Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/3eb64a-e6de-45f5-b68c-6936762d2fce/1/c9xFvMWaT5rJycCL8huZ2Yqf6-o.roa
File: c9xFvMWaT5rJycCL8huZ2Yqf6-o.roa (raw, json)
Hash identifier: 2Mt4HVj8Xl4dPHpKTWjB42egrVL/MHgnBXvlKDJ6K4Q=
Subject key identifier: 73:DC:45:BC:C5:9A:4F:9A:C9:C9:C0:8B:F2:1B:99:D9:8A:9F:EB:EA
Certificate issuer: /CN=3016b10d0ac218017c749394e4f2519cf2c0514e
Certificate serial: 0A957624
Authority key identifier: 30:16:B1:0D:0A:C2:18:01:7C:74:93:94:E4:F2:51:9C:F2:C0:51:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MBaxDQrCGAF8dJOU5PJRnPLAUU4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/3eb64a-e6de-45f5-b68c-6936762d2fce/1/c9xFvMWaT5rJycCL8huZ2Yqf6-o.roa
Signing time: Sat 01 Jan 2022 05:59:51 +0000
ROA not before: Sat 01 Jan 2022 05:59:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47834
IP address blocks: 213.129.128.0/21 maxlen: 21
95.129.240.0/21 maxlen: 21
213.129.136.0/21 maxlen: 21
213.129.144.0/21 maxlen: 21
213.129.152.0/21 maxlen: 21
45.85.172.0/22 maxlen: 22
2a03:f300::/32 maxlen: 32
2a03:f300::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 177567268 (0xa957624)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3016b10d0ac218017c749394e4f2519cf2c0514e
Validity
Not Before: Jan 1 05:59:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=73dc45bcc59a4f9ac9c9c08bf21b99d98a9febea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:82:31:22:aa:24:95:c0:12:e6:25:61:2b:34:
36:7e:de:96:60:0a:87:f3:b7:6e:22:d7:c1:b3:19:
80:51:e3:d1:8c:ca:c1:91:16:fd:23:e0:bf:a4:ee:
b5:2b:77:e0:ce:66:bd:1b:20:40:f4:f1:a0:18:2e:
74:4e:0d:12:e9:2f:ae:30:26:e6:8e:c1:d7:1a:05:
ff:16:91:b0:17:11:cb:23:82:43:f2:a1:4b:33:b2:
f7:7d:42:30:24:5d:6b:97:b3:db:34:e5:11:ec:41:
f2:08:12:d3:62:b9:1d:91:32:49:f2:a5:e9:b7:17:
9c:19:ac:ac:fd:94:9a:0b:4b:ac:e4:24:cf:b5:ce:
e1:c7:d2:27:4c:9b:d2:f4:59:83:50:f9:14:79:11:
de:94:02:05:80:77:20:ef:6c:44:ea:44:fa:a0:e5:
f1:56:0c:a3:43:e8:0b:e7:ab:c7:ea:75:b0:b8:14:
88:ae:1b:c5:2e:dd:e1:5d:fc:ba:06:2c:ab:ba:5b:
af:ac:38:b8:8a:4f:21:5c:83:09:9a:85:58:c6:48:
36:1c:4a:53:2b:7c:69:93:89:31:b7:57:5d:0e:8b:
a1:35:61:9d:c3:72:cd:1a:2a:f4:0d:59:d7:35:58:
d0:89:bc:45:b8:e1:d9:67:df:57:ce:2f:81:ce:e4:
ac:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:DC:45:BC:C5:9A:4F:9A:C9:C9:C0:8B:F2:1B:99:D9:8A:9F:EB:EA
X509v3 Authority Key Identifier:
keyid:30:16:B1:0D:0A:C2:18:01:7C:74:93:94:E4:F2:51:9C:F2:C0:51:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MBaxDQrCGAF8dJOU5PJRnPLAUU4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/3eb64a-e6de-45f5-b68c-6936762d2fce/1/c9xFvMWaT5rJycCL8huZ2Yqf6-o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/3eb64a-e6de-45f5-b68c-6936762d2fce/1/MBaxDQrCGAF8dJOU5PJRnPLAUU4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.172.0/22
95.129.240.0/21
213.129.128.0/19
IPv6:
2a03:f300::/29
Signature Algorithm: sha256WithRSAEncryption
bc:f6:6e:4c:92:47:b5:f8:bc:eb:10:12:86:78:ac:65:1a:9c:
d7:88:c5:7d:87:f3:9d:51:18:d0:b8:a8:76:34:39:f0:42:df:
e1:31:41:58:0a:b3:57:59:64:db:ed:f9:f8:80:64:66:83:22:
cd:f8:a2:9f:cb:30:7c:29:3d:b9:aa:8a:64:49:08:46:f7:04:
ed:c1:34:d3:54:aa:6d:d4:b1:21:18:b5:dd:aa:38:20:32:82:
ff:18:94:5c:b4:65:b4:d7:2e:04:d5:e2:fc:1b:40:f4:95:d5:
aa:eb:b9:79:b1:d4:ae:ef:38:9b:81:11:46:2e:22:6b:3a:4e:
d0:48:b7:9e:93:52:27:6a:8d:9d:da:74:01:57:c8:91:96:c3:
8d:71:64:5f:68:57:70:74:3e:0b:b2:d0:27:c0:48:79:00:39:
aa:6b:41:02:8d:69:1f:8a:bd:db:08:f9:6a:5f:ed:fb:f2:37:
3f:c1:10:d8:e8:b7:13:4e:f0:c7:81:46:1a:85:93:a9:88:3c:
b7:4a:34:be:a2:c8:ee:d5:a3:6b:4c:01:cd:af:25:85:e9:68:
b4:3f:56:a2:89:cd:d2:1f:56:e1:f7:83:27:20:ed:74:b3:1a:
d9:af:0b:67:43:69:d1:a0:e1:b3:44:41:4d:23:c7:f7:71:4b:
6a:6d:eb:d7
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIECpV2JDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MDE2YjEwZDBhYzIxODAxN2M3NDkzOTRlNGYyNTE5Y2YyYzA1MTRlMB4XDTIyMDEw
MTA1NTk1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzNkYzQ1YmNjNTlh
NGY5YWM5YzljMDhiZjIxYjk5ZDk4YTlmZWJlYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKGCMSKqJJXAEuYlYSs0Nn7elmAKh/O3biLXwbMZgFHj0YzK
wZEW/SPgv6TutSt34M5mvRsgQPTxoBgudE4NEukvrjAm5o7B1xoF/xaRsBcRyyOC
Q/KhSzOy931CMCRda5ez2zTlEexB8ggS02K5HZEySfKl6bcXnBmsrP2UmgtLrOQk
z7XO4cfSJ0yb0vRZg1D5FHkR3pQCBYB3IO9sROpE+qDl8VYMo0PoC+erx+p1sLgU
iK4bxS7d4V38ugYsq7pbr6w4uIpPIVyDCZqFWMZINhxKUyt8aZOJMbdXXQ6LoTVh
ncNyzRoq9A1Z1zVY0Im8Rbjh2WffV84vgc7krNUCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBRz3EW8xZpPmsnJwIvyG5nZip/r6jAfBgNVHSMEGDAWgBQwFrENCsIYAXx0
k5Tk8lGc8sBRTjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01CYXhEUXJDR0FGOGRKT1U1UEpSblBMQVVVNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTUvM2ViNjRhLWU2ZGUtNDVmNS1iNjhjLTY5MzY3NjJkMmZjZS8x
L2M5eEZ2TVdhVDVySnljQ0w4aHVaMllxZjYtby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTUv
M2ViNjRhLWU2ZGUtNDVmNS1iNjhjLTY5MzY3NjJkMmZjZS8xL01CYXhEUXJDR0FG
OGRKT1U1UEpSblBMQVVVNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEAi1VrAMEA1+B8AMEBdWBgDANBAIA
AjAHAwUDKgPzADANBgkqhkiG9w0BAQsFAAOCAQEAvPZuTJJHtfi86xAShnisZRqc
14jFfYfznVEY0LiodjQ58ELf4TFBWAqzV1lk2+35+IBkZoMizfiin8swfCk9uaqK
ZEkIRvcE7cE001SqbdSxIRi13ao4IDKC/xiUXLRltNcuBNXi/BtA9JXVquu5ebHU
ru84m4ERRi4iazpO0Ei3npNSJ2qNndp0AVfIkZbDjXFkX2hXcHQ+C7LQJ8BIeQA5
qmtBAo1pH4q92wj5al/t+/I3P8EQ2Oi3E07wx4FGGoWTqYg8t0o0vqLI7tWja0wB
za8lhelotD9WoonN0h9W4feDJyDtdLMa2a8LZ0Np0aDhs0RBTSPH93FLam3r1w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:25 2024 by rpki-client on console-fra.rpki-client.org