Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/321ea6-eff7-4514-ab2d-5b4b85fd5ae5/1/lxUJjueFp6rFUIPD2TYcuvtLfQw.roa
File: lxUJjueFp6rFUIPD2TYcuvtLfQw.roa (raw, json)
Hash identifier: 0ng0UrpmF0u9rBKQ0xeCSwyAbe5Wrx/ionBL3MIz2bE=
Subject key identifier: 97:15:09:8E:E7:85:A7:AA:C5:50:83:C3:D9:36:1C:BA:FB:4B:7D:0C
Certificate issuer: /CN=f1b8bbb1e186a599d4cc058cabf4df0e252f31fa
Certificate serial: 0184239CDD415A38FC86619C8E7E73B4C2F0
Authority key identifier: F1:B8:BB:B1:E1:86:A5:99:D4:CC:05:8C:AB:F4:DF:0E:25:2F:31:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8bi7seGGpZnUzAWMq_TfDiUvMfo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/321ea6-eff7-4514-ab2d-5b4b85fd5ae5/1/lxUJjueFp6rFUIPD2TYcuvtLfQw.roa
Signing time: Sat 29 Oct 2022 11:59:53 +0000
ROA not before: Sat 29 Oct 2022 11:59:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56971
IP address blocks: 45.154.3.0/24 maxlen: 32
45.152.84.0/24 maxlen: 32
45.154.1.0/24 maxlen: 32
45.154.2.0/24 maxlen: 32
45.152.86.0/24 maxlen: 32
193.43.72.0/24 maxlen: 32
45.152.112.0/24 maxlen: 32
45.11.92.0/24 maxlen: 32
45.152.113.0/24 maxlen: 32
193.242.145.0/24 maxlen: 32
45.145.6.0/24 maxlen: 32
45.145.7.0/24 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:23:9c:dd:41:5a:38:fc:86:61:9c:8e:7e:73:b4:c2:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1b8bbb1e186a599d4cc058cabf4df0e252f31fa
Validity
Not Before: Oct 29 11:59:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9715098ee785a7aac55083c3d9361cbafb4b7d0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:3b:cd:fa:dd:d0:5c:56:b3:93:bc:a7:2f:43:
85:9a:d2:d8:09:a5:f6:a9:ae:ba:db:79:f4:c0:ad:
cd:9e:4b:f2:ad:3a:92:6f:f9:88:81:bd:65:87:dd:
1d:60:0b:c7:8a:37:58:75:7c:23:b4:bf:d5:9b:ae:
2b:3e:33:74:0b:20:62:9b:97:ee:0a:51:d8:3c:4a:
ea:55:72:37:71:58:5d:22:52:15:02:13:94:c7:d4:
91:96:f2:e3:4c:1a:a9:5e:92:fa:8b:71:e5:8f:24:
d2:0d:21:50:ce:4a:6f:f3:86:46:c0:6d:8a:a4:dc:
c8:f3:55:7e:da:1f:29:11:40:d1:1a:23:19:e0:84:
c8:3d:3c:56:ed:cf:5f:ea:64:7f:f1:e9:cf:21:31:
e9:41:c5:55:6b:48:be:92:33:54:2c:54:e4:a8:fd:
c2:a0:6d:29:76:ec:6f:0f:38:2c:ea:86:70:f3:ee:
ea:95:48:f3:a6:17:50:fb:2e:6b:59:79:92:c0:79:
db:7b:86:d8:1e:fb:3a:8f:bf:77:37:da:62:f3:39:
b0:32:21:8f:a8:68:11:fd:82:a8:c9:74:bd:e6:71:
71:e2:44:a5:1a:4c:a3:38:ac:f4:0b:ce:c9:fe:2f:
a4:af:b8:4b:a2:b4:09:73:ff:19:6b:b8:a8:56:9d:
e3:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:15:09:8E:E7:85:A7:AA:C5:50:83:C3:D9:36:1C:BA:FB:4B:7D:0C
X509v3 Authority Key Identifier:
keyid:F1:B8:BB:B1:E1:86:A5:99:D4:CC:05:8C:AB:F4:DF:0E:25:2F:31:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8bi7seGGpZnUzAWMq_TfDiUvMfo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/321ea6-eff7-4514-ab2d-5b4b85fd5ae5/1/lxUJjueFp6rFUIPD2TYcuvtLfQw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/321ea6-eff7-4514-ab2d-5b4b85fd5ae5/1/8bi7seGGpZnUzAWMq_TfDiUvMfo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.92.0/24
45.145.6.0/23
45.152.84.0/24
45.152.86.0/24
45.152.112.0/23
45.154.1.0-45.154.3.255
193.43.72.0/24
193.242.145.0/24
Signature Algorithm: sha256WithRSAEncryption
30:3f:90:37:30:5b:e4:6b:0a:7f:b0:bd:51:1a:90:05:70:3f:
61:d9:bd:3d:05:77:ab:48:2b:c7:0c:a6:de:67:20:06:2e:0f:
07:0e:f1:8b:24:0a:e5:a3:31:61:1f:67:2f:32:92:ff:5d:09:
97:3a:3a:0f:59:ba:10:ac:bd:19:ca:aa:26:19:3c:48:4f:0e:
41:3a:bf:f5:60:03:00:97:a0:d6:95:16:56:77:a2:4f:3e:68:
bc:4f:20:93:cf:42:7b:83:35:39:90:86:07:25:c6:ed:28:57:
a2:e1:59:ed:1c:39:a1:15:ee:ac:65:39:ed:9f:e7:b5:50:60:
31:c6:f9:f4:da:0e:b4:05:41:22:d4:31:0a:ae:16:0b:3c:5c:
6c:b9:85:09:8a:25:26:8d:17:73:4f:bc:9c:29:29:af:b2:9d:
af:7f:96:74:6c:26:b5:28:66:06:cf:de:cd:b7:41:d1:52:74:
48:cf:ea:2f:7c:d5:a0:20:bf:84:8b:be:39:c3:d7:e1:14:87:
a1:d1:ca:07:71:04:49:87:67:bd:7d:af:dd:48:93:86:ee:ab:
e9:b6:6c:d9:43:5d:af:1c:62:64:dd:45:04:cc:32:aa:8b:26:
b4:3d:8f:7e:04:cf:87:f9:dc:64:8c:11:fb:00:e0:77:e2:a0:
17:e1:fb:1a
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYQjnN1BWjj8hmGcjn5ztMLwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxYjhiYmIxZTE4NmE1OTlkNGNjMDU4Y2FiZjRkZjBlMjUy
ZjMxZmEwHhcNMjIxMDI5MTE1OTUzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzE1MDk4ZWU3ODVhN2FhYzU1MDgzYzNkOTM2MWNiYWZiNGI3ZDBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmjvN+t3QXFazk7ynL0OFmtLYCaX2
qa6623n0wK3NnkvyrTqSb/mIgb1lh90dYAvHijdYdXwjtL/Vm64rPjN0CyBim5fu
ClHYPErqVXI3cVhdIlIVAhOUx9SRlvLjTBqpXpL6i3HljyTSDSFQzkpv84ZGwG2K
pNzI81V+2h8pEUDRGiMZ4ITIPTxW7c9f6mR/8enPITHpQcVVa0i+kjNULFTkqP3C
oG0pduxvDzgs6oZw8+7qlUjzphdQ+y5rWXmSwHnbe4bYHvs6j793N9pi8zmwMiGP
qGgR/YKoyXS95nFx4kSlGkyjOKz0C87J/i+kr7hLorQJc/8Za7ioVp3jkQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFJcVCY7nhaeqxVCDw9k2HLr7S30MMB8GA1UdIwQY
MBaAFPG4u7HhhqWZ1MwFjKv03w4lLzH6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGJpN3NlR0dwWm5VekFXTXFfVGZEaVV2TWZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi8zMjFlYTYtZWZmNy00NTE0LWFiMmQt
NWI0Yjg1ZmQ1YWU1LzEvbHhVSmp1ZUZwNnJGVUlQRDJUWWN1dnRMZlF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi8zMjFlYTYtZWZmNy00NTE0LWFiMmQtNWI0Yjg1ZmQ1YWU1
LzEvOGJpN3NlR0dwWm5VekFXTXFfVGZEaVV2TWZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQALQtcAwQB
LZEGAwQALZhUAwQALZhWAwQBLZhwMAwDBAAtmgEDBAItmgADBADBK0gDBADB8pEw
DQYJKoZIhvcNAQELBQADggEBADA/kDcwW+RrCn+wvVEakAVwP2HZvT0Fd6tIK8cM
pt5nIAYuDwcO8YskCuWjMWEfZy8ykv9dCZc6Og9ZuhCsvRnKqiYZPEhPDkE6v/Vg
AwCXoNaVFlZ3ok8+aLxPIJPPQnuDNTmQhgclxu0oV6LhWe0cOaEV7qxlOe2f57VQ
YDHG+fTaDrQFQSLUMQquFgs8XGy5hQmKJSaNF3NPvJwpKa+yna9/lnRsJrUoZgbP
3s23QdFSdEjP6i981aAgv4SLvjnD1+EUh6HRygdxBEmHZ719r91Ik4buq+m2bNlD
Xa8cYmTdRQTMMqqLJrQ9j34Ez4f53GSMEfsA4HfioBfh+xo=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:02 2023 by rpki-client on console-fra.rpki-client.org