Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/Aj3ar5vgk96KOgpxDu9TvCqY2Yw.roa
File: Aj3ar5vgk96KOgpxDu9TvCqY2Yw.roa (raw, json)
Hash identifier: 5JiCejYh/P7nh1fXF4JMSLXLuAFRVLh/b/g3Cdwa9Vo=
Subject key identifier: 02:3D:DA:AF:9B:E0:93:DE:8A:3A:0A:71:0E:EF:53:BC:2A:98:D9:8C
Certificate issuer: /CN=8e1c11658d2041eaf2502fe5408ed493bbd4f318
Certificate serial: 011AB5CB
Authority key identifier: 8E:1C:11:65:8D:20:41:EA:F2:50:2F:E5:40:8E:D4:93:BB:D4:F3:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/Aj3ar5vgk96KOgpxDu9TvCqY2Yw.roa
Signing time: Sat 01 Jan 2022 06:03:51 +0000
ROA not before: Sat 01 Jan 2022 06:03:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39855
IP address blocks: 91.212.20.0/24 maxlen: 24
91.212.27.0/24 maxlen: 24
193.39.246.0/24 maxlen: 24
45.13.108.0/22 maxlen: 24
195.80.230.0/23 maxlen: 24
45.133.140.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18527691 (0x11ab5cb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e1c11658d2041eaf2502fe5408ed493bbd4f318
Validity
Not Before: Jan 1 06:03:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=023ddaaf9be093de8a3a0a710eef53bc2a98d98c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:e8:ad:b9:0c:6f:50:1b:7a:6d:56:d5:6d:1e:
17:bf:04:fe:e7:17:91:da:81:69:ee:b6:9a:7e:3e:
22:0e:df:c3:7c:9b:f6:4a:1d:2b:9f:b1:90:53:97:
94:0d:10:1a:e7:52:79:e2:5d:c4:37:e3:77:fc:dc:
6b:de:bb:d2:77:e4:21:b5:c7:0a:c8:f0:96:40:5c:
58:73:dc:0b:3c:37:d6:de:52:30:49:bf:ac:e1:c0:
61:3c:33:0c:d2:c1:92:a5:a7:5a:a5:2e:e9:8b:3a:
0b:e5:bd:9d:59:88:e0:64:bc:a3:e8:c1:42:30:6c:
be:02:85:a1:ea:4a:f1:ab:57:1c:54:30:08:4a:ee:
eb:dc:db:e1:75:a6:31:dc:88:c1:db:f6:5c:a5:2a:
c0:54:b1:5d:7b:bf:8a:0d:9d:86:a9:0a:8a:10:f5:
b0:66:5e:aa:a1:72:1a:c7:16:6b:47:bb:16:6a:60:
5c:98:0f:b7:13:34:3f:3a:5f:55:22:82:89:bf:41:
55:b2:a7:bd:fb:ee:f2:d6:56:45:4c:40:ae:4d:bc:
da:07:98:18:fe:46:21:d9:1f:6a:96:dc:e0:bc:5f:
99:b8:5e:3b:0b:fd:58:36:07:2c:16:07:04:65:d9:
6e:7e:bb:8e:35:e3:48:4e:06:29:8b:3b:35:b1:6b:
bf:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:3D:DA:AF:9B:E0:93:DE:8A:3A:0A:71:0E:EF:53:BC:2A:98:D9:8C
X509v3 Authority Key Identifier:
keyid:8E:1C:11:65:8D:20:41:EA:F2:50:2F:E5:40:8E:D4:93:BB:D4:F3:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/Aj3ar5vgk96KOgpxDu9TvCqY2Yw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/jhwRZY0gQeryUC_lQI7Uk7vU8xg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.108.0/22
45.133.140.0/22
91.212.20.0/24
91.212.27.0/24
193.39.246.0/24
195.80.230.0/23
Signature Algorithm: sha256WithRSAEncryption
32:ca:44:60:41:da:d8:c4:13:04:0d:f2:11:0c:36:1f:2d:94:
90:ba:0b:dd:ec:9d:a4:1f:0b:70:52:21:f2:d4:a6:8c:f5:35:
83:d0:f2:70:0f:bd:4b:ca:f3:fa:86:81:b5:a1:dc:06:a9:a0:
0d:f1:f5:b0:ba:16:97:56:38:ca:94:a0:39:76:a7:38:f8:e1:
43:17:ee:24:15:17:56:eb:c6:8e:f0:eb:4f:4e:de:86:c6:f1:
31:a6:39:b3:ab:a0:78:03:c6:71:9e:90:82:93:15:d7:90:aa:
b6:af:64:9f:2f:0d:0c:a5:b0:c7:33:45:ec:87:bd:2c:94:30:
ec:d6:6e:23:07:93:f7:a5:5c:2a:3a:0c:0e:b7:0a:71:49:1a:
c3:a0:64:45:25:78:2e:7f:84:84:6b:e8:2d:84:2f:78:5c:6d:
a0:31:be:6f:8c:ab:d6:85:48:3d:ed:b7:00:09:7a:29:9f:11:
05:e9:e7:b4:d3:82:f1:f0:79:7e:43:1f:93:75:0a:b3:c9:f1:
d5:82:75:f1:98:e8:77:5e:a3:8c:dc:fb:40:46:90:78:55:79:
37:8d:7e:7f:40:fe:7d:ac:cd:86:ae:82:c6:14:a8:06:2f:07:
f2:0c:d3:93:3a:ce:df:8c:28:0b:22:72:63:7d:82:5c:93:e6:
1a:6e:fd:7b
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIEARq1yzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ZTFjMTE2NThkMjA0MWVhZjI1MDJmZTU0MDhlZDQ5M2JiZDRmMzE4MB4XDTIyMDEw
MTA2MDM1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDIzZGRhYWY5YmUw
OTNkZThhM2EwYTcxMGVlZjUzYmMyYTk4ZDk4YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANDorbkMb1Abem1W1W0eF78E/ucXkdqBae62mn4+Ig7fw3yb
9kodK5+xkFOXlA0QGudSeeJdxDfjd/zca9670nfkIbXHCsjwlkBcWHPcCzw31t5S
MEm/rOHAYTwzDNLBkqWnWqUu6Ys6C+W9nVmI4GS8o+jBQjBsvgKFoepK8atXHFQw
CEru69zb4XWmMdyIwdv2XKUqwFSxXXu/ig2dhqkKihD1sGZeqqFyGscWa0e7Fmpg
XJgPtxM0PzpfVSKCib9BVbKnvfvu8tZWRUxArk282geYGP5GIdkfapbc4Lxfmbhe
Owv9WDYHLBYHBGXZbn67jjXjSE4GKYs7NbFrv/8CAwEAAaOCAicwggIjMB0GA1Ud
DgQWBBQCPdqvm+CT3oo6CnEO71O8KpjZjDAfBgNVHSMEGDAWgBSOHBFljSBB6vJQ
L+VAjtSTu9TzGDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2pod1JaWTBnUWVyeVVDX2xRSTdVazd2VTh4Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjIvNzBiZjhiLWQ4YzQtNDBjMy05MDIyLTYzMzQ4Y2RiZjAyNC8x
L0FqM2FyNXZnazk2S09ncHhEdTlUdkNxWTJZdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjIv
NzBiZjhiLWQ4YzQtNDBjMy05MDIyLTYzMzQ4Y2RiZjAyNC8xL2pod1JaWTBnUWVy
eVVDX2xRSTdVazd2VTh4Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9
BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEAi0NbAMEAi2FjAMEAFvUFAMEAFvU
GwMEAMEn9gMEAcNQ5jANBgkqhkiG9w0BAQsFAAOCAQEAMspEYEHa2MQTBA3yEQw2
Hy2UkLoL3eydpB8LcFIh8tSmjPU1g9DycA+9S8rz+oaBtaHcBqmgDfH1sLoWl1Y4
ypSgOXanOPjhQxfuJBUXVuvGjvDrT07ehsbxMaY5s6ugeAPGcZ6QgpMV15Cqtq9k
ny8NDKWwxzNF7Ie9LJQw7NZuIweT96VcKjoMDrcKcUkaw6BkRSV4Ln+EhGvoLYQv
eFxtoDG+b4yr1oVIPe23AAl6KZ8RBenntNOC8fB5fkMfk3UKs8nx1YJ18Zjod16j
jNz7QEaQeFV5N41+f0D+fazNhq6CxhSoBi8H8gzTkzrO34woCyJyY32CXJPmGm79
ew==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:02 2023 by rpki-client on console-fra.rpki-client.org