Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/kain2QJXQnycCTF64wweKjX1tyQ.roa
File: kain2QJXQnycCTF64wweKjX1tyQ.roa (raw, json)
Hash identifier: wPGrYXmcHFtnwooPUS0BP0JYv+zb6CtGnjcQFYZvQ9U=
Subject key identifier: 91:A8:A7:D9:02:57:42:7C:9C:09:31:7A:E3:0C:1E:2A:35:F5:B7:24
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 1BCA15CF
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/kain2QJXQnycCTF64wweKjX1tyQ.roa
Signing time: Wed 22 Jun 2022 14:38:32 +0000
ROA not before: Wed 22 Jun 2022 14:38:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200023
IP address blocks: 45.139.160.0/23 maxlen: 24
45.139.172.0/22 maxlen: 24
45.92.248.0/22 maxlen: 24
45.83.206.0/24 maxlen: 24
45.95.176.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 466228687 (0x1bca15cf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jun 22 14:38:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=91a8a7d90257427c9c09317ae30c1e2a35f5b724
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:dd:a2:63:70:af:db:af:f5:64:8c:15:f4:9c:
d7:e3:f9:d4:78:cf:25:23:24:cf:75:c5:8b:d2:4d:
24:b3:f7:2b:0e:8b:be:5f:75:fc:c4:3f:89:f5:fd:
2b:03:4e:3b:23:d0:30:2f:2a:05:cb:61:f4:97:73:
de:da:c9:d7:1d:9d:27:d3:61:a9:b8:b3:18:7d:a7:
1f:57:37:7b:5f:b7:d6:7a:92:02:ad:f8:c0:86:96:
14:25:b2:a8:1e:e5:a3:41:13:06:af:9b:fa:b8:60:
5f:3e:50:58:3c:47:38:25:e9:2a:f6:c6:f4:45:04:
f7:40:64:c9:f5:d2:8d:51:e7:ab:08:cd:d4:1a:3d:
4b:e7:b2:25:94:64:9e:2b:db:97:0d:04:32:b3:f2:
e2:d2:2c:35:f7:1d:41:78:f6:f2:c7:3c:3d:7b:76:
b7:db:6a:8d:c0:7a:8f:4d:31:c5:44:94:1d:0d:ed:
23:f4:b6:59:a8:21:df:97:32:fa:58:04:58:eb:f9:
a2:c4:c1:f2:bf:6b:35:ac:a6:cf:85:09:52:fd:00:
e6:97:ed:58:ca:63:c7:d3:18:6b:ec:6f:a1:71:ad:
53:f4:a0:73:b1:e0:72:07:db:0c:41:e9:60:25:a5:
d1:6d:28:f3:15:65:93:10:c6:13:47:82:d9:99:12:
48:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:A8:A7:D9:02:57:42:7C:9C:09:31:7A:E3:0C:1E:2A:35:F5:B7:24
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/kain2QJXQnycCTF64wweKjX1tyQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.83.206.0/24
45.92.248.0/22
45.95.176.0/22
45.139.160.0/23
45.139.172.0/22
Signature Algorithm: sha256WithRSAEncryption
46:c3:92:8b:05:54:b0:19:c6:a1:b2:5b:f5:e3:9c:b3:a5:93:
fc:a3:1a:60:9c:e8:20:ad:7a:55:bc:1b:06:65:d0:44:8c:de:
b4:02:d0:96:59:f0:14:05:0e:e8:ba:b4:7e:9c:98:61:f0:8c:
6a:d1:72:83:5a:0d:37:ca:4f:c7:bb:b3:8d:fa:d0:a1:74:59:
d5:b3:00:d2:74:f1:6a:73:48:da:23:88:db:ee:9e:46:df:8f:
2b:7d:d0:6c:a3:1c:8a:0e:75:35:60:5e:59:5d:57:ef:24:d4:
17:dc:d6:40:d6:8a:66:58:3e:b5:4d:6e:4b:c0:3d:32:64:dd:
fd:f4:97:e2:16:6b:4a:1c:84:67:2d:20:be:b6:ca:8a:85:33:
4b:8d:55:f6:bb:25:93:40:d2:2a:f8:5b:0e:23:06:aa:44:9d:
73:e7:25:23:b1:64:75:af:95:aa:fc:8a:45:ba:f5:27:d5:db:
1e:af:20:ab:54:ee:c8:c2:26:52:a7:da:c6:ac:64:27:8e:a9:
64:4e:90:f2:05:4c:57:6c:35:cd:7f:d4:9a:ea:e7:ee:bb:c5:
3b:d3:d5:09:fe:d2:19:f6:9a:70:cb:6f:4d:2a:a5:fa:ea:7d:
a7:d4:f4:cf:d7:a9:16:77:59:84:36:23:3f:89:ff:c7:c4:cf:
fd:4b:35:54
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIEG8oVzzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MTU1MDA5YzNkZTQyMWNjNGU2N2I5YTlhZTQyM2JiMzVkZTBiOTI2MB4XDTIyMDYy
MjE0MzgzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTFhOGE3ZDkwMjU3
NDI3YzljMDkzMTdhZTMwYzFlMmEzNWY1YjcyNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKzdomNwr9uv9WSMFfSc1+P51HjPJSMkz3XFi9JNJLP3Kw6L
vl91/MQ/ifX9KwNOOyPQMC8qBcth9Jdz3trJ1x2dJ9NhqbizGH2nH1c3e1+31nqS
Aq34wIaWFCWyqB7lo0ETBq+b+rhgXz5QWDxHOCXpKvbG9EUE90BkyfXSjVHnqwjN
1Bo9S+eyJZRknivblw0EMrPy4tIsNfcdQXj28sc8PXt2t9tqjcB6j00xxUSUHQ3t
I/S2Wagh35cy+lgEWOv5osTB8r9rNaymz4UJUv0A5pftWMpjx9MYa+xvoXGtU/Sg
c7HgcgfbDEHpYCWl0W0o8xVlkxDGE0eC2ZkSSPcCAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBSRqKfZAldCfJwJMXrjDB4qNfW3JDAfBgNVHSMEGDAWgBSxVQCcPeQhzE5n
uamuQjuzXeC5JjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NWVUFuRDNrSWN4T1o3bXBya0k3czEzZ3VTWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTAvZGU5MDJjLTNkMTMtNDdkMS1hNWU2LTczODU2YWY0OWYzZS8x
L2thaW4yUUpYUW55Y0NURjY0d3dlS2pYMXR5US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTAv
ZGU5MDJjLTNkMTMtNDdkMS1hNWU2LTczODU2YWY0OWYzZS8xL3NWVUFuRDNrSWN4
T1o3bXBya0k3czEzZ3VTWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAC1TzgMEAi1c+AMEAi1fsAMEAS2L
oAMEAi2LrDANBgkqhkiG9w0BAQsFAAOCAQEARsOSiwVUsBnGobJb9eOcs6WT/KMa
YJzoIK16VbwbBmXQRIzetALQllnwFAUO6Lq0fpyYYfCMatFyg1oNN8pPx7uzjfrQ
oXRZ1bMA0nTxanNI2iOI2+6eRt+PK33QbKMcig51NWBeWV1X7yTUF9zWQNaKZlg+
tU1uS8A9MmTd/fSX4hZrShyEZy0gvrbKioUzS41V9rslk0DSKvhbDiMGqkSdc+cl
I7Fkda+VqvyKRbr1J9XbHq8gq1TuyMImUqfaxqxkJ46pZE6Q8gVMV2w1zX/Umurn
7rvFO9PVCf7SGfaacMtvTSql+up9p9T0z9epFndZhDYjP4n/x8TP/Us1VA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:35:52 2024 by rpki-client on console-ams.rpki-client.org