Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/0KjZeeQWG03DIG6DKVSJ9I9o-Hk.roa
File: 0KjZeeQWG03DIG6DKVSJ9I9o-Hk.roa (raw, json)
Hash identifier: Ijlzv+e9L0kh/L2eGIoDlev9SxCs3poUhEnPAfpndr0=
Subject key identifier: D0:A8:D9:79:E4:16:1B:4D:C3:20:6E:83:29:54:89:F4:8F:68:F8:79
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018379AE98F2B71176DBA62197A7C1A1FCBA
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/0KjZeeQWG03DIG6DKVSJ9I9o-Hk.roa
Signing time: Mon 26 Sep 2022 12:03:49 +0000
ROA not before: Mon 26 Sep 2022 12:03:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58057
IP address blocks: 45.136.136.0/22 maxlen: 24
94.177.122.0/24 maxlen: 24
194.50.94.0/24 maxlen: 24
85.202.203.0/24 maxlen: 24
194.50.92.0/24 maxlen: 24
194.50.111.0/24 maxlen: 24
193.58.239.0/24 maxlen: 24
139.28.96.0/22 maxlen: 24
2a0e:97c0:260::/44 maxlen: 44
2a0e:b107:1165::/48 maxlen: 48
2a0c:3b80::/29 maxlen: 48
2a0e:97c1:200::/40 maxlen: 48
2001:7f8:119::/48 maxlen: 48
2a10:cc46:1000::/36 maxlen: 48
2a0e:97c0:170::/48 maxlen: 48
2a0e:b107:9f2::/48 maxlen: 48
2a10:cc40:1c0::/44 maxlen: 44
2a0f:e404:102::/48 maxlen: 48
2a09:4c0::/29 maxlen: 64
2a0e:b107:1786::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:79:ae:98:f2:b7:11:76:db:a6:21:97:a7:c1:a1:fc:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Sep 26 12:03:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d0a8d979e4161b4dc3206e83295489f48f68f879
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:94:fe:72:ec:ae:50:a2:e4:ad:9b:49:1d:2f:
b9:a4:33:d2:b5:ce:a1:3f:e6:b2:1f:6b:65:e1:a2:
50:ce:b3:1f:d4:ef:22:f9:8c:72:bf:d0:d7:46:9e:
a7:25:a7:f9:ca:4c:23:73:5b:41:8a:f6:5c:c0:62:
1a:73:c7:c8:01:84:f7:84:57:af:90:da:59:44:58:
2d:fa:62:54:9b:d5:30:51:f9:ad:08:b5:86:8f:99:
91:bb:ab:ff:45:0f:71:c0:37:07:6a:61:04:52:8c:
48:29:5f:c1:34:33:16:73:99:75:53:34:8d:fe:8f:
0c:43:73:ea:5f:aa:55:77:58:d4:a9:ab:6e:b5:40:
dd:74:14:95:a9:73:04:87:4b:02:48:ec:15:35:53:
a1:c6:6d:9b:1a:97:5e:99:e1:d2:37:9e:a3:40:25:
91:a4:dc:0d:e0:cf:ad:23:d6:75:d7:d4:50:fc:29:
52:bd:85:3e:ab:04:36:fa:7c:4d:c2:3e:21:80:e6:
a4:e7:f1:f1:55:41:1b:a8:cd:58:21:df:cd:de:d5:
04:42:8b:a2:47:1e:ab:fa:44:26:9f:1e:85:62:89:
8e:5b:2f:e7:ea:b9:e4:bf:25:8d:6a:97:09:21:60:
38:15:12:a7:f0:0f:5c:89:1a:85:b0:92:5d:37:f2:
01:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:A8:D9:79:E4:16:1B:4D:C3:20:6E:83:29:54:89:F4:8F:68:F8:79
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/0KjZeeQWG03DIG6DKVSJ9I9o-Hk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.136.0/22
85.202.203.0/24
94.177.122.0/24
139.28.96.0/22
193.58.239.0/24
194.50.92.0/24
194.50.94.0/24
194.50.111.0/24
IPv6:
2001:7f8:119::/48
2a09:4c0::/29
2a0c:3b80::/29
2a0e:97c0:170::/48
2a0e:97c0:260::/44
2a0e:97c1:200::/40
2a0e:b107:9f2::/48
2a0e:b107:1165::/48
2a0e:b107:1786::/48
2a0f:e404:102::/48
2a10:cc40:1c0::/44
2a10:cc46:1000::/36
Signature Algorithm: sha256WithRSAEncryption
86:20:4f:8a:3a:98:da:48:11:f6:d8:33:c8:aa:e8:56:57:97:
46:8b:d7:50:27:20:d6:de:c1:7c:47:a7:a0:28:3d:ff:d9:40:
93:aa:a1:a1:6f:3b:23:e3:12:99:ae:14:41:b6:25:1f:2d:8e:
8f:03:e5:1f:8f:33:96:cd:5f:b5:56:48:ef:5b:93:15:e3:0d:
33:cd:78:53:84:53:8e:97:b9:c2:83:61:0d:b0:55:2c:4a:2a:
46:e2:6f:c1:92:81:90:5f:f7:00:08:ba:ad:2a:b2:46:61:59:
01:90:1b:b9:05:85:ed:eb:5b:04:b4:8a:ee:aa:e7:07:b0:e6:
ae:e0:06:64:39:01:86:3e:25:cb:eb:60:91:5b:95:53:ab:60:
2d:f8:6e:2d:96:7f:04:c1:f3:22:0a:75:7f:25:27:92:a4:10:
52:bf:a1:d7:54:de:ea:52:b4:37:00:7a:55:e4:6d:c9:bb:18:
92:04:33:2e:97:de:75:57:09:58:b7:86:d9:29:18:d0:5f:a9:
0c:30:aa:34:cc:67:cd:b2:c8:68:04:e1:ab:b1:c4:ce:73:47:
e1:c2:e9:a8:72:71:c0:56:59:76:b6:a2:9b:c2:75:11:6c:68:
55:57:c1:0e:20:25:b0:01:cd:af:bd:88:54:aa:32:a0:76:50:
ad:19:75:49
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgISAYN5rpjytxF226Yhl6fBofy6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIwOTI2MTIwMzQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGE4ZDk3OWU0MTYxYjRkYzMyMDZlODMyOTU0ODlmNDhmNjhmODc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiZT+cuyuUKLkrZtJHS+5pDPStc6h
P+ayH2tl4aJQzrMf1O8i+Yxyv9DXRp6nJaf5ykwjc1tBivZcwGIac8fIAYT3hFev
kNpZRFgt+mJUm9UwUfmtCLWGj5mRu6v/RQ9xwDcHamEEUoxIKV/BNDMWc5l1UzSN
/o8MQ3PqX6pVd1jUqatutUDddBSVqXMEh0sCSOwVNVOhxm2bGpdemeHSN56jQCWR
pNwN4M+tI9Z119RQ/ClSvYU+qwQ2+nxNwj4hgOak5/HxVUEbqM1YId/N3tUEQoui
Rx6r+kQmnx6FYomOWy/n6rnkvyWNapcJIWA4FRKn8A9ciRqFsJJdN/IBZwIDAQAB
o4ICpDCCAqAwHQYDVR0OBBYEFNCo2XnkFhtNwyBugylUifSPaPh5MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvMEtqWmVlUVdHMDNESUc2REtWU0o5STlvLUhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG5BggrBgEFBQcBBwEB/wSBqTCBpjA2BAIAATAwAwQCLYiI
AwQAVcrLAwQAXrF6AwQCixxgAwQAwTrvAwQAwjJcAwQAwjJeAwQAwjJvMGwEAgAC
MGYDBwAgAQf4ARkDBQMqCQTAAwUDKgw7gAMHACoOl8ABcAMHBCoOl8ACYAMGACoO
l8ECAwcAKg6xBwnyAwcAKg6xBxFlAwcAKg6xBxeGAwcAKg/kBAECAwcEKhDMQAHA
AwYEKhDMRhAwDQYJKoZIhvcNAQELBQADggEBAIYgT4o6mNpIEfbYM8iq6FZXl0aL
11AnINbewXxHp6AoPf/ZQJOqoaFvOyPjEpmuFEG2JR8tjo8D5R+PM5bNX7VWSO9b
kxXjDTPNeFOEU46XucKDYQ2wVSxKKkbib8GSgZBf9wAIuq0qskZhWQGQG7kFhe3r
WwS0iu6q5wew5q7gBmQ5AYY+JcvrYJFblVOrYC34bi2WfwTB8yIKdX8lJ5KkEFK/
oddU3upStDcAelXkbcm7GJIEMy6X3nVXCVi3htkpGNBfqQwwqjTMZ82yyGgE4aux
xM5zR+HC6ahyccBWWXa2opvCdRFsaFVXwQ4gJbABza+9iFSqMqB2UK0ZdUk=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:12 2023 by rpki-client on console-fra.rpki-client.org