Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/9ZDiyw2HpQ0lBxcfMaITrpWNyS8.roa
File: 9ZDiyw2HpQ0lBxcfMaITrpWNyS8.roa (raw, json)
Hash identifier: Fo0XLclVXJakjsq34hBm2K6uBMVrU7H5IGPCKywNwFg=
Subject key identifier: F5:90:E2:CB:0D:87:A5:0D:25:07:17:1F:31:A2:13:AE:95:8D:C9:2F
Certificate issuer: /CN=bb830630f23b070a2b7bdf529f73948c97eacd40
Certificate serial: 01849BA6E2BD1BB2440CCBEEE6A344EB8963
Authority key identifier: BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/9ZDiyw2HpQ0lBxcfMaITrpWNyS8.roa
Signing time: Mon 21 Nov 2022 19:25:16 +0000
ROA not before: Mon 21 Nov 2022 19:25:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44477
IP address blocks: 185.250.149.0/24 maxlen: 24
185.250.148.0/24 maxlen: 24
45.67.231.0/24 maxlen: 24
45.67.230.0/24 maxlen: 24
45.67.229.0/24 maxlen: 24
45.67.228.0/24 maxlen: 24
80.92.206.0/24 maxlen: 24
74.119.195.0/24 maxlen: 24
2a09:7c44::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:9b:a6:e2:bd:1b:b2:44:0c:cb:ee:e6:a3:44:eb:89:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb830630f23b070a2b7bdf529f73948c97eacd40
Validity
Not Before: Nov 21 19:25:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f590e2cb0d87a50d2507171f31a213ae958dc92f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:13:69:b3:f9:d1:7f:a2:45:53:9f:68:44:48:
34:31:fd:c9:52:4f:ba:a5:09:5e:f3:20:f7:24:af:
c3:cc:b7:34:86:6d:d0:9d:24:0d:50:54:ae:0b:b7:
08:f6:ae:b0:a5:4f:d1:89:6e:e9:36:64:51:af:0a:
0a:d6:da:98:76:53:66:17:e1:29:8a:c5:7d:66:d5:
40:04:a4:01:58:04:84:f0:ca:ad:37:d6:98:1b:1d:
51:0f:c8:7c:ec:49:75:9d:3b:f8:cd:b1:55:06:f6:
cc:e4:1a:4e:bb:d2:87:fd:d9:31:7e:2a:25:64:5c:
78:6c:02:b1:f8:f0:e3:44:4a:30:02:ec:13:a1:d6:
ca:bc:dd:cf:80:e5:b1:4a:4b:1c:64:5b:e2:77:c2:
66:79:51:fc:1f:43:99:35:8e:88:fc:41:d4:8f:15:
5d:fc:0d:8f:db:bb:09:3d:d3:af:0d:f0:ff:04:c5:
84:50:87:6f:e2:2d:2f:b5:be:5f:d7:88:6d:a3:39:
53:8f:fd:a4:10:19:30:d4:98:fd:ba:23:3e:84:e6:
d0:b7:0f:cb:0d:4d:c2:4e:6d:ae:58:1d:38:41:62:
e7:2c:e4:aa:97:f1:36:d7:41:31:af:f0:52:80:1f:
51:d7:57:9b:97:e6:26:ad:ae:b7:98:79:a0:51:03:
7a:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:90:E2:CB:0D:87:A5:0D:25:07:17:1F:31:A2:13:AE:95:8D:C9:2F
X509v3 Authority Key Identifier:
keyid:BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/9ZDiyw2HpQ0lBxcfMaITrpWNyS8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/u4MGMPI7Bwore99Sn3OUjJfqzUA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.228.0/22
74.119.195.0/24
80.92.206.0/24
185.250.148.0/23
IPv6:
2a09:7c44::/32
Signature Algorithm: sha256WithRSAEncryption
79:e8:fe:50:69:e1:aa:f3:43:7a:6d:00:da:29:b8:20:8b:75:
31:e8:0c:fa:30:b7:f7:57:9b:0d:60:4c:91:82:21:dd:ac:17:
03:05:ad:90:ba:f3:cb:27:38:45:81:f8:2b:05:43:46:4c:c2:
a1:f6:5d:a8:f2:4a:a7:c7:54:f1:c3:40:f3:15:85:27:e0:d4:
f8:26:44:1e:fb:21:76:26:6d:85:3f:49:b2:82:f6:b3:29:9e:
11:86:5f:75:6d:55:a4:6b:39:07:26:f3:aa:ab:cb:33:60:37:
20:48:65:37:d0:c3:9e:ac:4b:d4:22:ef:c8:2c:fd:a9:a3:66:
3f:74:49:95:a4:cf:59:5c:3b:0f:ca:58:68:1c:4b:e2:d3:df:
c2:69:7a:51:4c:ce:8d:4a:df:d3:98:fc:9f:d5:17:d8:b7:17:
1c:90:be:c4:59:2f:b2:ac:b5:ef:44:36:5b:62:c1:9b:05:a1:
11:86:6c:03:e8:4e:ba:62:f5:71:83:2a:2b:ae:dd:db:87:4f:
46:22:a3:00:c6:73:99:5d:41:7e:c6:07:4b:fe:63:2a:79:25:
7f:53:e5:20:85:59:3c:71:76:26:2a:5d:cb:e6:c7:31:82:68:
83:c4:d8:5b:5e:56:66:c5:8f:6d:da:fe:ae:75:82:05:23:5a:
1c:16:2d:9b
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYSbpuK9G7JEDMvu5qNE64ljMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiODMwNjMwZjIzYjA3MGEyYjdiZGY1MjlmNzM5NDhjOTdl
YWNkNDAwHhcNMjIxMTIxMTkyNTE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTkwZTJjYjBkODdhNTBkMjUwNzE3MWYzMWEyMTNhZTk1OGRjOTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiRNps/nRf6JFU59oREg0Mf3JUk+6
pQle8yD3JK/DzLc0hm3QnSQNUFSuC7cI9q6wpU/RiW7pNmRRrwoK1tqYdlNmF+Ep
isV9ZtVABKQBWASE8MqtN9aYGx1RD8h87El1nTv4zbFVBvbM5BpOu9KH/dkxfiol
ZFx4bAKx+PDjREowAuwTodbKvN3PgOWxSkscZFvid8JmeVH8H0OZNY6I/EHUjxVd
/A2P27sJPdOvDfD/BMWEUIdv4i0vtb5f14htozlTj/2kEBkw1Jj9uiM+hObQtw/L
DU3CTm2uWB04QWLnLOSql/E210Exr/BSgB9R11ebl+Ymra63mHmgUQN6iQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFPWQ4ssNh6UNJQcXHzGiE66VjckvMB8GA1UdIwQY
MBaAFLuDBjDyOwcKK3vfUp9zlIyX6s1AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMt
MTE5ZWZjYmIyMDIzLzEvOVpEaXl3MkhwUTBsQnhjZk1hSVRycFdOeVM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMtMTE5ZWZjYmIyMDIz
LzEvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCLUPkAwQA
SnfDAwQAUFzOAwQBufqUMA0EAgACMAcDBQAqCXxEMA0GCSqGSIb3DQEBCwUAA4IB
AQB56P5QaeGq80N6bQDaKbggi3Ux6Az6MLf3V5sNYEyRgiHdrBcDBa2QuvPLJzhF
gfgrBUNGTMKh9l2o8kqnx1Txw0DzFYUn4NT4JkQe+yF2Jm2FP0mygvazKZ4Rhl91
bVWkazkHJvOqq8szYDcgSGU30MOerEvUIu/ILP2po2Y/dEmVpM9ZXDsPylhoHEvi
09/CaXpRTM6NSt/TmPyf1RfYtxcckL7EWS+yrLXvRDZbYsGbBaERhmwD6E66YvVx
gyorrt3bh09GIqMAxnOZXUF+xgdL/mMqeSV/U+UghVk8cXYmKl3L5scxgmiDxNhb
XlZmxY9t2v6udYIFI1ocFi2b
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:41:06 2024 by rpki-client on console-fra.rpki-client.org