Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/zARH_PTAcaCXp9rkBg8SrajAubI.roa
File: zARH_PTAcaCXp9rkBg8SrajAubI.roa (raw, json)
Hash identifier: GHhr+PkIaaXsoGu8GeuGz9DuVcwA9SpA+Ci9L+lVY6I=
Subject key identifier: CC:04:47:FC:F4:C0:71:A0:97:A7:DA:E4:06:0F:12:AD:A8:C0:B9:B2
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 0184BA3C65F18AB4A495D9C8158480983DD4
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/zARH_PTAcaCXp9rkBg8SrajAubI.roa
Signing time: Sun 27 Nov 2022 17:57:11 +0000
ROA not before: Sun 27 Nov 2022 17:57:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61138
IP address blocks: 45.147.50.0/24 maxlen: 24
80.66.198.0/24 maxlen: 24
141.98.199.0/24 maxlen: 24
94.124.118.0/24 maxlen: 24
185.200.65.0/24 maxlen: 24
185.200.67.0/24 maxlen: 24
149.62.45.0/24 maxlen: 24
45.143.232.0/24 maxlen: 24
185.194.55.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:ba:3c:65:f1:8a:b4:a4:95:d9:c8:15:84:80:98:3d:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Nov 27 17:57:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cc0447fcf4c071a097a7dae4060f12ada8c0b9b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:dc:9f:d5:de:11:47:39:b1:92:c1:5a:5d:49:
9e:d9:15:25:0c:59:57:c5:2b:e8:55:6b:aa:f3:1c:
d4:0d:eb:ea:3e:a8:5c:e5:9c:72:9e:14:f8:5d:0b:
5d:f8:0b:be:8b:d9:b5:33:29:01:d2:84:ca:a4:0c:
dd:c9:17:d6:36:a4:90:da:6b:0d:d0:8e:0a:c3:31:
0e:65:e5:f3:c0:2e:57:68:67:91:2c:81:bd:c4:42:
89:a8:5e:02:b3:5d:69:6a:7e:d9:4c:33:3a:de:13:
f5:2c:78:0f:46:f9:e6:e7:6d:74:ae:44:ce:85:fa:
cb:ee:2b:c2:19:da:00:a7:b1:c4:53:01:13:af:9e:
f0:b3:7b:49:49:3b:bf:55:3f:ca:a5:33:68:a1:71:
89:58:e8:f2:2c:c9:c0:6a:3f:12:eb:16:c3:c6:31:
f8:16:a6:47:19:8e:0c:71:28:75:98:59:75:41:9e:
20:58:b1:9e:e4:f5:10:60:aa:17:84:f2:96:3c:7a:
f7:99:5a:8c:bf:20:5c:2c:7c:51:c6:34:76:00:bf:
97:95:61:e9:e5:47:db:d7:1e:ff:91:88:07:65:4c:
5c:0b:ee:4c:48:f3:45:b3:09:38:b4:c9:0b:ba:cb:
04:4e:f4:db:83:a1:67:2a:fe:8d:77:51:34:b3:e2:
af:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:04:47:FC:F4:C0:71:A0:97:A7:DA:E4:06:0F:12:AD:A8:C0:B9:B2
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/zARH_PTAcaCXp9rkBg8SrajAubI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.232.0/24
45.147.50.0/24
80.66.198.0/24
94.124.118.0/24
141.98.199.0/24
149.62.45.0/24
185.194.55.0/24
185.200.65.0/24
185.200.67.0/24
Signature Algorithm: sha256WithRSAEncryption
12:cd:62:4a:61:97:bd:19:83:8d:2d:6b:0f:22:7d:2e:87:23:
7d:95:c8:8e:45:b5:29:75:25:2c:24:9f:07:12:7d:58:85:2c:
64:e7:44:50:5b:ac:53:07:a3:23:63:4b:3b:20:d4:4b:11:5f:
b9:2c:cb:e3:16:5b:75:e5:9f:86:05:4f:2f:76:84:63:8f:e4:
94:b8:22:df:45:20:65:d9:64:54:b7:63:79:84:25:b5:f7:bd:
77:80:0e:4d:c2:5a:49:64:f6:15:bd:26:b4:a5:d6:d5:ed:c0:
d4:bd:80:e8:2a:0d:85:f1:91:0b:28:21:d2:06:04:76:79:82:
3a:1a:76:d3:3c:15:46:a5:04:8f:cb:7d:09:46:5d:d0:a5:ca:
bf:b9:45:36:7f:e4:74:14:8a:9a:6b:fe:a1:e7:78:4e:07:15:
e6:6d:26:5f:c7:de:7f:b9:6c:c8:ff:1a:78:79:96:b3:82:b8:
e9:1c:d3:d1:2b:7a:72:df:f2:88:31:c0:70:7d:91:1d:bb:65:
5b:cb:0e:fa:f6:79:c5:3d:a6:d5:65:73:e2:0f:aa:2a:a1:73:
e7:0b:eb:2c:82:f4:89:6d:ca:98:e9:15:ea:ae:79:5a:9d:d6:
90:40:e1:70:b3:71:b7:a5:ed:1d:df:a7:eb:99:e5:17:61:ad:
77:a4:b7:d5
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYS6PGXxirSkldnIFYSAmD3UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjIxMTI3MTc1NzExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzA0NDdmY2Y0YzA3MWEwOTdhN2RhZTQwNjBmMTJhZGE4YzBiOWIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi9yf1d4RRzmxksFaXUme2RUlDFlX
xSvoVWuq8xzUDevqPqhc5ZxynhT4XQtd+Au+i9m1MykB0oTKpAzdyRfWNqSQ2msN
0I4KwzEOZeXzwC5XaGeRLIG9xEKJqF4Cs11pan7ZTDM63hP1LHgPRvnm5210rkTO
hfrL7ivCGdoAp7HEUwETr57ws3tJSTu/VT/KpTNooXGJWOjyLMnAaj8S6xbDxjH4
FqZHGY4McSh1mFl1QZ4gWLGe5PUQYKoXhPKWPHr3mVqMvyBcLHxRxjR2AL+XlWHp
5Ufb1x7/kYgHZUxcC+5MSPNFswk4tMkLussETvTbg6FnKv6Nd1E0s+KvqwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFMwER/z0wHGgl6fa5AYPEq2owLmyMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvekFSSF9QVEFjYUNYcDlya0JnOFNyYWpBdWJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQALY/oAwQA
LZMyAwQAUELGAwQAXnx2AwQAjWLHAwQAlT4tAwQAucI3AwQAuchBAwQAuchDMA0G
CSqGSIb3DQEBCwUAA4IBAQASzWJKYZe9GYONLWsPIn0uhyN9lciORbUpdSUsJJ8H
En1YhSxk50RQW6xTB6MjY0s7INRLEV+5LMvjFlt15Z+GBU8vdoRjj+SUuCLfRSBl
2WRUt2N5hCW19713gA5NwlpJZPYVvSa0pdbV7cDUvYDoKg2F8ZELKCHSBgR2eYI6
GnbTPBVGpQSPy30JRl3Qpcq/uUU2f+R0FIqaa/6h53hOBxXmbSZfx95/uWzI/xp4
eZazgrjpHNPRK3py3/KIMcBwfZEdu2Vbyw769nnFPabVZXPiD6oqoXPnC+ssgvSJ
bcqY6RXqrnlandaQQOFws3G3pe0d36frmeUXYa13pLfV
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:36 2023 by rpki-client on console-ams.rpki-client.org