Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/0_xizzRGivCDb6UMxNdQ-uQ4mYY.roa
File: 0_xizzRGivCDb6UMxNdQ-uQ4mYY.roa (raw, json)
Hash identifier: 6F+cgjZ0C+ARAfclvR8V5PNMgStXHSMGBPva2MHXoJg=
Subject key identifier: D3:FC:62:CF:34:46:8A:F0:83:6F:A5:0C:C4:D7:50:FA:E4:38:99:86
Certificate issuer: /CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Certificate serial: 0183A33695C608D8580B4AAC4ED2848DA410
Authority key identifier: 11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/0_xizzRGivCDb6UMxNdQ-uQ4mYY.roa
Signing time: Tue 04 Oct 2022 13:36:46 +0000
ROA not before: Tue 04 Oct 2022 13:36:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44477
IP address blocks: 45.84.0.0/24 maxlen: 24
193.57.138.0/24 maxlen: 24
93.185.166.0/24 maxlen: 24
45.159.248.0/24 maxlen: 24
45.87.154.0/24 maxlen: 24
45.8.145.0/24 maxlen: 24
45.8.144.0/24 maxlen: 24
45.67.35.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:a3:36:95:c6:08:d8:58:0b:4a:ac:4e:d2:84:8d:a4:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Validity
Not Before: Oct 4 13:36:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d3fc62cf34468af0836fa50cc4d750fae4389986
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:5f:a8:3d:e6:5d:90:a6:77:66:11:8e:7c:83:
82:7e:a9:4a:43:b8:b6:c3:c3:50:ce:0b:48:5b:3a:
dd:11:ed:86:40:e7:7d:dc:7f:b5:62:57:26:d8:52:
7b:fb:f0:fd:ec:2a:d8:2a:b1:5f:bb:8a:76:dc:cb:
1e:b5:f7:74:9a:20:05:63:59:2a:b0:47:c5:30:9f:
b9:b1:79:1e:e1:da:2e:44:91:df:43:89:cd:40:4d:
b2:b8:f9:54:fd:42:68:66:61:f2:90:e9:c9:2e:82:
86:ac:cb:ec:e1:76:87:94:e9:b4:d1:ba:67:75:49:
f7:7e:87:fc:67:66:ee:76:cd:18:4a:36:fa:68:79:
fb:c4:2a:8a:45:f6:91:1f:f1:cf:9b:d2:8f:d4:4c:
b8:dd:d5:5f:10:53:5d:7d:4a:57:a9:ee:a7:f5:d4:
f5:57:31:8b:b3:4b:37:22:89:39:09:c2:f2:e3:de:
07:53:13:5e:4a:07:26:fe:9d:bf:70:0d:e3:53:b4:
d1:70:bc:51:2e:00:9d:af:24:56:1e:56:1a:63:a4:
22:36:5e:4d:e6:74:af:8a:33:45:03:88:31:a0:50:
81:4e:24:02:64:86:92:f1:78:5c:18:17:3a:8f:cb:
84:36:f2:75:29:1b:99:37:58:ee:6c:aa:d5:07:23:
4c:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:FC:62:CF:34:46:8A:F0:83:6F:A5:0C:C4:D7:50:FA:E4:38:99:86
X509v3 Authority Key Identifier:
keyid:11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/0_xizzRGivCDb6UMxNdQ-uQ4mYY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.144.0/23
45.67.35.0/24
45.84.0.0/24
45.87.154.0/24
45.159.248.0/24
93.185.166.0/24
193.57.138.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:2a:d6:d7:4c:3c:1a:01:a2:c4:6e:16:00:6f:bb:3b:b4:8c:
a3:12:28:39:aa:3d:db:32:dd:08:24:cd:9e:e7:8f:c4:ff:fc:
72:17:8c:69:e1:fe:e4:db:5f:e8:47:ce:f1:9c:42:72:78:45:
ab:f2:0a:2b:7c:09:15:c7:fa:58:7b:12:87:b7:75:c4:d3:25:
d8:91:ac:5d:35:5d:e2:53:3a:37:4d:83:81:74:81:58:d3:42:
07:7a:b5:de:45:77:20:66:2a:af:e5:c7:55:90:21:31:6a:8b:
3b:00:9e:74:58:06:f4:fc:b8:a9:a4:c9:9d:ab:ef:2b:52:9f:
1a:af:b1:1f:54:1d:e7:81:6b:85:c2:a3:f7:2d:b6:b7:8f:3e:
90:e2:6e:27:8f:89:58:6e:e0:c1:f7:e1:02:a7:1d:d5:52:2e:
4d:92:32:a8:b1:f5:68:d5:b8:16:5c:8f:5e:68:13:58:65:84:
76:fe:27:e9:d0:b6:00:3a:9f:86:1d:eb:f0:d0:3f:33:b8:d3:
f9:3f:f1:a4:8c:f3:57:db:c9:f3:a7:cf:1f:77:da:1a:38:72:
23:eb:4d:e4:d4:84:04:12:08:34:58:88:3e:ca:68:21:59:61:
ef:39:ef:4b:ef:b6:d5:45:8b:58:c5:02:6b:5c:b7:8e:a1:62:
9d:64:c4:55
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYOjNpXGCNhYC0qsTtKEjaQQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYTAxMGY4N2EwNDliNmUyMWFiZWQ5YjQwOTgzYjA0ZjNm
MWM3ZTgwHhcNMjIxMDA0MTMzNjQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkM2ZjNjJjZjM0NDY4YWYwODM2ZmE1MGNjNGQ3NTBmYWU0Mzg5OTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkF+oPeZdkKZ3ZhGOfIOCfqlKQ7i2
w8NQzgtIWzrdEe2GQOd93H+1Ylcm2FJ7+/D97CrYKrFfu4p23Msetfd0miAFY1kq
sEfFMJ+5sXke4douRJHfQ4nNQE2yuPlU/UJoZmHykOnJLoKGrMvs4XaHlOm00bpn
dUn3fof8Z2buds0YSjb6aHn7xCqKRfaRH/HPm9KP1Ey43dVfEFNdfUpXqe6n9dT1
VzGLs0s3Iok5CcLy494HUxNeSgcm/p2/cA3jU7TRcLxRLgCdryRWHlYaY6QiNl5N
5nSvijNFA4gxoFCBTiQCZIaS8XhcGBc6j8uENvJ1KRuZN1jubKrVByNM1wIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFNP8Ys80Rorwg2+lDMTXUPrkOJmGMB8GA1UdIwQY
MBaAFBGgEPh6BJtuIavtm0CYOwTz8cfoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUt
ZWU3NDY1NzU0ZmY2LzEvMF94aXp6UkdpdkNEYjZVTXhOZFEtdVE0bVlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUtZWU3NDY1NzU0ZmY2
LzEvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBLQiQAwQA
LUMjAwQALVQAAwQALVeaAwQALZ/4AwQAXbmmAwQAwTmKMA0GCSqGSIb3DQEBCwUA
A4IBAQBuKtbXTDwaAaLEbhYAb7s7tIyjEig5qj3bMt0IJM2e54/E//xyF4xp4f7k
21/oR87xnEJyeEWr8gorfAkVx/pYexKHt3XE0yXYkaxdNV3iUzo3TYOBdIFY00IH
erXeRXcgZiqv5cdVkCExaos7AJ50WAb0/LippMmdq+8rUp8ar7EfVB3ngWuFwqP3
Lba3jz6Q4m4nj4lYbuDB9+ECpx3VUi5NkjKosfVo1bgWXI9eaBNYZYR2/ifp0LYA
Op+GHevw0D8zuNP5P/GkjPNX28nzp88fd9oaOHIj603k1IQEEgg0WIg+ymghWWHv
Oe9L77bVRYtYxQJrXLeOoWKdZMRV
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:42 2023 by rpki-client on console-fra.rpki-client.org