Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/94927f-7e08-4f21-9bba-0f876abd1e30/1/S3qvVGE5uREehYXeo5kbWL7CPro.roa
File: S3qvVGE5uREehYXeo5kbWL7CPro.roa (raw, json)
Hash identifier: DBPlX12pgd8uGs/AvZmfY+4+c8V1wNpAwpNvPHukqaQ=
Subject key identifier: 4B:7A:AF:54:61:39:B9:11:1E:85:85:DE:A3:99:1B:58:BE:C2:3E:BA
Certificate issuer: /CN=238857660dc7fa60846f765b94cb69576255adb6
Certificate serial: 08B250C7
Authority key identifier: 23:88:57:66:0D:C7:FA:60:84:6F:76:5B:94:CB:69:57:62:55:AD:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I4hXZg3H-mCEb3ZblMtpV2JVrbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/94927f-7e08-4f21-9bba-0f876abd1e30/1/S3qvVGE5uREehYXeo5kbWL7CPro.roa
Signing time: Sat 01 Jan 2022 13:06:34 +0000
ROA not before: Sat 01 Jan 2022 13:06:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 28875
IP address blocks: 185.104.16.0/22 maxlen: 24
45.15.80.0/22 maxlen: 24
2a00:f740::/32 maxlen: 48
2a0e:2b80::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 145903815 (0x8b250c7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=238857660dc7fa60846f765b94cb69576255adb6
Validity
Not Before: Jan 1 13:06:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4b7aaf546139b9111e8585dea3991b58bec23eba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:83:e1:c9:15:94:e3:0d:f5:aa:cc:50:8c:2d:
e2:a5:65:28:19:f3:4a:8c:5d:47:15:36:74:cc:b7:
b4:1e:72:e3:0b:f9:47:de:2d:ed:18:8d:d4:63:1c:
34:26:c1:fe:a0:2a:6c:2b:65:2e:a0:0f:5f:c4:71:
a2:fe:9a:24:51:33:9a:fc:ea:d9:ab:20:fb:0c:4b:
f7:e0:3d:85:09:2f:fc:8c:2f:3f:11:5c:ad:78:18:
c0:c4:90:f2:4a:ef:92:6f:ea:74:32:26:1c:c2:d9:
e1:18:75:4e:3e:39:bd:cb:69:24:5c:b6:27:8a:e0:
0a:3b:a0:80:fa:5f:0a:09:22:5d:41:e7:84:8b:b2:
69:b9:73:69:a7:96:18:da:d4:d9:e1:9b:77:aa:b4:
c3:6f:fd:76:d4:8b:08:4d:96:f9:82:94:db:da:99:
f3:1f:96:a1:5b:f2:16:7f:d7:7a:e0:c0:2a:22:71:
b4:99:1e:07:02:6a:59:3c:71:2e:b3:98:fe:d8:7b:
b2:9f:2a:b8:d5:1a:02:8d:db:62:64:98:29:70:db:
62:d6:34:3b:97:c0:92:15:6f:43:7c:32:27:b7:cb:
8d:99:ac:69:31:a4:c7:67:88:18:62:c0:ad:1c:1c:
ff:b6:03:d0:90:0d:47:66:35:2b:89:b6:a3:53:db:
81:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:7A:AF:54:61:39:B9:11:1E:85:85:DE:A3:99:1B:58:BE:C2:3E:BA
X509v3 Authority Key Identifier:
keyid:23:88:57:66:0D:C7:FA:60:84:6F:76:5B:94:CB:69:57:62:55:AD:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I4hXZg3H-mCEb3ZblMtpV2JVrbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/94927f-7e08-4f21-9bba-0f876abd1e30/1/S3qvVGE5uREehYXeo5kbWL7CPro.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/94927f-7e08-4f21-9bba-0f876abd1e30/1/I4hXZg3H-mCEb3ZblMtpV2JVrbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.80.0/22
185.104.16.0/22
IPv6:
2a00:f740::/32
2a0e:2b80::/32
Signature Algorithm: sha256WithRSAEncryption
56:1b:23:7c:0e:c8:ca:f4:93:6f:ec:ab:66:3a:36:86:c2:99:
9c:e0:bc:6c:97:39:88:14:c0:02:c6:05:5c:79:d2:00:0f:d5:
21:8e:ad:c0:7d:ad:92:df:68:0a:71:ed:23:f8:03:3e:fa:86:
12:fd:be:1d:4c:9f:4b:73:12:2e:f0:05:5b:c5:7b:dc:af:92:
db:df:9b:22:bf:91:d8:52:27:e6:fe:fa:23:bb:14:96:59:ce:
04:63:48:57:e6:bb:9f:8c:61:4f:d3:22:65:06:89:c9:9f:a4:
63:4a:06:75:df:a6:1a:a1:80:d3:32:a2:99:c2:21:5a:c0:20:
3c:89:08:31:13:b2:dc:9b:38:8a:e7:2b:74:ae:be:4d:32:33:
af:2c:95:cf:df:62:09:9e:c4:6d:a0:7a:05:e6:9c:b1:1f:fc:
d4:d3:7f:3b:05:ac:6a:db:8e:fd:1c:df:2f:36:c6:b3:61:56:
91:79:b5:c5:53:95:a2:d7:84:25:c8:a0:9f:53:24:cc:65:71:
a8:52:1f:aa:e8:f2:03:c2:80:cd:c4:bf:7d:ab:53:22:7d:00:
a6:a5:70:61:11:b2:81:2b:2e:74:a7:d3:30:7c:92:4c:2f:02:
2c:7b:f3:f6:1a:5a:be:a3:75:a3:b1:71:f2:57:83:fe:0c:d8:
b8:b9:cb:79
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIECLJQxzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
Mzg4NTc2NjBkYzdmYTYwODQ2Zjc2NWI5NGNiNjk1NzYyNTVhZGI2MB4XDTIyMDEw
MTEzMDYzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGI3YWFmNTQ2MTM5
YjkxMTFlODU4NWRlYTM5OTFiNThiZWMyM2ViYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN2D4ckVlOMN9arMUIwt4qVlKBnzSoxdRxU2dMy3tB5y4wv5
R94t7RiN1GMcNCbB/qAqbCtlLqAPX8Rxov6aJFEzmvzq2asg+wxL9+A9hQkv/Iwv
PxFcrXgYwMSQ8krvkm/qdDImHMLZ4Rh1Tj45vctpJFy2J4rgCjuggPpfCgkiXUHn
hIuyablzaaeWGNrU2eGbd6q0w2/9dtSLCE2W+YKU29qZ8x+WoVvyFn/XeuDAKiJx
tJkeBwJqWTxxLrOY/th7sp8quNUaAo3bYmSYKXDbYtY0O5fAkhVvQ3wyJ7fLjZms
aTGkx2eIGGLArRwc/7YD0JANR2Y1K4m2o1PbgT0CAwEAAaOCAiUwggIhMB0GA1Ud
DgQWBBRLeq9UYTm5ER6Fhd6jmRtYvsI+ujAfBgNVHSMEGDAWgBQjiFdmDcf6YIRv
dluUy2lXYlWttjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0k0aFhaZzNILW1DRWIzWmJsTXRwVjJKVnJiWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzIvOTQ5MjdmLTdlMDgtNGYyMS05YmJhLTBmODc2YWJkMWUzMC8x
L1MzcXZWR0U1dVJFZWhZWGVvNWtiV0w3Q1Byby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzIv
OTQ5MjdmLTdlMDgtNGYyMS05YmJhLTBmODc2YWJkMWUzMC8xL0k0aFhaZzNILW1D
RWIzWmJsTXRwVjJKVnJiWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA7
BggrBgEFBQcBBwEB/wQsMCowEgQCAAEwDAMEAi0PUAMEArloEDAUBAIAAjAOAwUA
KgD3QAMFACoOK4AwDQYJKoZIhvcNAQELBQADggEBAFYbI3wOyMr0k2/sq2Y6NobC
mZzgvGyXOYgUwALGBVx50gAP1SGOrcB9rZLfaApx7SP4Az76hhL9vh1Mn0tzEi7w
BVvFe9yvktvfmyK/kdhSJ+b++iO7FJZZzgRjSFfmu5+MYU/TImUGicmfpGNKBnXf
phqhgNMyopnCIVrAIDyJCDETstybOIrnK3Suvk0yM68slc/fYgmexG2gegXmnLEf
/NTTfzsFrGrbjv0c3y82xrNhVpF5tcVTlaLXhCXIoJ9TJMxlcahSH6ro8gPCgM3E
v32rUyJ9AKalcGERsoErLnSn0zB8kkwvAix78/YaWr6jdaOxcfJXg/4M2Li5y3k=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:14 2023 by rpki-client on console-fra.rpki-client.org