Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/308589-92fe-4593-93e4-2d0a78be892d/1/T5sZcHn2ACu5zB6M-3if22IQVn8.roa
File: T5sZcHn2ACu5zB6M-3if22IQVn8.roa (raw, json)
Hash identifier: hfPvZqLTgJ44CIqI5/5J+e070iRWl0prR/i0bmzuBNM=
Subject key identifier: 4F:9B:19:70:79:F6:00:2B:B9:CC:1E:8C:FB:78:9F:DB:62:10:56:7F
Certificate issuer: /CN=dd3d4011175e5df7a3f57d38e78150a2c05fdd1d
Certificate serial: 0182592F6C12C59D6809CB58EFCD24B96F1F
Authority key identifier: DD:3D:40:11:17:5E:5D:F7:A3:F5:7D:38:E7:81:50:A2:C0:5F:DD:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3T1AERdeXfej9X0454FQosBf3R0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/308589-92fe-4593-93e4-2d0a78be892d/1/T5sZcHn2ACu5zB6M-3if22IQVn8.roa
Signing time: Mon 01 Aug 2022 11:34:16 +0000
ROA not before: Mon 01 Aug 2022 11:34:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206805
IP address blocks: 45.84.152.0/23 maxlen: 23
45.84.155.0/24 maxlen: 24
45.84.154.0/24 maxlen: 24
178.159.32.0/23 maxlen: 24
185.228.48.0/22 maxlen: 24
193.19.100.0/23 maxlen: 23
45.145.188.0/23 maxlen: 23
188.64.149.0/24 maxlen: 24
185.247.192.0/22 maxlen: 24
2a0c:ee00::/40 maxlen: 40
2a0c:ee00:100::/40 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:59:2f:6c:12:c5:9d:68:09:cb:58:ef:cd:24:b9:6f:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd3d4011175e5df7a3f57d38e78150a2c05fdd1d
Validity
Not Before: Aug 1 11:34:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4f9b197079f6002bb9cc1e8cfb789fdb6210567f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:02:47:fb:56:de:ca:6a:c4:2f:b9:80:b6:cc:
1e:3c:7d:25:24:c1:d8:f0:89:11:6d:96:ef:f6:84:
30:f8:e4:32:9f:83:64:ad:ce:a1:9b:14:53:99:da:
a4:1e:a3:1f:a5:f2:00:37:39:fb:5e:2b:bc:77:be:
80:1a:f7:59:a6:34:46:8a:14:a2:93:69:58:8e:e4:
de:a2:a9:d2:5f:e1:41:60:a2:e4:cd:5b:4c:83:49:
49:de:2d:ce:e0:7d:5b:ba:37:f8:00:ce:29:53:81:
1a:3b:82:e8:5b:84:dc:ef:09:11:64:22:39:46:68:
33:aa:cb:35:85:12:4e:32:5e:42:45:d6:4d:c5:2d:
5a:8f:27:2e:c3:42:b6:48:c5:1b:0e:eb:23:78:b4:
6c:9f:2c:03:26:e4:a5:b5:31:5c:18:96:2f:38:31:
69:84:6e:96:cf:b1:78:17:94:7b:52:b2:1a:69:c6:
69:0c:bb:4d:87:72:d7:99:0c:04:8e:59:c9:66:59:
af:bd:ac:6f:45:f6:75:35:65:89:d1:b7:6a:e5:5e:
e0:ed:04:fa:43:a1:27:89:0b:40:88:d4:f2:90:1b:
ff:63:d5:62:d4:c5:97:d1:dc:d9:34:04:96:9a:e9:
7c:8d:ce:91:6c:8e:f8:93:bd:53:dc:24:50:fa:d6:
e4:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:9B:19:70:79:F6:00:2B:B9:CC:1E:8C:FB:78:9F:DB:62:10:56:7F
X509v3 Authority Key Identifier:
keyid:DD:3D:40:11:17:5E:5D:F7:A3:F5:7D:38:E7:81:50:A2:C0:5F:DD:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3T1AERdeXfej9X0454FQosBf3R0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/308589-92fe-4593-93e4-2d0a78be892d/1/T5sZcHn2ACu5zB6M-3if22IQVn8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/308589-92fe-4593-93e4-2d0a78be892d/1/3T1AERdeXfej9X0454FQosBf3R0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.152.0/22
45.145.188.0/23
178.159.32.0/23
185.228.48.0/22
185.247.192.0/22
188.64.149.0/24
193.19.100.0/23
IPv6:
2a0c:ee00::/39
Signature Algorithm: sha256WithRSAEncryption
31:1d:77:80:f7:78:f6:b0:c4:08:36:14:50:fe:fc:a6:c9:f2:
59:29:99:45:82:2f:c0:cb:06:34:73:80:c0:db:18:00:15:26:
57:1d:fa:85:22:20:4e:b1:be:49:60:10:d8:27:52:f1:80:c5:
b8:99:26:87:94:6f:71:7d:da:2b:ac:c8:56:fb:ea:e1:cd:e5:
74:35:10:49:be:8c:a2:d0:16:3d:80:f2:9f:0b:14:ac:a0:c5:
c6:ef:60:13:48:3c:81:7b:fb:28:a0:98:77:0c:8a:07:68:4a:
b7:57:3c:53:50:0a:e4:57:f3:c6:8e:98:ee:45:6f:2c:57:96:
95:3a:be:96:3e:8e:8a:54:c8:d0:c7:26:3d:ef:49:c1:5a:b2:
e7:9a:5b:3b:b7:8f:ef:2a:ed:37:65:02:d4:6b:65:1b:a9:fd:
64:40:01:cc:fa:70:a9:dc:8c:d2:d4:7b:78:33:ad:f9:4d:9c:
29:37:d8:58:c0:94:94:2b:3a:90:13:0c:37:f4:35:be:f9:e5:
1d:7d:16:8c:7e:ec:f5:f3:74:7b:44:22:ee:a6:57:30:cc:68:
ab:1b:be:3d:6e:c2:cd:17:e8:08:bc:f6:db:4f:7f:c9:14:f9:
63:1e:ec:f3:cd:3b:93:c1:a5:42:87:a9:a5:bd:84:cf:32:16:
7b:ba:d1:0a
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAYJZL2wSxZ1oCctY780kuW8fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkM2Q0MDExMTc1ZTVkZjdhM2Y1N2QzOGU3ODE1MGEyYzA1
ZmRkMWQwHhcNMjIwODAxMTEzNDE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjliMTk3MDc5ZjYwMDJiYjljYzFlOGNmYjc4OWZkYjYyMTA1NjdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjgJH+1beymrEL7mAtswePH0lJMHY
8IkRbZbv9oQw+OQyn4Nkrc6hmxRTmdqkHqMfpfIANzn7Xiu8d76AGvdZpjRGihSi
k2lYjuTeoqnSX+FBYKLkzVtMg0lJ3i3O4H1bujf4AM4pU4EaO4LoW4Tc7wkRZCI5
Rmgzqss1hRJOMl5CRdZNxS1ajycuw0K2SMUbDusjeLRsnywDJuSltTFcGJYvODFp
hG6Wz7F4F5R7UrIaacZpDLtNh3LXmQwEjlnJZlmvvaxvRfZ1NWWJ0bdq5V7g7QT6
Q6EniQtAiNTykBv/Y9Vi1MWX0dzZNASWmul8jc6RbI74k71T3CRQ+tbkGwIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFE+bGXB59gArucwejPt4n9tiEFZ/MB8GA1UdIwQY
MBaAFN09QBEXXl33o/V9OOeBUKLAX90dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1QxQUVSZGVYZmVqOVgwNDU0RlFvc0JmM1IwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS8zMDg1ODktOTJmZS00NTkzLTkzZTQt
MmQwYTc4YmU4OTJkLzEvVDVzWmNIbjJBQ3U1ekI2TS0zaWYyMklRVm44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS8zMDg1ODktOTJmZS00NTkzLTkzZTQtMmQwYTc4YmU4OTJk
LzEvM1QxQUVSZGVYZmVqOVgwNDU0RlFvc0JmM1IwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAwBAIAATAqAwQCLVSYAwQB
LZG8AwQBsp8gAwQCueQwAwQCuffAAwQAvECVAwQBwRNkMA4EAgACMAgDBgEqDO4A
ADANBgkqhkiG9w0BAQsFAAOCAQEAMR13gPd49rDECDYUUP78psnyWSmZRYIvwMsG
NHOAwNsYABUmVx36hSIgTrG+SWAQ2CdS8YDFuJkmh5RvcX3aK6zIVvvq4c3ldDUQ
Sb6MotAWPYDynwsUrKDFxu9gE0g8gXv7KKCYdwyKB2hKt1c8U1AK5Ffzxo6Y7kVv
LFeWlTq+lj6OilTI0McmPe9JwVqy55pbO7eP7yrtN2UC1GtlG6n9ZEABzPpwqdyM
0tR7eDOt+U2cKTfYWMCUlCs6kBMMN/Q1vvnlHX0WjH7s9fN0e0Qi7qZXMMxoqxu+
PW7CzRfoCLz2209/yRT5Yx7s8807k8GlQoeppb2EzzIWe7rRCg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:40 2023 by rpki-client on console-ams.rpki-client.org