Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/fd8457-810f-4f7e-9e58-56cc39db6ed6/1/v4pZJ9WTRp-I1sMllmeiYz5sZ20.roa
File: v4pZJ9WTRp-I1sMllmeiYz5sZ20.roa (raw, json)
Hash identifier: FeX0evDTM95AaPHfSZpaEC0iqI7Z9XYymoZeHX28xbA=
Subject key identifier: BF:8A:59:27:D5:93:46:9F:88:D6:C3:25:96:67:A2:63:3E:6C:67:6D
Certificate issuer: /CN=c59bd1e8c58f641bd944305f11c54efe5f3a0ce2
Certificate serial: 01854DF861429F7470F92493309CF6E03ABD
Authority key identifier: C5:9B:D1:E8:C5:8F:64:1B:D9:44:30:5F:11:C5:4E:FE:5F:3A:0C:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xZvR6MWPZBvZRDBfEcVO_l86DOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/fd8457-810f-4f7e-9e58-56cc39db6ed6/1/v4pZJ9WTRp-I1sMllmeiYz5sZ20.roa
Signing time: Mon 26 Dec 2022 10:26:41 +0000
ROA not before: Mon 26 Dec 2022 10:26:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48011
IP address blocks: 45.89.236.0/22 maxlen: 24
185.217.143.0/24 maxlen: 24
213.232.203.0/24 maxlen: 24
185.227.136.0/24 maxlen: 24
185.227.139.0/24 maxlen: 24
185.227.137.0/24 maxlen: 24
185.227.138.0/24 maxlen: 24
2a0c:6600:1::/48 maxlen: 48
2a0c:6600:2::/48 maxlen: 48
2a0c:6600::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:4d:f8:61:42:9f:74:70:f9:24:93:30:9c:f6:e0:3a:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c59bd1e8c58f641bd944305f11c54efe5f3a0ce2
Validity
Not Before: Dec 26 10:26:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bf8a5927d593469f88d6c3259667a2633e6c676d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:85:b9:92:42:52:94:e4:d4:16:32:c3:92:ff:
da:bf:0b:d8:c0:44:5c:f4:d5:d4:5d:28:b6:75:25:
ab:b2:41:10:c0:9d:67:fe:7f:82:ce:f2:a0:e5:8c:
bc:27:7c:a5:3a:72:6f:88:49:12:4a:ae:78:a9:f7:
08:04:e6:35:8c:3b:25:ea:9e:ab:ad:ec:28:05:93:
8c:30:52:be:ce:c0:98:0f:95:3c:e3:b0:6a:21:69:
dc:07:b8:cd:1a:96:32:94:37:b5:65:57:84:2e:b1:
e0:a0:d9:cc:69:f5:29:cd:dd:b0:9a:2a:48:de:3e:
94:ce:d5:41:2b:2d:ae:37:91:a0:27:fe:4c:1b:12:
82:0a:e7:8a:41:ee:ff:1b:41:36:24:63:ee:a2:9e:
cf:e9:2e:7d:2d:d9:e1:d1:03:cc:8d:1f:54:7a:66:
d9:9f:a3:6b:af:32:2a:bd:21:90:c4:27:77:13:b7:
d4:0c:70:05:17:44:40:83:54:d3:9c:71:50:b1:f5:
bc:64:cb:0c:5c:e9:53:20:48:73:a4:53:c0:9f:95:
bc:a0:29:ea:87:46:db:6c:e1:16:03:12:0c:13:60:
e6:85:09:a6:91:11:d5:b0:1c:40:b4:2c:b0:ff:e3:
fa:4e:4c:c0:ff:e5:c1:80:4f:de:9d:f4:3d:62:c0:
bf:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:8A:59:27:D5:93:46:9F:88:D6:C3:25:96:67:A2:63:3E:6C:67:6D
X509v3 Authority Key Identifier:
keyid:C5:9B:D1:E8:C5:8F:64:1B:D9:44:30:5F:11:C5:4E:FE:5F:3A:0C:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xZvR6MWPZBvZRDBfEcVO_l86DOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/fd8457-810f-4f7e-9e58-56cc39db6ed6/1/v4pZJ9WTRp-I1sMllmeiYz5sZ20.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/fd8457-810f-4f7e-9e58-56cc39db6ed6/1/xZvR6MWPZBvZRDBfEcVO_l86DOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.236.0/22
185.217.143.0/24
185.227.136.0/22
213.232.203.0/24
IPv6:
2a0c:6600::-2a0c:6600:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
42:92:42:50:95:d7:bb:d5:fa:2b:87:74:df:d1:13:f8:37:8f:
7f:20:1c:d8:53:57:4c:2c:d3:18:74:f6:9b:dc:fd:73:f9:ac:
a9:b9:6a:ce:b2:9e:f1:4b:42:f6:2f:1b:b7:6f:fa:b1:cb:64:
56:d6:61:f1:ff:b3:b0:69:2c:e0:9f:91:51:e9:89:88:b8:45:
92:c0:67:d8:5a:70:ca:9f:79:00:29:c9:1d:90:ee:da:eb:96:
5d:7a:5e:13:6a:fe:80:76:12:9d:b6:5f:02:62:e0:d3:93:08:
08:ec:ca:af:46:1a:7e:eb:3b:1c:16:3f:bd:67:3a:b3:06:78:
43:32:7c:9d:a9:47:a4:5a:18:c2:d0:2a:1b:6e:a6:5b:a8:59:
b3:ae:81:b4:3b:5f:54:fe:35:c2:41:43:2d:f7:73:5b:97:7c:
27:a3:ea:a4:19:7c:12:bc:f0:82:2e:e8:17:59:e9:38:c3:11:
20:c1:b5:11:da:ad:17:0a:8e:56:51:cd:ae:b7:e7:42:b4:90:
d9:ea:8c:ed:29:f8:3c:97:d3:4d:cc:e4:99:80:04:9d:68:39:
48:cf:e6:85:13:49:8a:a0:3d:76:a2:76:27:72:15:3c:49:89:
31:f8:5a:29:aa:51:8c:51:d1:5f:34:67:d0:66:ce:a8:24:f4:
41:05:a4:01
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAYVN+GFCn3Rw+SSTMJz24Dq9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1OWJkMWU4YzU4ZjY0MWJkOTQ0MzA1ZjExYzU0ZWZlNWYz
YTBjZTIwHhcNMjIxMjI2MTAyNjQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjhhNTkyN2Q1OTM0NjlmODhkNmMzMjU5NjY3YTI2MzNlNmM2NzZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhYW5kkJSlOTUFjLDkv/avwvYwERc
9NXUXSi2dSWrskEQwJ1n/n+CzvKg5Yy8J3ylOnJviEkSSq54qfcIBOY1jDsl6p6r
rewoBZOMMFK+zsCYD5U847BqIWncB7jNGpYylDe1ZVeELrHgoNnMafUpzd2wmipI
3j6UztVBKy2uN5GgJ/5MGxKCCueKQe7/G0E2JGPuop7P6S59Ldnh0QPMjR9UembZ
n6NrrzIqvSGQxCd3E7fUDHAFF0RAg1TTnHFQsfW8ZMsMXOlTIEhzpFPAn5W8oCnq
h0bbbOEWAxIME2DmhQmmkRHVsBxAtCyw/+P6TkzA/+XBgE/enfQ9YsC/SwIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFL+KWSfVk0afiNbDJZZnomM+bGdtMB8GA1UdIwQY
MBaAFMWb0ejFj2Qb2UQwXxHFTv5fOgziMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFp2UjZNV1BaQnZaUkRCZkVjVk9fbDg2RE9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9mZDg0NTctODEwZi00ZjdlLTllNTgt
NTZjYzM5ZGI2ZWQ2LzEvdjRwWko5V1RScC1JMXNNbGxtZWlZejVzWjIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9mZDg0NTctODEwZi00ZjdlLTllNTgtNTZjYzM5ZGI2ZWQ2
LzEveFp2UjZNV1BaQnZaUkRCZkVjVk9fbDg2RE9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTAeBAIAATAYAwQCLVnsAwQA
udmPAwQCueOIAwQA1ejLMBcEAgACMBEwDwMEASoMZgMHACoMZgAAAjANBgkqhkiG
9w0BAQsFAAOCAQEAQpJCUJXXu9X6K4d039ET+DePfyAc2FNXTCzTGHT2m9z9c/ms
qblqzrKe8UtC9i8bt2/6sctkVtZh8f+zsGks4J+RUemJiLhFksBn2Fpwyp95ACnJ
HZDu2uuWXXpeE2r+gHYSnbZfAmLg05MICOzKr0Yafus7HBY/vWc6swZ4QzJ8nalH
pFoYwtAqG26mW6hZs66BtDtfVP41wkFDLfdzW5d8J6PqpBl8Erzwgi7oF1npOMMR
IMG1EdqtFwqOVlHNrrfnQrSQ2eqM7Sn4PJfTTczkmYAEnWg5SM/mhRNJiqA9dqJ2
J3IVPEmJMfhaKapRjFHRXzRn0GbOqCT0QQWkAQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:16 2024 by rpki-client on console-fra.rpki-client.org