Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/Rgen5BIFdl-ZYV5zTTP7SwvqVEA.roa
File: Rgen5BIFdl-ZYV5zTTP7SwvqVEA.roa (raw, json)
Hash identifier: CwpdUNLWAXKT4ocNZhVbfqoyx3UYk76vzo9gbl/Y7/s=
Subject key identifier: 46:07:A7:E4:12:05:76:5F:99:61:5E:73:4D:33:FB:4B:0B:EA:54:40
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 01843237D37F953AFA5029B4BCA424C04A1F
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/Rgen5BIFdl-ZYV5zTTP7SwvqVEA.roa
Signing time: Tue 01 Nov 2022 08:03:50 +0000
ROA not before: Tue 01 Nov 2022 08:03:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35346
IP address blocks: 194.114.144.0/24 maxlen: 25
194.114.144.128/27 maxlen: 27
45.67.116.0/24 maxlen: 24
91.242.103.0/24 maxlen: 24
91.242.108.0/22 maxlen: 22
91.242.112.0/20 maxlen: 24
91.242.112.0/21 maxlen: 24
91.242.120.0/21 maxlen: 21
91.242.64.0/18 maxlen: 24
91.242.72.0/23 maxlen: 24
91.242.74.0/24 maxlen: 24
2a07:5540::/29 maxlen: 29
2a09:4440::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:32:37:d3:7f:95:3a:fa:50:29:b4:bc:a4:24:c0:4a:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Nov 1 08:03:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4607a7e41205765f99615e734d33fb4b0bea5440
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:e7:1e:25:32:66:e9:94:70:df:6f:cc:d2:87:
a4:3a:03:e9:ac:28:93:c7:3c:08:ad:ef:05:d9:b2:
4d:61:a4:76:a7:35:60:c9:d9:f0:e9:25:5c:00:c5:
b1:c1:d1:1a:56:f6:dc:50:8a:3f:cc:88:7f:3b:e1:
70:d9:15:5d:0b:9a:6d:f6:5f:6a:fd:92:22:df:89:
ce:cc:f1:9e:cf:84:25:1f:f6:82:4d:21:f5:4d:0c:
cb:43:a9:43:19:8f:15:b7:71:7e:1b:32:54:2e:fc:
4e:e0:b8:ac:8a:bb:2a:de:db:24:cb:d3:b1:71:91:
3c:a1:1e:41:ec:93:a6:1b:5f:aa:60:64:9b:7c:ac:
32:fb:27:56:ca:26:c0:1f:23:c5:8b:a7:07:45:64:
38:08:30:a3:37:5f:eb:6c:da:61:d3:fb:3a:bf:1c:
aa:63:49:29:7a:0c:f5:87:51:d8:26:43:66:ba:e8:
6e:ad:f2:ef:dc:5f:61:d8:72:21:4c:64:0f:98:63:
20:92:7e:25:b0:90:f5:7f:17:b1:da:68:c7:56:59:
ba:e0:87:41:08:2a:7a:2f:59:43:5d:49:3a:37:78:
6f:bd:1f:94:a7:17:9b:56:85:3a:85:c1:df:62:b3:
d0:dd:43:7f:f3:7c:ac:6f:70:60:7d:00:1c:4a:1e:
5d:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:07:A7:E4:12:05:76:5F:99:61:5E:73:4D:33:FB:4B:0B:EA:54:40
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/Rgen5BIFdl-ZYV5zTTP7SwvqVEA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.116.0/24
91.242.64.0/18
194.114.144.0/24
IPv6:
2a07:5540::/29
2a09:4440::/29
Signature Algorithm: sha256WithRSAEncryption
87:06:c6:7e:ef:25:3d:6a:4c:ae:20:8e:8b:a0:b0:7d:b2:39:
98:ef:6f:5d:5d:8f:a2:6b:83:b0:b3:a4:f1:38:78:c4:8b:b9:
00:b1:0e:ca:c2:31:bc:ce:30:3a:c6:e1:21:2b:7a:b3:b6:23:
64:0e:31:3e:68:38:d6:c1:a8:db:15:92:f0:fc:f4:f1:5c:eb:
08:11:27:64:a9:bf:dd:41:cf:ae:5b:86:5f:6a:75:21:61:1f:
98:56:f1:0d:e1:f2:f4:a4:8a:04:dd:fe:97:69:35:15:9d:cd:
d5:63:c9:08:42:cd:b4:b3:0f:dd:2d:cc:e3:2a:a9:04:bc:29:
5f:7b:db:35:19:e9:e2:df:75:59:38:da:53:76:ba:7e:39:ee:
0f:07:33:ec:18:af:af:32:e2:09:67:3f:5d:56:d5:ba:4c:e1:
02:62:11:ad:15:c9:2f:10:56:38:d6:47:c7:58:6a:ee:33:46:
43:44:63:35:2d:82:a1:5b:ee:21:ca:2a:4c:77:4d:c0:a9:2f:
48:99:68:26:54:58:62:0d:36:c0:b3:9f:e7:ad:3b:e0:8b:a6:
21:42:ee:64:d4:cd:78:1c:08:e5:2f:98:a9:33:72:9b:ab:cb:
9c:af:f1:c9:6a:62:1d:50:de:84:17:a8:9c:52:76:c2:4a:62:
7a:f4:87:2f
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYQyN9N/lTr6UCm0vKQkwEofMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjIxMTAxMDgwMzUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjA3YTdlNDEyMDU3NjVmOTk2MTVlNzM0ZDMzZmI0YjBiZWE1NDQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiuceJTJm6ZRw32/M0oekOgPprCiT
xzwIre8F2bJNYaR2pzVgydnw6SVcAMWxwdEaVvbcUIo/zIh/O+Fw2RVdC5pt9l9q
/ZIi34nOzPGez4QlH/aCTSH1TQzLQ6lDGY8Vt3F+GzJULvxO4Lisirsq3tsky9Ox
cZE8oR5B7JOmG1+qYGSbfKwy+ydWyibAHyPFi6cHRWQ4CDCjN1/rbNph0/s6vxyq
Y0kpegz1h1HYJkNmuuhurfLv3F9h2HIhTGQPmGMgkn4lsJD1fxex2mjHVlm64IdB
CCp6L1lDXUk6N3hvvR+UpxebVoU6hcHfYrPQ3UN/83ysb3BgfQAcSh5dtQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFEYHp+QSBXZfmWFec00z+0sL6lRAMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvUmdlbjVCSUZkbC1aWVY1elRUUDdTd3ZxVkVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQALUN0AwQG
W/JAAwQAwnKQMBQEAgACMA4DBQMqB1VAAwUDKglEQDANBgkqhkiG9w0BAQsFAAOC
AQEAhwbGfu8lPWpMriCOi6CwfbI5mO9vXV2PomuDsLOk8Th4xIu5ALEOysIxvM4w
OsbhISt6s7YjZA4xPmg41sGo2xWS8Pz08VzrCBEnZKm/3UHPrluGX2p1IWEfmFbx
DeHy9KSKBN3+l2k1FZ3N1WPJCELNtLMP3S3M4yqpBLwpX3vbNRnp4t91WTjaU3a6
fjnuDwcz7BivrzLiCWc/XVbVukzhAmIRrRXJLxBWONZHx1hq7jNGQ0RjNS2CoVvu
IcoqTHdNwKkvSJloJlRYYg02wLOf56074IumIULuZNTNeBwI5S+YqTNym6vLnK/x
yWpiHVDehBeonFJ2wkpievSHLw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:36 2023 by rpki-client on console-ams.rpki-client.org