Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/kJy5wwXbcQ3y5IiLTAVK3iEQFfY.roa
File: kJy5wwXbcQ3y5IiLTAVK3iEQFfY.roa (raw, json)
Hash identifier: R5MxNhNzXXtaUhOaNYqehV2M172IvIQ5rg/Rv2IsOpU=
Subject key identifier: 90:9C:B9:C3:05:DB:71:0D:F2:E4:88:8B:4C:05:4A:DE:21:10:15:F6
Certificate issuer: /CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Certificate serial: 0A6E0215
Authority key identifier: 17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/kJy5wwXbcQ3y5IiLTAVK3iEQFfY.roa
Signing time: Wed 15 Jun 2022 02:38:44 +0000
ROA not before: Wed 15 Jun 2022 02:38:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 185.233.16.0/22 maxlen: 22
185.233.17.0/24 maxlen: 24
185.233.16.0/24 maxlen: 24
185.233.19.0/24 maxlen: 24
185.233.18.0/24 maxlen: 24
45.135.239.0/24 maxlen: 24
45.135.236.0/22 maxlen: 22
45.135.237.0/24 maxlen: 24
45.135.238.0/24 maxlen: 24
45.135.236.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 174981653 (0xa6e0215)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Validity
Not Before: Jun 15 02:38:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=909cb9c305db710df2e4888b4c054ade211015f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:70:85:23:73:3a:5d:7b:41:23:04:0d:2c:dd:
ce:f1:2c:93:64:d3:22:1a:bd:fa:74:db:fa:d1:f3:
a5:a2:d5:b1:a9:91:ec:01:3d:1b:c2:a9:b5:3d:af:
8c:1c:30:cd:b7:87:87:cb:e3:e4:b1:b2:66:7c:2f:
42:d6:aa:86:2a:05:ea:65:48:93:f6:f9:12:92:05:
6b:b1:01:da:f8:d4:72:9f:e0:5b:95:21:0f:5d:88:
69:fa:7e:b0:3f:d2:f7:e7:e8:9c:c1:2a:51:1b:72:
92:22:fd:c0:da:ed:39:b5:3a:e8:dd:90:48:60:d6:
0c:78:1f:8b:2f:7c:50:6b:0d:8d:d4:8a:e5:ba:29:
3c:91:fc:20:ff:ba:d5:7f:8b:2d:eb:bb:35:a4:70:
7b:e6:6c:03:c4:b2:89:bb:4c:64:41:1f:e6:2b:e4:
6f:0d:38:14:b2:74:de:25:f5:a3:48:1d:0f:f5:64:
36:23:7e:85:5e:94:bb:bb:e6:68:64:56:38:3a:38:
95:e8:e8:3c:df:06:7b:5a:ff:6f:63:30:17:37:d5:
b0:93:d7:6d:4c:e0:11:3b:b8:23:c7:91:d7:8a:a0:
75:a8:a4:41:3d:d2:26:76:b0:9c:5f:bc:eb:13:e6:
86:67:e7:1e:cd:1e:ed:5d:49:1e:d7:47:72:34:89:
c4:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:9C:B9:C3:05:DB:71:0D:F2:E4:88:8B:4C:05:4A:DE:21:10:15:F6
X509v3 Authority Key Identifier:
keyid:17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/kJy5wwXbcQ3y5IiLTAVK3iEQFfY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.236.0/22
185.233.16.0/22
Signature Algorithm: sha256WithRSAEncryption
3d:08:aa:e4:16:90:52:b7:16:a4:6e:5d:18:b1:2a:a3:3a:7d:
19:08:78:e8:25:01:18:79:67:42:b8:58:8b:ea:59:ce:e4:ee:
4d:51:77:d1:98:67:1b:76:b2:87:c9:a2:38:34:c3:23:de:85:
47:4f:e4:2f:93:13:ef:f8:4d:bd:0c:c8:95:61:dd:d1:81:94:
ed:24:bf:f3:a1:1d:1e:3d:34:d4:8a:fb:14:b0:48:9a:ab:0c:
72:0d:59:c9:8e:e4:7c:52:3a:55:35:95:ad:56:40:82:b7:f7:
09:0c:19:51:02:68:40:ef:16:d5:0d:4d:87:a7:5e:d1:02:21:
65:58:db:41:79:f6:a9:57:0b:91:9c:77:fe:5f:db:6b:df:5a:
15:42:a2:48:44:58:d2:72:b3:a5:02:a5:6c:4c:10:ee:4c:41:
b8:ef:a4:a2:ba:9a:69:8f:e8:53:b8:b4:a4:9c:40:3e:8b:3e:
a7:bd:ec:5d:c9:90:b8:88:27:92:42:1a:84:f7:34:c4:1d:33:
80:14:3d:94:a0:80:9a:e6:5a:28:25:b6:eb:39:c4:24:a3:21:
c5:42:f2:ea:21:d1:97:62:0e:5b:c4:fa:79:33:f9:b0:da:4d:
de:6b:a7:dd:3f:cb:73:59:e8:25:7c:bd:b5:b0:7c:d5:bf:09:
9f:4d:a0:ff
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIECm4CFTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
N2QwM2YyOTgxODBjYzEwOWYxOWQ0YjE5OTJjN2Q3MWM1NmM4ZGNjMB4XDTIyMDYx
NTAyMzg0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTA5Y2I5YzMwNWRi
NzEwZGYyZTQ4ODhiNGMwNTRhZGUyMTEwMTVmNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALhwhSNzOl17QSMEDSzdzvEsk2TTIhq9+nTb+tHzpaLVsamR
7AE9G8KptT2vjBwwzbeHh8vj5LGyZnwvQtaqhioF6mVIk/b5EpIFa7EB2vjUcp/g
W5UhD12Iafp+sD/S9+fonMEqURtykiL9wNrtObU66N2QSGDWDHgfiy98UGsNjdSK
5bopPJH8IP+61X+LLeu7NaRwe+ZsA8SyibtMZEEf5ivkbw04FLJ03iX1o0gdD/Vk
NiN+hV6Uu7vmaGRWODo4lejoPN8Ge1r/b2MwFzfVsJPXbUzgETu4I8eR14qgdaik
QT3SJnawnF+86xPmhmfnHs0e7V1JHtdHcjSJxBMCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSQnLnDBdtxDfLkiItMBUreIRAV9jAfBgNVHSMEGDAWgBQX0D8pgYDMEJ8Z
1LGZLH1xxWyNzDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0Y5QV9LWUdBekJDZkdkU3htU3g5Y2NWc2pjdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDAvODJlMjUzLTAxNzctNGEyMC1iZWZlLTkxOGFjNjQ2MjY3OS8x
L2tKeTV3d1hiY1EzeTVJaUxUQVZLM2lFUUZmWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDAv
ODJlMjUzLTAxNzctNGEyMC1iZWZlLTkxOGFjNjQ2MjY3OS8xL0Y5QV9LWUdBekJD
ZkdkU3htU3g5Y2NWc2pjdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAi2H7AMEArnpEDANBgkqhkiG9w0B
AQsFAAOCAQEAPQiq5BaQUrcWpG5dGLEqozp9GQh46CUBGHlnQrhYi+pZzuTuTVF3
0ZhnG3ayh8miODTDI96FR0/kL5MT7/hNvQzIlWHd0YGU7SS/86EdHj001Ir7FLBI
mqsMcg1ZyY7kfFI6VTWVrVZAgrf3CQwZUQJoQO8W1Q1Nh6de0QIhZVjbQXn2qVcL
kZx3/l/ba99aFUKiSERY0nKzpQKlbEwQ7kxBuO+korqaaY/oU7i0pJxAPos+p73s
XcmQuIgnkkIahPc0xB0zgBQ9lKCAmuZaKCW26znEJKMhxULy6iHRl2IOW8T6eTP5
sNpN3mun3T/Lc1noJXy9tbB81b8Jn02g/w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:50 2024 by rpki-client on console-fra.rpki-client.org