Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/1-QTCRSg4jLS0JJyw2jxl7oFJoUE.roa
File: 1-QTCRSg4jLS0JJyw2jxl7oFJoUE.roa (raw, json)
Hash identifier: Kzh5DG+KZ9u7HzoypJuZPBSvROOZ92h9ZyTdZUIxYEA=
Subject key identifier: F9:04:C2:45:28:38:8C:B4:B4:24:9C:B0:DA:3C:65:EE:81:49:A1:41
Certificate issuer: /CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Certificate serial: 018433B06F7A8622DA81CF38493DAB9B86BA
Authority key identifier: 11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/1-QTCRSg4jLS0JJyw2jxl7oFJoUE.roa
Signing time: Tue 01 Nov 2022 14:55:11 +0000
ROA not before: Tue 01 Nov 2022 14:55:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44477
IP address blocks: 45.84.0.0/24 maxlen: 24
185.231.207.0/24 maxlen: 24
193.57.138.0/24 maxlen: 24
93.185.166.0/24 maxlen: 24
194.4.51.0/24 maxlen: 24
45.159.250.0/24 maxlen: 24
45.159.248.0/24 maxlen: 24
45.87.154.0/24 maxlen: 24
45.8.145.0/24 maxlen: 24
45.8.144.0/24 maxlen: 24
45.67.35.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:33:b0:6f:7a:86:22:da:81:cf:38:49:3d:ab:9b:86:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Validity
Not Before: Nov 1 14:55:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f904c24528388cb4b4249cb0da3c65ee8149a141
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:a4:c6:1e:c2:d1:97:01:6c:7d:4c:72:12:c2:
5c:c3:73:d2:b1:6d:d7:08:a0:8e:3c:42:67:be:3e:
48:98:e7:2c:be:80:ac:b7:cd:f8:90:db:00:70:34:
d7:8d:b0:95:75:e7:ae:a4:e1:3d:12:b5:2c:6d:1d:
b0:0b:11:64:55:f7:bf:37:e8:d5:34:e0:f7:62:6e:
95:a5:0e:5b:89:8c:d6:84:e1:d3:07:ad:de:91:18:
45:e6:ca:ae:3f:b2:e1:d8:b4:31:be:bd:44:07:a8:
3b:a8:ec:95:4a:fc:8b:54:c1:c6:29:6f:9e:f1:fb:
d5:24:50:22:6f:15:ad:c8:64:32:18:f4:c3:23:06:
6a:d1:ad:45:98:55:d7:e2:0e:54:44:2e:0d:83:43:
ab:b2:2c:ef:6a:48:c9:90:b0:f5:a1:81:06:6b:5b:
b2:d7:fe:b4:51:3d:63:85:0d:c0:55:f5:b8:8c:cd:
49:71:4a:d7:6d:4b:7a:b8:6c:74:4f:91:8a:b2:4c:
c5:8f:f0:21:6b:f1:25:29:d1:ad:8c:d0:39:d5:e3:
b8:7a:d2:a2:47:a7:39:09:47:8d:eb:0e:68:fe:3c:
d7:84:2a:11:98:d8:5c:4b:91:0d:03:cf:a3:a0:04:
eb:64:f1:e7:99:3c:ac:9c:ed:42:72:3e:5a:9f:4c:
69:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:04:C2:45:28:38:8C:B4:B4:24:9C:B0:DA:3C:65:EE:81:49:A1:41
X509v3 Authority Key Identifier:
keyid:11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/1-QTCRSg4jLS0JJyw2jxl7oFJoUE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.144.0/23
45.67.35.0/24
45.84.0.0/24
45.87.154.0/24
45.159.248.0/24
45.159.250.0/24
93.185.166.0/24
185.231.207.0/24
193.57.138.0/24
194.4.51.0/24
Signature Algorithm: sha256WithRSAEncryption
00:b3:2e:84:2d:18:1e:ed:da:3f:ce:0a:29:b3:87:5d:97:10:
60:a1:58:22:a7:a4:52:30:a2:3d:71:96:f6:57:99:61:e7:46:
3c:c3:2c:c4:ef:75:b6:bc:67:2a:25:c2:bc:eb:94:80:70:1b:
2d:6f:bc:a3:0b:b7:f6:25:f1:52:d2:f7:ce:ea:51:5d:a4:6a:
25:db:ab:a3:39:54:e6:1a:13:37:8f:3a:1e:9b:a1:01:de:a8:
58:3e:d1:53:b1:21:b3:4f:9f:a3:62:9a:fa:d0:26:ab:65:61:
67:44:14:92:02:74:da:6b:d7:ec:19:35:7a:28:91:eb:2e:10:
73:a6:7b:86:0a:ed:37:ca:7c:8b:af:4c:4b:96:1a:72:96:8e:
88:2b:5b:4f:64:df:13:d3:77:da:88:73:2e:3d:5f:6c:48:57:
7f:43:24:4d:5e:4e:0b:eb:07:a7:e2:c4:ea:fc:98:a1:42:d8:
1b:05:55:72:e6:0a:5f:b5:7e:ef:b1:c3:b2:81:68:c8:01:87:
6a:9a:f6:31:a9:13:94:fc:dd:e9:49:75:51:2f:c9:e2:70:91:
67:fb:64:18:94:16:8d:9e:36:1b:de:25:28:d4:e3:0b:29:2a:
c7:d0:0c:9e:fd:d4:3f:be:d1:74:e3:e6:54:5e:e5:c3:3c:5a:
c4:bd:6d:1e
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgISAYQzsG96hiLagc84ST2rm4a6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYTAxMGY4N2EwNDliNmUyMWFiZWQ5YjQwOTgzYjA0ZjNm
MWM3ZTgwHhcNMjIxMTAxMTQ1NTExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTA0YzI0NTI4Mzg4Y2I0YjQyNDljYjBkYTNjNjVlZTgxNDlhMTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnqTGHsLRlwFsfUxyEsJcw3PSsW3X
CKCOPEJnvj5ImOcsvoCst834kNsAcDTXjbCVdeeupOE9ErUsbR2wCxFkVfe/N+jV
NOD3Ym6VpQ5biYzWhOHTB63ekRhF5squP7Lh2LQxvr1EB6g7qOyVSvyLVMHGKW+e
8fvVJFAibxWtyGQyGPTDIwZq0a1FmFXX4g5URC4Ng0OrsizvakjJkLD1oYEGa1uy
1/60UT1jhQ3AVfW4jM1JcUrXbUt6uGx0T5GKskzFj/Aha/ElKdGtjNA51eO4etKi
R6c5CUeN6w5o/jzXhCoRmNhcS5ENA8+joATrZPHnmTysnO1Ccj5an0xpsQIDAQAB
o4ICQDCCAjwwHQYDVR0OBBYEFPkEwkUoOIy0tCScsNo8Ze6BSaFBMB8GA1UdIwQY
MBaAFBGgEPh6BJtuIavtm0CYOwTz8cfoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUt
ZWU3NDY1NzU0ZmY2LzEvMS1RVENSU2c0akxTMEpKeXcyanhsN29GSm9VRS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNGIvZjI1ZDdjLTY2NzctNGZkYi04OThlLWVlNzQ2NTc1NGZm
Ni8xL0VhQVEtSG9FbTI0aHEtMmJRSmc3QlBQeHgtZy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBVBggrBgEFBQcBBwEB/wRGMEQwQgQCAAEwPAMEAS0IkAME
AC1DIwMEAC1UAAMEAC1XmgMEAC2f+AMEAC2f+gMEAF25pgMEALnnzwMEAME5igME
AMIEMzANBgkqhkiG9w0BAQsFAAOCAQEAALMuhC0YHu3aP84KKbOHXZcQYKFYIqek
UjCiPXGW9leZYedGPMMsxO91trxnKiXCvOuUgHAbLW+8owu39iXxUtL3zupRXaRq
JdurozlU5hoTN486HpuhAd6oWD7RU7Ehs0+fo2Ka+tAmq2VhZ0QUkgJ02mvX7Bk1
eiiR6y4Qc6Z7hgrtN8p8i69MS5YacpaOiCtbT2TfE9N32ohzLj1fbEhXf0MkTV5O
C+sHp+LE6vyYoULYGwVVcuYKX7V+77HDsoFoyAGHapr2MakTlPzd6Ul1US/J4nCR
Z/tkGJQWjZ42G94lKNTjCykqx9AMnv3UP77RdOPmVF7lwzxaxL1tHg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:42 2023 by rpki-client on console-fra.rpki-client.org