Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/cde757-7672-4720-8ce1-6e26b91f6910/1/a08ATCtyVr519a-mwyY0f0xD_T8.roa
File: a08ATCtyVr519a-mwyY0f0xD_T8.roa (raw, json)
Hash identifier: kHSFJhKxIP57yXJ8rqq0fCVmmasds60aPt7ZBzfue4Q=
Subject key identifier: 6B:4F:00:4C:2B:72:56:BE:75:F5:AF:A6:C3:26:34:7F:4C:43:FD:3F
Certificate issuer: /CN=d94bddafb5df098419020a8fbc7a90b16e341d63
Certificate serial: 037D0F92
Authority key identifier: D9:4B:DD:AF:B5:DF:09:84:19:02:0A:8F:BC:7A:90:B1:6E:34:1D:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2Uvdr7XfCYQZAgqPvHqQsW40HWM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/cde757-7672-4720-8ce1-6e26b91f6910/1/a08ATCtyVr519a-mwyY0f0xD_T8.roa
Signing time: Sat 01 Jan 2022 02:01:44 +0000
ROA not before: Sat 01 Jan 2022 02:01:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58073
IP address blocks: 45.145.252.0/22 maxlen: 22
193.104.186.0/24 maxlen: 24
45.152.192.0/22 maxlen: 22
37.220.32.0/21 maxlen: 21
45.10.116.0/22 maxlen: 22
45.129.176.0/22 maxlen: 22
185.38.12.0/22 maxlen: 22
2.58.20.0/22 maxlen: 22
45.82.44.0/22 maxlen: 22
45.88.16.0/22 maxlen: 22
45.93.32.0/22 maxlen: 22
46.182.104.0/24 maxlen: 24
46.182.105.0/24 maxlen: 24
46.182.108.0/24 maxlen: 24
46.182.106.0/24 maxlen: 24
46.182.107.0/24 maxlen: 24
46.182.111.0/24 maxlen: 24
46.182.109.0/24 maxlen: 24
46.182.110.0/24 maxlen: 24
2a02:2a38::/32 maxlen: 32
2a02:2a38:37::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 58527634 (0x37d0f92)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d94bddafb5df098419020a8fbc7a90b16e341d63
Validity
Not Before: Jan 1 02:01:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6b4f004c2b7256be75f5afa6c326347f4c43fd3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:b5:89:73:8a:9f:0f:21:3e:19:3b:83:53:8c:
45:93:6f:c7:38:b2:c1:00:d7:cf:00:e6:a1:f7:2b:
fa:d2:31:2b:92:29:5a:87:4d:0f:8d:a0:fe:cd:5e:
b3:6a:7d:4c:f7:86:bd:4c:b7:9a:7d:59:27:66:4e:
fa:f4:e3:40:aa:4a:5e:a8:b1:76:28:84:4f:a5:88:
4e:68:ff:2f:88:25:18:c6:7a:a3:72:12:a2:f7:f7:
08:ea:b1:67:0e:40:03:69:ab:ca:76:18:b4:7b:27:
33:ef:c6:6f:ee:df:e9:50:5b:87:0c:17:81:7e:f3:
d4:1c:3d:76:65:d0:d2:8e:e8:37:a0:d5:69:40:1e:
83:2e:48:61:ad:d7:b7:68:fb:2b:2a:40:07:cf:69:
2e:2d:30:dc:9f:51:ec:5e:2e:04:7a:1f:69:c1:fb:
b7:65:70:81:aa:fb:38:07:f9:a2:93:cd:a7:83:1a:
f1:1e:58:f0:32:9f:e2:96:c7:16:3b:df:39:3d:57:
76:32:ba:9d:fe:a7:67:1a:5c:22:a3:e2:64:f3:71:
cb:e4:ae:47:ab:d4:3b:32:2e:37:af:d5:9b:48:f8:
c2:7a:b2:32:6a:cb:c4:c6:3a:36:88:fe:d2:74:cf:
a8:d4:a5:fe:96:fb:52:f2:43:21:72:8e:29:c1:58:
77:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:4F:00:4C:2B:72:56:BE:75:F5:AF:A6:C3:26:34:7F:4C:43:FD:3F
X509v3 Authority Key Identifier:
keyid:D9:4B:DD:AF:B5:DF:09:84:19:02:0A:8F:BC:7A:90:B1:6E:34:1D:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Uvdr7XfCYQZAgqPvHqQsW40HWM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/cde757-7672-4720-8ce1-6e26b91f6910/1/a08ATCtyVr519a-mwyY0f0xD_T8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/cde757-7672-4720-8ce1-6e26b91f6910/1/2Uvdr7XfCYQZAgqPvHqQsW40HWM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.20.0/22
37.220.32.0/21
45.10.116.0/22
45.82.44.0/22
45.88.16.0/22
45.93.32.0/22
45.129.176.0/22
45.145.252.0/22
45.152.192.0/22
46.182.104.0/21
185.38.12.0/22
193.104.186.0/24
IPv6:
2a02:2a38::/32
Signature Algorithm: sha256WithRSAEncryption
7b:27:aa:90:2c:4f:a5:42:fb:d2:8e:a5:25:d3:60:71:41:bb:
4e:7f:41:73:d6:b9:6c:ee:0f:ea:f6:eb:4a:3b:df:13:db:7c:
5d:3a:34:df:80:8a:78:ca:f5:70:05:72:b2:c9:ec:3f:ed:8e:
51:7b:2f:24:6c:6f:fe:74:81:ed:b0:6a:25:9a:17:a3:e8:13:
65:3d:24:78:dd:9a:8f:da:a2:b0:28:5f:eb:61:27:fa:40:85:
2c:71:81:c3:aa:8e:e6:51:64:ed:f9:83:d6:4a:23:50:b1:7b:
c4:26:33:de:54:83:8e:78:24:e7:21:06:17:5b:48:b2:1e:1f:
63:08:39:cd:34:93:bc:e3:5b:3a:bb:d0:12:45:09:77:f7:4f:
b4:f4:2a:5e:fe:a5:b7:af:82:51:87:8f:2b:a7:75:c3:75:62:
2e:81:6d:a5:7c:49:22:e8:7b:fa:7f:ac:1d:6c:19:72:f4:8e:
df:41:ac:0f:c2:83:78:9e:61:d1:b2:9c:85:77:5a:61:e5:f4:
95:76:61:29:6e:8f:c6:c5:99:db:03:7b:56:f2:3a:6d:76:b9:
c8:a8:62:35:6e:3b:94:6c:46:6d:b9:12:ab:c5:82:29:0c:4e:
86:d3:ee:93:57:eb:5f:fc:0f:2e:f8:d7:23:dd:f7:b0:0e:4a:
28:a3:b5:04
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIEA30PkjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
OTRiZGRhZmI1ZGYwOTg0MTkwMjBhOGZiYzdhOTBiMTZlMzQxZDYzMB4XDTIyMDEw
MTAyMDE0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmI0ZjAwNGMyYjcy
NTZiZTc1ZjVhZmE2YzMyNjM0N2Y0YzQzZmQzZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKe1iXOKnw8hPhk7g1OMRZNvxziywQDXzwDmofcr+tIxK5Ip
WodND42g/s1es2p9TPeGvUy3mn1ZJ2ZO+vTjQKpKXqixdiiET6WITmj/L4glGMZ6
o3ISovf3COqxZw5AA2mrynYYtHsnM+/Gb+7f6VBbhwwXgX7z1Bw9dmXQ0o7oN6DV
aUAegy5IYa3Xt2j7KypAB89pLi0w3J9R7F4uBHofacH7t2Vwgar7OAf5opPNp4Ma
8R5Y8DKf4pbHFjvfOT1XdjK6nf6nZxpcIqPiZPNxy+SuR6vUOzIuN6/Vm0j4wnqy
MmrLxMY6Noj+0nTPqNSl/pb7UvJDIXKOKcFYd+cCAwEAAaOCAlowggJWMB0GA1Ud
DgQWBBRrTwBMK3JWvnX1r6bDJjR/TEP9PzAfBgNVHSMEGDAWgBTZS92vtd8JhBkC
Co+8epCxbjQdYzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJVdmRyN1hmQ1lRWkFncVB2SHFRc1c0MEhXTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDUvY2RlNzU3LTc2NzItNDcyMC04Y2UxLTZlMjZiOTFmNjkxMC8x
L2EwOEFUQ3R5VnI1MTlhLW13eVkwZjB4RF9UOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDUv
Y2RlNzU3LTc2NzItNDcyMC04Y2UxLTZlMjZiOTFmNjkxMC8xLzJVdmRyN1hmQ1lR
WkFncVB2SHFRc1c0MEhXTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBw
BggrBgEFBQcBBwEB/wRhMF8wTgQCAAEwSAMEAgI6FAMEAyXcIAMEAi0KdAMEAi1S
LAMEAi1YEAMEAi1dIAMEAi2BsAMEAi2R/AMEAi2YwAMEAy62aAMEArkmDAMEAMFo
ujANBAIAAjAHAwUAKgIqODANBgkqhkiG9w0BAQsFAAOCAQEAeyeqkCxPpUL70o6l
JdNgcUG7Tn9Bc9a5bO4P6vbrSjvfE9t8XTo034CKeMr1cAVyssnsP+2OUXsvJGxv
/nSB7bBqJZoXo+gTZT0keN2aj9qisChf62En+kCFLHGBw6qO5lFk7fmD1kojULF7
xCYz3lSDjngk5yEGF1tIsh4fYwg5zTSTvONbOrvQEkUJd/dPtPQqXv6lt6+CUYeP
K6d1w3ViLoFtpXxJIuh7+n+sHWwZcvSO30GsD8KDeJ5h0bKchXdaYeX0lXZhKW6P
xsWZ2wN7VvI6bXa5yKhiNW47lGxGbbkSq8WCKQxOhtPuk1frX/wPLvjXI933sA5K
KKO1BA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:20 2023 by rpki-client on console-fra.rpki-client.org