Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/ifeyoWtNu5449bIdMQ30ivVMavQ.roa
File: ifeyoWtNu5449bIdMQ30ivVMavQ.roa (raw, json)
Hash identifier: ceCUGjQev3PK59BVWTShN7X1MXX4/BY0yiejpaxiOXg=
Subject key identifier: 89:F7:B2:A1:6B:4D:BB:9E:38:F5:B2:1D:31:0D:F4:8A:F5:4C:6A:F4
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 0181F034F07E5F1607CE7CA71B01495C31D1
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/ifeyoWtNu5449bIdMQ30ivVMavQ.roa
Signing time: Tue 12 Jul 2022 02:20:10 +0000
ROA not before: Tue 12 Jul 2022 02:20:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8100
IP address blocks: 45.87.92.0/24 maxlen: 24
45.87.93.0/24 maxlen: 24
80.66.196.0/24 maxlen: 24
95.214.166.0/24 maxlen: 24
95.214.167.0/24 maxlen: 24
45.139.192.0/24 maxlen: 24
45.139.195.0/24 maxlen: 24
45.139.193.0/24 maxlen: 24
45.139.194.0/24 maxlen: 24
45.141.45.0/24 maxlen: 24
194.104.144.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:f0:34:f0:7e:5f:16:07:ce:7c:a7:1b:01:49:5c:31:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Jul 12 02:20:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=89f7b2a16b4dbb9e38f5b21d310df48af54c6af4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:33:bd:7d:cb:7d:09:e7:b8:dd:9c:39:d6:52:
e4:51:37:0b:5d:32:2a:11:12:26:bf:83:73:42:d2:
b5:c5:db:32:89:28:2b:e7:a9:45:18:b0:eb:d8:60:
98:8b:16:1a:4b:d3:e2:1b:be:90:6d:fd:c8:b3:cd:
b1:3d:c9:3f:18:8d:13:fd:74:50:2d:3a:6e:5f:a1:
00:d3:c4:74:a8:cb:e7:01:79:04:81:3c:f0:a6:36:
8e:dc:f8:6a:67:76:eb:ad:93:6e:fd:95:0e:55:67:
fd:96:d4:3e:6f:6c:f0:c8:4c:84:0c:bb:92:7c:f5:
52:3e:9a:26:35:94:41:39:ad:6f:bb:f5:f0:a2:c0:
2c:45:c2:e7:19:da:ca:44:43:19:a5:71:dc:b6:18:
f6:97:12:a0:c4:64:92:81:6a:ac:22:05:e8:b1:04:
4e:fd:04:4e:25:3b:14:a9:77:04:58:8b:d8:03:df:
93:4b:d4:8d:6c:e6:23:9a:d1:c4:b9:b6:62:a7:e8:
ac:f4:04:71:ed:29:35:08:ee:9f:a5:dd:e6:62:18:
48:bf:55:16:54:86:91:ef:22:9e:39:46:50:9d:f8:
f4:74:bd:18:ca:9c:f3:74:d6:71:c6:d5:07:d3:f8:
69:16:dd:16:a8:41:1e:5c:8e:cb:2a:c5:22:b1:40:
4e:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:F7:B2:A1:6B:4D:BB:9E:38:F5:B2:1D:31:0D:F4:8A:F5:4C:6A:F4
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/ifeyoWtNu5449bIdMQ30ivVMavQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.92.0/23
45.139.192.0/22
45.141.45.0/24
80.66.196.0/24
95.214.166.0/23
194.104.144.0/24
Signature Algorithm: sha256WithRSAEncryption
47:19:fc:a3:c4:43:ae:f0:2a:ba:6a:ed:5f:76:40:40:72:5d:
bf:0e:01:cc:7c:57:1a:d8:84:9b:d1:52:c7:3a:d5:ba:35:f6:
ea:45:5b:93:96:3c:31:38:52:43:c8:f4:de:d4:b0:10:bd:97:
40:47:ea:b3:5e:ff:7b:4b:8b:91:c0:bf:6d:ca:07:93:2a:6f:
54:c3:0e:60:b1:e8:dc:f0:bf:46:fb:e5:cf:9b:d6:68:c0:69:
1f:25:ff:62:e0:e5:0a:9c:c5:37:36:42:e7:e8:23:11:90:cc:
7e:6f:4b:fd:61:93:73:65:14:9c:4d:83:e7:b6:a8:4c:cc:cf:
37:88:cb:51:bf:29:3b:19:2a:b1:8e:6a:f7:cf:41:87:12:cf:
ba:ff:36:84:54:9d:fd:61:aa:c1:d8:cd:f7:f5:32:65:f0:02:
13:54:32:ea:43:38:00:88:0e:43:89:ec:87:d8:83:57:9c:7f:
e3:ad:f7:6a:15:3d:b1:dc:37:d9:24:cf:9a:2b:74:7c:0b:b1:
57:fc:a4:70:58:6d:74:56:3b:ed:d1:db:cc:bd:70:d3:67:6e:
43:ae:b5:28:29:d3:e8:a0:e2:0e:2c:c3:58:cc:6c:33:e1:ba:
a4:a1:27:55:72:60:5d:08:8a:fa:91:66:f3:e6:d6:3e:c4:40:
0f:d2:52:c3
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYHwNPB+XxYHznynGwFJXDHRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjIwNzEyMDIyMDEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWY3YjJhMTZiNGRiYjllMzhmNWIyMWQzMTBkZjQ4YWY1NGM2YWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzzO9fct9Cee43Zw51lLkUTcLXTIq
ERImv4NzQtK1xdsyiSgr56lFGLDr2GCYixYaS9PiG76Qbf3Is82xPck/GI0T/XRQ
LTpuX6EA08R0qMvnAXkEgTzwpjaO3PhqZ3brrZNu/ZUOVWf9ltQ+b2zwyEyEDLuS
fPVSPpomNZRBOa1vu/XwosAsRcLnGdrKREMZpXHcthj2lxKgxGSSgWqsIgXosQRO
/QROJTsUqXcEWIvYA9+TS9SNbOYjmtHEubZip+is9ARx7Sk1CO6fpd3mYhhIv1UW
VIaR7yKeOUZQnfj0dL0YypzzdNZxxtUH0/hpFt0WqEEeXI7LKsUisUBOxQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFIn3sqFrTbueOPWyHTEN9Ir1TGr0MB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvaWZleW9XdE51NTQ0OWJJZE1RMzBpdlZNYXZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBLVdcAwQC
LYvAAwQALY0tAwQAUELEAwQBX9amAwQAwmiQMA0GCSqGSIb3DQEBCwUAA4IBAQBH
GfyjxEOu8Cq6au1fdkBAcl2/DgHMfFca2ISb0VLHOtW6NfbqRVuTljwxOFJDyPTe
1LAQvZdAR+qzXv97S4uRwL9tygeTKm9Uww5gsejc8L9G++XPm9ZowGkfJf9i4OUK
nMU3NkLn6CMRkMx+b0v9YZNzZRScTYPntqhMzM83iMtRvyk7GSqxjmr3z0GHEs+6
/zaEVJ39YarB2M339TJl8AITVDLqQzgAiA5DieyH2INXnH/jrfdqFT2x3DfZJM+a
K3R8C7FX/KRwWG10Vjvt0dvMvXDTZ25DrrUoKdPooOIOLMNYzGwz4bqkoSdVcmBd
CIr6kWbz5tY+xEAP0lLD
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:36 2023 by rpki-client on console-ams.rpki-client.org