Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/tv8cfJgPhrGEEh8KCxoQ0oeKvBw.roa
File: tv8cfJgPhrGEEh8KCxoQ0oeKvBw.roa (raw, json)
Hash identifier: EqUX2cgULeGnHRivHnuOb99MdT4daeJSJIfeV3n4R8I=
Subject key identifier: B6:FF:1C:7C:98:0F:86:B1:84:12:1F:0A:0B:1A:10:D2:87:8A:BC:1C
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 14F36CB9
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/tv8cfJgPhrGEEh8KCxoQ0oeKvBw.roa
Signing time: Wed 04 May 2022 08:23:05 +0000
ROA not before: Wed 04 May 2022 08:23:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35346
IP address blocks: 193.31.104.0/22 maxlen: 22
45.150.44.0/22 maxlen: 22
45.91.84.0/22 maxlen: 22
45.143.44.0/22 maxlen: 22
194.114.144.0/24 maxlen: 25
194.114.144.128/27 maxlen: 27
45.67.116.0/24 maxlen: 24
195.216.156.0/22 maxlen: 22
91.242.108.0/22 maxlen: 22
193.37.200.0/22 maxlen: 22
91.242.112.0/20 maxlen: 24
91.242.112.0/21 maxlen: 24
45.83.12.0/22 maxlen: 22
91.242.64.0/18 maxlen: 24
2a07:5540::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 351497401 (0x14f36cb9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: May 4 08:23:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b6ff1c7c980f86b184121f0a0b1a10d2878abc1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:e4:55:13:ab:6f:a6:dd:a4:e6:14:94:99:1d:
39:bc:1b:2d:2a:a0:53:9f:65:3f:8c:cf:5f:ae:eb:
44:0a:5d:1c:a7:2b:b7:75:5e:be:6c:1f:a9:94:13:
59:45:e2:6e:34:f4:cf:4a:32:56:8d:a1:f3:a3:c3:
ed:94:c2:d7:55:ec:4c:51:c1:f5:25:ef:df:dd:f1:
30:f3:f0:a9:c0:0e:77:f8:e4:be:23:dd:a3:59:db:
03:27:95:93:4d:0b:4b:44:eb:46:78:4c:ab:68:a8:
43:29:11:8b:ef:64:9f:a0:4d:27:42:f1:f2:b0:6a:
14:8b:74:2e:f3:0e:6d:5c:71:82:17:dc:1b:05:66:
12:74:9c:05:36:41:e4:59:d2:39:6e:22:83:79:48:
c1:5d:a2:73:4c:8b:b4:e0:91:38:26:1d:79:94:1f:
47:74:3c:0d:67:86:d4:8f:58:6a:03:a6:9a:bb:16:
4b:10:4f:c9:a7:7e:69:63:55:8d:78:6f:8a:ef:99:
ff:cc:08:57:6c:15:9e:17:76:4d:b2:2a:16:bc:3f:
02:a5:9b:25:16:cb:5f:2f:b8:46:fd:16:ad:c4:34:
c4:b6:4f:ab:8f:76:f9:7f:ca:1e:c9:93:7a:67:b9:
c9:6b:89:20:eb:26:f9:9f:76:eb:86:8d:e5:42:1d:
10:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:FF:1C:7C:98:0F:86:B1:84:12:1F:0A:0B:1A:10:D2:87:8A:BC:1C
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/tv8cfJgPhrGEEh8KCxoQ0oeKvBw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.116.0/24
45.83.12.0/22
45.91.84.0/22
45.143.44.0/22
45.150.44.0/22
91.242.64.0/18
193.31.104.0/22
193.37.200.0/22
194.114.144.0/24
195.216.156.0/22
IPv6:
2a07:5540::/29
Signature Algorithm: sha256WithRSAEncryption
a4:1a:42:01:c8:95:72:e8:40:21:a1:2b:ed:32:40:ad:37:0b:
a7:52:75:38:95:35:45:2a:1e:15:6f:fd:f4:b8:f8:81:3c:28:
fc:bb:22:00:39:f5:3f:a6:02:b8:e6:31:7e:11:3d:f0:b1:5b:
0f:b9:64:08:1e:d0:c7:c9:2d:96:90:6c:0f:60:c9:de:b5:3a:
a4:4a:e2:af:6a:e1:05:ed:ae:3c:b6:85:4a:42:2e:e3:ea:23:
3c:38:b5:f2:1e:f6:94:bc:1e:ea:75:87:ed:3e:76:d3:63:77:
9d:97:fe:ba:b6:ba:4d:48:94:d9:20:98:dc:2b:a8:59:08:0b:
b6:a2:e7:fe:95:63:65:a8:69:53:14:80:74:b3:ef:3c:03:f7:
a2:da:71:b2:02:d2:2d:29:61:b7:37:47:91:5c:6c:f9:06:ca:
9d:98:02:b8:49:3f:51:fe:ce:dc:f9:02:3c:b3:9f:b6:21:57:
4c:55:d1:61:05:f9:79:64:89:8d:13:80:cf:5e:92:f8:3d:ea:
12:66:6a:54:d6:35:8a:4b:b8:6d:d7:aa:26:4d:77:ef:91:45:
ed:e8:f8:4a:e9:94:9d:83:ba:b0:14:00:5b:d0:80:d5:5a:e5:
a3:a3:39:43:44:97:d6:89:e2:d4:50:e0:dd:ed:94:26:f3:20:
bd:64:f0:3c
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIEFPNsuTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
YmFiMzA2ODM4NTllYzdlMDIwNmZlOTI2NTM2M2U4ZTM5NzFhOWE4MB4XDTIyMDUw
NDA4MjMwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjZmZjFjN2M5ODBm
ODZiMTg0MTIxZjBhMGIxYTEwZDI4NzhhYmMxYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKTkVROrb6bdpOYUlJkdObwbLSqgU59lP4zPX67rRApdHKcr
t3VevmwfqZQTWUXibjT0z0oyVo2h86PD7ZTC11XsTFHB9SXv393xMPPwqcAOd/jk
viPdo1nbAyeVk00LS0TrRnhMq2ioQykRi+9kn6BNJ0Lx8rBqFIt0LvMObVxxghfc
GwVmEnScBTZB5FnSOW4ig3lIwV2ic0yLtOCROCYdeZQfR3Q8DWeG1I9YagOmmrsW
SxBPyad+aWNVjXhviu+Z/8wIV2wVnhd2TbIqFrw/AqWbJRbLXy+4Rv0WrcQ0xLZP
q492+X/KHsmTeme5yWuJIOsm+Z9264aN5UIdENUCAwEAAaOCAk4wggJKMB0GA1Ud
DgQWBBS2/xx8mA+GsYQSHwoLGhDSh4q8HDAfBgNVHSMEGDAWgBSLqzBoOFnsfgIG
/pJlNj6OOXGpqDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2k2c3dhRGhaN0g0Q0J2NlNaVFktampseHFhZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmIvODFmZDFhLTQ3YTctNDVkOC1iZTc0LTNhYzllNTZjMzA4OS8x
L3R2OGNmSmdQaHJHRUVoOEtDeG9RMG9lS3ZCdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmIv
ODFmZDFhLTQ3YTctNDVkOC1iZTc0LTNhYzllNTZjMzA4OS8xL2k2c3dhRGhaN0g0
Q0J2NlNaVFktampseHFhZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBk
BggrBgEFBQcBBwEB/wRVMFMwQgQCAAEwPAMEAC1DdAMEAi1TDAMEAi1bVAMEAi2P
LAMEAi2WLAMEBlvyQAMEAsEfaAMEAsElyAMEAMJykAMEAsPYnDANBAIAAjAHAwUD
KgdVQDANBgkqhkiG9w0BAQsFAAOCAQEApBpCAciVcuhAIaEr7TJArTcLp1J1OJU1
RSoeFW/99Lj4gTwo/LsiADn1P6YCuOYxfhE98LFbD7lkCB7Qx8ktlpBsD2DJ3rU6
pErir2rhBe2uPLaFSkIu4+ojPDi18h72lLwe6nWH7T5202N3nZf+ura6TUiU2SCY
3CuoWQgLtqLn/pVjZahpUxSAdLPvPAP3otpxsgLSLSlhtzdHkVxs+QbKnZgCuEk/
Uf7O3PkCPLOftiFXTFXRYQX5eWSJjROAz16S+D3qEmZqVNY1iku4bdeqJk1375FF
7ej4SumUnYO6sBQAW9CA1Vrlo6M5Q0SX1oni1FDg3e2UJvMgvWTwPA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:42 2024 by rpki-client on console-fra.rpki-client.org