Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/7KS9UlxuGEiMB8MJulCKvCXOaP0.roa
File: 7KS9UlxuGEiMB8MJulCKvCXOaP0.roa (raw, json)
Hash identifier: SdARcc/79xLOQ60npXwcRMVWAL5aW51ozkmfErugvJs=
Subject key identifier: EC:A4:BD:52:5C:6E:18:48:8C:07:C3:09:BA:50:8A:BC:25:CE:68:FD
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 128E326B
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/7KS9UlxuGEiMB8MJulCKvCXOaP0.roa
Signing time: Fri 04 Mar 2022 10:26:46 +0000
ROA not before: Fri 04 Mar 2022 10:26:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58057
IP address blocks: 45.136.136.0/22 maxlen: 24
94.177.122.0/24 maxlen: 24
194.50.92.0/24 maxlen: 24
194.50.94.0/24 maxlen: 24
194.50.111.0/24 maxlen: 24
45.12.68.0/22 maxlen: 24
139.28.96.0/22 maxlen: 24
2a10:cc46:100::/44 maxlen: 48
2a0e:97c0:260::/44 maxlen: 44
2a0e:b107:1165::/48 maxlen: 48
2a0f:e404:10a::/48 maxlen: 48
2a0c:3b80::/29 maxlen: 48
2a0f:e404:100::/48 maxlen: 48
2001:7f8:119::/48 maxlen: 48
2a0f:e404:101::/48 maxlen: 48
2a0e:97c0:170::/48 maxlen: 48
2a0f:e404:107::/48 maxlen: 48
2a0f:e404:102::/48 maxlen: 48
2a09:4c0::/29 maxlen: 64
2a0e:b107:1786::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 311308907 (0x128e326b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Mar 4 10:26:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=eca4bd525c6e18488c07c309ba508abc25ce68fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:73:ec:d8:cd:db:f2:0f:f0:d1:71:c9:86:df:
97:81:7a:81:64:eb:b0:a9:93:13:c0:9d:22:46:9e:
83:4a:d4:ef:04:71:aa:51:0f:58:26:26:be:b3:91:
4a:9b:54:da:b8:e6:30:c2:88:79:68:6e:2a:c3:ab:
0d:4b:21:d1:a4:53:46:fd:4c:3a:a2:98:ab:93:ce:
78:4b:6a:92:37:38:e1:0d:fb:97:b5:9d:b5:cc:70:
de:8d:b8:2b:98:c8:9d:88:b8:dd:3a:e8:a2:76:c1:
a9:32:44:9a:ec:d4:f0:9f:01:d6:0c:fc:15:01:f1:
72:fd:a0:f2:31:e4:0f:5f:f3:4a:43:b0:5a:b8:cf:
1a:32:c8:7c:d2:04:10:be:0a:01:b3:29:5e:52:98:
19:f4:04:a2:20:9e:19:cc:ed:9d:cc:bd:78:b2:40:
57:e3:16:aa:cb:ad:39:c4:e5:27:57:62:36:6a:ca:
52:8b:f5:e6:c3:e2:a5:c2:73:9a:1d:1b:63:fc:e7:
41:8a:48:06:f9:34:a9:2f:ea:dd:75:d0:a8:a7:f5:
17:a8:77:0b:ad:86:15:a0:3b:18:33:dc:0b:e0:4d:
f5:76:70:74:50:55:d6:30:4c:fd:a5:3f:84:da:cc:
52:00:11:93:f7:18:7b:49:74:b9:f3:34:fd:fd:56:
3a:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:A4:BD:52:5C:6E:18:48:8C:07:C3:09:BA:50:8A:BC:25:CE:68:FD
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/7KS9UlxuGEiMB8MJulCKvCXOaP0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.68.0/22
45.136.136.0/22
94.177.122.0/24
139.28.96.0/22
194.50.92.0/24
194.50.94.0/24
194.50.111.0/24
IPv6:
2001:7f8:119::/48
2a09:4c0::/29
2a0c:3b80::/29
2a0e:97c0:170::/48
2a0e:97c0:260::/44
2a0e:b107:1165::/48
2a0e:b107:1786::/48
2a0f:e404:100::-2a0f:e404:102:ffff:ffff:ffff:ffff:ffff
2a0f:e404:107::/48
2a0f:e404:10a::/48
2a10:cc46:100::/44
Signature Algorithm: sha256WithRSAEncryption
13:23:35:1f:b1:2d:97:72:2c:6f:49:3c:73:7e:6e:61:45:42:
82:64:5b:90:73:0b:68:08:a9:e8:7a:93:02:b0:fb:f6:b4:88:
c3:d6:4a:c5:e9:cd:ca:fe:e2:58:f8:49:5d:16:3f:bd:c4:81:
62:15:df:49:7a:d3:64:d3:6c:ee:9d:6f:83:aa:61:a4:f1:2d:
f8:dc:ab:26:69:72:df:49:7b:6b:b5:93:a2:5c:7b:16:27:d0:
f1:c6:59:30:d9:ac:1f:43:4d:39:6e:96:23:10:31:f3:a3:3a:
0e:e0:ea:f9:cd:a6:df:dc:2d:20:fa:5c:c6:a1:32:1f:63:27:
39:5c:36:ed:3f:65:c9:c6:75:7b:37:e8:1b:58:86:23:df:17:
0d:ed:65:dc:8d:d6:82:bc:bc:72:73:e9:f6:60:e8:cf:99:2b:
ef:b5:94:de:1c:41:1e:64:a3:bc:6c:11:78:38:0c:b3:47:1d:
17:a2:b6:f2:5c:6c:4a:6a:d9:25:82:df:02:90:e2:38:a5:2d:
f1:f5:cc:6d:b8:30:3f:7d:f0:66:65:a8:3c:95:a6:26:ad:57:
a9:0b:58:a3:ac:66:33:0e:6c:17:f5:70:1a:b0:71:aa:4c:99:
a2:e9:68:cd:39:1e:1c:e2:1e:1c:28:50:43:03:4d:4f:2d:52:
07:6f:db:fe
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIEEo4yazANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDMw
NDEwMjY0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWNhNGJkNTI1YzZl
MTg0ODhjMDdjMzA5YmE1MDhhYmMyNWNlNjhmZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK5z7NjN2/IP8NFxyYbfl4F6gWTrsKmTE8CdIkaeg0rU7wRx
qlEPWCYmvrORSptU2rjmMMKIeWhuKsOrDUsh0aRTRv1MOqKYq5POeEtqkjc44Q37
l7Wdtcxw3o24K5jInYi43TroonbBqTJEmuzU8J8B1gz8FQHxcv2g8jHkD1/zSkOw
WrjPGjLIfNIEEL4KAbMpXlKYGfQEoiCeGcztncy9eLJAV+MWqsutOcTlJ1diNmrK
Uov15sPipcJzmh0bY/znQYpIBvk0qS/q3XXQqKf1F6h3C62GFaA7GDPcC+BN9XZw
dFBV1jBM/aU/hNrMUgARk/cYe0l0ufM0/f1WOhkCAwEAAaOCAqEwggKdMB0GA1Ud
DgQWBBTspL1SXG4YSIwHwwm6UIq8Jc5o/TAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
LzdLUzlVbHh1R0VpTUI4TUp1bENLdkNYT2FQMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
tgYIKwYBBQUHAQcBAf8EgaYwgaMwMAQCAAEwKgMEAi0MRAMEAi2IiAMEAF6xegME
AoscYAMEAMIyXAMEAMIyXgMEAMIybzBvBAIAAjBpAwcAIAEH+AEZAwUDKgkEwAMF
AyoMO4ADBwAqDpfAAXADBwQqDpfAAmADBwAqDrEHEWUDBwAqDrEHF4YwEQMGACoP
5AQBAwcAKg/kBAECAwcAKg/kBAEHAwcAKg/kBAEKAwcEKhDMRgEAMA0GCSqGSIb3
DQEBCwUAA4IBAQATIzUfsS2XcixvSTxzfm5hRUKCZFuQcwtoCKnoepMCsPv2tIjD
1krF6c3K/uJY+EldFj+9xIFiFd9JetNk02zunW+DqmGk8S343KsmaXLfSXtrtZOi
XHsWJ9Dxxlkw2awfQ005bpYjEDHzozoO4Or5zabf3C0g+lzGoTIfYyc5XDbtP2XJ
xnV7N+gbWIYj3xcN7WXcjdaCvLxyc+n2YOjPmSvvtZTeHEEeZKO8bBF4OAyzRx0X
orbyXGxKatklgt8CkOI4pS3x9cxtuDA/ffBmZag8laYmrVepC1ijrGYzDmwX9XAa
sHGqTJmi6WjNOR4c4h4cKFBDA01PLVIHb9v+
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:13 2023 by rpki-client on console-fra.rpki-client.org