Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/asgIquFzZ2QWEn9pF5YOpDlFk68.roa
File: asgIquFzZ2QWEn9pF5YOpDlFk68.roa (raw, json)
Hash identifier: MNRN9aVsvS9nD9USKVymRcr/jOtWVk63etCQy5UKOe4=
Subject key identifier: 6A:C8:08:AA:E1:73:67:64:16:12:7F:69:17:96:0E:A4:39:45:93:AF
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 147450CF
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/asgIquFzZ2QWEn9pF5YOpDlFk68.roa
Signing time: Tue 05 Apr 2022 13:19:09 +0000
ROA not before: Tue 05 Apr 2022 13:19:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48024
IP address blocks: 178.173.224.0/19 maxlen: 24
91.132.57.0/24 maxlen: 24
213.173.32.0/22 maxlen: 24
45.139.6.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 343167183 (0x147450cf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Apr 5 13:19:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6ac808aae173676416127f6917960ea4394593af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:43:c2:cb:ed:ce:05:d0:43:1b:2b:ed:fd:4a:
82:00:3c:e6:32:a0:ef:4f:eb:a5:78:e1:a6:e1:83:
e2:13:93:74:50:23:bb:81:07:be:4b:d2:cd:41:fe:
c6:68:4e:0f:fe:97:81:ed:72:ac:96:6b:7e:9a:72:
68:13:7f:86:08:61:80:60:68:d5:a5:06:a7:b2:5d:
c4:9a:e6:e4:cb:fe:ac:b2:44:3d:ae:54:e0:f4:89:
36:97:7e:2f:99:ed:2b:43:25:95:2b:1c:c9:bb:fd:
ba:59:d5:08:3b:8b:d4:e3:21:28:25:15:cf:d3:31:
3c:d0:a8:50:80:9b:f9:08:f6:08:fd:8d:2a:50:7d:
52:6b:7f:12:1e:bc:2f:d0:8f:56:7d:7c:ae:18:28:
ad:72:a5:95:d1:a4:cb:f6:35:61:96:0c:a0:06:2f:
58:bb:ce:e0:6a:7d:e5:47:59:a6:b4:1f:de:12:04:
f7:02:d0:5d:cf:a2:0b:b5:fa:d5:cf:cf:d0:b6:3f:
30:04:2b:08:c8:45:ef:ac:a9:b1:bc:50:64:31:90:
b0:23:ef:f6:ef:6f:af:2e:39:ed:54:b6:a1:34:0f:
b7:f5:b1:98:a0:7a:68:bc:49:6b:a7:ea:16:33:d1:
b6:c9:05:c2:56:d5:83:ad:22:ea:29:08:0e:53:71:
e7:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:C8:08:AA:E1:73:67:64:16:12:7F:69:17:96:0E:A4:39:45:93:AF
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/asgIquFzZ2QWEn9pF5YOpDlFk68.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.6.0/23
91.132.57.0/24
178.173.224.0/19
213.173.32.0/22
Signature Algorithm: sha256WithRSAEncryption
13:8e:1c:06:57:a0:57:7f:2f:07:da:6c:69:ac:36:d0:ac:16:
ff:7c:82:7f:bc:f5:2d:46:1b:3b:f8:c1:df:1c:52:32:6f:20:
b6:89:94:19:6d:fd:f6:50:e0:03:e7:aa:28:09:ca:5a:c2:09:
b7:00:c9:7a:d3:c8:10:e5:ae:32:f9:13:33:f7:0b:5b:4d:61:
79:00:1f:0b:25:c1:34:0f:42:90:2b:de:3c:86:1f:8f:e0:d4:
1a:ff:d0:c9:ee:a3:51:d6:27:2a:21:da:9c:6f:13:5c:e7:82:
8d:ab:c7:a9:74:e1:98:54:68:e5:70:90:30:24:48:5a:35:25:
c1:70:91:5d:4e:16:b6:0d:37:57:17:3d:4f:0d:b3:83:52:21:
3d:e9:e7:1c:1b:da:1c:bd:13:64:da:b1:7f:3c:77:b0:f3:d3:
f8:d8:83:72:6d:81:3c:de:0a:8b:9a:ac:d5:e1:48:f3:fe:df:
25:44:1f:71:b1:e3:26:50:0b:84:19:be:40:cb:c4:9e:97:c8:
10:39:23:d4:25:9f:44:82:21:2d:ae:de:b0:02:3b:8f:78:ff:
5b:cb:c0:b1:40:5c:a3:4e:d4:13:9f:74:ee:f2:7d:b0:ae:21:
62:4e:f9:a0:a2:8d:4d:0e:18:7b:e9:82:b6:7c:aa:6b:17:02:
d5:23:6e:dd
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEFHRQzzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
YWMzZGFhMWIxNDg1MGYyZTYxYzU5MmIyMTkxOTE1YTVlNjVhNDc4MB4XDTIyMDQw
NTEzMTkwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmFjODA4YWFlMTcz
Njc2NDE2MTI3ZjY5MTc5NjBlYTQzOTQ1OTNhZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKdDwsvtzgXQQxsr7f1KggA85jKg70/rpXjhpuGD4hOTdFAj
u4EHvkvSzUH+xmhOD/6Xge1yrJZrfppyaBN/hghhgGBo1aUGp7JdxJrm5Mv+rLJE
Pa5U4PSJNpd+L5ntK0MllSscybv9ulnVCDuL1OMhKCUVz9MxPNCoUICb+Qj2CP2N
KlB9Umt/Eh68L9CPVn18rhgorXKlldGky/Y1YZYMoAYvWLvO4Gp95UdZprQf3hIE
9wLQXc+iC7X61c/P0LY/MAQrCMhF76ypsbxQZDGQsCPv9u9vry457VS2oTQPt/Wx
mKB6aLxJa6fqFjPRtskFwlbVg60i6ikIDlNx53ECAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBRqyAiq4XNnZBYSf2kXlg6kOUWTrzAfBgNVHSMEGDAWgBQqw9qhsUhQ8uYc
WSshkZFaXmWkeDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tzUGFvYkZJVVBMbUhGa3JJWkdSV2w1bHBIZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzAvNDA1YmJkLTU5MTMtNGU5NS04ZTc1LWZlMDY1OTE3NmE1Ni8x
L2FzZ0lxdUZ6WjJRV0VuOXBGNVlPcERsRms2OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzAv
NDA1YmJkLTU5MTMtNGU5NS04ZTc1LWZlMDY1OTE3NmE1Ni8xL0tzUGFvYkZJVVBM
bUhGa3JJWkdSV2w1bHBIZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAS2LBgMEAFuEOQMEBbKt4AMEAtWt
IDANBgkqhkiG9w0BAQsFAAOCAQEAE44cBlegV38vB9psaaw20KwW/3yCf7z1LUYb
O/jB3xxSMm8gtomUGW399lDgA+eqKAnKWsIJtwDJetPIEOWuMvkTM/cLW01heQAf
CyXBNA9CkCvePIYfj+DUGv/Qye6jUdYnKiHanG8TXOeCjavHqXThmFRo5XCQMCRI
WjUlwXCRXU4Wtg03Vxc9Tw2zg1IhPennHBvaHL0TZNqxfzx3sPPT+NiDcm2BPN4K
i5qs1eFI8/7fJUQfcbHjJlALhBm+QMvEnpfIEDkj1CWfRIIhLa7esAI7j3j/W8vA
sUBco07UE5907vJ9sK4hYk75oKKNTQ4Ye+mCtnyqaxcC1SNu3Q==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:45 2023 by rpki-client on console-fra.rpki-client.org