0/24
IPv6:
2a07:5540::/29
2a09:4440::/29
Signature Algorithm: sha256WithRSAEncryption
a2:16:a4:36:b4:27:87:db:cd:37:e0:b3:65:88:44:e7:84:ed:
fa:b8:73:51:31:bd:03:aa:f8:5b:79:b7:03:f1:f0:28:e0:e0:
65:45:75:ca:24:69:25:36:21:39:f3:40:05:d5:85:37:ea:fe:
20:57:84:86:e0:0d:ca:7b:2a:53:69:4d:ad:39:4d:89:a7:77:
0e:e4:1d:4a:e9:49:42:e3:26:43:19:0c:0c:2b:34:ee:09:91:
22:9b:4e:7e:49:7a:e6:da:1b:ef:f4:c0:aa:77:65:0f:b8:15:
a4:c6:0f:ac:53:89:16:57:29:a5:05:fc:de:5d:29:5e:70:34:
3e:cb:5a:ec:35:a6:92:c7:d9:0d:65:bd:07:3e:92:b5:a2:16:
f5:84:cf:d0:58:30:5d:0b:77:f0:a7:4c:06:c7:d3:ff:be:f7:
68:a6:b7:fc:6f:92:cb:77:c8:68:49:08:e6:56:44:76:b4:9a:
f8:b6:aa:d5:8b:a9:bf:f1:ee:a7:28:e2:ce:fc:d1:61:95:47:
12:af:8c:03:b6:0b:12:05:3e:45:1b:94:2e:17:b3:74:c1:2c:
80:35:2f:72:01:37:99:12:32:8f:d6:1e:04:35:21:ca:79:cf:
39:fe:45:7e:aa:df:18:93:49:ea:bb:f7:ca:3f:3d:db:23:93:
1a:be:a1:9f
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYTUDsWj4Ife/X3H6TyC+ROlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjIxMjAyMTgxNzI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTExZTk2MDA0ZmY4NGI3YjVmMjVmOTk1ZmVmODkyZDc0OGJhYTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxQrmmI/rPL8BLV6v57Rkg2RtTbdK
AtjnS9B8dkburD0/s1uaGHGBilzse8hZLLydhtgaxhagvwCuJaa3oDOzu0dS+BFu
H4cNuytRqFBSJRdVmakbWy28qz5R1iwj2NYwyPx4M2B/xspsJ7G584y7/3gN1XQQ
EzttYB9ZIAhRP2jQrYuiZBHOx+mKpOLjIC8wpJVW4I4KYkYlVm18vmtndy7nr4PC
KQW0u6Xumqvlofd79IAxC3H6w/DoOPDEwyTtV23D5SfIKEKk//uYD9XNlBB0/Goe
/3U5vXRz8Zr6BFvXBmkiFBM39/BoAWeQTZ6ZGewHX9sXr+lbG64efiMIhwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFNUR6WAE/4S3tfJfmV/viS10i6piMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvMVJIcFlBVF9oTGUxOGwtWlgtLUpMWFNMcW1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAeBAIAATAYAwQALUN0AwQG
W/JAAwQCsq+wAwQAwnKQMBQEAgACMA4DBQMqB1VAAwUDKglEQDANBgkqhkiG9w0B
AQsFAAOCAQEAohakNrQnh9vNN+CzZYhE54Tt+rhzUTG9A6r4W3m3A/HwKODgZUV1
yiRpJTYhOfNABdWFN+r+IFeEhuANynsqU2lNrTlNiad3DuQdSulJQuMmQxkMDCs0
7gmRIptOfkl65tob7/TAqndlD7gVpMYPrFOJFlcppQX83l0pXnA0Psta7DWmksfZ
DWW9Bz6StaIW9YTP0FgwXQt38KdMBsfT/773aKa3/G+Sy3fIaEkI5lZEdrSa+Laq
1Yupv/HupyjizvzRYZVHEq+MA7YLEgU+RRuULhezdMEsgDUvcgE3mRIyj9YeBDUh
ynnPOf5FfqrfGJNJ6rv3yj892yOTGr6hnw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:49 2023 by rpki-client on console-fra.rpki-client.org