Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/N5lORjqMHRs7Imx802EIxHnQU9I.roa
File: N5lORjqMHRs7Imx802EIxHnQU9I.roa (raw, json)
Hash identifier: 0rgKZBv53EytuO40C9mbjkWRHBY3DyWbGPGtQHe0c/c=
Subject key identifier: 37:99:4E:46:3A:8C:1D:1B:3B:22:6C:7C:D3:61:08:C4:79:D0:53:D2
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 0182D9DB6EF3E33EC218E7F39ECA6B5ADE2D
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/N5lORjqMHRs7Imx802EIxHnQU9I.roa
Signing time: Fri 26 Aug 2022 11:13:32 +0000
ROA not before: Fri 26 Aug 2022 11:13:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 23959
IP address blocks: 45.66.216.0/22 maxlen: 24
213.232.112.0/22 maxlen: 24
176.119.148.0/22 maxlen: 24
45.159.48.0/22 maxlen: 24
88.214.20.0/22 maxlen: 24
147.78.240.0/21 maxlen: 24
193.111.30.0/23 maxlen: 24
45.66.128.0/22 maxlen: 24
91.200.240.0/24 maxlen: 24
91.200.242.0/24 maxlen: 24
45.149.156.0/22 maxlen: 24
78.142.228.0/22 maxlen: 24
193.32.148.0/22 maxlen: 24
2a09:7::/36 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:d9:db:6e:f3:e3:3e:c2:18:e7:f3:9e:ca:6b:5a:de:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Aug 26 11:13:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=37994e463a8c1d1b3b226c7cd36108c479d053d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:2b:ce:eb:d8:e5:6c:4d:4a:61:10:d8:96:86:
fc:f5:0a:82:b8:8b:7c:d8:94:f1:46:d2:d3:7f:bf:
6c:79:5a:14:6a:bb:5f:1a:d5:5c:bf:f8:0a:b7:bc:
42:d2:f0:d3:b8:06:bf:dd:2b:9a:41:a9:07:c7:f4:
c3:5c:b2:43:fe:6c:72:f0:da:00:b0:af:0d:5d:b4:
99:0d:fa:44:60:35:f5:99:21:12:86:c1:8e:61:2c:
7a:4b:6b:56:0b:47:57:f0:0c:db:fc:6d:60:7e:05:
bf:8c:d1:e4:45:f1:87:21:9f:66:8c:c3:a8:3b:b8:
73:6f:92:97:ab:82:73:49:21:45:08:ec:28:01:fb:
8f:6a:15:dd:ff:e7:f6:d7:b5:81:8c:ee:b5:74:52:
43:fa:c0:36:ed:da:02:ab:0f:72:67:ff:7d:a8:58:
9a:0c:0a:c1:27:ce:20:d2:5d:ae:27:a7:98:2c:bc:
89:b9:50:aa:f5:7b:3b:ec:a5:2b:35:a4:02:c8:99:
8e:ae:cb:ab:02:2d:c3:02:14:fb:31:45:5f:6c:f7:
80:50:95:e1:0e:49:83:39:31:09:23:1f:eb:dc:57:
b8:af:bc:6a:10:25:40:bf:49:70:85:51:bc:82:7a:
55:46:da:66:c0:00:bc:4d:95:a3:4b:c5:60:9d:64:
c8:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:99:4E:46:3A:8C:1D:1B:3B:22:6C:7C:D3:61:08:C4:79:D0:53:D2
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/N5lORjqMHRs7Imx802EIxHnQU9I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.128.0/22
45.66.216.0/22
45.149.156.0/22
45.159.48.0/22
78.142.228.0/22
88.214.20.0/22
91.200.240.0/24
91.200.242.0/24
147.78.240.0/21
176.119.148.0/22
193.32.148.0/22
193.111.30.0/23
213.232.112.0/22
IPv6:
2a09:7::/36
Signature Algorithm: sha256WithRSAEncryption
46:2b:28:25:b3:99:06:d1:b5:22:18:f5:f7:ec:f5:de:3c:e0:
b5:a4:b4:2e:72:13:4e:74:9e:b9:52:52:4d:12:e0:00:53:d2:
c1:cd:fb:08:77:cb:53:e8:29:60:c4:7d:7d:97:fd:e1:0b:e9:
be:f1:26:a7:07:02:39:9c:05:a0:ac:0d:bf:d5:d4:db:3d:f5:
8f:81:d3:a8:20:be:47:17:35:f0:ab:c8:eb:72:ca:ad:c1:71:
2e:72:fc:5a:24:ca:c1:ae:5e:81:f3:88:46:40:b2:85:c7:ee:
77:b1:9c:5b:80:56:76:88:fb:65:ca:39:1d:c9:4c:61:fc:ea:
a9:53:b3:27:67:da:26:b5:25:c4:c2:fa:e3:64:61:bd:ed:94:
02:2e:59:74:bc:42:1b:8d:7f:65:8d:52:20:62:bd:58:50:c7:
82:0b:2a:d4:dc:4a:17:fa:39:91:c2:d2:d6:dc:17:9a:1d:6e:
2c:89:16:2a:86:e5:32:63:b9:3f:c3:32:b9:c0:da:69:f1:46:
32:bd:2a:0f:11:26:8a:6f:bf:b5:8b:2a:cf:ee:eb:63:17:ae:
fa:3e:53:df:36:24:54:67:6e:97:72:b4:a9:54:33:b3:2e:ff:
be:2f:39:15:b3:9b:ab:61:f4:ef:9e:d1:60:1d:ef:76:e8:4d:
23:55:78:57
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAYLZ227z4z7CGOfznsprWt4tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjIwODI2MTExMzMyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzk5NGU0NjNhOGMxZDFiM2IyMjZjN2NkMzYxMDhjNDc5ZDA1M2QyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqSvO69jlbE1KYRDYlob89QqCuIt8
2JTxRtLTf79seVoUartfGtVcv/gKt7xC0vDTuAa/3SuaQakHx/TDXLJD/mxy8NoA
sK8NXbSZDfpEYDX1mSEShsGOYSx6S2tWC0dX8Azb/G1gfgW/jNHkRfGHIZ9mjMOo
O7hzb5KXq4JzSSFFCOwoAfuPahXd/+f217WBjO61dFJD+sA27doCqw9yZ/99qFia
DArBJ84g0l2uJ6eYLLyJuVCq9Xs77KUrNaQCyJmOrsurAi3DAhT7MUVfbPeAUJXh
DkmDOTEJIx/r3Fe4r7xqECVAv0lwhVG8gnpVRtpmwAC8TZWjS8VgnWTIdwIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFDeZTkY6jB0bOyJsfNNhCMR50FPSMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvTjVsT1JqcU1IUnM3SW14ODAyRUl4SG5RVTlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjBUBAIAATBOAwQCLUKAAwQC
LULYAwQCLZWcAwQCLZ8wAwQCTo7kAwQCWNYUAwQAW8jwAwQAW8jyAwQDk07wAwQC
sHeUAwQCwSCUAwQBwW8eAwQC1ehwMA4EAgACMAgDBgQqCQAHADANBgkqhkiG9w0B
AQsFAAOCAQEARisoJbOZBtG1Ihj19+z13jzgtaS0LnITTnSeuVJSTRLgAFPSwc37
CHfLU+gpYMR9fZf94QvpvvEmpwcCOZwFoKwNv9XU2z31j4HTqCC+Rxc18KvI63LK
rcFxLnL8WiTKwa5egfOIRkCyhcfud7GcW4BWdoj7Zco5HclMYfzqqVOzJ2faJrUl
xML642Rhve2UAi5ZdLxCG41/ZY1SIGK9WFDHggsq1NxKF/o5kcLS1twXmh1uLIkW
KoblMmO5P8MyucDaafFGMr0qDxEmim+/tYsqz+7rYxeu+j5T3zYkVGdul3K0qVQz
sy7/vi85FbObq2H0757RYB3vduhNI1V4Vw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:47 2024 by rpki-client on console-fra.rpki-client.org