Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/f8bb1b-d6fd-49a1-9653-ff157bef0621/1/v0nbYok0zxFQYHp96us3TGZ-jf0.roa
File: v0nbYok0zxFQYHp96us3TGZ-jf0.roa (raw, json)
Hash identifier: B+5PlqyOITQPIKFf8wjRAq2xB4oi4m7DpcL3fhOi6oI=
Subject key identifier: BF:49:DB:62:89:34:CF:11:50:60:7A:7D:EA:EB:37:4C:66:7E:8D:FD
Certificate issuer: /CN=dd82de4f1304339fde527ba06033ca9e511171bd
Certificate serial: 058E37C6
Authority key identifier: DD:82:DE:4F:13:04:33:9F:DE:52:7B:A0:60:33:CA:9E:51:11:71:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3YLeTxMEM5_eUnugYDPKnlERcb0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/f8bb1b-d6fd-49a1-9653-ff157bef0621/1/v0nbYok0zxFQYHp96us3TGZ-jf0.roa
Signing time: Sat 01 Jan 2022 15:00:30 +0000
ROA not before: Sat 01 Jan 2022 15:00:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48551
IP address blocks: 195.114.4.0/24 maxlen: 24
195.114.5.0/24 maxlen: 24
195.114.9.0/24 maxlen: 24
195.114.8.0/24 maxlen: 24
45.159.196.0/24 maxlen: 24
45.159.197.0/24 maxlen: 24
45.159.199.0/24 maxlen: 24
45.159.198.0/24 maxlen: 24
185.236.37.0/24 maxlen: 24
185.236.36.0/24 maxlen: 24
185.236.39.0/24 maxlen: 24
157.119.190.0/24 maxlen: 24
157.119.190.0/23 maxlen: 23
157.119.191.0/24 maxlen: 24
157.119.188.0/24 maxlen: 24
45.94.252.0/24 maxlen: 24
103.216.63.0/24 maxlen: 24
103.216.62.0/24 maxlen: 24
103.216.60.0/24 maxlen: 24
103.216.61.0/24 maxlen: 24
45.94.255.0/24 maxlen: 24
45.94.254.0/24 maxlen: 24
185.86.182.0/24 maxlen: 24
185.86.181.0/24 maxlen: 24
185.86.180.0/24 maxlen: 24
2a0d:9500::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93206470 (0x58e37c6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd82de4f1304339fde527ba06033ca9e511171bd
Validity
Not Before: Jan 1 15:00:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bf49db628934cf1150607a7deaeb374c667e8dfd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:be:00:c6:4f:f7:86:03:cb:97:81:42:8c:97:
d5:c9:a1:26:ce:cb:0c:a5:91:05:48:e9:85:a3:32:
9a:57:6c:71:04:0c:ff:e0:75:2c:2e:b2:34:05:c1:
f8:b8:4b:7e:d0:72:66:99:7f:c5:d2:dc:05:f9:fc:
a7:ee:95:0d:d5:58:65:c4:20:a0:c9:a2:bd:e9:aa:
73:25:e0:73:96:49:51:43:57:b3:a2:17:94:b0:44:
62:1a:58:f6:1e:9a:f8:f5:18:f8:44:91:6d:64:26:
48:8b:68:4a:14:01:25:c8:ce:9d:e4:3b:7d:2f:0d:
20:48:fd:54:e3:9a:80:59:d8:ed:3e:d2:fe:fc:be:
e8:dc:f3:30:67:2d:d7:54:01:7f:72:ae:ec:74:2a:
16:b8:14:7a:97:19:8d:63:b6:39:df:01:22:71:ea:
3d:f0:31:e3:83:89:28:d2:fc:7b:1d:11:3f:da:64:
dc:f7:7a:da:6c:17:9a:88:27:d9:6f:da:ed:0d:f8:
a3:10:a2:3f:58:65:58:cf:ea:87:14:72:af:51:ce:
6c:39:75:f9:c8:19:f1:06:da:f3:7f:99:63:5b:27:
10:d3:66:50:23:02:c0:c7:aa:cd:9a:1b:b9:68:6c:
d5:9d:32:78:4d:9b:52:b3:05:97:47:c7:8f:43:d0:
d1:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:49:DB:62:89:34:CF:11:50:60:7A:7D:EA:EB:37:4C:66:7E:8D:FD
X509v3 Authority Key Identifier:
keyid:DD:82:DE:4F:13:04:33:9F:DE:52:7B:A0:60:33:CA:9E:51:11:71:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3YLeTxMEM5_eUnugYDPKnlERcb0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/f8bb1b-d6fd-49a1-9653-ff157bef0621/1/v0nbYok0zxFQYHp96us3TGZ-jf0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/f8bb1b-d6fd-49a1-9653-ff157bef0621/1/3YLeTxMEM5_eUnugYDPKnlERcb0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.252.0/24
45.94.254.0/23
45.159.196.0/22
103.216.60.0/22
157.119.188.0/24
157.119.190.0/23
185.86.180.0-185.86.182.255
185.236.36.0/23
185.236.39.0/24
195.114.4.0/23
195.114.8.0/23
IPv6:
2a0d:9500::/29
Signature Algorithm: sha256WithRSAEncryption
22:01:de:63:07:16:5c:e6:4e:8e:64:48:dc:8c:10:74:f0:80:
9c:ce:e4:c7:d9:71:77:81:9b:69:fc:0a:e4:d4:4f:58:55:a2:
cd:b1:06:80:7c:a9:95:24:a6:f4:93:2c:be:19:86:68:de:e1:
c1:b3:7d:0f:87:a9:b0:36:ae:03:bb:b4:01:7e:7a:ca:78:5b:
6a:17:ec:1e:31:69:59:2f:13:2f:1d:e0:ba:21:0d:2e:1b:1d:
83:bf:a9:3c:74:ac:05:60:55:ef:10:8f:4d:57:d5:5d:55:34:
4d:77:1f:ad:1f:dc:fc:26:aa:9d:90:67:fe:65:03:5c:2b:7e:
d5:62:f9:a5:04:99:b1:a9:44:14:ef:7d:01:e0:00:7b:7d:de:
07:ae:69:16:d5:e5:fa:46:39:2e:8b:3e:9a:6e:98:ee:a7:6b:
ec:56:a4:3b:33:c1:fd:09:82:42:f6:f7:ab:bf:4b:fe:83:32:
71:6f:29:79:0e:a9:6c:cd:51:09:66:ea:49:3a:47:c1:b1:a1:
41:99:ce:26:cf:a6:a6:43:4d:e1:3a:68:db:80:f1:8e:8a:cf:
7f:66:77:fd:e5:81:94:16:30:e8:d0:d5:1c:6f:51:20:c0:07:
11:ed:52:db:45:08:4d:d8:f8:9d:7f:ed:bf:42:47:94:02:fa:
92:ca:50:36
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgIEBY43xjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
ZDgyZGU0ZjEzMDQzMzlmZGU1MjdiYTA2MDMzY2E5ZTUxMTE3MWJkMB4XDTIyMDEw
MTE1MDAzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmY0OWRiNjI4OTM0
Y2YxMTUwNjA3YTdkZWFlYjM3NGM2NjdlOGRmZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJe+AMZP94YDy5eBQoyX1cmhJs7LDKWRBUjphaMymldscQQM
/+B1LC6yNAXB+LhLftByZpl/xdLcBfn8p+6VDdVYZcQgoMmivemqcyXgc5ZJUUNX
s6IXlLBEYhpY9h6a+PUY+ESRbWQmSItoShQBJcjOneQ7fS8NIEj9VOOagFnY7T7S
/vy+6NzzMGct11QBf3Ku7HQqFrgUepcZjWO2Od8BInHqPfAx44OJKNL8ex0RP9pk
3Pd62mwXmogn2W/a7Q34oxCiP1hlWM/qhxRyr1HObDl1+cgZ8Qba83+ZY1snENNm
UCMCwMeqzZobuWhs1Z0yeE2bUrMFl0fHj0PQ0X0CAwEAAaOCAlwwggJYMB0GA1Ud
DgQWBBS/SdtiiTTPEVBgen3q6zdMZn6N/TAfBgNVHSMEGDAWgBTdgt5PEwQzn95S
e6BgM8qeURFxvTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzNZTGVUeE1FTTVfZVVudWdZRFBLbmxFUmNiMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2QvZjhiYjFiLWQ2ZmQtNDlhMS05NjUzLWZmMTU3YmVmMDYyMS8x
L3YwbmJZb2swenhGUVlIcDk2dXMzVEdaLWpmMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Qv
ZjhiYjFiLWQ2ZmQtNDlhMS05NjUzLWZmMTU3YmVmMDYyMS8xLzNZTGVUeE1FTTVf
ZVVudWdZRFBLbmxFUmNiMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBy
BggrBgEFBQcBBwEB/wRjMGEwUAQCAAEwSgMEAC1e/AMEAS1e/gMEAi2fxAMEAmfY
PAMEAJ13vAMEAZ13vjAMAwQCuVa0AwQAuVa2AwQBuewkAwQAuewnAwQBw3IEAwQB
w3IIMA0EAgACMAcDBQMqDZUAMA0GCSqGSIb3DQEBCwUAA4IBAQAiAd5jBxZc5k6O
ZEjcjBB08ICczuTH2XF3gZtp/Ark1E9YVaLNsQaAfKmVJKb0kyy+GYZo3uHBs30P
h6mwNq4Du7QBfnrKeFtqF+weMWlZLxMvHeC6IQ0uGx2Dv6k8dKwFYFXvEI9NV9Vd
VTRNdx+tH9z8JqqdkGf+ZQNcK37VYvmlBJmxqUQU730B4AB7fd4HrmkW1eX6Rjku
iz6abpjup2vsVqQ7M8H9CYJC9verv0v+gzJxbyl5DqlszVEJZupJOkfBsaFBmc4m
z6amQ03hOmjbgPGOis9/Znf95YGUFjDo0NUcb1EgwAcR7VLbRQhN2Pidf+2/QkeU
AvqSylA2
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:27 2023 by rpki-client on console-fra.rpki-client.org