Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/PkWyIh9pSP1geyAG9PEMXhgyMpQ.roa
File: PkWyIh9pSP1geyAG9PEMXhgyMpQ.roa (raw, json)
Hash identifier: 3VPSaSchNvxDznsTU9wTZSnzwhYn+DnmJhNKjtmlJuo=
Subject key identifier: 3E:45:B2:22:1F:69:48:FD:60:7B:20:06:F4:F1:0C:5E:18:32:32:94
Certificate issuer: /CN=1773db17795d2bf1b4b5345c5b29390dbaf4523e
Certificate serial: 39EE1263
Authority key identifier: 17:73:DB:17:79:5D:2B:F1:B4:B5:34:5C:5B:29:39:0D:BA:F4:52:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/PkWyIh9pSP1geyAG9PEMXhgyMpQ.roa
Signing time: Fri 22 Apr 2022 14:49:33 +0000
ROA not before: Fri 22 Apr 2022 14:49:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1103
IP address blocks: 145.97.16.0/22 maxlen: 22
145.97.20.0/22 maxlen: 22
145.97.24.0/21 maxlen: 21
145.124.0.0/15 maxlen: 15
145.23.0.0/19 maxlen: 19
145.23.0.0/16 maxlen: 16
145.97.48.0/20 maxlen: 20
194.171.0.0/16 maxlen: 16
145.107.0.0/16 maxlen: 22
145.33.0.0/16 maxlen: 16
145.20.0.0/16 maxlen: 16
145.97.128.0/18 maxlen: 18
145.138.0.0/16 maxlen: 16
145.74.0.0/15 maxlen: 15
145.37.0.0/16 maxlen: 16
145.144.0.0/12 maxlen: 12
145.97.64.0/18 maxlen: 18
145.76.0.0/16 maxlen: 16
145.116.128.0/18 maxlen: 18
145.103.0.0/16 maxlen: 16
145.140.0.0/14 maxlen: 14
145.2.0.0/15 maxlen: 15
145.109.128.0/17 maxlen: 17
145.96.0.0/16 maxlen: 16
145.116.64.0/18 maxlen: 18
145.116.224.0/19 maxlen: 19
145.127.0.0/17 maxlen: 17
145.100.0.0/15 maxlen: 15
145.90.0.0/16 maxlen: 16
145.90.10.0/23 maxlen: 23
145.117.0.0/16 maxlen: 16
145.19.0.0/16 maxlen: 16
145.116.192.0/20 maxlen: 20
145.120.0.0/14 maxlen: 14
145.9.0.0/16 maxlen: 16
145.28.0.0/15 maxlen: 15
145.92.0.0/15 maxlen: 15
145.146.0.0/16 maxlen: 25
145.48.0.0/15 maxlen: 15
145.102.0.0/16 maxlen: 16
145.38.0.0/15 maxlen: 15
145.116.0.0/20 maxlen: 20
145.52.0.0/16 maxlen: 16
145.116.16.0/21 maxlen: 21
145.116.24.0/21 maxlen: 21
145.136.0.0/15 maxlen: 15
145.126.0.0/16 maxlen: 16
145.108.0.0/16 maxlen: 16
145.44.0.0/16 maxlen: 16
145.98.0.0/16 maxlen: 16
145.0.0.0/16 maxlen: 16
145.97.192.0/18 maxlen: 18
145.91.0.0/16 maxlen: 16
145.118.0.0/16 maxlen: 16
145.81.0.0/16 maxlen: 16
145.95.0.0/16 maxlen: 16
145.24.0.0/16 maxlen: 16
145.88.0.0/15 maxlen: 15
145.51.0.0/16 maxlen: 16
195.169.0.0/16 maxlen: 16
2001:610::/29 maxlen: 29
2001:610:130::/48 maxlen: 64
2001:610::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 971903587 (0x39ee1263)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1773db17795d2bf1b4b5345c5b29390dbaf4523e
Validity
Not Before: Apr 22 14:49:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3e45b2221f6948fd607b2006f4f10c5e18323294
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:0d:80:7b:4a:83:10:53:a0:b6:3b:f0:4b:c0:
fb:80:2d:0f:09:7c:0c:89:31:a2:38:7b:b0:c4:f4:
91:e3:7c:09:15:08:4f:bd:d5:c9:d3:88:58:da:de:
ab:b9:85:5f:8c:f4:57:f0:2b:dc:92:17:c9:47:17:
64:85:c3:70:45:64:9b:1f:b0:40:0b:65:b6:7d:67:
25:8a:f9:e3:98:90:51:08:45:6b:15:4c:61:e1:ae:
af:c0:65:47:5f:01:08:8d:9f:4d:f9:5d:a8:fc:93:
79:2b:ec:95:8f:2b:74:6a:2a:db:04:5b:3b:ab:91:
04:bb:bf:34:97:07:cd:7f:1e:e1:45:91:f7:db:b9:
51:cf:4f:e6:b5:d0:16:3c:3c:18:5f:bd:e6:93:d7:
01:e8:13:27:89:53:90:0e:49:fc:23:ab:de:90:aa:
92:a6:91:bf:15:10:9c:24:d6:22:be:25:5a:a5:23:
e5:76:aa:97:71:ec:cd:95:52:63:b4:9b:9b:3b:b4:
83:5f:e0:8c:98:69:df:28:9f:70:b6:ae:66:98:6a:
0e:72:63:d1:3d:21:39:e3:1b:b4:03:c3:3c:2b:e9:
df:7c:c1:a9:46:b5:ed:e2:22:ec:eb:cd:b4:c3:c2:
cd:51:ed:39:f5:29:09:f1:19:3c:14:a4:02:47:4d:
50:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:45:B2:22:1F:69:48:FD:60:7B:20:06:F4:F1:0C:5E:18:32:32:94
X509v3 Authority Key Identifier:
keyid:17:73:DB:17:79:5D:2B:F1:B4:B5:34:5C:5B:29:39:0D:BA:F4:52:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/PkWyIh9pSP1geyAG9PEMXhgyMpQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.0.0.0/16
145.2.0.0/15
145.9.0.0/16
145.19.0.0-145.20.255.255
145.23.0.0-145.24.255.255
145.28.0.0/15
145.33.0.0/16
145.37.0.0-145.39.255.255
145.44.0.0/16
145.48.0.0/15
145.51.0.0-145.52.255.255
145.74.0.0-145.76.255.255
145.81.0.0/16
145.88.0.0-145.93.255.255
145.95.0.0-145.96.255.255
145.97.16.0/20
145.97.48.0-145.98.255.255
145.100.0.0/14
145.107.0.0-145.108.255.255
145.109.128.0/17
145.116.0.0/19
145.116.64.0-145.116.207.255
145.116.224.0-145.118.255.255
145.120.0.0-145.127.127.255
145.136.0.0-145.138.255.255
145.140.0.0-145.159.255.255
194.171.0.0/16
195.169.0.0/16
IPv6:
2001:610::/29
Signature Algorithm: sha256WithRSAEncryption
7e:be:cf:8a:a4:b1:90:47:3a:c7:da:8c:26:17:a2:66:dc:6a:
96:77:3e:a2:e6:22:a4:98:4b:d6:44:0c:ae:47:b9:8a:d0:b0:
c5:7e:20:d1:b0:7e:83:94:b4:3a:0c:4c:91:a6:7f:6b:5a:a5:
48:29:ba:27:12:60:91:5e:fe:26:8b:7d:5b:81:6e:29:3a:97:
b5:c4:b1:97:4e:99:8b:c4:db:a7:16:6c:5f:be:ed:fc:26:97:
6b:79:81:40:c0:bd:9a:c3:1b:44:d0:a3:dc:99:8c:9f:95:a2:
20:6e:02:45:3b:fb:bc:11:98:fc:c9:16:e3:68:1c:9a:dc:79:
39:dc:58:07:3d:22:9a:5f:42:a9:35:e8:48:8a:62:3a:7d:25:
3a:33:35:aa:39:41:55:84:4b:c6:a0:a4:98:fa:24:da:ae:3c:
62:d4:d9:9d:7f:d8:41:38:5f:af:6a:5c:67:47:41:95:ae:81:
54:e9:98:80:5f:3b:af:c7:fc:67:56:ed:2e:26:b4:72:cf:8e:
f7:cf:ef:d4:0d:0b:62:2a:a7:73:f3:50:9c:1b:7d:4b:f9:05:
17:ed:4d:f5:22:40:5b:6b:0c:0c:bd:1b:6e:ac:93:bf:a1:ab:
f5:10:d8:17:8c:be:6e:a1:b9:f6:b1:c4:d6:01:34:f8:33:18:
b9:6f:eb:e6
-----BEGIN CERTIFICATE-----
MIIF9jCCBN6gAwIBAgIEOe4SYzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
NzczZGIxNzc5NWQyYmYxYjRiNTM0NWM1YjI5MzkwZGJhZjQ1MjNlMB4XDTIyMDQy
MjE0NDkzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2U0NWIyMjIxZjY5
NDhmZDYwN2IyMDA2ZjRmMTBjNWUxODMyMzI5NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL8NgHtKgxBToLY78EvA+4AtDwl8DIkxojh7sMT0keN8CRUI
T73VydOIWNreq7mFX4z0V/Ar3JIXyUcXZIXDcEVkmx+wQAtltn1nJYr545iQUQhF
axVMYeGur8BlR18BCI2fTfldqPyTeSvslY8rdGoq2wRbO6uRBLu/NJcHzX8e4UWR
99u5Uc9P5rXQFjw8GF+95pPXAegTJ4lTkA5J/COr3pCqkqaRvxUQnCTWIr4lWqUj
5Xaql3HszZVSY7Sbmzu0g1/gjJhp3yifcLauZphqDnJj0T0hOeMbtAPDPCvp33zB
qUa17eIi7OvNtMPCzVHtOfUpCfEZPBSkAkdNUOMCAwEAAaOCAxAwggMMMB0GA1Ud
DgQWBBQ+RbIiH2lI/WB7IAb08QxeGDIylDAfBgNVHSMEGDAWgBQXc9sXeV0r8bS1
NFxbKTkNuvRSPjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0YzUGJGM2xkS19HMHRUUmNXeWs1RGJyMFVqNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmQvZjc3Y2JkLTg5M2ItNDYxNi05ZDc2LTU0ODYxZjIzMjQ5ZC8x
L1BrV3lJaDlwU1AxZ2V5QUc5UEVNWGhneU1wUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmQv
Zjc3Y2JkLTg5M2ItNDYxNi05ZDc2LTU0ODYxZjIzMjQ5ZC8xL0YzUGJGM2xkS19H
MHRUUmNXeWs1RGJyMFVqNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
ASQGCCsGAQUFBwEHAQH/BIIBEzCCAQ8wgf0EAgABMIH2AwMAkQADAwGRAgMDAJEJ
MAoDAwCREwMDAJEUMAoDAwCRFwMDAJEYAwMBkRwDAwCRITAKAwMAkSUDAwORIAMD
AJEsAwMBkTAwCgMDAJEzAwMAkTQwCgMDAZFKAwMAkUwDAwCRUTAKAwMDkVgDAwGR
XDAKAwMAkV8DAwCRYAMEBJFhEDALAwQEkWEwAwMAkWIDAwKRZDAKAwMAkWsDAwCR
bAMEB5FtgAMEBZF0ADAMAwQGkXRAAwQEkXTAMAsDBAWRdOADAwCRdjALAwMDkXgD
BAeRfwAwCgMDA5GIAwMAkYowCgMDApGMAwMFkYADAwDCqwMDAMOpMA0EAgACMAcD
BQMgAQYQMA0GCSqGSIb3DQEBCwUAA4IBAQB+vs+KpLGQRzrH2owmF6Jm3GqWdz6i
5iKkmEvWRAyuR7mK0LDFfiDRsH6DlLQ6DEyRpn9rWqVIKbonEmCRXv4mi31bgW4p
Ope1xLGXTpmLxNunFmxfvu38JpdreYFAwL2awxtE0KPcmYyflaIgbgJFO/u8EZj8
yRbjaBya3Hk53FgHPSKaX0KpNehIimI6fSU6MzWqOUFVhEvGoKSY+iTarjxi1Nmd
f9hBOF+valxnR0GVroFU6ZiAXzuvx/xnVu0uJrRyz473z+/UDQtiKqdz81CcG31L
+QUX7U31IkBbawwMvRturJO/oav1ENgXjL5uobn2scTWATT4Mxi5b+vm
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:44 2024 by rpki-client on console-ams.rpki-client.org