Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/86772e-5e6b-406c-8a9e-1654a80dbc36/1/Apo3wni3NHQw7e6JltsUf7SACz4.roa
File: Apo3wni3NHQw7e6JltsUf7SACz4.roa (raw, json)
Hash identifier: WSuU3X99NSIrRBRhqVd3qsRJ/vyI2SlLmlYt734xygk=
Subject key identifier: 02:9A:37:C2:78:B7:34:74:30:ED:EE:89:96:DB:14:7F:B4:80:0B:3E
Certificate issuer: /CN=adc8a9bbc2bc3a4c8bb876ccdd95fd865250b6db
Certificate serial: 02FF649A
Authority key identifier: AD:C8:A9:BB:C2:BC:3A:4C:8B:B8:76:CC:DD:95:FD:86:52:50:B6:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rcipu8K8OkyLuHbM3ZX9hlJQtts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/86772e-5e6b-406c-8a9e-1654a80dbc36/1/Apo3wni3NHQw7e6JltsUf7SACz4.roa
Signing time: Tue 25 Jan 2022 19:04:11 +0000
ROA not before: Tue 25 Jan 2022 19:04:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60813
IP address blocks: 45.148.222.0/24 maxlen: 24
45.148.221.0/24 maxlen: 24
45.148.223.0/24 maxlen: 24
81.90.98.0/24 maxlen: 24
81.90.97.0/24 maxlen: 24
81.90.96.0/24 maxlen: 24
81.90.96.0/20 maxlen: 20
81.90.99.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 50291866 (0x2ff649a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adc8a9bbc2bc3a4c8bb876ccdd95fd865250b6db
Validity
Not Before: Jan 25 19:04:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=029a37c278b7347430edee8996db147fb4800b3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:c0:4a:8d:cc:a8:3f:f4:12:85:e3:f8:c9:c5:
48:84:22:42:e8:fd:3b:6a:a3:e2:cd:51:ab:7f:1f:
bf:47:8a:84:86:75:1c:51:85:61:e3:94:b2:93:a5:
96:68:6b:58:a1:16:e0:4b:f5:2c:73:de:51:43:f3:
68:25:22:47:e5:38:a7:eb:e7:dc:0d:03:a8:0e:46:
4c:e6:61:69:6b:81:90:60:23:9d:2e:4d:2e:32:67:
5a:6e:fb:9e:dc:6c:e3:06:18:8d:51:a8:c0:10:e8:
e3:e8:3c:ad:ec:4a:90:e8:c9:f1:5e:e6:3c:92:43:
d5:04:85:f7:26:27:7e:e9:42:77:4b:f2:d3:9b:c2:
5b:91:02:ac:f2:65:95:7b:14:98:bb:86:24:8b:52:
e6:97:20:b2:4a:92:d0:41:ac:c2:53:41:79:62:13:
9f:26:e6:19:eb:c2:96:82:b9:18:c9:a2:77:43:56:
fc:1d:12:9f:13:f9:12:b1:a2:6c:9c:10:c9:ca:04:
bf:c2:7a:66:74:e9:b5:8f:4f:2c:8f:63:b2:4d:ee:
be:e6:56:dc:72:d5:0d:76:48:2a:35:9d:b6:3e:e6:
53:4a:e9:f7:ca:38:8a:00:9c:a3:c9:2b:bb:14:2e:
9c:26:01:b1:ef:21:68:cd:e3:31:70:dd:0e:a3:2c:
60:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:9A:37:C2:78:B7:34:74:30:ED:EE:89:96:DB:14:7F:B4:80:0B:3E
X509v3 Authority Key Identifier:
keyid:AD:C8:A9:BB:C2:BC:3A:4C:8B:B8:76:CC:DD:95:FD:86:52:50:B6:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rcipu8K8OkyLuHbM3ZX9hlJQtts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/86772e-5e6b-406c-8a9e-1654a80dbc36/1/Apo3wni3NHQw7e6JltsUf7SACz4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/86772e-5e6b-406c-8a9e-1654a80dbc36/1/rcipu8K8OkyLuHbM3ZX9hlJQtts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.148.221.0-45.148.223.255
81.90.96.0/20
Signature Algorithm: sha256WithRSAEncryption
50:eb:43:f6:db:e5:43:af:10:bc:9c:22:99:c9:2d:6c:9d:8f:
c2:2b:2b:91:f0:73:b8:58:50:b3:77:2c:74:68:ab:28:ec:2d:
be:a9:89:cc:2e:7c:be:d3:e4:40:18:4a:03:52:a2:21:d8:2f:
a3:df:4b:14:31:77:c7:da:7a:7b:66:7a:28:e2:eb:af:e1:2a:
d1:c4:b7:39:b0:14:07:41:9f:5a:5a:ed:6a:80:1d:51:c2:38:
80:b3:50:71:81:d6:b0:50:7f:93:bf:9e:b4:9d:ea:cd:0c:a2:
ce:16:01:3b:a0:84:ea:89:12:2a:f6:cb:ec:ac:70:eb:5d:d5:
af:57:9e:a5:7e:b7:6e:a6:6e:3e:9e:cf:9b:47:66:2b:c3:ad:
6f:99:8b:03:06:50:fd:d4:2e:16:8a:d0:06:94:1b:07:66:4c:
5a:63:eb:31:f6:5e:91:a7:fe:5a:d7:6c:a1:2d:0a:89:4b:6e:
63:22:e8:37:92:89:3f:93:9a:60:df:15:1b:50:f1:aa:fd:d0:
3f:42:f6:31:bf:e0:da:29:fe:02:b1:08:f3:0e:6e:fc:0e:05:
9d:70:b1:5d:66:60:5a:fe:9b:80:4e:59:5b:34:c0:bc:53:46:
45:cb:a7:3a:3d:5a:b2:a3:d4:80:01:6f:a7:52:aa:18:b2:6b:
d6:45:18:49
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIEAv9kmjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZGM4YTliYmMyYmMzYTRjOGJiODc2Y2NkZDk1ZmQ4NjUyNTBiNmRiMB4XDTIyMDEy
NTE5MDQxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDI5YTM3YzI3OGI3
MzQ3NDMwZWRlZTg5OTZkYjE0N2ZiNDgwMGIzZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALLASo3MqD/0EoXj+MnFSIQiQuj9O2qj4s1Rq38fv0eKhIZ1
HFGFYeOUspOllmhrWKEW4Ev1LHPeUUPzaCUiR+U4p+vn3A0DqA5GTOZhaWuBkGAj
nS5NLjJnWm77ntxs4wYYjVGowBDo4+g8rexKkOjJ8V7mPJJD1QSF9yYnfulCd0vy
05vCW5ECrPJllXsUmLuGJItS5pcgskqS0EGswlNBeWITnybmGevCloK5GMmid0NW
/B0SnxP5ErGibJwQycoEv8J6ZnTptY9PLI9jsk3uvuZW3HLVDXZIKjWdtj7mU0rp
98o4igCco8kruxQunCYBse8haM3jMXDdDqMsYBkCAwEAAaOCAhcwggITMB0GA1Ud
DgQWBBQCmjfCeLc0dDDt7omW2xR/tIALPjAfBgNVHSMEGDAWgBStyKm7wrw6TIu4
dszdlf2GUlC22zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3JjaXB1OEs4T2t5THVIYk0zWlg5aGxKUXR0cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODUvODY3NzJlLTVlNmItNDA2Yy04YTllLTE2NTRhODBkYmMzNi8x
L0FwbzN3bmkzTkhRdzdlNkpsdHNVZjdTQUN6NC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODUv
ODY3NzJlLTVlNmItNDA2Yy04YTllLTE2NTRhODBkYmMzNi8xL3JjaXB1OEs4T2t5
THVIYk0zWlg5aGxKUXR0cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAt
BggrBgEFBQcBBwEB/wQeMBwwGgQCAAEwFDAMAwQALZTdAwQFLZTAAwQEUVpgMA0G
CSqGSIb3DQEBCwUAA4IBAQBQ60P22+VDrxC8nCKZyS1snY/CKyuR8HO4WFCzdyx0
aKso7C2+qYnMLny+0+RAGEoDUqIh2C+j30sUMXfH2np7Znoo4uuv4SrRxLc5sBQH
QZ9aWu1qgB1RwjiAs1BxgdawUH+Tv560nerNDKLOFgE7oITqiRIq9svsrHDrXdWv
V56lfrdupm4+ns+bR2Yrw61vmYsDBlD91C4WitAGlBsHZkxaY+sx9l6Rp/5a12yh
LQqJS25jIug3kok/k5pg3xUbUPGq/dA/QvYxv+DaKf4CsQjzDm78DgWdcLFdZmBa
/puATllbNMC8U0ZFy6c6PVqyo9SAAW+nUqoYsmvWRRhJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:22 2024 by rpki-client on console-ams.rpki-client.org