Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/irFihDsmHF7SBJJK80bLHDprwiE.roa
File: irFihDsmHF7SBJJK80bLHDprwiE.roa (raw, json)
Hash identifier: VIcOKMBGXEBBQNGCrTjL4JZ8mUAE3IP0mB2t74b4ZvM=
Subject key identifier: 8A:B1:62:84:3B:26:1C:5E:D2:04:92:4A:F3:46:CB:1C:3A:6B:C2:21
Certificate issuer: /CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Certificate serial: 018A6A6C90131E51EAE84933479CA133A457
Authority key identifier: 17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/irFihDsmHF7SBJJK80bLHDprwiE.roa
Signing time: Wed 06 Sep 2023 12:16:54 +0000
ROA not before: Wed 06 Sep 2023 12:16:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 55154
IP address blocks: 85.92.112.0/24 maxlen: 24
185.235.164.0/24 maxlen: 24
45.135.236.0/24 maxlen: 24
45.135.238.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:6a:6c:90:13:1e:51:ea:e8:49:33:47:9c:a1:33:a4:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Validity
Not Before: Sep 6 12:16:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8ab162843b261c5ed204924af346cb1c3a6bc221
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:4c:28:7c:e9:2c:86:5a:6a:30:ff:a3:d0:80:
db:a5:b9:2c:a7:4a:8d:ab:43:43:7d:ee:68:bb:f6:
90:bd:5c:db:94:bb:40:c1:f2:07:b0:34:0b:eb:7b:
25:b8:d0:b0:e2:d5:e9:d1:4d:19:e2:6c:f7:39:b9:
7c:3d:5b:43:b6:81:7d:ad:2e:f6:72:49:ce:14:16:
7b:41:18:7c:1b:2e:dc:a2:d2:22:fe:af:76:7f:19:
98:10:eb:b1:0c:c9:3f:5b:1e:a4:ab:d4:5c:1a:d4:
4b:c4:a3:0a:c9:d8:72:82:71:ae:9c:db:d8:f6:27:
47:af:4a:b4:62:b3:05:97:2f:44:63:2e:e4:6a:2e:
c0:a4:ab:f2:b4:12:5e:e8:df:37:62:61:9b:36:1c:
f1:51:e8:6f:cd:6e:99:80:6c:f3:0f:3c:5d:69:45:
2f:9b:19:66:de:53:9d:fe:49:89:80:c2:a8:f0:b5:
53:47:95:85:ef:24:7a:4a:b7:b3:a3:87:90:1f:71:
b9:76:25:06:ee:ab:00:81:95:18:a3:30:fe:f4:0d:
a2:75:0d:a2:d6:b9:c5:9b:26:99:66:ac:bf:6e:ce:
f5:0f:c2:9c:22:77:c8:53:ea:10:86:41:54:dd:e0:
54:ea:95:5c:31:67:b3:7c:a5:99:c3:5d:68:1f:37:
f2:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:B1:62:84:3B:26:1C:5E:D2:04:92:4A:F3:46:CB:1C:3A:6B:C2:21
X509v3 Authority Key Identifier:
keyid:17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/irFihDsmHF7SBJJK80bLHDprwiE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.236.0/24
45.135.238.0/24
85.92.112.0/24
185.235.164.0/24
Signature Algorithm: sha256WithRSAEncryption
27:b5:01:89:b1:b4:01:db:b1:ac:93:89:70:5d:15:d1:ab:31:
25:11:b6:36:71:38:ce:22:98:45:93:51:d1:6e:e1:bb:d1:4b:
39:11:c3:3e:a5:2e:af:f6:57:50:19:f0:e6:00:92:e5:4e:79:
9a:b7:1c:96:89:f3:d5:73:25:5b:c6:ac:21:0b:6d:69:52:1c:
bb:c5:e4:43:fc:6e:ef:50:aa:9c:bb:6b:2e:be:2f:e6:54:12:
31:77:b8:bf:73:fa:85:4e:f5:21:5a:8d:08:d8:08:7f:ca:78:
7b:7c:d0:5b:2d:b7:83:d9:c2:62:0d:8b:4c:f3:ae:dd:51:34:
2a:54:f4:43:ce:66:51:a6:d1:0f:b7:d6:30:7e:73:52:b6:ee:
86:2e:dc:a2:6c:fe:53:e3:93:84:d7:7b:c2:ab:e1:2d:c9:5f:
00:dd:75:5a:8c:92:b6:04:e5:fd:c9:0b:8f:e0:a2:6c:28:8d:
2b:44:78:ab:3c:a0:b3:a5:51:6e:56:50:8f:7c:71:15:9a:06:
9b:35:09:e7:26:a4:46:e7:11:a1:77:be:2c:30:b6:33:5d:22:
0f:18:75:bf:c2:61:48:93:f9:f5:7b:a8:c4:a1:ee:eb:d0:a1:
9c:e0:81:a8:5e:c1:d8:e2:c9:81:59:fd:4f:e2:e0:6d:f3:af:
7c:28:31:07
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYpqbJATHlHq6EkzR5yhM6RXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZDAzZjI5ODE4MGNjMTA5ZjE5ZDRiMTk5MmM3ZDcxYzU2
YzhkY2MwHhcNMjMwOTA2MTIxNjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWIxNjI4NDNiMjYxYzVlZDIwNDkyNGFmMzQ2Y2IxYzNhNmJjMjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhkwofOkshlpqMP+j0IDbpbksp0qN
q0NDfe5ou/aQvVzblLtAwfIHsDQL63sluNCw4tXp0U0Z4mz3Obl8PVtDtoF9rS72
cknOFBZ7QRh8Gy7cotIi/q92fxmYEOuxDMk/Wx6kq9RcGtRLxKMKydhygnGunNvY
9idHr0q0YrMFly9EYy7kai7ApKvytBJe6N83YmGbNhzxUehvzW6ZgGzzDzxdaUUv
mxlm3lOd/kmJgMKo8LVTR5WF7yR6Srezo4eQH3G5diUG7qsAgZUYozD+9A2idQ2i
1rnFmyaZZqy/bs71D8KcInfIU+oQhkFU3eBU6pVcMWezfKWZw11oHzfykQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIqxYoQ7Jhxe0gSSSvNGyxw6a8IhMB8GA1UdIwQY
MBaAFBfQPymBgMwQnxnUsZksfXHFbI3MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUt
OTE4YWM2NDYyNjc5LzEvaXJGaWhEc21IRjdTQkpKSzgwYkxIRHByd2lFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUtOTE4YWM2NDYyNjc5
LzEvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALYfsAwQA
LYfuAwQAVVxwAwQAueukMA0GCSqGSIb3DQEBCwUAA4IBAQAntQGJsbQB27Gsk4lw
XRXRqzElEbY2cTjOIphFk1HRbuG70Us5EcM+pS6v9ldQGfDmAJLlTnmatxyWifPV
cyVbxqwhC21pUhy7xeRD/G7vUKqcu2suvi/mVBIxd7i/c/qFTvUhWo0I2Ah/ynh7
fNBbLbeD2cJiDYtM867dUTQqVPRDzmZRptEPt9YwfnNStu6GLtyibP5T45OE13vC
q+EtyV8A3XVajJK2BOX9yQuP4KJsKI0rRHirPKCzpVFuVlCPfHEVmgabNQnnJqRG
5xGhd74sMLYzXSIPGHW/wmFIk/n1e6jEoe7r0KGc4IGoXsHY4smBWf1P4uBt8698
KDEH
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:12:21 2025 by rpki-client