Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/deic51cXk8rG5PT3SokzbIAGL_o.roa
File: deic51cXk8rG5PT3SokzbIAGL_o.roa (raw, json)
Hash identifier: It7Ay2ol35aJzxRyiRCB86u//Cs09wtOvW1TomH+d7U=
Subject key identifier: 75:E8:9C:E7:57:17:93:CA:C6:E4:F4:F7:4A:89:33:6C:80:06:2F:FA
Certificate issuer: /CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Certificate serial: 018476C04B77A1D3FCA600B5E3F8F4D255A8
Authority key identifier: 11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/deic51cXk8rG5PT3SokzbIAGL_o.roa
Signing time: Mon 14 Nov 2022 15:27:04 +0000
ROA not before: Mon 14 Nov 2022 15:27:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44477
IP address blocks: 185.231.205.0/24 maxlen: 24
185.231.204.0/24 maxlen: 24
185.231.207.0/24 maxlen: 24
193.57.138.0/24 maxlen: 24
93.185.166.0/24 maxlen: 24
45.87.154.0/24 maxlen: 24
45.8.145.0/24 maxlen: 24
45.8.144.0/24 maxlen: 24
45.84.0.0/24 maxlen: 24
194.4.48.0/24 maxlen: 24
194.4.51.0/24 maxlen: 24
194.4.49.0/24 maxlen: 24
45.159.250.0/24 maxlen: 24
45.159.248.0/24 maxlen: 24
45.67.35.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:76:c0:4b:77:a1:d3:fc:a6:00:b5:e3:f8:f4:d2:55:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Validity
Not Before: Nov 14 15:27:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=75e89ce7571793cac6e4f4f74a89336c80062ffa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:ad:f0:81:72:3a:f4:1c:5e:7f:f9:e7:62:2f:
be:97:65:e8:80:c1:55:55:0a:63:65:ae:49:61:0a:
10:fb:dd:25:0c:0a:8c:1d:c5:74:f2:32:0f:1c:52:
4a:75:74:f5:ef:d3:bf:4e:07:60:e9:f8:f9:04:23:
31:cb:0e:59:e6:07:b2:61:12:81:83:d6:9c:3b:6d:
0d:73:6c:0f:83:91:08:2a:17:ce:d4:a7:4a:3e:8e:
b0:61:5a:95:9a:b4:28:86:3a:cb:19:70:19:3e:f0:
71:8b:1b:71:e5:6e:d6:60:51:ac:7b:fa:72:68:84:
55:a7:e1:0e:05:6a:b9:e8:a9:ff:8b:3e:ba:99:9a:
65:72:f1:d3:eb:6f:b8:46:75:8f:f5:2a:90:63:13:
8a:d7:1a:98:a5:22:4f:d9:5b:78:d2:e9:ab:bc:8e:
0c:70:bd:44:cb:71:47:81:5b:f2:06:a0:af:3a:b9:
5b:d6:03:db:78:3d:03:7e:81:b2:91:dd:fd:2f:8a:
a3:73:12:11:4f:c5:df:d5:fe:1e:87:12:52:15:6f:
cb:11:dc:7f:1f:1f:e9:9c:e2:1f:01:6f:a2:2d:b2:
58:83:20:04:a1:1c:65:a3:b9:e1:3d:2f:d6:34:7d:
b4:4b:5a:bb:61:53:71:1e:a6:00:c2:cf:e2:01:e7:
b9:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:E8:9C:E7:57:17:93:CA:C6:E4:F4:F7:4A:89:33:6C:80:06:2F:FA
X509v3 Authority Key Identifier:
keyid:11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/deic51cXk8rG5PT3SokzbIAGL_o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.144.0/23
45.67.35.0/24
45.84.0.0/24
45.87.154.0/24
45.159.248.0/24
45.159.250.0/24
93.185.166.0/24
185.231.204.0/23
185.231.207.0/24
193.57.138.0/24
194.4.48.0/23
194.4.51.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:c6:d0:52:b3:cf:ee:94:cf:cc:52:b7:d3:69:a1:bc:e5:9e:
7d:ef:87:0b:0b:6a:fc:19:bb:59:82:b4:01:7f:32:0e:07:9b:
8a:5a:a8:55:17:c3:88:32:ec:6d:a3:e5:db:88:15:28:80:1a:
2f:e7:53:91:ec:a4:1b:7e:92:b8:0d:06:27:0f:bc:51:03:c9:
6d:45:ea:a7:b1:e2:b9:a0:b2:5b:55:90:9b:a8:c1:b6:1a:18:
58:2e:97:cf:df:97:4f:19:ac:99:4f:c4:67:56:f2:21:14:0d:
e8:12:9b:05:fe:57:95:9c:3c:c5:7b:7f:dd:e1:44:e4:ac:4c:
2a:aa:b9:b9:de:b2:5c:1e:1a:38:d1:3a:9d:f0:8a:3c:e2:a2:
a4:8a:ef:ca:bd:4d:63:63:72:a9:63:72:3c:3c:d9:d8:5c:19:
7d:f1:2c:c0:6a:4c:20:75:51:2b:c7:06:81:b8:ee:25:20:d6:
f3:ca:5b:a0:a9:f8:5c:3b:25:56:ab:c3:21:9f:62:76:ec:aa:
63:54:ac:f4:7d:78:1a:c9:fb:33:21:09:a7:aa:c0:12:e2:46:
ed:2b:39:56:e6:92:4c:1c:3e:ae:5a:07:be:f6:7c:c6:03:21:
80:5a:7d:99:6d:ea:a4:a7:a0:d9:ca:0e:d0:b8:49:12:5d:d3:
23:0d:3f:dd
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYR2wEt3odP8pgC14/j00lWoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYTAxMGY4N2EwNDliNmUyMWFiZWQ5YjQwOTgzYjA0ZjNm
MWM3ZTgwHhcNMjIxMTE0MTUyNzA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWU4OWNlNzU3MTc5M2NhYzZlNGY0Zjc0YTg5MzM2YzgwMDYyZmZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAja3wgXI69Bxef/nnYi++l2XogMFV
VQpjZa5JYQoQ+90lDAqMHcV08jIPHFJKdXT179O/Tgdg6fj5BCMxyw5Z5geyYRKB
g9acO20Nc2wPg5EIKhfO1KdKPo6wYVqVmrQohjrLGXAZPvBxixtx5W7WYFGse/py
aIRVp+EOBWq56Kn/iz66mZplcvHT62+4RnWP9SqQYxOK1xqYpSJP2Vt40umrvI4M
cL1Ey3FHgVvyBqCvOrlb1gPbeD0DfoGykd39L4qjcxIRT8Xf1f4ehxJSFW/LEdx/
Hx/pnOIfAW+iLbJYgyAEoRxlo7nhPS/WNH20S1q7YVNxHqYAws/iAee5TwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFHXonOdXF5PKxuT090qJM2yABi/6MB8GA1UdIwQY
MBaAFBGgEPh6BJtuIavtm0CYOwTz8cfoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUt
ZWU3NDY1NzU0ZmY2LzEvZGVpYzUxY1hrOHJHNVBUM1Nva3piSUFHTF9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUtZWU3NDY1NzU0ZmY2
LzEvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQBLQiQAwQA
LUMjAwQALVQAAwQALVeaAwQALZ/4AwQALZ/6AwQAXbmmAwQBuefMAwQAuefPAwQA
wTmKAwQBwgQwAwQAwgQzMA0GCSqGSIb3DQEBCwUAA4IBAQBLxtBSs8/ulM/MUrfT
aaG85Z5974cLC2r8GbtZgrQBfzIOB5uKWqhVF8OIMuxto+XbiBUogBov51OR7KQb
fpK4DQYnD7xRA8ltReqnseK5oLJbVZCbqMG2GhhYLpfP35dPGayZT8RnVvIhFA3o
EpsF/leVnDzFe3/d4UTkrEwqqrm53rJcHho40Tqd8Io84qKkiu/KvU1jY3KpY3I8
PNnYXBl98SzAakwgdVErxwaBuO4lINbzylugqfhcOyVWq8Mhn2J27KpjVKz0fXga
yfszIQmnqsAS4kbtKzlW5pJMHD6uWge+9nzGAyGAWn2Zbeqkp6DZyg7QuEkSXdMj
DT/d
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:24 2023 by rpki-client on console-ams.rpki-client.org