Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/31aaba-ac7e-489f-877c-28d5b607a47f/1/_iYMTgh3yzgzhToQiel6wWBpnPM.roa
File: _iYMTgh3yzgzhToQiel6wWBpnPM.roa (raw, json)
Hash identifier: pEdMyK91mTGMZKCAgvZPH2nr7tQRJoh/enagtOH7JTA=
Subject key identifier: FE:26:0C:4E:08:77:CB:38:33:85:3A:10:89:E9:7A:C1:60:69:9C:F3
Certificate issuer: /CN=a7d78de0234e6f99701592f536e45f5f5594eec3
Certificate serial: 0B45D5FE
Authority key identifier: A7:D7:8D:E0:23:4E:6F:99:70:15:92:F5:36:E4:5F:5F:55:94:EE:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p9eN4CNOb5lwFZL1NuRfX1WU7sM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/31aaba-ac7e-489f-877c-28d5b607a47f/1/_iYMTgh3yzgzhToQiel6wWBpnPM.roa
Signing time: Fri 10 Jun 2022 09:36:02 +0000
ROA not before: Fri 10 Jun 2022 09:36:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44306
IP address blocks: 213.186.25.0/24 maxlen: 24
213.186.26.0/24 maxlen: 24
213.186.27.0/24 maxlen: 24
213.186.28.0/22 maxlen: 24
185.151.132.0/24 maxlen: 24
185.151.133.0/24 maxlen: 24
185.151.134.0/24 maxlen: 24
91.233.36.0/23 maxlen: 24
213.186.0.0/24 maxlen: 24
213.186.1.0/24 maxlen: 24
213.186.0.0/19 maxlen: 19
213.186.0.0/20 maxlen: 20
213.186.4.0/23 maxlen: 23
213.186.9.0/24 maxlen: 24
213.186.16.0/23 maxlen: 23
213.186.23.0/24 maxlen: 24
213.186.18.0/24 maxlen: 24
213.186.19.0/24 maxlen: 24
213.186.22.0/23 maxlen: 23
213.186.22.0/24 maxlen: 24
45.142.8.0/22 maxlen: 24
91.199.77.0/24 maxlen: 24
2a02:2608:fffe::/48 maxlen: 48
2a02:2608:fffe:1::/64 maxlen: 64
2a02:2608::/32 maxlen: 32
2a02:2608:2000::/48 maxlen: 48
2a02:2608:3000::/48 maxlen: 48
2a02:2608:1000::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 189126142 (0xb45d5fe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7d78de0234e6f99701592f536e45f5f5594eec3
Validity
Not Before: Jun 10 09:36:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fe260c4e0877cb3833853a1089e97ac160699cf3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:ca:2b:20:1f:cb:0c:c5:3c:c1:c6:b5:c2:7b:
0d:de:35:f0:a0:f5:90:26:1d:e4:d0:86:d3:89:9f:
cb:03:96:bf:41:84:3b:37:56:fa:9c:03:76:57:9d:
43:7f:b3:26:ef:cb:49:6a:cb:16:af:d3:a2:29:fa:
7f:f8:e7:18:c8:f5:f5:87:93:16:c5:5c:9d:5b:67:
9e:73:3c:66:71:93:32:e7:a0:b4:9b:0a:61:43:1a:
1b:8e:8f:a7:0e:5e:2a:f9:7d:0e:9a:50:e6:5b:bb:
0d:b9:47:3c:63:09:c5:0c:8f:cc:71:86:11:db:3a:
72:61:73:3c:10:30:86:4d:ae:d2:71:8d:36:02:11:
9f:31:25:18:a5:74:36:5d:ee:4f:70:86:c3:c5:da:
72:56:ba:fa:ef:85:f3:0a:5f:94:bc:53:82:8c:93:
9a:81:e3:7a:1c:23:ad:bd:c4:a9:65:0d:f2:2e:d2:
ab:2a:fd:1c:5b:40:d7:76:dd:14:a1:9e:67:26:20:
9e:56:a7:26:a4:0d:cf:34:5c:ff:2b:16:56:b6:ed:
f1:fe:94:ad:c3:9e:52:2f:0f:f9:1c:13:36:f4:8c:
d1:13:51:92:49:6e:95:b3:0d:da:8e:f1:7e:dd:2b:
e2:ae:6f:f1:d5:7c:86:04:f4:6d:8c:7f:a3:49:62:
dc:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:26:0C:4E:08:77:CB:38:33:85:3A:10:89:E9:7A:C1:60:69:9C:F3
X509v3 Authority Key Identifier:
keyid:A7:D7:8D:E0:23:4E:6F:99:70:15:92:F5:36:E4:5F:5F:55:94:EE:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p9eN4CNOb5lwFZL1NuRfX1WU7sM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/31aaba-ac7e-489f-877c-28d5b607a47f/1/_iYMTgh3yzgzhToQiel6wWBpnPM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/31aaba-ac7e-489f-877c-28d5b607a47f/1/p9eN4CNOb5lwFZL1NuRfX1WU7sM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.8.0/22
91.199.77.0/24
91.233.36.0/23
185.151.132.0-185.151.134.255
213.186.0.0/19
IPv6:
2a02:2608::/32
Signature Algorithm: sha256WithRSAEncryption
59:a4:bf:74:2e:bb:25:a8:9e:d5:20:4e:c0:3c:2b:ff:29:a0:
ed:da:49:14:95:c6:1b:0b:b5:39:9f:b5:af:0a:a6:b9:14:db:
ef:2e:7d:d2:a6:d3:7d:de:60:88:5b:dd:d8:a6:40:4e:45:80:
30:81:7c:97:2f:24:1e:a9:79:46:c0:09:61:ac:85:f4:90:13:
3b:57:75:26:2d:f6:1a:3d:e2:3c:8d:fc:c4:6e:b0:77:fc:ef:
fc:26:30:84:66:14:79:c7:9d:ba:e8:31:8c:83:a5:8b:28:aa:
86:d9:0d:0b:75:62:b8:dc:6c:8e:e4:99:db:43:e7:3c:d3:14:
d8:d6:65:43:47:eb:8d:46:f0:f1:c1:dd:fe:cb:2d:72:80:ab:
66:87:0f:f5:f7:02:e7:44:c0:65:5c:3d:0f:40:22:2b:88:40:
2d:af:70:b7:93:cc:94:f6:ff:b1:83:a3:7f:77:b4:ce:48:77:
4b:30:5e:d6:d8:fc:ae:48:c5:4d:9b:a6:eb:ec:80:cf:61:28:
72:56:53:a6:8e:76:87:45:61:f8:4e:a7:b2:30:0b:12:5b:0b:
95:cf:fc:39:d8:27:62:13:e1:f7:e0:6f:ad:5e:ee:58:45:ee:
6e:d8:63:41:af:46:7e:65:f3:bc:11:d0:09:fe:1e:9d:ab:cb:
ca:40:1a:d4
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgIEC0XV/jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
N2Q3OGRlMDIzNGU2Zjk5NzAxNTkyZjUzNmU0NWY1ZjU1OTRlZWMzMB4XDTIyMDYx
MDA5MzYwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmUyNjBjNGUwODc3
Y2IzODMzODUzYTEwODllOTdhYzE2MDY5OWNmMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALjKKyAfywzFPMHGtcJ7Dd418KD1kCYd5NCG04mfywOWv0GE
OzdW+pwDdledQ3+zJu/LSWrLFq/Toin6f/jnGMj19YeTFsVcnVtnnnM8ZnGTMueg
tJsKYUMaG46Ppw5eKvl9DppQ5lu7DblHPGMJxQyPzHGGEds6cmFzPBAwhk2u0nGN
NgIRnzElGKV0Nl3uT3CGw8Xacla6+u+F8wpflLxTgoyTmoHjehwjrb3EqWUN8i7S
qyr9HFtA13bdFKGeZyYgnlanJqQNzzRc/ysWVrbt8f6UrcOeUi8P+RwTNvSM0RNR
kklulbMN2o7xft0r4q5v8dV8hgT0bYx/o0li3MUCAwEAAaOCAjgwggI0MB0GA1Ud
DgQWBBT+JgxOCHfLODOFOhCJ6XrBYGmc8zAfBgNVHSMEGDAWgBSn143gI05vmXAV
kvU25F9fVZTuwzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3A5ZU40Q05PYjVsd0ZaTDFOdVJmWDFXVTdzTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDMvMzFhYWJhLWFjN2UtNDg5Zi04NzdjLTI4ZDViNjA3YTQ3Zi8x
L19pWU1UZ2gzeXpnemhUb1FpZWw2d1dCcG5QTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDMv
MzFhYWJhLWFjN2UtNDg5Zi04NzdjLTI4ZDViNjA3YTQ3Zi8xL3A5ZU40Q05PYjVs
d0ZaTDFOdVJmWDFXVTdzTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBO
BggrBgEFBQcBBwEB/wQ/MD0wLAQCAAEwJgMEAi2OCAMEAFvHTQMEAVvpJDAMAwQC
uZeEAwQAuZeGAwQF1boAMA0EAgACMAcDBQAqAiYIMA0GCSqGSIb3DQEBCwUAA4IB
AQBZpL90LrslqJ7VIE7APCv/KaDt2kkUlcYbC7U5n7WvCqa5FNvvLn3SptN93mCI
W93YpkBORYAwgXyXLyQeqXlGwAlhrIX0kBM7V3UmLfYaPeI8jfzEbrB3/O/8JjCE
ZhR5x5266DGMg6WLKKqG2Q0LdWK43GyO5JnbQ+c80xTY1mVDR+uNRvDxwd3+yy1y
gKtmhw/19wLnRMBlXD0PQCIriEAtr3C3k8yU9v+xg6N/d7TOSHdLMF7W2PyuSMVN
m6br7IDPYShyVlOmjnaHRWH4TqeyMAsSWwuVz/w52CdiE+H34G+tXu5YRe5u2GNB
r0Z+ZfO8EdAJ/h6dq8vKQBrU
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:33 2024 by rpki-client on console-ams.rpki-client.org