Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/31dca4-1ce8-4318-956c-d4f08be050d5/1/TXdED7-Qx9AUOA0BGzwxPWrzZqQ.roa
File: TXdED7-Qx9AUOA0BGzwxPWrzZqQ.roa (raw, json)
Hash identifier: SWbS04f+7NrRRTPt7Obo+KCf9u5ZBL8S86c2P8d5kJo=
Subject key identifier: 4D:77:44:0F:BF:90:C7:D0:14:38:0D:01:1B:3C:31:3D:6A:F3:66:A4
Certificate issuer: /CN=f1f42360a3970a808016fdf8d8dba396c5a1d034
Certificate serial: 1B27DCF9
Authority key identifier: F1:F4:23:60:A3:97:0A:80:80:16:FD:F8:D8:DB:A3:96:C5:A1:D0:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8fQjYKOXCoCAFv342NujlsWh0DQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/31dca4-1ce8-4318-956c-d4f08be050d5/1/TXdED7-Qx9AUOA0BGzwxPWrzZqQ.roa
Signing time: Sat 01 Jan 2022 09:59:44 +0000
ROA not before: Sat 01 Jan 2022 09:59:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 55002
IP address blocks: 45.82.106.0/24 maxlen: 24
45.82.107.0/24 maxlen: 24
185.16.89.0/24 maxlen: 24
185.16.88.0/24 maxlen: 24
185.16.90.0/24 maxlen: 24
185.16.91.0/24 maxlen: 24
91.235.107.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 455597305 (0x1b27dcf9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1f42360a3970a808016fdf8d8dba396c5a1d034
Validity
Not Before: Jan 1 09:59:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4d77440fbf90c7d014380d011b3c313d6af366a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:35:3c:fd:7e:a5:9a:6c:d4:4d:dc:4f:6a:f5:
c4:fd:5b:0b:3a:f1:c8:5d:1c:5f:9d:59:d7:05:fd:
5b:6e:2a:80:6b:d1:b7:6b:d7:4d:a6:d7:eb:06:8c:
9f:7a:8c:35:f1:bd:c3:8f:c7:c7:4c:ec:a8:fc:e0:
d1:fd:0e:87:6c:0c:c1:ed:87:6e:42:dd:5c:fd:0c:
0a:ae:f5:df:48:de:eb:ce:04:8b:61:8e:97:32:bc:
4f:18:05:ae:2b:79:53:32:8b:c9:33:3a:e8:23:64:
e1:67:82:3b:61:c8:8c:78:f7:51:02:0a:44:62:52:
e2:04:29:f1:9d:33:14:b7:3a:0c:af:7f:a4:4f:c2:
06:3f:c2:78:0e:1d:2f:29:f2:5a:40:39:99:7c:59:
39:b9:c5:df:c5:9d:ff:17:18:30:c8:3e:26:51:7d:
82:d7:3c:d0:0e:53:59:37:45:20:f6:cc:be:04:0b:
54:32:2f:af:91:53:7d:6a:2b:da:f4:0a:49:a6:9e:
6e:ee:28:96:81:37:37:07:ff:81:05:14:fa:5b:8b:
81:ae:c6:94:b5:e9:6a:1f:62:da:8b:f4:c8:33:fa:
47:26:a6:4b:23:9b:f3:07:d2:38:af:b1:ed:ef:9e:
54:6f:98:c8:d6:92:31:46:95:66:99:f9:f0:24:4b:
04:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:77:44:0F:BF:90:C7:D0:14:38:0D:01:1B:3C:31:3D:6A:F3:66:A4
X509v3 Authority Key Identifier:
keyid:F1:F4:23:60:A3:97:0A:80:80:16:FD:F8:D8:DB:A3:96:C5:A1:D0:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8fQjYKOXCoCAFv342NujlsWh0DQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/31dca4-1ce8-4318-956c-d4f08be050d5/1/TXdED7-Qx9AUOA0BGzwxPWrzZqQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/31dca4-1ce8-4318-956c-d4f08be050d5/1/8fQjYKOXCoCAFv342NujlsWh0DQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.82.106.0/23
91.235.107.0/24
185.16.88.0/22
Signature Algorithm: sha256WithRSAEncryption
3e:3f:61:16:8d:8d:da:19:ee:2f:13:fd:36:24:91:7b:3a:7c:
1f:a6:53:b8:cc:02:73:0a:ab:da:fb:67:cc:32:3c:b8:73:a6:
bd:cf:59:db:2a:94:a2:d2:5e:d5:c3:35:3e:bd:0f:72:1a:dd:
90:ec:e9:0a:07:cd:88:ea:b8:98:bd:5f:60:3d:d5:77:ea:89:
ef:d2:64:cd:01:9c:9f:36:53:f8:6d:90:ae:fe:0e:d1:a2:13:
28:cc:03:98:4c:5c:10:e3:89:c5:5d:85:88:59:de:1d:bf:e3:
4d:bd:54:b6:04:66:b1:46:f4:2b:1b:7a:b7:f2:2e:cc:3a:9b:
61:cb:d2:f5:e3:c1:0a:c3:28:70:79:9a:37:0d:62:8a:1b:98:
5d:99:18:7e:e3:ed:ad:05:5d:22:35:70:fb:cf:98:b5:61:d9:
1c:e4:89:a7:37:de:b8:2a:28:56:d6:bc:88:af:2d:f8:a1:3b:
62:9d:b9:cf:a3:b0:ad:16:d6:83:af:bb:43:6f:1c:7e:91:6b:
6e:ea:5c:99:79:7b:82:7d:75:6f:06:65:03:14:30:8b:f4:cb:
2f:33:37:5c:be:b8:33:ad:6e:dd:5c:07:70:73:d9:09:58:cd:
f9:7c:7d:83:b1:7e:14:04:0b:c5:d5:6c:85:0c:bc:0a:c6:5f:
34:76:3a:91
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEGyfc+TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
MWY0MjM2MGEzOTcwYTgwODAxNmZkZjhkOGRiYTM5NmM1YTFkMDM0MB4XDTIyMDEw
MTA5NTk0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGQ3NzQ0MGZiZjkw
YzdkMDE0MzgwZDAxMWIzYzMxM2Q2YWYzNjZhNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIE1PP1+pZps1E3cT2r1xP1bCzrxyF0cX51Z1wX9W24qgGvR
t2vXTabX6waMn3qMNfG9w4/Hx0zsqPzg0f0Oh2wMwe2HbkLdXP0MCq7130je684E
i2GOlzK8TxgFrit5UzKLyTM66CNk4WeCO2HIjHj3UQIKRGJS4gQp8Z0zFLc6DK9/
pE/CBj/CeA4dLynyWkA5mXxZObnF38Wd/xcYMMg+JlF9gtc80A5TWTdFIPbMvgQL
VDIvr5FTfWor2vQKSaaebu4oloE3Nwf/gQUU+luLga7GlLXpah9i2ov0yDP6Ryam
SyOb8wfSOK+x7e+eVG+YyNaSMUaVZpn58CRLBAkCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBRNd0QPv5DH0BQ4DQEbPDE9avNmpDAfBgNVHSMEGDAWgBTx9CNgo5cKgIAW
/fjY26OWxaHQNDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzhmUWpZS09YQ29DQUZ2MzQyTnVqbHNXaDBEUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTAvMzFkY2E0LTFjZTgtNDMxOC05NTZjLWQ0ZjA4YmUwNTBkNS8x
L1RYZEVENy1ReDlBVU9BMEJHend4UFdyelpxUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTAv
MzFkY2E0LTFjZTgtNDMxOC05NTZjLWQ0ZjA4YmUwNTBkNS8xLzhmUWpZS09YQ29D
QUZ2MzQyTnVqbHNXaDBEUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAS1SagMEAFvrawMEArkQWDANBgkq
hkiG9w0BAQsFAAOCAQEAPj9hFo2N2hnuLxP9NiSRezp8H6ZTuMwCcwqr2vtnzDI8
uHOmvc9Z2yqUotJe1cM1Pr0PchrdkOzpCgfNiOq4mL1fYD3Vd+qJ79JkzQGcnzZT
+G2Qrv4O0aITKMwDmExcEOOJxV2FiFneHb/jTb1UtgRmsUb0Kxt6t/IuzDqbYcvS
9ePBCsMocHmaNw1iihuYXZkYfuPtrQVdIjVw+8+YtWHZHOSJpzfeuCooVta8iK8t
+KE7Yp25z6OwrRbWg6+7Q28cfpFrbupcmXl7gn11bwZlAxQwi/TLLzM3XL64M61u
3VwHcHPZCVjN+Xx9g7F+FAQLxdVshQy8CsZfNHY6kQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:12 2024 by rpki-client on console-fra.rpki-client.org