Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/dA_7JpN3WpCAlH8_Qf__sroMCsU.roa
File: dA_7JpN3WpCAlH8_Qf__sroMCsU.roa (raw, json)
Hash identifier: svd/EIrW8OioOzsyT2oiGJ746tpn07IYoFMS3galAe4=
Subject key identifier: 74:0F:FB:26:93:77:5A:90:80:94:7F:3F:41:FF:FF:B2:BA:0C:0A:C5
Certificate issuer: /CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Certificate serial: 01847EFCCC0410DB46D1AE58D754C1E2AC41
Authority key identifier: 0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/dA_7JpN3WpCAlH8_Qf__sroMCsU.roa
Signing time: Wed 16 Nov 2022 05:50:07 +0000
ROA not before: Wed 16 Nov 2022 05:50:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31122
IP address blocks: 45.138.79.0/24 maxlen: 24
45.135.9.0/24 maxlen: 24
45.135.11.0/24 maxlen: 24
45.136.217.0/24 maxlen: 24
45.136.219.0/24 maxlen: 24
45.138.77.0/24 maxlen: 24
45.139.33.0/24 maxlen: 24
45.139.35.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:7e:fc:cc:04:10:db:46:d1:ae:58:d7:54:c1:e2:ac:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Validity
Not Before: Nov 16 05:50:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=740ffb2693775a9080947f3f41ffffb2ba0c0ac5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:e7:9f:1d:91:11:60:97:c2:45:34:00:1a:62:
73:08:42:ad:f2:3a:21:40:22:d3:08:3e:c2:86:ed:
c1:75:8d:cf:e3:1a:b7:68:e2:ca:d5:d8:12:be:4a:
cb:3b:61:d2:78:73:40:89:59:43:e7:60:55:c7:21:
df:8e:cb:48:1e:bb:cc:f0:12:19:05:22:00:56:d5:
ba:b9:0a:3b:64:d0:2d:01:d8:f8:05:2a:cb:6f:fc:
a0:aa:43:34:10:a9:a1:8a:f1:87:63:74:00:59:9a:
9a:88:bb:15:78:dc:38:86:de:bd:3a:d1:78:4c:78:
f6:06:36:bb:cf:2b:bb:40:a5:91:64:6a:00:4e:f2:
f5:25:ba:07:f1:ee:96:8d:62:d7:cd:e1:1a:36:fc:
af:ad:ac:71:da:91:fb:97:66:d4:88:e8:94:a5:be:
68:79:a2:6e:70:50:cf:3b:63:95:04:2d:ee:0b:37:
de:8c:8b:79:87:a2:fc:77:b1:a0:83:86:0e:c6:17:
a9:77:fe:67:5a:c0:5d:b0:13:06:ed:a4:5d:f1:87:
34:aa:59:c9:66:a1:ae:e5:51:98:fd:8f:9c:88:ec:
09:c3:b4:f7:c2:aa:0c:65:a6:e4:11:ff:bc:66:4f:
97:6d:94:34:38:43:70:d4:aa:43:d2:2e:d1:1a:c4:
1a:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:0F:FB:26:93:77:5A:90:80:94:7F:3F:41:FF:FF:B2:BA:0C:0A:C5
X509v3 Authority Key Identifier:
keyid:0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/dA_7JpN3WpCAlH8_Qf__sroMCsU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.9.0/24
45.135.11.0/24
45.136.217.0/24
45.136.219.0/24
45.138.77.0/24
45.138.79.0/24
45.139.33.0/24
45.139.35.0/24
Signature Algorithm: sha256WithRSAEncryption
47:32:bf:72:a5:ad:87:f7:d5:f7:d6:ca:5b:4c:34:ac:e2:25:
09:50:af:67:b3:df:24:cc:6e:c6:9d:c0:03:67:98:be:b2:1d:
85:18:31:10:fe:e6:18:af:4c:81:95:88:20:68:f2:90:c1:96:
c1:5c:44:ed:60:90:15:7f:33:dd:40:c5:ef:40:87:f3:52:a9:
75:da:8d:6a:ab:d1:d7:11:58:27:2f:2d:ae:ec:2b:e6:20:6a:
ca:c3:80:6e:95:85:e5:0f:0c:9e:c7:87:6b:78:ce:82:dc:d4:
ae:a2:cd:48:97:c7:3b:d3:a8:94:48:4f:61:69:60:2e:8c:d9:
0e:58:5e:cd:34:33:53:2a:87:cf:7d:d1:ac:1f:33:b7:5e:93:
67:ac:90:dd:fb:16:32:b0:88:42:b1:42:73:64:f6:78:4e:e3:
59:42:04:27:65:9f:74:7a:cf:9d:82:fa:c1:3b:42:a5:17:64:
fa:d6:e0:69:69:77:15:6d:9f:0a:0e:7c:b0:ea:f3:b2:0c:5f:
e0:f5:62:a7:cc:9e:6f:9f:f4:99:97:2f:d1:65:51:b0:3e:fb:
c4:54:51:5e:78:8e:01:1d:5a:1a:e5:d0:dc:ae:a1:e2:85:48:
75:2c:b8:80:b8:3f:33:06:6f:6d:c2:d2:22:2c:3d:01:e1:d1:
17:c6:96:5b
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYR+/MwEENtG0a5Y11TB4qxBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMjk5OTA0MmM1ZTIwMDZiZDVhZWI3YTA1ZGUxZTk2YTVl
NzM2NjQwHhcNMjIxMTE2MDU1MDA3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDBmZmIyNjkzNzc1YTkwODA5NDdmM2Y0MWZmZmZiMmJhMGMwYWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApOefHZERYJfCRTQAGmJzCEKt8joh
QCLTCD7Chu3BdY3P4xq3aOLK1dgSvkrLO2HSeHNAiVlD52BVxyHfjstIHrvM8BIZ
BSIAVtW6uQo7ZNAtAdj4BSrLb/ygqkM0EKmhivGHY3QAWZqaiLsVeNw4ht69OtF4
THj2Bja7zyu7QKWRZGoATvL1JboH8e6WjWLXzeEaNvyvraxx2pH7l2bUiOiUpb5o
eaJucFDPO2OVBC3uCzfejIt5h6L8d7Ggg4YOxhepd/5nWsBdsBMG7aRd8Yc0qlnJ
ZqGu5VGY/Y+ciOwJw7T3wqoMZabkEf+8Zk+XbZQ0OENw1KpD0i7RGsQaCwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFHQP+yaTd1qQgJR/P0H//7K6DArFMB8GA1UdIwQY
MBaAFA0pmQQsXiAGvVrregXeHpal5zZkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUt
OGMxNTM5NjViYWM5LzEvZEFfN0pwTjNXcENBbEg4X1FmX19zcm9NQ3NVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUtOGMxNTM5NjViYWM5
LzEvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQALYcJAwQA
LYcLAwQALYjZAwQALYjbAwQALYpNAwQALYpPAwQALYshAwQALYsjMA0GCSqGSIb3
DQEBCwUAA4IBAQBHMr9ypa2H99X31spbTDSs4iUJUK9ns98kzG7GncADZ5i+sh2F
GDEQ/uYYr0yBlYggaPKQwZbBXETtYJAVfzPdQMXvQIfzUql12o1qq9HXEVgnLy2u
7CvmIGrKw4BulYXlDwyex4dreM6C3NSuos1Il8c706iUSE9haWAujNkOWF7NNDNT
KofPfdGsHzO3XpNnrJDd+xYysIhCsUJzZPZ4TuNZQgQnZZ90es+dgvrBO0KlF2T6
1uBpaXcVbZ8KDnyw6vOyDF/g9WKnzJ5vn/SZly/RZVGwPvvEVFFeeI4BHVoa5dDc
rqHihUh1LLiAuD8zBm9twtIiLD0B4dEXxpZb
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:06 2023 by rpki-client on console-fra.rpki-client.org