Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/riheOfjRgwAVLBjCnulqobXtfnc.roa
File: riheOfjRgwAVLBjCnulqobXtfnc.roa (raw, json)
Hash identifier: ZsXpLJZqfwdmjDEQUokzEUvF9qejZvYmrzARMMyP/Ww=
Subject key identifier: AE:28:5E:39:F8:D1:83:00:15:2C:18:C2:9E:E9:6A:A1:B5:ED:7E:77
Certificate issuer: /CN=c66d9d50b3b89d51c8aa2493e7ef4701d6251dad
Certificate serial: 01855D19F90322A0B1995A7DF8B4661C71F1
Authority key identifier: C6:6D:9D:50:B3:B8:9D:51:C8:AA:24:93:E7:EF:47:01:D6:25:1D:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xm2dULO4nVHIqiST5-9HAdYlHa0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/riheOfjRgwAVLBjCnulqobXtfnc.roa
Signing time: Thu 29 Dec 2022 08:57:41 +0000
ROA not before: Thu 29 Dec 2022 08:57:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35277
IP address blocks: 5.181.202.0/23 maxlen: 24
185.36.142.0/23 maxlen: 24
185.36.141.0/24 maxlen: 24
45.85.117.0/24 maxlen: 24
45.155.120.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:5d:19:f9:03:22:a0:b1:99:5a:7d:f8:b4:66:1c:71:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66d9d50b3b89d51c8aa2493e7ef4701d6251dad
Validity
Not Before: Dec 29 08:57:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ae285e39f8d18300152c18c29ee96aa1b5ed7e77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:1a:d4:36:4c:2c:2c:be:99:50:69:27:32:55:
aa:a7:2c:33:7c:d4:e6:ea:97:ba:0a:a7:6a:81:3f:
52:0c:c3:2e:2c:60:f1:ef:39:b7:8e:67:68:6a:3d:
09:27:10:7d:9f:b5:b2:87:0e:c2:05:89:99:96:ec:
e3:f9:c5:e4:3b:f1:8e:e0:11:d1:48:98:ac:83:b7:
e1:64:f3:7a:36:ca:53:58:03:64:af:28:d3:54:4e:
64:4c:bd:68:36:61:fb:8f:e1:ed:f5:6c:7b:a0:13:
24:63:15:ef:03:c2:f3:7f:46:63:42:d4:f0:5f:18:
34:bd:f3:92:24:58:83:07:c2:4c:ef:8d:4b:42:ed:
0b:27:91:31:dc:c0:ba:b8:18:9f:0f:fc:10:59:10:
fd:fb:cb:64:f7:ac:f5:f1:5d:82:0e:76:0d:b7:24:
c5:9b:4b:35:6c:fa:7e:67:8d:8a:05:d4:2a:9e:67:
de:a2:98:97:39:78:4c:84:b0:73:9f:f8:37:f9:d3:
ac:48:a8:76:c4:66:54:23:aa:6c:f3:1d:4b:c0:cf:
3b:82:85:d2:00:d4:16:64:46:ac:22:1c:15:80:f3:
aa:9d:29:3c:a6:22:fa:f5:1a:1c:54:54:9a:25:ce:
69:54:dc:23:da:54:c9:ce:9c:1c:6e:cd:7f:ca:e1:
c1:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:28:5E:39:F8:D1:83:00:15:2C:18:C2:9E:E9:6A:A1:B5:ED:7E:77
X509v3 Authority Key Identifier:
keyid:C6:6D:9D:50:B3:B8:9D:51:C8:AA:24:93:E7:EF:47:01:D6:25:1D:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xm2dULO4nVHIqiST5-9HAdYlHa0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/riheOfjRgwAVLBjCnulqobXtfnc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/xm2dULO4nVHIqiST5-9HAdYlHa0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.202.0/23
45.85.117.0/24
45.155.120.0/23
185.36.141.0-185.36.143.255
Signature Algorithm: sha256WithRSAEncryption
68:3d:69:62:d0:81:03:02:db:1c:1c:a0:0e:43:99:d0:9f:5e:
05:d7:d3:ea:77:01:29:ac:e9:6d:3a:0c:10:bb:3f:ae:9c:c9:
4d:5f:4c:60:9d:43:f5:90:77:2b:82:6e:7a:c7:ad:d6:7a:cd:
1c:a3:55:8b:70:64:6f:c9:63:60:6e:1d:20:42:82:d1:69:f6:
84:65:00:df:b9:40:fa:eb:d9:d9:1e:18:32:63:98:95:08:d0:
17:05:7d:30:48:69:26:09:db:85:ab:ed:62:1d:c7:66:b5:af:
b7:00:d5:27:06:ae:a3:67:f5:1f:2f:b9:74:07:2b:92:dd:f4:
68:9b:ce:83:65:2a:8d:0a:cf:7c:3f:ce:39:3a:76:d9:24:19:
5e:7e:99:c1:c3:a7:58:d8:55:39:22:c6:0a:dc:16:f1:24:70:
c7:04:98:d0:95:fb:93:cb:3a:1b:57:b3:d3:10:32:b7:2f:c6:
82:df:3f:d0:59:08:3b:70:49:13:6b:e4:ca:b2:8e:1f:af:0d:
12:6a:87:9f:c4:ff:2f:26:da:96:7b:ed:5a:6d:88:79:95:4e:
9c:a7:4b:71:50:cc:a1:2d:0f:66:89:6e:fd:89:1f:ca:d4:ce:
6a:b7:21:1d:d6:a3:17:5f:d1:62:3d:a0:69:1b:e7:68:ac:e1:
8a:2a:8c:5f
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYVdGfkDIqCxmVp9+LRmHHHxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NmQ5ZDUwYjNiODlkNTFjOGFhMjQ5M2U3ZWY0NzAxZDYy
NTFkYWQwHhcNMjIxMjI5MDg1NzQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTI4NWUzOWY4ZDE4MzAwMTUyYzE4YzI5ZWU5NmFhMWI1ZWQ3ZTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvxrUNkwsLL6ZUGknMlWqpywzfNTm
6pe6CqdqgT9SDMMuLGDx7zm3jmdoaj0JJxB9n7Wyhw7CBYmZluzj+cXkO/GO4BHR
SJisg7fhZPN6NspTWANkryjTVE5kTL1oNmH7j+Ht9Wx7oBMkYxXvA8Lzf0ZjQtTw
Xxg0vfOSJFiDB8JM741LQu0LJ5Ex3MC6uBifD/wQWRD9+8tk96z18V2CDnYNtyTF
m0s1bPp+Z42KBdQqnmfeopiXOXhMhLBzn/g3+dOsSKh2xGZUI6ps8x1LwM87goXS
ANQWZEasIhwVgPOqnSk8piL69RocVFSaJc5pVNwj2lTJzpwcbs1/yuHBpQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFK4oXjn40YMAFSwYwp7paqG17X53MB8GA1UdIwQY
MBaAFMZtnVCzuJ1RyKokk+fvRwHWJR2tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG0yZFVMTzRuVkhJcWlTVDUtOUhBZFlsSGEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS80YmI3NGItOGQ2ZC00NTE0LWEzOWMt
YjdjNTc4Yjc0ZTM1LzEvcmloZU9malJnd0FWTEJqQ251bHFvYlh0Zm5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS80YmI3NGItOGQ2ZC00NTE0LWEzOWMtYjdjNTc4Yjc0ZTM1
LzEveG0yZFVMTzRuVkhJcWlTVDUtOUhBZFlsSGEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQBBbXKAwQA
LVV1AwQBLZt4MAwDBAC5JI0DBAS5JIAwDQYJKoZIhvcNAQELBQADggEBAGg9aWLQ
gQMC2xwcoA5DmdCfXgXX0+p3ASms6W06DBC7P66cyU1fTGCdQ/WQdyuCbnrHrdZ6
zRyjVYtwZG/JY2BuHSBCgtFp9oRlAN+5QPrr2dkeGDJjmJUI0BcFfTBIaSYJ24Wr
7WIdx2a1r7cA1ScGrqNn9R8vuXQHK5Ld9GibzoNlKo0Kz3w/zjk6dtkkGV5+mcHD
p1jYVTkixgrcFvEkcMcEmNCV+5PLOhtXs9MQMrcvxoLfP9BZCDtwSRNr5Mqyjh+v
DRJqh5/E/y8m2pZ77VptiHmVTpynS3FQzKEtD2aJbv2JH8rUzmq3IR3Woxdf0WI9
oGkb52is4YoqjF8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:36 2024 by rpki-client on console-ams.rpki-client.org