Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/08f9b4-115c-4488-b567-5cf7c0621065/1/ar5HYMME2TiUIdCkxgh8AkRD4Z8.roa
File: ar5HYMME2TiUIdCkxgh8AkRD4Z8.roa (raw, json)
Hash identifier: 87oqN7SIlAxb3dPKTls1W5UQD64WlAnVL6kRu7AN6HA=
Subject key identifier: 6A:BE:47:60:C3:04:D9:38:94:21:D0:A4:C6:08:7C:02:44:43:E1:9F
Certificate issuer: /CN=f3751cf8c3a2d36c9744c96519899945ac607820
Certificate serial: 0820BD74
Authority key identifier: F3:75:1C:F8:C3:A2:D3:6C:97:44:C9:65:19:89:99:45:AC:60:78:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/83Uc-MOi02yXRMllGYmZRaxgeCA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/08f9b4-115c-4488-b567-5cf7c0621065/1/ar5HYMME2TiUIdCkxgh8AkRD4Z8.roa
Signing time: Sat 01 Jan 2022 01:55:06 +0000
ROA not before: Sat 01 Jan 2022 01:55:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48956
IP address blocks: 91.230.42.0/23 maxlen: 23
45.90.0.0/23 maxlen: 23
195.88.114.0/23 maxlen: 23
91.207.52.0/23 maxlen: 23
91.246.104.0/21 maxlen: 21
37.46.15.0/24 maxlen: 24
37.46.13.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 136363380 (0x820bd74)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f3751cf8c3a2d36c9744c96519899945ac607820
Validity
Not Before: Jan 1 01:55:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6abe4760c304d9389421d0a4c6087c024443e19f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:96:28:6c:94:8b:e1:ff:10:d1:76:4e:18:b1:
d2:e6:d5:35:7a:a4:9a:7d:f8:5c:76:6f:01:61:03:
24:b2:a0:63:65:ca:a3:82:35:a8:cb:41:c1:17:ee:
d6:32:b5:47:35:d5:5d:28:c7:14:f5:e7:44:a1:cd:
83:f6:9b:3d:69:a0:55:8c:a5:47:b4:b9:8e:83:61:
42:7f:95:0d:45:fe:dc:9c:35:4b:32:2e:8b:4d:a3:
89:ac:b4:b4:a8:b1:97:d0:48:74:96:b0:5e:e1:8e:
26:30:0d:c7:5b:e8:b8:c8:ad:ea:04:9a:6f:52:59:
d0:87:8a:d4:c9:b5:14:9f:17:87:9b:fd:80:13:26:
32:4c:39:c9:91:6d:a3:ca:b8:68:d5:dd:45:10:f7:
9c:eb:05:21:23:fe:5b:e7:80:96:52:1b:db:46:7c:
f2:38:73:9b:01:e7:4b:61:6f:4d:7b:10:10:7b:fe:
07:97:86:ed:d5:23:34:d2:db:bb:1c:37:29:e3:52:
1e:2f:65:19:8e:64:56:c2:0a:02:0f:46:2c:b6:69:
e4:dc:0f:0e:d1:28:f0:16:7c:43:a8:88:9a:1f:6b:
2b:79:08:52:c0:c8:c0:af:a8:a4:e9:90:62:20:1e:
67:4b:2b:1d:2f:8f:32:7a:ee:eb:c8:84:6d:42:f4:
5c:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:BE:47:60:C3:04:D9:38:94:21:D0:A4:C6:08:7C:02:44:43:E1:9F
X509v3 Authority Key Identifier:
keyid:F3:75:1C:F8:C3:A2:D3:6C:97:44:C9:65:19:89:99:45:AC:60:78:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/83Uc-MOi02yXRMllGYmZRaxgeCA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/08f9b4-115c-4488-b567-5cf7c0621065/1/ar5HYMME2TiUIdCkxgh8AkRD4Z8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/08f9b4-115c-4488-b567-5cf7c0621065/1/83Uc-MOi02yXRMllGYmZRaxgeCA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.46.13.0/24
37.46.15.0/24
45.90.0.0/23
91.207.52.0/23
91.230.42.0/23
91.246.104.0/21
195.88.114.0/23
Signature Algorithm: sha256WithRSAEncryption
25:51:4d:88:d7:00:66:db:29:e5:9a:fa:e8:de:8d:2d:4b:18:
33:77:50:fe:ab:39:3b:0e:53:31:97:71:40:5a:2d:d9:03:aa:
40:15:34:ec:a5:4a:e1:bb:94:0c:13:ee:e9:69:00:d5:bf:ff:
94:58:11:b9:0e:8e:02:d9:79:e9:e2:ad:e4:07:ce:91:fc:2e:
45:3d:29:f9:7a:c0:24:77:ee:20:4c:99:af:ff:b6:21:51:ae:
b0:76:6d:c7:e7:e9:4e:f7:c9:e8:9a:87:e5:af:71:d0:59:43:
8e:1f:df:c4:84:b2:2e:0e:0a:87:65:d7:ed:f6:98:fb:00:e5:
0b:9a:20:9e:d1:41:31:e8:ba:95:e7:4b:85:17:7b:58:de:97:
c5:c0:82:75:1c:21:03:c5:e2:af:6d:24:8c:09:c8:49:64:52:
e0:af:c3:92:a0:23:8e:31:34:97:95:39:83:5e:03:26:11:1b:
c6:a9:c7:10:61:c2:0c:8a:bf:cb:fb:3b:c8:c9:6e:f0:33:86:
9c:f2:f3:61:08:9d:62:07:49:25:ff:c9:8a:1d:eb:1d:ad:63:
82:59:19:d3:b8:7a:32:a7:46:6c:c7:76:a5:a4:31:f7:0d:0b:
a7:17:52:34:b3:5e:5d:dc:c9:c7:5f:df:c9:32:1b:29:cf:82:
e1:16:3c:6f
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgIECCC9dDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
Mzc1MWNmOGMzYTJkMzZjOTc0NGM5NjUxOTg5OTk0NWFjNjA3ODIwMB4XDTIyMDEw
MTAxNTUwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmFiZTQ3NjBjMzA0
ZDkzODk0MjFkMGE0YzYwODdjMDI0NDQzZTE5ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOWWKGyUi+H/ENF2Thix0ubVNXqkmn34XHZvAWEDJLKgY2XK
o4I1qMtBwRfu1jK1RzXVXSjHFPXnRKHNg/abPWmgVYylR7S5joNhQn+VDUX+3Jw1
SzIui02jiay0tKixl9BIdJawXuGOJjANx1vouMit6gSab1JZ0IeK1Mm1FJ8Xh5v9
gBMmMkw5yZFto8q4aNXdRRD3nOsFISP+W+eAllIb20Z88jhzmwHnS2FvTXsQEHv+
B5eG7dUjNNLbuxw3KeNSHi9lGY5kVsIKAg9GLLZp5NwPDtEo8BZ8Q6iImh9rK3kI
UsDIwK+opOmQYiAeZ0srHS+PMnru68iEbUL0XJ0CAwEAAaOCAi0wggIpMB0GA1Ud
DgQWBBRqvkdgwwTZOJQh0KTGCHwCREPhnzAfBgNVHSMEGDAWgBTzdRz4w6LTbJdE
yWUZiZlFrGB4IDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzgzVWMtTU9pMDJ5WFJNbGxHWW1aUmF4Z2VDQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDIvMDhmOWI0LTExNWMtNDQ4OC1iNTY3LTVjZjdjMDYyMTA2NS8x
L2FyNUhZTU1FMlRpVUlkQ2t4Z2g4QWtSRDRaOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDIv
MDhmOWI0LTExNWMtNDQ4OC1iNTY3LTVjZjdjMDYyMTA2NS8xLzgzVWMtTU9pMDJ5
WFJNbGxHWW1aUmF4Z2VDQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBD
BggrBgEFBQcBBwEB/wQ0MDIwMAQCAAEwKgMEACUuDQMEACUuDwMEAS1aAAMEAVvP
NAMEAVvmKgMEA1v2aAMEAcNYcjANBgkqhkiG9w0BAQsFAAOCAQEAJVFNiNcAZtsp
5Zr66N6NLUsYM3dQ/qs5Ow5TMZdxQFot2QOqQBU07KVK4buUDBPu6WkA1b//lFgR
uQ6OAtl56eKt5AfOkfwuRT0p+XrAJHfuIEyZr/+2IVGusHZtx+fpTvfJ6JqH5a9x
0FlDjh/fxISyLg4Kh2XX7faY+wDlC5ogntFBMei6ledLhRd7WN6XxcCCdRwhA8Xi
r20kjAnISWRS4K/DkqAjjjE0l5U5g14DJhEbxqnHEGHCDIq/y/s7yMlu8DOGnPLz
YQidYgdJJf/Jih3rHa1jglkZ07h6MqdGbMd2paQx9w0LpxdSNLNeXdzJx1/fyTIb
Kc+C4RY8bw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:08 2023 by rpki-client on console-fra.rpki-client.org