Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/tDNIWax5b2BQ0QDOQD4ljZCYMzE.roa
File: tDNIWax5b2BQ0QDOQD4ljZCYMzE.roa (raw, json)
Hash identifier: pJ6Gl6tTvyzLUWzenIQxe/b9QaqdE4QVklhVWs0Vhbg=
Subject key identifier: B4:33:48:59:AC:79:6F:60:50:D1:00:CE:40:3E:25:8D:90:98:33:31
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 01836AC304899C6F0E6A5CDC940C7BC87A58
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/tDNIWax5b2BQ0QDOQD4ljZCYMzE.roa
Signing time: Fri 23 Sep 2022 14:31:48 +0000
ROA not before: Fri 23 Sep 2022 14:31:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9312
IP address blocks: 149.62.46.0/24 maxlen: 24
45.90.210.0/24 maxlen: 24
45.90.208.0/24 maxlen: 24
149.62.47.0/24 maxlen: 24
45.90.211.0/24 maxlen: 24
45.90.209.0/24 maxlen: 24
194.36.243.0/24 maxlen: 24
95.214.165.0/24 maxlen: 24
95.214.164.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:6a:c3:04:89:9c:6f:0e:6a:5c:dc:94:0c:7b:c8:7a:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Sep 23 14:31:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b4334859ac796f6050d100ce403e258d90983331
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:59:7b:5a:13:53:82:9e:93:0a:92:0b:37:7a:
c0:da:05:1c:25:25:c0:a6:71:64:79:a7:ba:bc:9b:
78:e1:eb:e0:e7:91:99:98:00:b1:93:1a:87:a4:6e:
28:51:34:3c:ce:70:5c:89:40:93:56:db:68:9d:24:
90:21:a2:e3:7b:b4:c9:f8:e5:a6:7c:06:3c:94:57:
06:27:a0:d4:a2:62:31:ef:f8:1e:7a:12:60:41:6a:
02:d6:1c:32:f8:b7:7d:c3:7a:04:d6:12:37:1a:ab:
2d:54:ca:ed:97:8e:c1:09:83:e7:59:38:32:a7:ed:
56:18:4e:48:47:f2:ad:a4:4a:51:a6:c0:ab:ef:79:
32:dd:27:0d:3b:e6:1e:11:88:0c:a1:a9:95:0e:5c:
bf:6e:29:2e:10:3c:e5:07:8f:58:8f:c1:ff:f4:72:
c9:81:fd:e6:ea:65:f7:0a:56:17:b4:b7:3c:34:ed:
81:dc:a2:58:75:68:64:b0:8e:f3:9e:9d:0e:9d:a1:
6c:1b:5b:f6:7d:84:c3:61:9f:c5:b5:9b:5b:0f:ca:
02:d7:59:59:db:a0:67:f1:39:44:d3:16:b5:41:5a:
68:19:8c:f4:e1:3d:63:af:d0:4f:78:62:94:d4:26:
ea:ad:05:18:7c:63:49:ea:c8:7b:d2:d4:75:dd:b2:
74:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:33:48:59:AC:79:6F:60:50:D1:00:CE:40:3E:25:8D:90:98:33:31
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/tDNIWax5b2BQ0QDOQD4ljZCYMzE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.208.0/22
95.214.164.0/23
149.62.46.0/23
194.36.243.0/24
Signature Algorithm: sha256WithRSAEncryption
20:d2:3f:fb:a6:85:3a:a0:6d:3f:4f:4a:93:a8:a6:f6:b3:4c:
97:1b:80:b5:0b:12:ad:42:3c:a0:38:b7:18:25:4c:98:fe:d9:
ea:f0:ca:2c:ea:23:83:7c:ba:f0:3f:14:86:f9:c7:38:48:ab:
36:3b:54:c8:22:f8:a3:23:f5:02:94:05:39:d7:14:d3:a9:55:
00:ea:97:e6:cd:f2:cd:18:2f:01:89:dd:a6:f5:80:28:5b:dd:
ab:2c:38:0a:82:1b:68:51:1c:a1:53:c5:8d:b4:c8:b7:09:3d:
33:9e:12:36:40:b8:b7:32:e5:e3:66:63:fc:62:86:9b:f1:14:
06:09:79:28:c6:af:f5:2a:40:99:c0:66:3f:64:87:27:54:bd:
6b:77:d1:03:a9:56:6e:32:bd:3b:b8:bb:d1:49:84:14:5a:01:
98:b9:e6:8c:a0:0e:89:60:82:9c:a7:55:50:b4:d3:60:7d:b3:
57:86:26:df:92:01:b6:08:c6:48:2b:99:fb:ac:23:c0:8d:e9:
d6:88:f4:f8:6f:4b:2b:69:40:f9:7f:eb:c4:3a:df:b6:05:c9:
eb:7c:8e:c1:9e:cf:4b:2d:90:1d:9a:ab:a5:23:98:c3:7c:98:
35:73:55:71:6c:c5:d2:8a:39:e7:4d:9f:40:ac:40:85:2a:8c:
94:af:f9:87
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYNqwwSJnG8OalzclAx7yHpYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjIwOTIzMTQzMTQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDMzNDg1OWFjNzk2ZjYwNTBkMTAwY2U0MDNlMjU4ZDkwOTgzMzMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq1l7WhNTgp6TCpILN3rA2gUcJSXA
pnFkeae6vJt44evg55GZmACxkxqHpG4oUTQ8znBciUCTVttonSSQIaLje7TJ+OWm
fAY8lFcGJ6DUomIx7/geehJgQWoC1hwy+Ld9w3oE1hI3GqstVMrtl47BCYPnWTgy
p+1WGE5IR/KtpEpRpsCr73ky3ScNO+YeEYgMoamVDly/bikuEDzlB49Yj8H/9HLJ
gf3m6mX3ClYXtLc8NO2B3KJYdWhksI7znp0OnaFsG1v2fYTDYZ/FtZtbD8oC11lZ
26Bn8TlE0xa1QVpoGYz04T1jr9BPeGKU1CbqrQUYfGNJ6sh70tR13bJ0jwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLQzSFmseW9gUNEAzkA+JY2QmDMxMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvdEROSVdheDViMkJRMFFET1FENGxqWkNZTXpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCLVrQAwQB
X9akAwQBlT4uAwQAwiTzMA0GCSqGSIb3DQEBCwUAA4IBAQAg0j/7poU6oG0/T0qT
qKb2s0yXG4C1CxKtQjygOLcYJUyY/tnq8Mos6iODfLrwPxSG+cc4SKs2O1TIIvij
I/UClAU51xTTqVUA6pfmzfLNGC8Bid2m9YAoW92rLDgKghtoURyhU8WNtMi3CT0z
nhI2QLi3MuXjZmP8Yoab8RQGCXkoxq/1KkCZwGY/ZIcnVL1rd9EDqVZuMr07uLvR
SYQUWgGYueaMoA6JYIKcp1VQtNNgfbNXhibfkgG2CMZIK5n7rCPAjenWiPT4b0sr
aUD5f+vEOt+2BcnrfI7Bns9LLZAdmqulI5jDfJg1c1VxbMXSijnnTZ9ArECFKoyU
r/mH
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:36 2023 by rpki-client on console-ams.rpki-client.org