Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/bf2d8c-e38b-463a-b26b-ecf2217f9867/1/_OC41JIa_fC-ti2-KmtV-ZUomV4.roa
File: _OC41JIa_fC-ti2-KmtV-ZUomV4.roa (raw, json)
Hash identifier: /gIy7NH2906jzp/ecVFmZvwSKcCAGk/MBCZTG1oeQ34=
Subject key identifier: FC:E0:B8:D4:92:1A:FD:F0:BE:B6:2D:BE:2A:6B:55:F9:95:28:99:5E
Certificate issuer: /CN=c4fbe8422432727d3874b1564baeac8a80557b2d
Certificate serial: 0740CB59
Authority key identifier: C4:FB:E8:42:24:32:72:7D:38:74:B1:56:4B:AE:AC:8A:80:55:7B:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xPvoQiQycn04dLFWS66sioBVey0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/bf2d8c-e38b-463a-b26b-ecf2217f9867/1/_OC41JIa_fC-ti2-KmtV-ZUomV4.roa
Signing time: Sat 01 Jan 2022 02:02:09 +0000
ROA not before: Sat 01 Jan 2022 02:02:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42201
IP address blocks: 91.240.64.0/24 maxlen: 24
91.240.65.0/24 maxlen: 24
45.130.84.0/24 maxlen: 24
45.130.85.0/24 maxlen: 24
45.130.87.0/24 maxlen: 24
45.148.7.0/24 maxlen: 24
45.148.5.0/24 maxlen: 24
45.130.86.0/24 maxlen: 24
2a10:a000:4::/48 maxlen: 48
2a10:a000:5::/48 maxlen: 48
2a10:a000:3::/48 maxlen: 48
2a10:a000:2::/48 maxlen: 48
2a10:a000::/48 maxlen: 48
2a10:a000:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 121686873 (0x740cb59)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4fbe8422432727d3874b1564baeac8a80557b2d
Validity
Not Before: Jan 1 02:02:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fce0b8d4921afdf0beb62dbe2a6b55f99528995e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:9c:f1:79:db:d2:18:ec:ca:e9:93:bb:25:a2:
e9:0f:3e:72:47:06:28:29:8a:96:64:27:e6:aa:ac:
5c:eb:2d:c6:e6:b6:70:c5:ce:65:e4:53:7d:25:42:
f3:0e:79:40:e2:10:2c:7b:4e:60:b2:ad:43:2a:a1:
db:33:ab:61:50:12:32:d0:01:08:a7:cf:25:a9:a6:
5c:d6:47:35:74:4b:5d:9d:cf:5e:4b:2f:30:57:7a:
c2:af:2a:ed:73:d3:a6:6f:3e:b0:aa:e9:0b:25:29:
e9:a3:3a:21:4b:0d:84:d2:48:d2:01:3a:c9:71:c5:
00:05:e6:00:f9:da:19:e5:c1:1c:0f:e7:ce:ab:15:
ec:4c:39:8e:8d:f7:fe:e0:21:10:25:4d:e5:a8:8e:
0a:00:45:bf:53:be:8c:42:88:a1:1f:f1:ab:31:7a:
f5:80:3d:35:36:1e:32:21:55:69:a1:ad:a4:75:51:
e3:54:39:d2:b1:a3:ad:39:29:fb:ed:8b:e5:ad:db:
cf:8a:8d:2c:81:e2:88:d9:d6:b7:0a:fd:ef:5e:b6:
8b:a6:70:61:e6:f8:9c:32:83:f4:7f:f7:16:31:e2:
ae:2c:26:cc:6e:4a:1a:47:aa:e5:76:e5:19:a5:a6:
3c:96:d4:80:6c:c0:41:01:04:81:a2:33:21:08:10:
b3:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:E0:B8:D4:92:1A:FD:F0:BE:B6:2D:BE:2A:6B:55:F9:95:28:99:5E
X509v3 Authority Key Identifier:
keyid:C4:FB:E8:42:24:32:72:7D:38:74:B1:56:4B:AE:AC:8A:80:55:7B:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xPvoQiQycn04dLFWS66sioBVey0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/bf2d8c-e38b-463a-b26b-ecf2217f9867/1/_OC41JIa_fC-ti2-KmtV-ZUomV4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/bf2d8c-e38b-463a-b26b-ecf2217f9867/1/xPvoQiQycn04dLFWS66sioBVey0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.130.84.0/22
45.148.5.0/24
45.148.7.0/24
91.240.64.0/23
IPv6:
2a10:a000::-2a10:a000:5:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
55:f6:38:f8:03:e3:13:47:c4:42:e4:a2:9d:7a:88:76:e2:5d:
6f:bd:de:8d:d8:70:97:bc:24:fd:2b:16:75:cc:da:af:c5:fa:
2e:d5:9f:03:0a:c7:c0:97:b3:b5:72:44:65:62:40:6f:df:1a:
3f:11:f2:b7:61:4a:63:d4:5d:02:7c:66:e4:6e:62:fe:ac:ba:
35:06:27:d3:c1:70:4d:48:b5:a8:72:cf:1d:5e:28:9f:b6:1d:
4d:29:c2:ff:09:96:82:fa:f9:3e:20:a4:8a:ac:29:fb:18:63:
a9:d1:62:e4:19:cf:f3:1d:e6:c0:f0:6c:d8:c8:dd:a2:7b:b3:
e1:83:28:9f:79:e8:87:ec:7e:64:c8:4a:54:b8:9f:2f:52:7c:
3c:2c:7e:33:97:24:a0:98:4c:9a:9c:da:db:fd:b1:24:9a:9e:
12:fd:dd:ff:d0:0d:8d:58:6e:ef:4b:b2:b5:e8:55:cc:3c:b5:
03:98:42:f3:53:20:8b:5e:4a:fb:13:2a:6a:d6:df:15:32:4e:
8c:db:66:59:43:3b:b6:52:b2:a4:83:d0:c6:46:f2:27:84:78:
31:73:c9:0a:83:3d:36:7f:d3:b1:33:3f:94:e4:12:1c:3c:e1:
37:af:e6:71:c1:5c:87:b8:1d:17:a0:70:8a:5f:49:3f:0d:bd:
19:42:3a:81
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgIEB0DLWTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NGZiZTg0MjI0MzI3MjdkMzg3NGIxNTY0YmFlYWM4YTgwNTU3YjJkMB4XDTIyMDEw
MTAyMDIwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmNlMGI4ZDQ5MjFh
ZmRmMGJlYjYyZGJlMmE2YjU1Zjk5NTI4OTk1ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL6c8Xnb0hjsyumTuyWi6Q8+ckcGKCmKlmQn5qqsXOstxua2
cMXOZeRTfSVC8w55QOIQLHtOYLKtQyqh2zOrYVASMtABCKfPJammXNZHNXRLXZ3P
XksvMFd6wq8q7XPTpm8+sKrpCyUp6aM6IUsNhNJI0gE6yXHFAAXmAPnaGeXBHA/n
zqsV7Ew5jo33/uAhECVN5aiOCgBFv1O+jEKIoR/xqzF69YA9NTYeMiFVaaGtpHVR
41Q50rGjrTkp++2L5a3bz4qNLIHiiNnWtwr97162i6ZwYeb4nDKD9H/3FjHiriwm
zG5KGkeq5XblGaWmPJbUgGzAQQEEgaIzIQgQs6kCAwEAAaOCAjQwggIwMB0GA1Ud
DgQWBBT84LjUkhr98L62Lb4qa1X5lSiZXjAfBgNVHSMEGDAWgBTE++hCJDJyfTh0
sVZLrqyKgFV7LTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3hQdm9RaVF5Y24wNGRMRldTNjZzaW9CVmV5MC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDMvYmYyZDhjLWUzOGItNDYzYS1iMjZiLWVjZjIyMTdmOTg2Ny8x
L19PQzQxSklhX2ZDLXRpMi1LbXRWLVpVb21WNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDMv
YmYyZDhjLWUzOGItNDYzYS1iMjZiLWVjZjIyMTdmOTg2Ny8xL3hQdm9RaVF5Y24w
NGRMRldTNjZzaW9CVmV5MC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBK
BggrBgEFBQcBBwEB/wQ7MDkwHgQCAAEwGAMEAi2CVAMEAC2UBQMEAC2UBwMEAVvw
QDAXBAIAAjARMA8DBAUqEKADBwEqEKAAAAQwDQYJKoZIhvcNAQELBQADggEBAFX2
OPgD4xNHxELkop16iHbiXW+93o3YcJe8JP0rFnXM2q/F+i7VnwMKx8CXs7VyRGVi
QG/fGj8R8rdhSmPUXQJ8ZuRuYv6sujUGJ9PBcE1Itahyzx1eKJ+2HU0pwv8JloL6
+T4gpIqsKfsYY6nRYuQZz/Md5sDwbNjI3aJ7s+GDKJ956IfsfmTISlS4ny9SfDws
fjOXJKCYTJqc2tv9sSSanhL93f/QDY1Ybu9LsrXoVcw8tQOYQvNTIIteSvsTKmrW
3xUyTozbZllDO7ZSsqSD0MZG8ieEeDFzyQqDPTZ/07EzP5TkEhw84Tev5nHBXIe4
HRegcIpfST8NvRlCOoE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:14 2024 by rpki-client on console-fra.rpki-client.org