Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/sgEE7ZAfHFysXg1nPcaBJjzpBwM.roa
File: sgEE7ZAfHFysXg1nPcaBJjzpBwM.roa (raw, json)
Hash identifier: W1/M97GuY89WZz73rQfwG1EkodNvhJtgSKDtGfSA/YQ=
Subject key identifier: B2:01:04:ED:90:1F:1C:5C:AC:5E:0D:67:3D:C6:81:26:3C:E9:07:03
Certificate issuer: /CN=1f4738389cb3b998ec4fa6d4272f8dd799fbc4a9
Certificate serial: 01852A37EB1410F1C964050C9D6C96BD605E
Authority key identifier: 1F:47:38:38:9C:B3:B9:98:EC:4F:A6:D4:27:2F:8D:D7:99:FB:C4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/sgEE7ZAfHFysXg1nPcaBJjzpBwM.roa
Signing time: Mon 19 Dec 2022 11:49:45 +0000
ROA not before: Mon 19 Dec 2022 11:49:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 834
IP address blocks: 91.213.174.0/24 maxlen: 24
91.213.189.0/24 maxlen: 24
91.213.200.0/24 maxlen: 24
91.208.104.0/24 maxlen: 24
91.216.215.0/24 maxlen: 24
91.208.109.0/24 maxlen: 24
45.150.197.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:2a:37:eb:14:10:f1:c9:64:05:0c:9d:6c:96:bd:60:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f4738389cb3b998ec4fa6d4272f8dd799fbc4a9
Validity
Not Before: Dec 19 11:49:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b20104ed901f1c5cac5e0d673dc681263ce90703
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:05:2c:1f:1e:ef:e6:31:f4:f7:0b:67:26:8e:
a6:52:5e:53:40:99:e6:2e:11:e3:80:0c:f2:ea:9a:
4e:c9:b3:6b:f5:6a:2e:27:1e:bc:3a:40:39:bb:32:
a3:94:bd:39:18:de:b9:b2:1c:57:2a:69:8e:5a:1b:
b3:bb:1a:00:77:98:70:b3:8a:c2:54:3d:f8:26:c9:
ef:b6:f4:80:c2:fa:14:91:75:d7:a6:7b:ef:83:17:
d2:0c:fb:41:50:ee:84:ea:fc:c6:a9:5f:4d:55:a1:
c4:3b:8c:2d:7e:c1:71:0e:5f:e4:e1:dd:51:33:a0:
0a:7e:f7:ab:0d:ea:dd:a5:d8:fc:09:5b:18:2e:a7:
19:28:41:9b:fc:8d:66:b7:ca:2c:d4:f1:58:fa:6b:
5a:cd:5f:86:f5:19:67:03:df:f5:85:3f:c9:de:d4:
3f:c6:4c:13:57:6e:c8:a5:cd:95:6a:8c:80:15:ef:
90:ba:ad:f2:1c:33:38:f5:93:5d:1e:91:a8:80:a2:
71:81:1c:ba:f8:b0:05:f5:0b:5f:7f:d5:14:22:fd:
16:38:f7:97:ef:55:66:34:16:c1:cc:8c:88:a5:84:
e6:71:b1:91:0b:48:a9:ae:55:c2:66:c4:56:d4:a0:
fb:a8:94:dd:6c:8e:14:13:48:da:d2:62:ce:81:c1:
3c:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:01:04:ED:90:1F:1C:5C:AC:5E:0D:67:3D:C6:81:26:3C:E9:07:03
X509v3 Authority Key Identifier:
keyid:1F:47:38:38:9C:B3:B9:98:EC:4F:A6:D4:27:2F:8D:D7:99:FB:C4:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/sgEE7ZAfHFysXg1nPcaBJjzpBwM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/H0c4OJyzuZjsT6bUJy-N15n7xKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.150.197.0/24
91.208.104.0/24
91.208.109.0/24
91.213.174.0/24
91.213.189.0/24
91.213.200.0/24
91.216.215.0/24
Signature Algorithm: sha256WithRSAEncryption
36:26:4a:ae:6e:d5:41:c7:40:2e:1e:6e:15:c6:5b:4b:04:d8:
e9:d0:1e:8f:41:f2:e9:47:7c:58:9a:06:8f:05:84:c7:87:28:
13:2f:dc:d0:f6:b4:ae:fa:46:30:e5:2d:d2:cf:b2:02:cf:c1:
50:e3:5d:f3:b7:57:22:b7:69:a5:8a:c7:b7:ba:c4:d7:d9:d1:
7e:75:0e:0f:25:1f:7f:dd:ae:2f:20:7e:79:46:4e:27:5b:39:
b4:87:ae:1a:41:85:da:a1:77:c3:33:04:f3:43:90:d2:d1:b3:
18:d8:79:84:e4:65:46:e1:92:13:1b:32:4c:2a:a8:bb:71:59:
cf:84:d3:86:8a:14:7b:0f:bc:c7:74:96:42:a0:ea:b2:c3:f9:
bd:0e:fe:75:44:03:37:06:bf:59:6c:c3:82:0a:d4:4b:7b:37:
d6:68:22:73:0a:46:b2:72:f0:8f:77:27:c6:9f:df:15:37:59:
a0:61:2b:b1:83:7c:fa:d8:ef:bd:b3:d4:d4:04:83:a0:54:85:
7f:e0:b3:9c:72:31:35:13:88:b1:0e:a0:7f:38:3d:ee:30:81:
6d:88:6d:c9:35:86:b1:20:e2:10:69:a5:5b:6c:06:35:00:37:
fa:0e:fe:2a:f7:1e:77:99:f3:7e:36:1f:c5:3a:5d:cd:fa:0a:
74:e1:a0:b6
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYUqN+sUEPHJZAUMnWyWvWBeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNDczODM4OWNiM2I5OThlYzRmYTZkNDI3MmY4ZGQ3OTlm
YmM0YTkwHhcNMjIxMjE5MTE0OTQ1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjAxMDRlZDkwMWYxYzVjYWM1ZTBkNjczZGM2ODEyNjNjZTkwNzAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAygUsHx7v5jH09wtnJo6mUl5TQJnm
LhHjgAzy6ppOybNr9WouJx68OkA5uzKjlL05GN65shxXKmmOWhuzuxoAd5hws4rC
VD34JsnvtvSAwvoUkXXXpnvvgxfSDPtBUO6E6vzGqV9NVaHEO4wtfsFxDl/k4d1R
M6AKfverDerdpdj8CVsYLqcZKEGb/I1mt8os1PFY+mtazV+G9RlnA9/1hT/J3tQ/
xkwTV27Ipc2VaoyAFe+Quq3yHDM49ZNdHpGogKJxgRy6+LAF9Qtff9UUIv0WOPeX
71VmNBbBzIyIpYTmcbGRC0iprlXCZsRW1KD7qJTdbI4UE0ja0mLOgcE8+QIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFLIBBO2QHxxcrF4NZz3GgSY86QcDMB8GA1UdIwQY
MBaAFB9HODics7mY7E+m1CcvjdeZ+8SpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDBjNE9KeXp1WmpzVDZiVUp5LU4xNW43eEtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS81MTc2OTQtYzhhMS00NThiLTljZjIt
NmM3ZTU2ODU4OTBjLzEvc2dFRTdaQWZIRnlzWGcxblBjYUJKanpwQndNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS81MTc2OTQtYzhhMS00NThiLTljZjItNmM3ZTU2ODU4OTBj
LzEvSDBjNE9KeXp1WmpzVDZiVUp5LU4xNW43eEtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALZbFAwQA
W9BoAwQAW9BtAwQAW9WuAwQAW9W9AwQAW9XIAwQAW9jXMA0GCSqGSIb3DQEBCwUA
A4IBAQA2JkqubtVBx0AuHm4VxltLBNjp0B6PQfLpR3xYmgaPBYTHhygTL9zQ9rSu
+kYw5S3Sz7ICz8FQ413zt1cit2mlise3usTX2dF+dQ4PJR9/3a4vIH55Rk4nWzm0
h64aQYXaoXfDMwTzQ5DS0bMY2HmE5GVG4ZITGzJMKqi7cVnPhNOGihR7D7zHdJZC
oOqyw/m9Dv51RAM3Br9ZbMOCCtRLezfWaCJzCkaycvCPdyfGn98VN1mgYSuxg3z6
2O+9s9TUBIOgVIV/4LOccjE1E4ixDqB/OD3uMIFtiG3JNYaxIOIQaaVbbAY1ADf6
Dv4q9x53mfN+Nh/FOl3N+gp04aC2
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:39 2023 by rpki-client on console-ams.rpki-client.org