Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/c56418-d1d6-4b43-aec0-b98a6901ea10/1/C4uznFAhiYnargbyMWvLW0emn1Y.roa
File: C4uznFAhiYnargbyMWvLW0emn1Y.roa (raw, json)
Hash identifier: ToBnDs+Xnw7MvJzqm5ZwJ8TGrrTMfZW/EO5OuTGvQQc=
Subject key identifier: 0B:8B:B3:9C:50:21:89:89:DA:AE:06:F2:31:6B:CB:5B:47:A6:9F:56
Certificate issuer: /CN=42c42723c1f75ba0be8935c72f61bfe5c5f4ce3c
Certificate serial: 239BBA1A
Authority key identifier: 42:C4:27:23:C1:F7:5B:A0:BE:89:35:C7:2F:61:BF:E5:C5:F4:CE:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QsQnI8H3W6C-iTXHL2G_5cX0zjw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/c56418-d1d6-4b43-aec0-b98a6901ea10/1/C4uznFAhiYnargbyMWvLW0emn1Y.roa
Signing time: Sat 01 Jan 2022 13:54:16 +0000
ROA not before: Sat 01 Jan 2022 13:54:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34430
IP address blocks: 195.242.96.0/23 maxlen: 24
37.220.144.0/23 maxlen: 24
37.220.146.0/24 maxlen: 24
193.43.89.0/24 maxlen: 24
81.18.240.0/20 maxlen: 24
45.145.196.0/22 maxlen: 24
188.95.168.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 597408282 (0x239bba1a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42c42723c1f75ba0be8935c72f61bfe5c5f4ce3c
Validity
Not Before: Jan 1 13:54:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0b8bb39c50218989daae06f2316bcb5b47a69f56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:0b:9e:0e:a4:96:ec:4e:92:55:a3:a0:bc:9e:
a3:20:50:7b:f9:df:a0:09:cb:55:55:c3:07:18:f0:
5d:82:9c:b7:e5:c7:e6:2b:d7:77:b5:0e:c2:c7:1e:
a4:6b:db:a2:f1:60:06:a7:38:76:1f:ac:9f:c2:2d:
f7:a1:a3:c9:92:c9:d1:be:a0:7c:71:46:a3:c0:51:
ca:33:f0:8e:17:ea:d9:73:b3:59:b6:aa:33:76:66:
2e:c7:25:70:bc:8c:86:03:58:d6:5d:eb:f5:eb:71:
09:d7:5f:f6:9e:90:d8:31:21:b3:7a:49:23:2a:b3:
cc:ae:ce:9b:19:22:c1:60:b4:17:8a:39:7f:41:a3:
e4:77:37:60:d7:9b:27:db:9a:df:c7:da:47:78:95:
7c:83:67:5f:62:12:48:19:c5:de:af:76:1a:f7:0f:
2d:05:b8:1d:5c:f5:d1:ed:02:88:6d:a7:e7:ac:39:
c1:aa:31:a1:9a:41:86:2c:85:16:0f:4d:e6:8c:3c:
8c:69:8c:f7:5c:b8:e6:96:87:84:bc:02:25:f2:4b:
00:d4:79:2c:e9:d1:8e:54:73:d4:5c:42:9f:12:29:
0e:f6:dc:aa:07:31:c3:df:45:ac:0c:76:c4:a6:2a:
dc:c3:6c:ff:62:9a:7b:9f:49:cb:79:7c:05:b1:38:
27:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:8B:B3:9C:50:21:89:89:DA:AE:06:F2:31:6B:CB:5B:47:A6:9F:56
X509v3 Authority Key Identifier:
keyid:42:C4:27:23:C1:F7:5B:A0:BE:89:35:C7:2F:61:BF:E5:C5:F4:CE:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QsQnI8H3W6C-iTXHL2G_5cX0zjw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/c56418-d1d6-4b43-aec0-b98a6901ea10/1/C4uznFAhiYnargbyMWvLW0emn1Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/c56418-d1d6-4b43-aec0-b98a6901ea10/1/QsQnI8H3W6C-iTXHL2G_5cX0zjw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.220.144.0-37.220.146.255
45.145.196.0/22
81.18.240.0/20
188.95.168.0/21
193.43.89.0/24
195.242.96.0/23
Signature Algorithm: sha256WithRSAEncryption
3b:e1:5e:50:1e:19:49:82:88:69:fd:2c:c8:f9:d7:52:95:e8:
c1:0c:c8:2f:c1:cb:16:2c:d8:a6:2d:28:1b:4b:c7:89:60:04:
8e:46:11:c5:a2:b5:70:d9:14:69:d8:28:e4:93:f5:e7:45:9f:
c6:97:7d:e8:c8:2a:b1:9a:f7:2e:43:db:b1:10:a3:cb:62:8c:
f2:0a:64:ac:f6:16:f0:59:3e:65:f2:43:fe:c6:7b:65:16:cc:
09:ca:cf:78:52:04:ac:63:3c:2f:de:78:89:6b:78:60:43:74:
4c:6d:2d:39:63:bd:1c:4c:bf:12:12:59:57:e6:e7:8f:31:c8:
40:1b:fd:46:4b:2d:37:28:22:f4:34:5f:3b:58:9d:99:5d:3c:
e7:c4:61:fc:72:77:d7:a6:88:27:08:64:d6:f6:0f:c1:c5:77:
f8:9b:cb:90:0a:29:c8:df:dd:10:6f:20:04:05:49:1c:d1:2c:
9c:12:de:e4:6f:f0:bb:8f:c8:f6:aa:79:90:e1:a5:cd:a4:16:
a4:96:e0:ff:f7:22:0f:79:bd:05:8f:2c:54:13:63:96:1c:73:
f2:18:32:2f:41:9d:ff:5d:c9:f0:1b:16:7d:d6:20:8f:fb:c0:
ea:d9:93:74:eb:cd:e8:65:35:ca:ba:a8:67:5d:4a:d1:8e:34:
8d:ae:c2:b6
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgIEI5u6GjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MmM0MjcyM2MxZjc1YmEwYmU4OTM1YzcyZjYxYmZlNWM1ZjRjZTNjMB4XDTIyMDEw
MTEzNTQxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGI4YmIzOWM1MDIx
ODk4OWRhYWUwNmYyMzE2YmNiNWI0N2E2OWY1NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANcLng6kluxOklWjoLyeoyBQe/nfoAnLVVXDBxjwXYKct+XH
5ivXd7UOwscepGvbovFgBqc4dh+sn8It96GjyZLJ0b6gfHFGo8BRyjPwjhfq2XOz
WbaqM3ZmLsclcLyMhgNY1l3r9etxCddf9p6Q2DEhs3pJIyqzzK7OmxkiwWC0F4o5
f0Gj5Hc3YNebJ9ua38faR3iVfINnX2ISSBnF3q92GvcPLQW4HVz10e0CiG2n56w5
waoxoZpBhiyFFg9N5ow8jGmM91y45paHhLwCJfJLANR5LOnRjlRz1FxCnxIpDvbc
qgcxw99FrAx2xKYq3MNs/2Kae59Jy3l8BbE4J1sCAwEAAaOCAi8wggIrMB0GA1Ud
DgQWBBQLi7OcUCGJidquBvIxa8tbR6afVjAfBgNVHSMEGDAWgBRCxCcjwfdboL6J
NccvYb/lxfTOPDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1FzUW5JOEgzVzZDLWlUWEhMMkdfNWNYMHpqdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzYvYzU2NDE4LWQxZDYtNGI0My1hZWMwLWI5OGE2OTAxZWExMC8x
L0M0dXpuRkFoaVluYXJnYnlNV3ZMVzBlbW4xWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzYv
YzU2NDE4LWQxZDYtNGI0My1hZWMwLWI5OGE2OTAxZWExMC8xL1FzUW5JOEgzVzZD
LWlUWEhMMkdfNWNYMHpqdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBF
BggrBgEFBQcBBwEB/wQ2MDQwMgQCAAEwLDAMAwQEJdyQAwQAJdySAwQCLZHEAwQE
URLwAwQDvF+oAwQAwStZAwQBw/JgMA0GCSqGSIb3DQEBCwUAA4IBAQA74V5QHhlJ
gohp/SzI+ddSlejBDMgvwcsWLNimLSgbS8eJYASORhHForVw2RRp2Cjkk/XnRZ/G
l33oyCqxmvcuQ9uxEKPLYozyCmSs9hbwWT5l8kP+xntlFswJys94UgSsYzwv3niJ
a3hgQ3RMbS05Y70cTL8SEllX5uePMchAG/1GSy03KCL0NF87WJ2ZXTznxGH8cnfX
pognCGTW9g/BxXf4m8uQCinI390QbyAEBUkc0SycEt7kb/C7j8j2qnmQ4aXNpBak
luD/9yIPeb0FjyxUE2OWHHPyGDIvQZ3/XcnwGxZ91iCP+8Dq2ZN0683oZTXKuqhn
XUrRjjSNrsK2
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:31 2023 by rpki-client on console-fra.rpki-client.org