Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/6wQ4p3y97yRZI7kfEHQ_m8LJpy4.roa
File: 6wQ4p3y97yRZI7kfEHQ_m8LJpy4.roa (raw, json)
Hash identifier: e6F2SiTWGzov3IpicOmuivel8Vi8xCZRWzFJqTVD7m8=
Subject key identifier: EB:04:38:A7:7C:BD:EF:24:59:23:B9:1F:10:74:3F:9B:C2:C9:A7:2E
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 0183B352A78267B66CBB2FB78904A05B6140
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/6wQ4p3y97yRZI7kfEHQ_m8LJpy4.roa
Signing time: Fri 07 Oct 2022 16:41:22 +0000
ROA not before: Fri 07 Oct 2022 16:41:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 194.180.238.0/24 maxlen: 24
91.242.105.0/24 maxlen: 24
91.242.108.0/22 maxlen: 22
45.140.32.0/22 maxlen: 22
91.242.120.0/21 maxlen: 21
45.143.252.0/22 maxlen: 22
45.150.180.0/22 maxlen: 22
194.242.22.0/23 maxlen: 23
185.145.80.0/22 maxlen: 22
91.242.64.0/22 maxlen: 22
45.151.196.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:b3:52:a7:82:67:b6:6c:bb:2f:b7:89:04:a0:5b:61:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Oct 7 16:41:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=eb0438a77cbdef245923b91f10743f9bc2c9a72e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:e4:14:d2:5f:07:b6:f6:5b:bf:fa:c9:87:71:
91:1f:7f:64:0c:24:86:51:fc:72:14:be:b0:67:45:
50:9e:e9:13:c4:1f:98:d5:c6:97:f6:a9:90:0b:8f:
2e:d1:06:51:07:b0:94:b7:2f:16:4e:09:38:2e:e9:
fa:3f:cc:b8:43:e9:39:46:13:f9:09:e5:94:b9:e3:
35:d9:d0:e1:43:06:48:2d:56:65:4e:71:e5:93:0a:
32:9b:97:d7:aa:9f:8d:76:b1:ca:ee:c8:3b:a6:fb:
7c:a5:d9:36:d2:3b:41:dc:0d:80:45:dc:0b:55:ac:
47:c6:62:54:8f:1f:1b:56:16:30:c6:be:3b:26:a7:
72:ef:7e:0b:5c:a4:ff:1c:e4:3b:c6:bf:94:97:6c:
bf:93:f8:17:e6:5b:15:0f:56:62:48:23:ae:8e:84:
7f:37:1a:69:ae:9f:9c:6b:b4:2b:18:8f:91:7e:b1:
0b:63:50:c4:d0:fe:4f:12:b7:3b:9e:7a:05:61:c4:
9f:24:56:17:cd:52:71:09:f0:a4:1c:63:74:34:a9:
29:91:43:6e:65:83:17:dc:88:0f:6e:18:b4:ba:9f:
2c:0e:95:26:2b:d4:03:cf:f3:00:3f:b0:05:c1:03:
ac:af:df:a2:67:bd:d6:6f:99:d5:9d:ad:05:f5:68:
74:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:04:38:A7:7C:BD:EF:24:59:23:B9:1F:10:74:3F:9B:C2:C9:A7:2E
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/6wQ4p3y97yRZI7kfEHQ_m8LJpy4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.32.0/22
45.143.252.0/22
45.150.180.0/22
45.151.196.0/22
91.242.64.0/22
91.242.105.0/24
91.242.108.0/22
91.242.120.0/21
185.145.80.0/22
194.180.238.0/24
194.242.22.0/23
Signature Algorithm: sha256WithRSAEncryption
40:21:db:dd:aa:9b:01:3a:93:b9:cc:23:5a:e1:f8:fd:24:90:
e7:bf:fb:ac:99:b4:82:43:cf:f1:90:a2:20:0e:81:1a:e9:3f:
6c:77:44:ea:ce:69:25:f0:07:67:37:c2:28:c9:a6:46:3a:fe:
3c:33:bf:f8:bd:94:98:fe:69:0c:66:7b:75:0c:a3:64:e4:31:
37:21:84:66:5b:ab:89:88:0f:dc:13:f2:7e:48:6f:a8:66:44:
bd:b1:c2:f7:cb:a0:d1:8b:60:dc:d1:1c:32:92:41:89:81:33:
61:36:ef:bd:05:bf:bd:da:f7:3b:b3:a6:96:24:cf:24:9b:63:
b0:2e:bc:3a:6b:d9:9e:3e:ff:c0:de:74:db:0e:fc:d2:f9:f6:
fe:98:32:d2:89:f4:57:f3:f3:13:8b:67:13:87:29:13:ba:97:
c3:f7:c5:e3:1e:ec:e5:7f:51:e0:c8:01:6d:73:20:ff:f2:80:
23:c0:af:21:ae:38:94:31:ca:ca:ae:c0:11:d6:58:9b:88:0b:
d8:91:ae:47:6e:b8:b5:de:4d:7c:35:5f:67:70:6d:ef:09:a2:
10:c9:a4:67:de:b3:81:6a:71:c7:1d:58:4c:8c:9a:45:1f:59:
08:40:1f:db:a8:23:87:77:e7:2b:a4:6f:22:56:9d:7a:10:89:
d0:02:63:1c
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYOzUqeCZ7Zsuy+3iQSgW2FAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjIxMDA3MTY0MTIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjA0MzhhNzdjYmRlZjI0NTkyM2I5MWYxMDc0M2Y5YmMyYzlhNzJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgeQU0l8HtvZbv/rJh3GRH39kDCSG
UfxyFL6wZ0VQnukTxB+Y1caX9qmQC48u0QZRB7CUty8WTgk4Lun6P8y4Q+k5RhP5
CeWUueM12dDhQwZILVZlTnHlkwoym5fXqp+NdrHK7sg7pvt8pdk20jtB3A2ARdwL
VaxHxmJUjx8bVhYwxr47Jqdy734LXKT/HOQ7xr+Ul2y/k/gX5lsVD1ZiSCOujoR/
Nxpprp+ca7QrGI+RfrELY1DE0P5PErc7nnoFYcSfJFYXzVJxCfCkHGN0NKkpkUNu
ZYMX3IgPbhi0up8sDpUmK9QDz/MAP7AFwQOsr9+iZ73Wb5nVna0F9Wh0KQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFOsEOKd8ve8kWSO5HxB0P5vCyacuMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvNndRNHAzeTk3eVJaSTdrZkVIUV9tOExKcHk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQCLYwgAwQC
LY/8AwQCLZa0AwQCLZfEAwQCW/JAAwQAW/JpAwQCW/JsAwQDW/J4AwQCuZFQAwQA
wrTuAwQBwvIWMA0GCSqGSIb3DQEBCwUAA4IBAQBAIdvdqpsBOpO5zCNa4fj9JJDn
v/usmbSCQ8/xkKIgDoEa6T9sd0Tqzmkl8AdnN8IoyaZGOv48M7/4vZSY/mkMZnt1
DKNk5DE3IYRmW6uJiA/cE/J+SG+oZkS9scL3y6DRi2Dc0RwykkGJgTNhNu+9Bb+9
2vc7s6aWJM8km2OwLrw6a9mePv/A3nTbDvzS+fb+mDLSifRX8/MTi2cThykTupfD
98XjHuzlf1HgyAFtcyD/8oAjwK8hrjiUMcrKrsAR1libiAvYka5Hbri13k18NV9n
cG3vCaIQyaRn3rOBanHHHVhMjJpFH1kIQB/bqCOHd+crpG8iVp16EInQAmMc
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:36 2023 by rpki-client on console-ams.rpki-client.org