Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/uR-Hb37OOBCsKsKFs-sHSawxX3w.roa
File: uR-Hb37OOBCsKsKFs-sHSawxX3w.roa (raw, json)
Hash identifier: 9AEmdsRT+3Fr2TEgBP4nOMety5IUKYJjE8TGv+8mk8g=
Subject key identifier: B9:1F:87:6F:7E:CE:38:10:AC:2A:C2:85:B3:EB:07:49:AC:31:5F:7C
Certificate issuer: /CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Certificate serial: 0184322583638AD58C552186978772C2CEFD
Authority key identifier: 11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/uR-Hb37OOBCsKsKFs-sHSawxX3w.roa
Signing time: Tue 01 Nov 2022 07:43:50 +0000
ROA not before: Tue 01 Nov 2022 07:43:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44477
IP address blocks: 45.84.0.0/24 maxlen: 24
185.231.207.0/24 maxlen: 24
193.57.138.0/24 maxlen: 24
93.185.166.0/24 maxlen: 24
194.4.51.0/24 maxlen: 24
45.159.248.0/24 maxlen: 24
45.87.154.0/24 maxlen: 24
45.8.145.0/24 maxlen: 24
45.8.144.0/24 maxlen: 24
45.67.35.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:32:25:83:63:8a:d5:8c:55:21:86:97:87:72:c2:ce:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Validity
Not Before: Nov 1 07:43:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b91f876f7ece3810ac2ac285b3eb0749ac315f7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:b5:d5:7b:4e:b0:ff:82:cb:78:88:c1:2e:ee:
b0:7e:f8:06:30:2c:18:ae:2b:fc:c9:44:46:20:1a:
59:42:61:03:bc:5a:df:c0:67:8d:56:47:60:4f:b8:
90:ee:7a:bd:4c:bc:fa:8e:e6:b0:f8:b7:db:42:02:
de:97:d0:5c:bd:50:db:b0:61:8a:55:c2:dd:23:17:
a6:8b:10:36:e0:cb:e4:2e:65:ac:01:89:15:b0:48:
0f:b7:a0:38:8e:e1:9d:11:39:ad:97:e5:ef:7f:6c:
e5:6c:9a:6b:6d:d3:7e:2a:5b:59:32:6b:91:1a:ba:
0e:1f:7d:1c:9f:aa:06:f9:de:20:6b:d9:cc:36:c3:
bf:76:8c:39:1f:62:6a:17:c0:e8:47:b4:06:79:6c:
fe:7b:32:e0:ea:42:2e:9f:8c:0d:1c:93:e0:09:2a:
8a:10:32:e1:53:4a:5d:63:6c:65:85:34:19:58:53:
07:a7:dc:5f:1b:7a:92:30:db:15:91:1b:df:95:16:
ed:8a:e3:be:96:1c:51:e3:52:e9:8d:19:26:bd:74:
d5:84:6b:b6:48:8f:1d:23:11:4d:10:b4:50:67:1c:
46:16:15:b1:59:d6:a6:8a:95:cd:63:f4:17:a9:14:
c7:8b:a3:41:22:9b:d6:35:c0:41:c3:26:a7:72:91:
f2:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:1F:87:6F:7E:CE:38:10:AC:2A:C2:85:B3:EB:07:49:AC:31:5F:7C
X509v3 Authority Key Identifier:
keyid:11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/uR-Hb37OOBCsKsKFs-sHSawxX3w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.144.0/23
45.67.35.0/24
45.84.0.0/24
45.87.154.0/24
45.159.248.0/24
93.185.166.0/24
185.231.207.0/24
193.57.138.0/24
194.4.51.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:b5:46:d3:8d:11:e9:8d:e5:40:f2:73:17:9a:60:e8:dd:b2:
e1:c5:cd:1d:65:0b:38:9b:d6:1f:56:d5:20:4b:9f:f8:3f:f9:
32:b3:3b:55:ee:a9:dd:2e:91:4f:20:8a:5d:56:6b:a5:a0:a9:
79:01:9b:36:72:43:30:68:13:ae:04:0e:cb:32:75:31:0b:38:
e0:21:d2:3a:f2:10:ef:ab:82:08:b3:4b:a0:2f:b6:fa:18:a4:
8b:21:06:6f:5e:4f:83:7d:79:90:cf:1e:d5:b4:63:65:fd:e1:
b6:e5:5c:ec:8b:be:bf:07:48:09:a7:33:59:5f:fa:2a:32:29:
e7:bd:36:86:6d:38:f8:55:8e:64:a2:a3:77:3b:cc:69:18:8f:
45:a0:9b:ee:35:a2:82:a2:22:57:fd:d6:60:1d:5b:f9:2b:0d:
10:6c:52:5f:95:38:a3:32:63:71:78:03:78:7c:57:fe:3c:ef:
5e:e9:4f:46:92:b1:86:c2:74:a6:eb:52:99:b7:7f:e0:22:a0:
c2:58:00:61:c2:01:cd:59:5b:4d:9c:de:f9:ef:f7:b8:96:ff:
a9:61:96:e3:3a:f1:4a:5d:9b:45:30:07:2d:b3:02:f8:58:06:
42:81:5d:1e:b4:39:29:23:db:6d:84:a8:71:19:c1:03:ff:1d:
87:61:4f:f9
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYQyJYNjitWMVSGGl4dyws79MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYTAxMGY4N2EwNDliNmUyMWFiZWQ5YjQwOTgzYjA0ZjNm
MWM3ZTgwHhcNMjIxMTAxMDc0MzUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTFmODc2ZjdlY2UzODEwYWMyYWMyODViM2ViMDc0OWFjMzE1ZjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn7XVe06w/4LLeIjBLu6wfvgGMCwY
riv8yURGIBpZQmEDvFrfwGeNVkdgT7iQ7nq9TLz6juaw+LfbQgLel9BcvVDbsGGK
VcLdIxemixA24MvkLmWsAYkVsEgPt6A4juGdETmtl+Xvf2zlbJprbdN+KltZMmuR
GroOH30cn6oG+d4ga9nMNsO/dow5H2JqF8DoR7QGeWz+ezLg6kIun4wNHJPgCSqK
EDLhU0pdY2xlhTQZWFMHp9xfG3qSMNsVkRvflRbtiuO+lhxR41LpjRkmvXTVhGu2
SI8dIxFNELRQZxxGFhWxWdamipXNY/QXqRTHi6NBIpvWNcBBwyancpHyfwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFLkfh29+zjgQrCrChbPrB0msMV98MB8GA1UdIwQY
MBaAFBGgEPh6BJtuIavtm0CYOwTz8cfoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUt
ZWU3NDY1NzU0ZmY2LzEvdVItSGIzN09PQkNzS3NLRnMtc0hTYXd4WDN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUtZWU3NDY1NzU0ZmY2
LzEvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQBLQiQAwQA
LUMjAwQALVQAAwQALVeaAwQALZ/4AwQAXbmmAwQAuefPAwQAwTmKAwQAwgQzMA0G
CSqGSIb3DQEBCwUAA4IBAQAvtUbTjRHpjeVA8nMXmmDo3bLhxc0dZQs4m9YfVtUg
S5/4P/kysztV7qndLpFPIIpdVmuloKl5AZs2ckMwaBOuBA7LMnUxCzjgIdI68hDv
q4IIs0ugL7b6GKSLIQZvXk+DfXmQzx7VtGNl/eG25Vzsi76/B0gJpzNZX/oqMinn
vTaGbTj4VY5koqN3O8xpGI9FoJvuNaKCoiJX/dZgHVv5Kw0QbFJflTijMmNxeAN4
fFf+PO9e6U9GkrGGwnSm61KZt3/gIqDCWABhwgHNWVtNnN757/e4lv+pYZbjOvFK
XZtFMActswL4WAZCgV0etDkpI9tthKhxGcED/x2HYU/5
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:24 2023 by rpki-client on console-ams.rpki-client.org