Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/DQnJDnD56145mN8dHlR148Wd_BE.roa
File: DQnJDnD56145mN8dHlR148Wd_BE.roa (raw, json)
Hash identifier: xzxYxTsVMc0eUuY+5AG4l2vdrwoR/fXLJS239U2LxgA=
Subject key identifier: 0D:09:C9:0E:70:F9:EB:5E:39:98:DF:1D:1E:54:75:E3:C5:9D:FC:11
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 19CEE287
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/DQnJDnD56145mN8dHlR148Wd_BE.roa
Signing time: Sat 01 Jan 2022 15:56:38 +0000
ROA not before: Sat 01 Jan 2022 15:56:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9009
IP address blocks: 45.92.228.0/24 maxlen: 24
45.92.231.0/24 maxlen: 24
193.176.210.0/24 maxlen: 24
45.85.124.0/22 maxlen: 24
45.130.136.0/24 maxlen: 24
45.130.143.0/24 maxlen: 24
45.91.20.0/24 maxlen: 24
45.91.21.0/24 maxlen: 24
45.91.22.0/24 maxlen: 24
45.132.193.0/24 maxlen: 24
2a07:e341::/32 maxlen: 32
2a07:e340::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 432988807 (0x19cee287)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jan 1 15:56:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0d09c90e70f9eb5e3998df1d1e5475e3c59dfc11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:36:53:1b:1b:37:c4:09:08:52:33:68:9f:17:
1e:bf:0b:69:fc:2e:40:6b:c7:18:f3:5c:09:aa:c4:
46:94:45:6b:7c:b8:53:56:f1:05:35:10:2d:6b:e5:
8c:92:40:4d:6e:57:2e:e4:2d:77:90:60:9f:64:8b:
2d:68:35:7d:45:06:b0:98:19:d7:d6:1c:9f:0b:cd:
99:0d:e4:db:9d:2a:85:9b:92:57:35:2a:53:26:d4:
2a:61:f0:f7:09:49:5d:23:c7:8c:d5:0f:b2:9a:7f:
c1:eb:26:2f:87:90:8c:38:6e:8f:fb:db:b7:3f:00:
df:1a:c5:ad:1a:3d:c4:94:ff:05:f8:60:da:b7:e9:
80:5e:fe:21:4b:f7:fe:bd:71:5a:a2:53:8f:c4:16:
af:5a:51:c3:bd:25:e1:1a:1b:57:d8:7a:85:3a:3c:
80:84:fc:e5:65:83:c4:3c:66:d9:47:1e:9c:a3:6f:
d0:12:d8:98:d0:65:5b:d1:be:e4:f7:4f:2d:08:bd:
44:1e:49:4c:32:fc:c1:8d:47:c1:b5:e1:4c:15:95:
01:fe:1c:1d:c0:e8:06:d2:5e:8e:04:7c:82:b4:c8:
09:ec:6a:5d:34:79:86:b3:ee:45:80:df:00:e0:84:
df:92:33:7f:40:5a:bb:14:a0:4b:d9:d7:7e:bd:95:
35:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:09:C9:0E:70:F9:EB:5E:39:98:DF:1D:1E:54:75:E3:C5:9D:FC:11
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/DQnJDnD56145mN8dHlR148Wd_BE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.124.0/22
45.91.20.0-45.91.22.255
45.92.228.0/24
45.92.231.0/24
45.130.136.0/24
45.130.143.0/24
45.132.193.0/24
193.176.210.0/24
IPv6:
2a07:e340::/31
Signature Algorithm: sha256WithRSAEncryption
21:27:95:e6:e4:09:4b:3e:dc:a7:3b:19:d8:7a:68:43:02:51:
73:8f:eb:19:26:12:42:d6:ca:84:55:3a:d4:8b:d5:7c:21:3e:
19:38:08:35:65:4a:38:2f:d6:e1:d6:c1:a8:f4:29:ac:42:7e:
75:41:d3:9f:80:57:9c:3a:52:d3:d7:6a:dd:45:9f:b7:5c:24:
df:92:75:33:2e:ac:66:65:73:45:e7:37:cd:67:4f:e9:fd:4b:
ae:e9:2c:02:35:41:3b:f9:ba:5a:b2:2d:ea:b4:a5:c6:84:e6:
95:a6:c2:d5:fc:07:a4:29:ff:81:82:78:46:c5:61:b4:37:d4:
8b:c7:15:dc:69:e9:37:14:f2:c7:10:1d:f0:27:5e:74:94:83:
d6:66:76:e7:53:d8:74:3c:06:95:4e:de:fb:80:90:7c:0e:cb:
53:86:dc:a0:14:66:3e:de:57:46:9c:43:ae:5c:25:bc:b8:75:
2f:db:0e:0f:d2:d7:98:bc:43:ce:e9:b5:f1:e8:15:b2:97:c3:
b3:68:09:64:92:e8:fc:c6:6d:ad:54:7d:5a:78:cf:6f:d2:48:
b3:19:64:e5:21:08:bf:a4:e9:dd:d1:44:c7:8f:91:4e:49:4e:
32:90:4d:d3:26:00:f5:cb:f4:94:b9:48:ab:de:ec:b6:bf:46:
0e:ec:d3:8d
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgIEGc7ihzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MTU1MDA5YzNkZTQyMWNjNGU2N2I5YTlhZTQyM2JiMzVkZTBiOTI2MB4XDTIyMDEw
MTE1NTYzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGQwOWM5MGU3MGY5
ZWI1ZTM5OThkZjFkMWU1NDc1ZTNjNTlkZmMxMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ82UxsbN8QJCFIzaJ8XHr8LafwuQGvHGPNcCarERpRFa3y4
U1bxBTUQLWvljJJATW5XLuQtd5Bgn2SLLWg1fUUGsJgZ19YcnwvNmQ3k250qhZuS
VzUqUybUKmHw9wlJXSPHjNUPspp/wesmL4eQjDhuj/vbtz8A3xrFrRo9xJT/Bfhg
2rfpgF7+IUv3/r1xWqJTj8QWr1pRw70l4RobV9h6hTo8gIT85WWDxDxm2UcenKNv
0BLYmNBlW9G+5PdPLQi9RB5JTDL8wY1HwbXhTBWVAf4cHcDoBtJejgR8grTICexq
XTR5hrPuRYDfAOCE35Izf0BauxSgS9nXfr2VNZMCAwEAAaOCAkowggJGMB0GA1Ud
DgQWBBQNCckOcPnrXjmY3x0eVHXjxZ38ETAfBgNVHSMEGDAWgBSxVQCcPeQhzE5n
uamuQjuzXeC5JjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NWVUFuRDNrSWN4T1o3bXBya0k3czEzZ3VTWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTAvZGU5MDJjLTNkMTMtNDdkMS1hNWU2LTczODU2YWY0OWYzZS8x
L0RRbkpEbkQ1NjE0NW1OOGRIbFIxNDhXZF9CRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTAv
ZGU5MDJjLTNkMTMtNDdkMS1hNWU2LTczODU2YWY0OWYzZS8xL3NWVUFuRDNrSWN4
T1o3bXBya0k3czEzZ3VTWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBg
BggrBgEFBQcBBwEB/wRRME8wPgQCAAEwOAMEAi1VfDAMAwQCLVsUAwQALVsWAwQA
LVzkAwQALVznAwQALYKIAwQALYKPAwQALYTBAwQAwbDSMA0EAgACMAcDBQEqB+NA
MA0GCSqGSIb3DQEBCwUAA4IBAQAhJ5Xm5AlLPtynOxnYemhDAlFzj+sZJhJC1sqE
VTrUi9V8IT4ZOAg1ZUo4L9bh1sGo9CmsQn51QdOfgFecOlLT12rdRZ+3XCTfknUz
LqxmZXNF5zfNZ0/p/Uuu6SwCNUE7+bpasi3qtKXGhOaVpsLV/AekKf+BgnhGxWG0
N9SLxxXcaek3FPLHEB3wJ150lIPWZnbnU9h0PAaVTt77gJB8DstThtygFGY+3ldG
nEOuXCW8uHUv2w4P0teYvEPO6bXx6BWyl8OzaAlkkuj8xm2tVH1aeM9v0kizGWTl
IQi/pOnd0UTHj5FOSU4ykE3TJgD1y/SUuUir3uy2v0YO7NON
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:32 2023 by rpki-client on console-fra.rpki-client.org