Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/2x592IO-ncjFAMyyxjJ34MNsRt0.roa
File: 2x592IO-ncjFAMyyxjJ34MNsRt0.roa (raw, json)
Hash identifier: +E7xZ4yHbqm9cx6BP4yyJS2Ii71FQx850e9kXYKAFrI=
Subject key identifier: DB:1E:7D:D8:83:BE:9D:C8:C5:00:CC:B2:C6:32:77:E0:C3:6C:46:DD
Certificate issuer: /CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Certificate serial: 0184BF9CE6FCB1E9D3CD0E98C2BFE328E212
Authority key identifier: 11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/2x592IO-ncjFAMyyxjJ34MNsRt0.roa
Signing time: Mon 28 Nov 2022 19:00:41 +0000
ROA not before: Mon 28 Nov 2022 19:00:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44477
IP address blocks: 185.231.206.0/24 maxlen: 24
185.231.205.0/24 maxlen: 24
185.231.204.0/24 maxlen: 24
185.231.207.0/24 maxlen: 24
193.57.138.0/24 maxlen: 24
93.185.166.0/24 maxlen: 24
45.87.154.0/24 maxlen: 24
45.8.145.0/24 maxlen: 24
141.98.169.0/24 maxlen: 24
45.8.144.0/24 maxlen: 24
45.84.0.0/24 maxlen: 24
45.84.1.0/24 maxlen: 24
194.4.48.0/24 maxlen: 24
194.4.51.0/24 maxlen: 24
194.4.50.0/24 maxlen: 24
194.4.49.0/24 maxlen: 24
45.159.250.0/24 maxlen: 24
45.159.249.0/24 maxlen: 24
45.159.248.0/24 maxlen: 24
45.67.35.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:bf:9c:e6:fc:b1:e9:d3:cd:0e:98:c2:bf:e3:28:e2:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Validity
Not Before: Nov 28 19:00:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=db1e7dd883be9dc8c500ccb2c63277e0c36c46dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:c2:d7:e2:5f:48:98:8f:8b:7f:97:28:4a:dd:
da:73:0b:dc:8d:3f:f0:bf:96:6f:44:3e:ff:5e:2a:
33:21:55:a0:49:ff:7f:a1:17:d9:ab:87:2d:f7:70:
71:91:8d:56:e4:11:ba:7c:4d:f9:6a:c3:56:44:11:
6f:57:38:a0:f5:e3:9e:95:a1:9f:69:9f:e7:2b:2a:
7e:5b:e4:07:e6:60:e1:18:30:b8:e5:4e:16:9c:88:
28:84:3b:7f:ec:38:c0:a0:c8:43:72:e1:3b:a2:7d:
e7:53:ef:c4:eb:28:a4:b8:8b:bd:34:ea:78:d2:18:
07:00:26:cd:3d:d9:70:64:8d:ae:13:80:2f:37:47:
44:03:8a:d9:03:8d:9d:87:36:a5:c9:88:3a:d5:16:
7e:1b:fc:85:f9:44:53:96:92:73:ca:0a:bc:4c:eb:
20:66:70:a6:16:13:fa:e5:c9:58:a4:5a:c4:87:bb:
48:fb:6b:b5:74:0f:09:35:e6:83:22:83:9a:39:c7:
5c:b5:7b:b1:0e:10:ac:33:49:7d:97:cb:ee:65:4e:
70:dd:5d:6f:55:7c:7b:75:bd:c6:da:18:08:d9:6d:
2f:7f:71:c3:c6:71:b6:b9:73:37:b6:61:60:6d:03:
45:97:f2:11:d3:71:dd:8f:c0:20:84:06:ea:d8:12:
57:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:1E:7D:D8:83:BE:9D:C8:C5:00:CC:B2:C6:32:77:E0:C3:6C:46:DD
X509v3 Authority Key Identifier:
keyid:11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/2x592IO-ncjFAMyyxjJ34MNsRt0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.144.0/23
45.67.35.0/24
45.84.0.0/23
45.87.154.0/24
45.159.248.0-45.159.250.255
93.185.166.0/24
141.98.169.0/24
185.231.204.0/22
193.57.138.0/24
194.4.48.0/22
Signature Algorithm: sha256WithRSAEncryption
a6:5e:69:c9:ca:47:21:12:48:c3:df:5e:14:c2:36:79:95:be:
d7:63:20:72:6e:5d:df:d1:e0:af:78:bb:ed:6d:e9:da:53:e8:
a0:0f:cd:aa:be:6a:d2:22:d7:9c:c1:e4:7a:82:ec:3b:71:f8:
70:e4:75:67:92:4d:58:e3:ac:e8:e4:aa:55:9c:7c:11:c3:7e:
77:8c:25:5d:a8:75:d5:a0:12:cf:24:40:f1:fd:43:6d:08:02:
e8:d3:a0:b6:56:d8:04:32:1c:0b:e9:26:92:bd:d8:f6:b5:fa:
95:52:5a:fa:07:ae:52:be:a1:3a:59:d3:23:3f:92:82:34:c4:
f1:0a:06:32:38:5c:75:11:de:9c:b5:19:c5:03:25:bf:d1:7a:
d8:06:89:06:42:0a:88:5c:fc:05:c1:88:a4:a1:c6:1e:d9:4d:
46:54:66:da:e1:c9:4c:9b:8a:f5:25:be:64:7b:8b:4d:a1:d9:
a3:02:cf:fc:13:af:2f:86:f3:ce:73:ac:74:eb:36:05:38:18:
5e:39:72:40:41:80:25:fb:b9:e5:e6:0c:ab:67:f1:8f:31:57:
48:46:23:00:18:a2:f4:9f:f9:50:aa:2c:33:82:54:ba:c0:a4:
01:29:fe:c5:b6:88:1d:41:dc:23:8a:63:88:16:30:b0:d8:e4:
bb:aa:45:bf
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAYS/nOb8senTzQ6Ywr/jKOISMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYTAxMGY4N2EwNDliNmUyMWFiZWQ5YjQwOTgzYjA0ZjNm
MWM3ZTgwHhcNMjIxMTI4MTkwMDQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjFlN2RkODgzYmU5ZGM4YzUwMGNjYjJjNjMyNzdlMGMzNmM0NmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqcLX4l9ImI+Lf5coSt3acwvcjT/w
v5ZvRD7/XiozIVWgSf9/oRfZq4ct93BxkY1W5BG6fE35asNWRBFvVzig9eOelaGf
aZ/nKyp+W+QH5mDhGDC45U4WnIgohDt/7DjAoMhDcuE7on3nU+/E6yikuIu9NOp4
0hgHACbNPdlwZI2uE4AvN0dEA4rZA42dhzalyYg61RZ+G/yF+URTlpJzygq8TOsg
ZnCmFhP65clYpFrEh7tI+2u1dA8JNeaDIoOaOcdctXuxDhCsM0l9l8vuZU5w3V1v
VXx7db3G2hgI2W0vf3HDxnG2uXM3tmFgbQNFl/IR03Hdj8AghAbq2BJXowIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFNsefdiDvp3IxQDMssYyd+DDbEbdMB8GA1UdIwQY
MBaAFBGgEPh6BJtuIavtm0CYOwTz8cfoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUt
ZWU3NDY1NzU0ZmY2LzEvMng1OTJJTy1uY2pGQU15eXhqSjM0TU5zUnQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUtZWU3NDY1NzU0ZmY2
LzEvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQBLQiQAwQA
LUMjAwQBLVQAAwQALVeaMAwDBAMtn/gDBAAtn/oDBABduaYDBACNYqkDBAK558wD
BADBOYoDBALCBDAwDQYJKoZIhvcNAQELBQADggEBAKZeacnKRyESSMPfXhTCNnmV
vtdjIHJuXd/R4K94u+1t6dpT6KAPzaq+atIi15zB5HqC7Dtx+HDkdWeSTVjjrOjk
qlWcfBHDfneMJV2oddWgEs8kQPH9Q20IAujToLZW2AQyHAvpJpK92Pa1+pVSWvoH
rlK+oTpZ0yM/koI0xPEKBjI4XHUR3py1GcUDJb/RetgGiQZCCohc/AXBiKShxh7Z
TUZUZtrhyUybivUlvmR7i02h2aMCz/wTry+G885zrHTrNgU4GF45ckBBgCX7ueXm
DKtn8Y8xV0hGIwAYovSf+VCqLDOCVLrApAEp/sW2iB1B3COKY4gWMLDY5LuqRb8=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:24 2023 by rpki-client on console-ams.rpki-client.org