Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/9BOwjsdo53pfiRtZmiIZW2b4zJg.roa
File: 9BOwjsdo53pfiRtZmiIZW2b4zJg.roa (raw, json)
Hash identifier: BjuyQMSdOlGpkjI+dN4nkjjIeue6IFOvvncq/SkLo9o=
Subject key identifier: F4:13:B0:8E:C7:68:E7:7A:5F:89:1B:59:9A:22:19:5B:66:F8:CC:98
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 01846161B564457FAF414BED0F4A8E04B65B
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/9BOwjsdo53pfiRtZmiIZW2b4zJg.roa
Signing time: Thu 10 Nov 2022 11:51:44 +0000
ROA not before: Thu 10 Nov 2022 11:51:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6233
IP address blocks: 80.66.196.0/24 maxlen: 24
45.11.45.0/24 maxlen: 24
45.13.197.0/24 maxlen: 24
45.13.196.0/22 maxlen: 24
45.13.196.0/24 maxlen: 24
79.143.140.0/22 maxlen: 24
45.87.164.0/22 maxlen: 24
45.87.164.0/24 maxlen: 24
45.153.244.0/22 maxlen: 24
194.36.24.0/24 maxlen: 24
194.36.242.0/24 maxlen: 24
185.248.87.0/24 maxlen: 24
45.139.193.0/24 maxlen: 24
185.184.222.0/24 maxlen: 24
185.222.216.0/21 maxlen: 24
2a09::/29 maxlen: 48
2a0d:c7c0::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:61:61:b5:64:45:7f:af:41:4b:ed:0f:4a:8e:04:b6:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Nov 10 11:51:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f413b08ec768e77a5f891b599a22195b66f8cc98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:57:58:3c:45:39:e6:5e:f3:9b:ba:42:40:90:
45:eb:31:4f:30:df:74:bf:ad:23:af:ee:98:c5:5a:
a4:9b:73:a1:ff:97:3c:19:20:ec:36:b9:9c:56:65:
5f:85:77:42:d8:71:29:07:a2:85:ca:41:b0:ee:f6:
fc:e7:0b:d0:76:f5:1f:e3:f3:c8:5f:ad:8d:0c:1c:
48:1e:9d:9e:fa:c9:c5:6b:de:13:1e:39:34:ad:14:
03:d0:3b:9a:c4:ff:dd:25:0a:93:5a:f7:e5:c2:e8:
de:d2:98:2e:b6:2f:f7:f7:de:38:f4:8d:61:45:99:
29:b6:14:e5:0f:c2:07:fc:22:31:65:6a:7e:b6:17:
00:3d:ad:b7:b0:52:83:6e:e5:c5:22:b1:69:55:17:
66:cc:26:85:32:8a:3e:cc:b4:80:52:2b:d1:2b:be:
30:b1:7e:0b:4a:8f:84:d3:21:c5:0d:02:f2:54:f2:
85:ab:dc:a0:2c:0a:f8:45:56:5e:4a:69:a2:39:f0:
4f:38:a0:24:05:9a:42:ab:6d:ca:dc:c1:bf:c7:3b:
6b:44:b5:47:4a:6c:4d:73:09:4d:8a:31:a7:a5:00:
e6:0b:ce:dd:81:ea:0c:48:ca:4b:ed:20:18:82:52:
f2:3e:80:5b:f1:42:23:44:03:2f:2c:cf:1b:8b:bc:
84:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:13:B0:8E:C7:68:E7:7A:5F:89:1B:59:9A:22:19:5B:66:F8:CC:98
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/9BOwjsdo53pfiRtZmiIZW2b4zJg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.45.0/24
45.13.196.0/22
45.87.164.0/22
45.139.193.0/24
45.153.244.0/22
79.143.140.0/22
80.66.196.0/24
185.184.222.0/24
185.222.216.0/21
185.248.87.0/24
194.36.24.0/24
194.36.242.0/24
IPv6:
2a09::/29
2a0d:c7c0::/32
Signature Algorithm: sha256WithRSAEncryption
5e:1a:2c:d8:78:36:b4:a3:2c:e5:b8:0d:52:f9:b9:04:ed:3e:
fa:73:68:1e:8a:63:cc:b0:68:cc:86:a4:b3:45:e3:b5:e8:81:
8d:fb:2e:e8:ec:80:55:25:0a:9a:2c:a6:ee:06:30:37:90:d7:
4f:f5:3c:17:de:13:19:44:4f:e5:c9:f6:d2:ad:cf:20:82:9a:
5e:b4:4e:90:57:59:17:15:22:b7:ec:73:da:a4:b0:7d:49:27:
e5:07:9e:c9:a8:c4:57:32:56:c0:5e:a2:30:10:5e:5a:d7:a6:
2d:e3:e3:3f:21:af:26:76:03:11:db:dc:b7:b6:2d:a1:e7:9b:
70:50:05:e2:05:c6:2a:73:0b:65:5d:ec:70:9f:1e:ce:23:ce:
a2:c7:5c:d9:f2:20:0e:01:ec:47:89:fd:da:37:0c:e0:01:d0:
05:34:22:4c:68:10:f0:d6:ab:fd:46:9b:09:3e:31:07:9a:74:
42:25:e6:6d:62:94:48:96:1d:34:13:fc:93:b9:5f:43:97:7e:
b1:0b:ca:21:26:78:b7:db:13:19:7a:84:9b:51:31:4d:48:d0:
44:07:e8:60:9c:50:30:6e:7b:5d:b1:3b:b7:05:5c:5f:fe:ab:
68:f2:b3:c2:80:72:dd:2c:5f:34:1c:db:97:e8:6e:9b:ce:31:
a5:5d:dc:a8
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAYRhYbVkRX+vQUvtD0qOBLZbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjIxMTEwMTE1MTQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDEzYjA4ZWM3NjhlNzdhNWY4OTFiNTk5YTIyMTk1YjY2ZjhjYzk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvldYPEU55l7zm7pCQJBF6zFPMN90
v60jr+6YxVqkm3Oh/5c8GSDsNrmcVmVfhXdC2HEpB6KFykGw7vb85wvQdvUf4/PI
X62NDBxIHp2e+snFa94THjk0rRQD0DuaxP/dJQqTWvflwuje0pguti/399449I1h
RZkpthTlD8IH/CIxZWp+thcAPa23sFKDbuXFIrFpVRdmzCaFMoo+zLSAUivRK74w
sX4LSo+E0yHFDQLyVPKFq9ygLAr4RVZeSmmiOfBPOKAkBZpCq23K3MG/xztrRLVH
SmxNcwlNijGnpQDmC87dgeoMSMpL7SAYglLyPoBb8UIjRAMvLM8bi7yEGQIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFPQTsI7HaOd6X4kbWZoiGVtm+MyYMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvOUJPd2pzZG81M3BmaVJ0Wm1pSVpXMmI0ekpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjBOBAIAATBIAwQALQstAwQC
LQ3EAwQCLVekAwQALYvBAwQCLZn0AwQCT4+MAwQAUELEAwQAubjeAwQDud7YAwQA
ufhXAwQAwiQYAwQAwiTyMBQEAgACMA4DBQMqCQAAAwUAKg3HwDANBgkqhkiG9w0B
AQsFAAOCAQEAXhos2Hg2tKMs5bgNUvm5BO0++nNoHopjzLBozIaks0XjteiBjfsu
6OyAVSUKmiym7gYwN5DXT/U8F94TGURP5cn20q3PIIKaXrROkFdZFxUit+xz2qSw
fUkn5QeeyajEVzJWwF6iMBBeWtemLePjPyGvJnYDEdvct7YtoeebcFAF4gXGKnML
ZV3scJ8eziPOosdc2fIgDgHsR4n92jcM4AHQBTQiTGgQ8Nar/UabCT4xB5p0QiXm
bWKUSJYdNBP8k7lfQ5d+sQvKISZ4t9sTGXqEm1ExTUjQRAfoYJxQMG57XbE7twVc
X/6raPKzwoBy3SxfNBzbl+hum84xpV3cqA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:47 2024 by rpki-client on console-fra.rpki-client.org