Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/cU1GguF2k-QOpFvEoPvNC4cx8cU.roa
File: cU1GguF2k-QOpFvEoPvNC4cx8cU.roa (raw, json)
Hash identifier: /+AtiSkUWO2t/LyxOb2GMM9Ks14EK7C1M5UqUF6YJ/c=
Subject key identifier: 71:4D:46:82:E1:76:93:E4:0E:A4:5B:C4:A0:FB:CD:0B:87:31:F1:C5
Certificate issuer: /CN=bb830630f23b070a2b7bdf529f73948c97eacd40
Certificate serial: 01852A7D809ECB0834677B099382C62502D1
Authority key identifier: BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/cU1GguF2k-QOpFvEoPvNC4cx8cU.roa
Signing time: Mon 19 Dec 2022 13:05:46 +0000
ROA not before: Mon 19 Dec 2022 13:05:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44477
IP address blocks: 80.92.206.0/24 maxlen: 24
74.119.195.0/24 maxlen: 24
185.242.84.0/24 maxlen: 24
185.242.85.0/24 maxlen: 24
185.242.87.0/24 maxlen: 24
185.242.86.0/24 maxlen: 24
185.250.149.0/24 maxlen: 24
185.250.148.0/24 maxlen: 24
45.67.231.0/24 maxlen: 24
45.67.230.0/24 maxlen: 24
45.67.229.0/24 maxlen: 24
45.67.228.0/24 maxlen: 24
2a09:7c44::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:2a:7d:80:9e:cb:08:34:67:7b:09:93:82:c6:25:02:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb830630f23b070a2b7bdf529f73948c97eacd40
Validity
Not Before: Dec 19 13:05:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=714d4682e17693e40ea45bc4a0fbcd0b8731f1c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:6b:bc:a4:fa:c4:06:7a:7b:25:45:ab:3e:6e:
46:bd:e1:f0:b3:4f:b6:16:02:13:e0:16:38:83:42:
b9:e4:04:1e:86:ca:bc:8b:e9:d4:e3:52:97:8a:c7:
34:35:e9:e3:76:1b:e9:3e:d2:61:4f:69:61:60:30:
0c:0a:7d:67:e2:e1:3e:17:8a:c3:98:2a:ca:96:e1:
69:8d:86:ae:97:6d:be:9a:43:8e:47:36:da:68:7c:
27:ad:90:b2:c0:af:6c:26:3e:7a:66:94:15:2d:50:
7b:5f:3a:7a:f6:bc:f4:52:e6:71:d3:6f:a8:39:41:
2c:a2:b8:39:cc:3d:62:06:48:8a:ff:1f:7c:82:22:
6a:10:6f:41:74:be:b7:0e:a9:b8:71:12:5a:ca:2d:
0e:ae:33:4b:e7:d0:b4:f2:80:ad:e1:ba:e0:7b:26:
c9:cb:75:65:83:d4:e3:40:0f:e6:2a:10:3b:b1:71:
c0:10:6f:81:2e:0d:9c:46:88:c0:93:7a:d4:c6:f8:
33:20:27:98:fb:94:37:d0:ec:74:6c:d9:5f:6f:e6:
48:aa:33:2f:ac:59:51:ac:65:a2:ac:8b:e1:cd:b6:
9a:20:a9:1c:01:1f:b2:d3:23:ca:30:5a:59:b7:e2:
61:87:a4:a9:fd:a4:8c:5c:ef:da:21:f2:c2:22:b4:
4c:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:4D:46:82:E1:76:93:E4:0E:A4:5B:C4:A0:FB:CD:0B:87:31:F1:C5
X509v3 Authority Key Identifier:
keyid:BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/cU1GguF2k-QOpFvEoPvNC4cx8cU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/u4MGMPI7Bwore99Sn3OUjJfqzUA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.228.0/22
74.119.195.0/24
80.92.206.0/24
185.242.84.0/22
185.250.148.0/23
IPv6:
2a09:7c44::/32
Signature Algorithm: sha256WithRSAEncryption
5a:d5:00:7d:12:10:35:d5:ba:45:72:7b:df:47:a7:31:c7:68:
a1:18:ba:6b:4f:4c:02:7e:77:04:23:23:63:ab:59:be:40:56:
72:d5:fc:8e:5c:fe:8c:1b:a0:da:49:18:ad:fb:d4:17:0b:09:
10:ad:86:84:ae:52:2e:49:3c:21:f0:81:9d:44:66:a0:fb:fb:
8c:36:a9:71:09:d4:f3:b5:a2:e4:01:9e:07:b6:8a:66:e8:ec:
92:ba:93:ff:52:7a:24:54:e9:64:aa:7f:8e:d3:bf:cd:6f:d6:
d1:4e:81:a9:cc:23:22:31:3f:d7:43:fd:46:e1:a2:4c:ed:8f:
44:00:eb:c6:31:05:e2:52:ce:d1:a4:91:cb:16:c0:b4:83:48:
92:dd:55:95:e6:bd:99:e6:27:8d:76:4d:1f:d3:4e:64:c6:c8:
8c:7e:82:58:70:9b:89:d0:7d:d1:0a:ae:c5:1c:a7:81:a8:4c:
2e:db:8c:ed:17:6f:3e:f1:83:76:db:c6:99:63:74:21:a6:e5:
73:29:5f:09:fd:ab:c6:cc:85:0d:8a:e2:70:03:b6:a8:14:a5:
63:a3:4c:a7:5b:5c:76:b4:9b:41:f1:06:e3:a1:c7:75:71:e3:
6d:f8:ac:52:e1:e7:7a:ac:2e:31:f4:64:cb:99:10:64:31:4b:
67:4d:c4:c8
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYUqfYCeywg0Z3sJk4LGJQLRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiODMwNjMwZjIzYjA3MGEyYjdiZGY1MjlmNzM5NDhjOTdl
YWNkNDAwHhcNMjIxMjE5MTMwNTQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTRkNDY4MmUxNzY5M2U0MGVhNDViYzRhMGZiY2QwYjg3MzFmMWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApGu8pPrEBnp7JUWrPm5GveHws0+2
FgIT4BY4g0K55AQehsq8i+nU41KXisc0NenjdhvpPtJhT2lhYDAMCn1n4uE+F4rD
mCrKluFpjYaul22+mkOORzbaaHwnrZCywK9sJj56ZpQVLVB7Xzp69rz0UuZx02+o
OUEsorg5zD1iBkiK/x98giJqEG9BdL63Dqm4cRJayi0OrjNL59C08oCt4brgeybJ
y3Vlg9TjQA/mKhA7sXHAEG+BLg2cRojAk3rUxvgzICeY+5Q30Ox0bNlfb+ZIqjMv
rFlRrGWirIvhzbaaIKkcAR+y0yPKMFpZt+Jhh6Sp/aSMXO/aIfLCIrRMqQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFHFNRoLhdpPkDqRbxKD7zQuHMfHFMB8GA1UdIwQY
MBaAFLuDBjDyOwcKK3vfUp9zlIyX6s1AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMt
MTE5ZWZjYmIyMDIzLzEvY1UxR2d1RjJrLVFPcEZ2RW9Qdk5DNGN4OGNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMtMTE5ZWZjYmIyMDIz
LzEvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCLUPkAwQA
SnfDAwQAUFzOAwQCufJUAwQBufqUMA0EAgACMAcDBQAqCXxEMA0GCSqGSIb3DQEB
CwUAA4IBAQBa1QB9EhA11bpFcnvfR6cxx2ihGLprT0wCfncEIyNjq1m+QFZy1fyO
XP6MG6DaSRit+9QXCwkQrYaErlIuSTwh8IGdRGag+/uMNqlxCdTztaLkAZ4Htopm
6OySupP/UnokVOlkqn+O07/Nb9bRToGpzCMiMT/XQ/1G4aJM7Y9EAOvGMQXiUs7R
pJHLFsC0g0iS3VWV5r2Z5ieNdk0f005kxsiMfoJYcJuJ0H3RCq7FHKeBqEwu24zt
F28+8YN228aZY3QhpuVzKV8J/avGzIUNiuJwA7aoFKVjo0ynW1x2tJtB8Qbjocd1
ceNt+KxS4ed6rC4x9GTLmRBkMUtnTcTI
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:28 2024 by rpki-client on console-ams.rpki-client.org