Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/cgrrqAgWBcKe6-8NntmrhxzlST0.roa
File: cgrrqAgWBcKe6-8NntmrhxzlST0.roa (raw, json)
Hash identifier: 3BZS078hfyMoW81qhXN2zVr6d/AP+vS9+EykPF9S2gw=
Subject key identifier: 72:0A:EB:A8:08:16:05:C2:9E:EB:EF:0D:9E:D9:AB:87:1C:E5:49:3D
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0184EE8E6AB582D8523EBF7FADD302F97FB5
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/cgrrqAgWBcKe6-8NntmrhxzlST0.roa
Signing time: Wed 07 Dec 2022 21:47:01 +0000
ROA not before: Wed 07 Dec 2022 21:47:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25198
IP address blocks: 45.131.186.0/24 maxlen: 24
185.238.189.0/24 maxlen: 24
185.238.190.0/24 maxlen: 24
2a0e:97c0:a80::/44 maxlen: 48
2a0e:97c0:300::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:ee:8e:6a:b5:82:d8:52:3e:bf:7f:ad:d3:02:f9:7f:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Dec 7 21:47:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=720aeba8081605c29eebef0d9ed9ab871ce5493d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:ec:4f:aa:2a:fa:bb:e2:4e:77:7f:23:0b:56:
3a:3e:43:fb:8c:3b:3f:49:ef:f9:51:08:0d:f1:46:
46:b7:b6:df:bd:ac:07:62:53:78:4d:8d:9b:74:50:
e0:0b:2d:e0:f4:16:e2:22:5a:5e:f7:2b:a3:43:45:
cd:71:3f:54:b2:a8:10:39:6f:0e:b0:3a:07:f3:ad:
86:94:66:26:d0:6d:82:f0:80:0b:3a:c7:c2:41:ee:
32:75:63:2b:9d:bf:36:9b:a1:c5:31:23:6c:41:3a:
6e:3e:44:21:67:28:51:aa:13:ba:83:b6:8f:01:1b:
b6:e2:4d:17:8b:7e:9e:fa:fb:74:66:05:0b:51:26:
b7:01:5f:ac:ac:dc:fa:59:f7:6c:20:06:c4:20:17:
59:de:20:68:36:57:7a:59:c1:e7:e3:52:05:2d:84:
e2:d7:11:bc:dc:df:af:66:8a:d4:50:bf:69:a4:e4:
35:9a:be:0f:ec:19:c4:71:80:50:6f:20:f0:42:53:
84:8e:2f:31:22:9e:59:a4:4f:ac:15:30:2e:1d:7a:
98:68:6c:79:0c:c1:c3:04:b6:bd:ad:3a:e2:ff:08:
dd:ea:eb:ad:c3:a6:96:f7:48:69:4f:f4:e8:72:40:
2d:89:33:a7:e4:bc:4a:5c:c5:45:0c:e8:c3:d0:41:
f6:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:0A:EB:A8:08:16:05:C2:9E:EB:EF:0D:9E:D9:AB:87:1C:E5:49:3D
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/cgrrqAgWBcKe6-8NntmrhxzlST0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.131.186.0/24
185.238.189.0-185.238.190.255
IPv6:
2a0e:97c0:300::/44
2a0e:97c0:a80::/44
Signature Algorithm: sha256WithRSAEncryption
8a:f9:de:3a:26:bd:7c:79:c2:01:65:3e:92:06:98:a4:f9:49:
6b:17:81:73:3b:67:ad:00:13:12:b6:f9:28:50:b0:25:a0:78:
65:6b:68:d1:d7:af:5d:3e:f4:7d:77:54:0f:47:ce:64:0c:3b:
ad:cd:ec:b0:da:e7:1a:e6:86:f3:07:9f:01:32:9c:77:c4:33:
ed:71:1a:6c:7c:0b:f5:3d:57:13:d7:1c:5f:58:60:ac:1f:1f:
8e:43:bb:e4:a4:1a:f0:97:d0:45:d2:8b:b2:c2:13:fe:78:a9:
d6:bb:c5:f7:ea:70:fa:7b:c1:7c:ee:18:de:19:10:98:11:8a:
6e:65:65:5e:c1:82:4e:f2:70:49:d0:c7:d8:6c:9e:e2:f9:ae:
09:f3:01:3d:8e:95:8e:2b:c1:80:9f:14:89:07:97:3d:df:76:
04:83:9b:b4:35:1e:09:b9:64:42:d8:24:0a:9d:59:08:43:ca:
b3:23:af:df:49:a1:82:d9:7b:fa:60:a0:f3:76:56:46:b1:12:
6d:1b:8e:d8:7e:47:ed:04:90:47:d7:81:c6:de:b0:16:d6:7d:
19:a3:a0:17:eb:e8:6b:88:e8:29:cc:db:92:90:73:a8:e0:60:
79:0c:27:2d:40:d0:a1:38:c5:95:18:40:43:9b:9b:bd:b6:aa:
6b:59:a5:18
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYTujmq1gthSPr9/rdMC+X+1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMjA3MjE0NzAxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjBhZWJhODA4MTYwNWMyOWVlYmVmMGQ5ZWQ5YWI4NzFjZTU0OTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAluxPqir6u+JOd38jC1Y6PkP7jDs/
Se/5UQgN8UZGt7bfvawHYlN4TY2bdFDgCy3g9BbiIlpe9yujQ0XNcT9UsqgQOW8O
sDoH862GlGYm0G2C8IALOsfCQe4ydWMrnb82m6HFMSNsQTpuPkQhZyhRqhO6g7aP
ARu24k0Xi36e+vt0ZgULUSa3AV+srNz6WfdsIAbEIBdZ3iBoNld6WcHn41IFLYTi
1xG83N+vZorUUL9ppOQ1mr4P7BnEcYBQbyDwQlOEji8xIp5ZpE+sFTAuHXqYaGx5
DMHDBLa9rTri/wjd6uutw6aW90hpT/TockAtiTOn5LxKXMVFDOjD0EH2HwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFHIK66gIFgXCnuvvDZ7Zq4cc5Uk9MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvY2dycnFBZ1dCY0tlNi04Tm50bXJoeHpsU1QwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAaBAIAATAUAwQALYO6MAwD
BAC57r0DBAC57r4wGAQCAAIwEgMHBCoOl8ADAAMHBCoOl8AKgDANBgkqhkiG9w0B
AQsFAAOCAQEAivneOia9fHnCAWU+kgaYpPlJaxeBcztnrQATErb5KFCwJaB4ZWto
0devXT70fXdUD0fOZAw7rc3ssNrnGuaG8wefATKcd8Qz7XEabHwL9T1XE9ccX1hg
rB8fjkO75KQa8JfQRdKLssIT/nip1rvF9+pw+nvBfO4Y3hkQmBGKbmVlXsGCTvJw
SdDH2Gye4vmuCfMBPY6VjivBgJ8UiQeXPd92BIObtDUeCblkQtgkCp1ZCEPKsyOv
30mhgtl7+mCg83ZWRrESbRuO2H5H7QSQR9eBxt6wFtZ9GaOgF+voa4joKczbkpBz
qOBgeQwnLUDQoTjFlRhAQ5ubvbaqa1mlGA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:01 2023 by rpki-client on console-ams.rpki-client.org