Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/6da1c2-252d-4bd2-b56c-bb217cc3b78d/1/72ZZ0aLwCb4z2iE55DhC9FYi2_w.roa
File: 72ZZ0aLwCb4z2iE55DhC9FYi2_w.roa (raw, json)
Hash identifier: LsNbXvpyLBJ9++/TJHss0IEaEza4Zv+IpODl9ratP/w=
Subject key identifier: EF:66:59:D1:A2:F0:09:BE:33:DA:21:39:E4:38:42:F4:56:22:DB:FC
Certificate issuer: /CN=293e0cd8b3e044edb823aef688aafb0b75de8675
Certificate serial: 01829BE30715F002B1020F1C05DA61CE5AF1
Authority key identifier: 29:3E:0C:D8:B3:E0:44:ED:B8:23:AE:F6:88:AA:FB:0B:75:DE:86:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KT4M2LPgRO24I672iKr7C3XehnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/6da1c2-252d-4bd2-b56c-bb217cc3b78d/1/72ZZ0aLwCb4z2iE55DhC9FYi2_w.roa
Signing time: Sun 14 Aug 2022 10:25:23 +0000
ROA not before: Sun 14 Aug 2022 10:25:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208555
IP address blocks: 45.129.36.0/24 maxlen: 24
45.129.37.0/24 maxlen: 24
45.129.38.0/24 maxlen: 24
45.129.39.0/24 maxlen: 24
45.129.38.0/23 maxlen: 23
185.126.202.0/24 maxlen: 24
185.53.143.0/24 maxlen: 24
185.53.141.0/24 maxlen: 24
185.53.142.0/24 maxlen: 24
185.53.140.0/24 maxlen: 24
185.53.140.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:9b:e3:07:15:f0:02:b1:02:0f:1c:05:da:61:ce:5a:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=293e0cd8b3e044edb823aef688aafb0b75de8675
Validity
Not Before: Aug 14 10:25:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ef6659d1a2f009be33da2139e43842f45622dbfc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:eb:a0:ca:d9:3f:b6:e0:ce:12:d4:7c:09:24:
34:31:8c:e7:d0:d4:d8:d9:bd:2b:b3:17:34:62:17:
f8:01:8a:c4:7a:16:f8:7a:aa:12:fc:11:ab:6e:f8:
d4:df:35:04:2c:de:8f:12:72:45:38:c4:49:57:f0:
a7:a8:c6:e7:ce:02:00:6f:61:60:63:ef:bf:9a:9e:
bf:6a:ad:f3:e1:f5:58:38:3d:82:d4:a1:45:9d:69:
44:02:8e:64:2c:25:47:07:90:0c:73:2c:da:2c:99:
b9:09:2d:5d:dc:12:75:a0:11:7b:57:b9:79:5d:f9:
01:ac:49:6a:3c:03:2b:1e:a0:d3:51:22:91:4b:15:
75:05:34:68:bc:42:55:e5:16:cc:c8:7b:83:bb:48:
5f:55:0a:90:51:e6:a8:2d:62:be:4f:9a:e4:85:45:
7e:3c:86:93:6e:1d:c3:4e:21:37:60:70:5e:88:3c:
71:34:8e:22:7e:68:61:10:25:5f:ad:0e:0b:b6:66:
14:94:d0:40:a5:ec:bd:89:d7:c6:10:20:17:08:f0:
60:1d:37:41:b9:b8:3c:64:66:f8:24:38:1a:5f:e9:
99:f7:47:ac:1b:2f:49:da:03:6f:6b:08:f6:c8:ef:
17:5c:5d:67:27:3b:15:dd:40:29:73:2c:9d:aa:bf:
e4:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:66:59:D1:A2:F0:09:BE:33:DA:21:39:E4:38:42:F4:56:22:DB:FC
X509v3 Authority Key Identifier:
keyid:29:3E:0C:D8:B3:E0:44:ED:B8:23:AE:F6:88:AA:FB:0B:75:DE:86:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KT4M2LPgRO24I672iKr7C3XehnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/6da1c2-252d-4bd2-b56c-bb217cc3b78d/1/72ZZ0aLwCb4z2iE55DhC9FYi2_w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/6da1c2-252d-4bd2-b56c-bb217cc3b78d/1/KT4M2LPgRO24I672iKr7C3XehnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.36.0/22
185.53.140.0/22
185.126.202.0/24
Signature Algorithm: sha256WithRSAEncryption
22:7b:71:cd:87:cb:01:f1:cc:c3:d4:1e:7f:52:df:e9:73:ac:
ce:89:1c:88:83:f7:12:72:68:df:89:e3:e0:07:36:b4:93:ce:
69:ab:11:37:7a:ab:c9:03:f5:5b:da:ed:c0:84:cb:5a:5a:2a:
0c:4a:a0:2f:8d:81:4f:0e:2c:4a:95:e5:56:d8:6c:23:8e:be:
9f:ca:07:b0:5c:5f:e3:50:d4:0e:52:9d:e1:11:44:3f:5e:66:
59:b2:60:82:59:0b:f2:c9:51:56:7c:79:11:9d:7d:73:5c:54:
4b:64:10:57:ee:ad:5a:8e:bf:c6:69:64:fc:30:9f:5b:0b:65:
71:bc:e3:65:ce:c3:4d:a1:30:f3:6b:22:5d:4b:a2:da:d3:4d:
30:65:75:e1:ee:d5:05:78:8d:20:fe:9c:35:b9:e4:8e:12:84:
78:0c:7d:73:29:48:89:cd:ad:2a:af:b2:c3:85:07:33:8b:e4:
0e:88:19:de:14:8a:e9:46:37:e7:fc:93:a8:9f:10:9d:4a:77:
d0:2d:00:d4:62:11:9e:d2:cd:ba:82:0f:1e:24:b7:36:ef:23:
f5:c4:9e:c7:ee:56:e8:e5:63:37:c7:9d:b3:f9:c9:b3:c5:17:
fb:61:3d:e4:e4:c5:9a:29:5d:d8:af:a7:9c:f0:7f:a3:8c:d3:
e6:94:c3:0f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYKb4wcV8AKxAg8cBdphzlrxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5M2UwY2Q4YjNlMDQ0ZWRiODIzYWVmNjg4YWFmYjBiNzVk
ZTg2NzUwHhcNMjIwODE0MTAyNTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjY2NTlkMWEyZjAwOWJlMzNkYTIxMzllNDM4NDJmNDU2MjJkYmZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi+ugytk/tuDOEtR8CSQ0MYzn0NTY
2b0rsxc0Yhf4AYrEehb4eqoS/BGrbvjU3zUELN6PEnJFOMRJV/CnqMbnzgIAb2Fg
Y++/mp6/aq3z4fVYOD2C1KFFnWlEAo5kLCVHB5AMcyzaLJm5CS1d3BJ1oBF7V7l5
XfkBrElqPAMrHqDTUSKRSxV1BTRovEJV5RbMyHuDu0hfVQqQUeaoLWK+T5rkhUV+
PIaTbh3DTiE3YHBeiDxxNI4ifmhhECVfrQ4LtmYUlNBApey9idfGECAXCPBgHTdB
ubg8ZGb4JDgaX+mZ90esGy9J2gNvawj2yO8XXF1nJzsV3UApcyydqr/k4wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFO9mWdGi8Am+M9ohOeQ4QvRWItv8MB8GA1UdIwQY
MBaAFCk+DNiz4ETtuCOu9oiq+wt13oZ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1Q0TTJMUGdSTzI0STY3MmlLcjdDM1hlaG5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC82ZGExYzItMjUyZC00YmQyLWI1NmMt
YmIyMTdjYzNiNzhkLzEvNzJaWjBhTHdDYjR6MmlFNTVEaEM5RllpMl93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC82ZGExYzItMjUyZC00YmQyLWI1NmMtYmIyMTdjYzNiNzhk
LzEvS1Q0TTJMUGdSTzI0STY3MmlLcjdDM1hlaG5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLYEkAwQC
uTWMAwQAuX7KMA0GCSqGSIb3DQEBCwUAA4IBAQAie3HNh8sB8czD1B5/Ut/pc6zO
iRyIg/cScmjfiePgBza0k85pqxE3eqvJA/Vb2u3AhMtaWioMSqAvjYFPDixKleVW
2Gwjjr6fygewXF/jUNQOUp3hEUQ/XmZZsmCCWQvyyVFWfHkRnX1zXFRLZBBX7q1a
jr/GaWT8MJ9bC2VxvONlzsNNoTDzayJdS6La000wZXXh7tUFeI0g/pw1ueSOEoR4
DH1zKUiJza0qr7LDhQczi+QOiBneFIrpRjfn/JOonxCdSnfQLQDUYhGe0s26gg8e
JLc27yP1xJ7H7lbo5WM3x52z+cmzxRf7YT3k5MWaKV3Yr6ec8H+jjNPmlMMP
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:23 2024 by rpki-client on console-fra.rpki-client.org