Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/aK7XnJaMFL8tfDnzTxrTOvc1JA8.roa
File: aK7XnJaMFL8tfDnzTxrTOvc1JA8.roa (raw, json)
Hash identifier: VKZkF5v0xXLreaH58wndjgR8WaGRBAdxKrzUXOWtF/s=
Subject key identifier: 68:AE:D7:9C:96:8C:14:BF:2D:7C:39:F3:4F:1A:D3:3A:F7:35:24:0F
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 136DF9BA
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/aK7XnJaMFL8tfDnzTxrTOvc1JA8.roa
Signing time: Sun 03 Apr 2022 15:17:53 +0000
ROA not before: Sun 03 Apr 2022 15:17:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58057
IP address blocks: 45.136.136.0/22 maxlen: 24
94.177.122.0/24 maxlen: 24
194.50.92.0/24 maxlen: 24
194.50.94.0/24 maxlen: 24
85.202.203.0/24 maxlen: 24
194.50.111.0/24 maxlen: 24
45.12.68.0/22 maxlen: 24
139.28.96.0/22 maxlen: 24
2a10:cc46:100::/44 maxlen: 48
2a0e:97c0:260::/44 maxlen: 44
2a0e:b107:1165::/48 maxlen: 48
2a0f:e404:10a::/48 maxlen: 48
2a0c:3b80::/29 maxlen: 48
2a0f:e404:100::/48 maxlen: 48
2001:7f8:119::/48 maxlen: 48
2a0f:e404:101::/48 maxlen: 48
2a0e:97c0:170::/48 maxlen: 48
2a0f:e404:107::/48 maxlen: 48
2a0f:e404:102::/48 maxlen: 48
2a09:4c0::/29 maxlen: 64
2a0e:b107:1786::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 325974458 (0x136df9ba)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Apr 3 15:17:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=68aed79c968c14bf2d7c39f34f1ad33af735240f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:dd:d0:90:cf:ee:69:3c:1a:f4:8e:0e:1b:4d:
9c:5b:c9:6f:5b:81:07:ba:58:58:37:12:bc:c8:4f:
78:a0:5f:4b:ae:03:a2:ea:73:ab:c4:26:ef:fd:9a:
62:0e:d4:72:0b:0b:58:ad:bd:7d:68:a4:51:fc:b2:
3c:2e:f5:e4:d4:c7:24:b2:6e:30:1a:6e:54:d6:1b:
5c:34:fa:bd:d0:c1:d0:dc:c2:22:15:dd:81:42:61:
88:05:8e:78:d6:15:5d:3c:f5:e8:a5:42:10:cf:21:
71:0a:62:8a:1d:1c:50:db:d8:68:c5:a7:b0:30:c8:
1e:59:4a:e6:b3:d3:99:d7:71:90:89:9d:e6:e6:d5:
a3:7a:68:ab:bf:a8:e3:9e:00:42:67:96:5e:08:a7:
f0:ca:74:e3:78:9b:fc:50:77:1f:74:30:f5:87:5a:
71:59:08:60:4f:93:e1:cf:2f:50:04:37:04:0f:ea:
37:20:e2:ff:d8:04:05:2f:31:5f:5f:4c:a2:8d:66:
b3:92:56:83:19:54:98:ce:97:1f:f5:97:b0:a7:6a:
d3:57:f2:5b:c9:f0:09:e8:15:e1:36:9c:77:db:0f:
ce:12:40:86:75:8b:dd:6e:c3:29:e0:c8:fc:b4:3b:
d8:44:01:fa:be:3a:90:a6:ad:fa:01:4d:d7:82:fa:
91:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:AE:D7:9C:96:8C:14:BF:2D:7C:39:F3:4F:1A:D3:3A:F7:35:24:0F
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/aK7XnJaMFL8tfDnzTxrTOvc1JA8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.68.0/22
45.136.136.0/22
85.202.203.0/24
94.177.122.0/24
139.28.96.0/22
194.50.92.0/24
194.50.94.0/24
194.50.111.0/24
IPv6:
2001:7f8:119::/48
2a09:4c0::/29
2a0c:3b80::/29
2a0e:97c0:170::/48
2a0e:97c0:260::/44
2a0e:b107:1165::/48
2a0e:b107:1786::/48
2a0f:e404:100::-2a0f:e404:102:ffff:ffff:ffff:ffff:ffff
2a0f:e404:107::/48
2a0f:e404:10a::/48
2a10:cc46:100::/44
Signature Algorithm: sha256WithRSAEncryption
65:2e:10:be:9e:5e:23:db:88:1f:43:73:73:8f:84:80:d0:a7:
81:00:14:fb:ee:15:3e:97:ec:cb:14:74:03:e8:f2:75:4e:e0:
ed:2a:88:3f:fa:fd:29:a5:fd:6b:b0:5e:41:1c:ed:5e:20:5a:
87:70:53:68:d5:6a:40:58:77:34:d5:5a:e8:4e:8c:9b:64:b5:
3c:af:35:c4:b5:cd:de:9e:c9:45:b0:fe:3e:17:9d:74:99:b0:
ab:ab:8e:ae:f8:4f:8d:e8:1e:d7:da:82:d0:6a:8d:cd:a0:d0:
9d:33:2f:28:5c:00:7c:32:b0:ec:11:d7:2b:c2:3b:7d:b5:2e:
bb:87:48:42:6c:83:35:46:03:52:b7:59:6f:91:27:4a:33:3b:
24:e0:f6:77:06:04:bf:a1:ba:05:53:f9:41:c3:ed:15:59:50:
87:a2:8a:a2:56:e6:f5:aa:65:7e:85:2c:77:17:92:55:96:40:
38:33:5d:ee:24:59:0d:03:61:60:c3:05:37:ce:02:22:10:cd:
4e:b7:65:23:7d:c0:d3:71:25:40:89:e1:ad:1d:8e:ce:14:4f:
f6:22:f4:53:c4:3e:b5:b9:6c:7a:9d:83:b0:65:a1:a6:c3:53:
b8:80:29:bf:2f:ce:a9:c5:f3:b1:30:06:5d:a2:8f:01:e0:1b:
f2:38:89:98
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgIEE235ujANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDQw
MzE1MTc1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjhhZWQ3OWM5Njhj
MTRiZjJkN2MzOWYzNGYxYWQzM2FmNzM1MjQwZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANvd0JDP7mk8GvSODhtNnFvJb1uBB7pYWDcSvMhPeKBfS64D
oupzq8Qm7/2aYg7UcgsLWK29fWikUfyyPC715NTHJLJuMBpuVNYbXDT6vdDB0NzC
IhXdgUJhiAWOeNYVXTz16KVCEM8hcQpiih0cUNvYaMWnsDDIHllK5rPTmddxkImd
5ubVo3poq7+o454AQmeWXgin8Mp043ib/FB3H3Qw9YdacVkIYE+T4c8vUAQ3BA/q
NyDi/9gEBS8xX19Moo1ms5JWgxlUmM6XH/WXsKdq01fyW8nwCegV4Tacd9sPzhJA
hnWL3W7DKeDI/LQ72EQB+r46kKat+gFN14L6kTkCAwEAAaOCAqcwggKjMB0GA1Ud
DgQWBBRorteclowUvy18OfNPGtM69zUkDzAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
L2FLN1huSmFNRkw4dGZEbnpUeHJUT3ZjMUpBOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
vAYIKwYBBQUHAQcBAf8EgawwgakwNgQCAAEwMAMEAi0MRAMEAi2IiAMEAFXKywME
AF6xegMEAoscYAMEAMIyXAMEAMIyXgMEAMIybzBvBAIAAjBpAwcAIAEH+AEZAwUD
KgkEwAMFAyoMO4ADBwAqDpfAAXADBwQqDpfAAmADBwAqDrEHEWUDBwAqDrEHF4Yw
EQMGACoP5AQBAwcAKg/kBAECAwcAKg/kBAEHAwcAKg/kBAEKAwcEKhDMRgEAMA0G
CSqGSIb3DQEBCwUAA4IBAQBlLhC+nl4j24gfQ3Nzj4SA0KeBABT77hU+l+zLFHQD
6PJ1TuDtKog/+v0ppf1rsF5BHO1eIFqHcFNo1WpAWHc01VroToybZLU8rzXEtc3e
nslFsP4+F510mbCrq46u+E+N6B7X2oLQao3NoNCdMy8oXAB8MrDsEdcrwjt9tS67
h0hCbIM1RgNSt1lvkSdKMzsk4PZ3BgS/oboFU/lBw+0VWVCHooqiVub1qmV+hSx3
F5JVlkA4M13uJFkNA2FgwwU3zgIiEM1Ot2UjfcDTcSVAieGtHY7OFE/2IvRTxD61
uWx6nYOwZaGmw1O4gCm/L86pxfOxMAZdoo8B4BvyOImY
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:01 2023 by rpki-client on console-ams.rpki-client.org