Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/ae3bac-3da2-4e49-bdab-13ef1c455cc4/1/0OskjGgeanNRtp7uZqX8A71Fxys.roa
File: 0OskjGgeanNRtp7uZqX8A71Fxys.roa (raw, json)
Hash identifier: 6Q/SJ6rJ1v4Q6b3+BPxIDhE/doBXl6F+xlpKAaDJuwk=
Subject key identifier: D0:EB:24:8C:68:1E:6A:73:51:B6:9E:EE:66:A5:FC:03:BD:45:C7:2B
Certificate issuer: /CN=92660b23fe3b8642d6bf475f8eb7fcad9d13c413
Certificate serial: 01856F824E7C8F1303F92E77722D8F70FC65
Authority key identifier: 92:66:0B:23:FE:3B:86:42:D6:BF:47:5F:8E:B7:FC:AD:9D:13:C4:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kmYLI_47hkLWv0dfjrf8rZ0TxBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/ae3bac-3da2-4e49-bdab-13ef1c455cc4/1/0OskjGgeanNRtp7uZqX8A71Fxys.roa
Signing time: Sun 01 Jan 2023 22:44:48 +0000
ROA not before: Sun 01 Jan 2023 22:44:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44076
IP address blocks: 45.141.72.0/22 maxlen: 24
45.83.160.0/22 maxlen: 24
192.214.160.0/19 maxlen: 24
45.129.40.0/21 maxlen: 24
45.135.244.0/22 maxlen: 24
45.137.172.0/22 maxlen: 24
193.148.160.0/19 maxlen: 24
45.142.4.0/22 maxlen: 24
193.19.130.0/24 maxlen: 24
188.34.64.0/18 maxlen: 24
213.17.0.0/18 maxlen: 24
2a05:b540::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:82:4e:7c:8f:13:03:f9:2e:77:72:2d:8f:70:fc:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92660b23fe3b8642d6bf475f8eb7fcad9d13c413
Validity
Not Before: Jan 1 22:44:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d0eb248c681e6a7351b69eee66a5fc03bd45c72b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:57:49:70:13:af:8f:04:ba:89:4f:17:05:1e:
96:4c:f9:9c:6c:dc:3a:db:a7:3c:23:44:0a:84:d9:
29:8a:e9:96:3c:d4:6e:95:ce:bd:a8:69:66:eb:cc:
42:f8:e3:c3:0f:e3:62:fb:a7:e8:d3:62:e2:57:fa:
72:04:54:5e:b8:da:c7:b5:23:f2:b8:a4:eb:6a:b8:
14:7e:ec:4c:f6:bc:12:49:7c:f7:f6:03:2d:e3:03:
d9:f2:83:ef:9a:42:b5:de:14:30:af:09:ff:be:d0:
0c:41:e4:c0:07:1d:7c:5f:4b:e6:ba:56:68:db:63:
2f:84:8a:b7:23:8f:a8:e7:30:72:d5:72:23:bc:a1:
bf:76:c9:4c:b3:cb:12:31:1b:30:4f:6a:47:cd:ae:
9b:bc:5f:6e:c2:c2:f6:0d:b7:93:72:0f:98:f5:4e:
5a:63:e0:ec:89:5c:ff:e9:a8:2f:f5:68:0f:cc:99:
32:b5:46:d0:be:5c:cc:15:f3:de:e0:62:f2:a2:12:
55:03:2e:1e:e1:4d:00:ef:ef:12:26:b6:d0:20:11:
a4:f5:31:7d:b0:24:fd:bf:17:84:d6:e9:3f:52:d3:
d0:59:bc:3f:78:b6:d2:84:60:60:9e:94:6b:ac:c7:
d6:20:d7:27:75:62:6a:82:f0:6e:11:cb:f2:5c:00:
70:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:EB:24:8C:68:1E:6A:73:51:B6:9E:EE:66:A5:FC:03:BD:45:C7:2B
X509v3 Authority Key Identifier:
keyid:92:66:0B:23:FE:3B:86:42:D6:BF:47:5F:8E:B7:FC:AD:9D:13:C4:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kmYLI_47hkLWv0dfjrf8rZ0TxBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/ae3bac-3da2-4e49-bdab-13ef1c455cc4/1/0OskjGgeanNRtp7uZqX8A71Fxys.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/ae3bac-3da2-4e49-bdab-13ef1c455cc4/1/kmYLI_47hkLWv0dfjrf8rZ0TxBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.83.160.0/22
45.129.40.0/21
45.135.244.0/22
45.137.172.0/22
45.141.72.0/22
45.142.4.0/22
188.34.64.0/18
192.214.160.0/19
193.19.130.0/24
193.148.160.0/19
213.17.0.0/18
IPv6:
2a05:b540::/29
Signature Algorithm: sha256WithRSAEncryption
66:67:d4:72:b5:3f:0f:11:6d:de:92:e8:a0:c3:0d:f4:6d:c6:
37:02:31:7a:c3:ba:ea:97:54:39:21:54:9e:3b:17:7b:fb:77:
4c:25:a8:65:49:5e:9e:e8:b8:bf:d5:15:b6:45:d5:2b:b4:19:
d7:03:ea:fa:09:27:aa:c3:f3:0c:93:db:11:05:a1:a0:7d:0e:
4b:e4:a7:be:38:0b:aa:9b:82:95:a4:2d:ad:75:b4:be:e9:a1:
a1:78:c2:3f:90:65:76:ad:04:88:84:e6:2e:95:90:51:8f:f5:
cd:1d:89:b1:aa:fb:9a:e4:77:2f:10:8c:83:d7:b5:05:be:8f:
03:02:5a:3b:93:c7:3a:5e:93:4a:1d:8f:45:b2:75:ed:99:8f:
79:03:16:84:7e:e8:0d:92:94:61:d0:cd:fd:12:e9:a8:a8:5f:
42:e6:bd:c7:92:f5:dd:43:c7:88:5b:00:18:f4:1d:64:52:21:
30:e8:24:d4:2e:91:3a:cf:49:61:68:db:c8:4c:6b:ed:90:8b:
d3:17:4e:d9:99:4e:f0:fa:33:07:a8:ae:5c:51:ed:07:12:58:
2b:8f:1b:e9:20:12:d1:3b:4e:90:85:b6:ff:37:bf:ac:f4:27:
2c:65:93:fe:b6:cb:01:99:e5:dc:24:40:65:25:e4:16:31:1b:
b6:09:63:a4
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgISAYVvgk58jxMD+S53ci2PcPxlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyNjYwYjIzZmUzYjg2NDJkNmJmNDc1ZjhlYjdmY2FkOWQx
M2M0MTMwHhcNMjMwMTAxMjI0NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGViMjQ4YzY4MWU2YTczNTFiNjllZWU2NmE1ZmMwM2JkNDVjNzJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg1dJcBOvjwS6iU8XBR6WTPmcbNw6
26c8I0QKhNkpiumWPNRulc69qGlm68xC+OPDD+Ni+6fo02LiV/pyBFReuNrHtSPy
uKTrargUfuxM9rwSSXz39gMt4wPZ8oPvmkK13hQwrwn/vtAMQeTABx18X0vmulZo
22MvhIq3I4+o5zBy1XIjvKG/dslMs8sSMRswT2pHza6bvF9uwsL2DbeTcg+Y9U5a
Y+DsiVz/6agv9WgPzJkytUbQvlzMFfPe4GLyohJVAy4e4U0A7+8SJrbQIBGk9TF9
sCT9vxeE1uk/UtPQWbw/eLbShGBgnpRrrMfWINcndWJqgvBuEcvyXABw3wIDAQAB
o4ICVDCCAlAwHQYDVR0OBBYEFNDrJIxoHmpzUbae7mal/AO9RccrMB8GA1UdIwQY
MBaAFJJmCyP+O4ZC1r9HX463/K2dE8QTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva21ZTElfNDdoa0xXdjBkZmpyZjhyWjBUeEJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9hZTNiYWMtM2RhMi00ZTQ5LWJkYWIt
MTNlZjFjNDU1Y2M0LzEvME9za2pHZ2Vhbk5SdHA3dVpxWDhBNzFGeHlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9hZTNiYWMtM2RhMi00ZTQ5LWJkYWItMTNlZjFjNDU1Y2M0
LzEva21ZTElfNDdoa0xXdjBkZmpyZjhyWjBUeEJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTBIBAIAATBCAwQCLVOgAwQD
LYEoAwQCLYf0AwQCLYmsAwQCLY1IAwQCLY4EAwQGvCJAAwQFwNagAwQAwROCAwQF
wZSgAwQG1REAMA0EAgACMAcDBQMqBbVAMA0GCSqGSIb3DQEBCwUAA4IBAQBmZ9Ry
tT8PEW3ekuigww30bcY3AjF6w7rql1Q5IVSeOxd7+3dMJahlSV6e6Li/1RW2RdUr
tBnXA+r6CSeqw/MMk9sRBaGgfQ5L5Ke+OAuqm4KVpC2tdbS+6aGheMI/kGV2rQSI
hOYulZBRj/XNHYmxqvua5HcvEIyD17UFvo8DAlo7k8c6XpNKHY9FsnXtmY95AxaE
fugNkpRh0M39EumoqF9C5r3HkvXdQ8eIWwAY9B1kUiEw6CTULpE6z0lhaNvITGvt
kIvTF07ZmU7w+jMHqK5cUe0HElgrjxvpIBLRO06Qhbb/N7+s9CcsZZP+tssBmeXc
JEBlJeQWMRu2CWOk
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:29:08 2025 by rpki-client