Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/31c815-d96a-4bb6-8ccf-f2b81079b746/1/7QJeRm7x2eH3oP113wZ98po31NU.roa
File: 7QJeRm7x2eH3oP113wZ98po31NU.roa (raw, json)
Hash identifier: saxkEPqylg1scRYTrNG9BT66moZjBNe49SmVjZmJuCc=
Subject key identifier: ED:02:5E:46:6E:F1:D9:E1:F7:A0:FD:75:DF:06:7D:F2:9A:37:D4:D5
Certificate issuer: /CN=b2853aa1eb32bfee0feb1483c14936d101f16edf
Certificate serial: 0B1EC32F
Authority key identifier: B2:85:3A:A1:EB:32:BF:EE:0F:EB:14:83:C1:49:36:D1:01:F1:6E:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/soU6oesyv-4P6xSDwUk20QHxbt8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/31c815-d96a-4bb6-8ccf-f2b81079b746/1/7QJeRm7x2eH3oP113wZ98po31NU.roa
Signing time: Tue 05 Apr 2022 09:31:02 +0000
ROA not before: Tue 05 Apr 2022 09:31:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57724
IP address blocks: 185.178.208.0/24 maxlen: 24
185.178.209.0/24 maxlen: 24
185.178.210.0/24 maxlen: 24
45.10.243.0/24 maxlen: 24
45.10.241.0/24 maxlen: 24
45.10.242.0/24 maxlen: 24
45.10.240.0/24 maxlen: 24
45.10.240.0/22 maxlen: 32
91.215.41.0/24 maxlen: 24
91.215.42.0/24 maxlen: 24
91.215.40.0/24 maxlen: 32
91.215.43.0/24 maxlen: 24
185.129.102.0/24 maxlen: 24
185.129.103.0/24 maxlen: 24
185.129.100.0/24 maxlen: 24
185.129.101.0/24 maxlen: 24
2a0a:4180::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 186565423 (0xb1ec32f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2853aa1eb32bfee0feb1483c14936d101f16edf
Validity
Not Before: Apr 5 09:31:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ed025e466ef1d9e1f7a0fd75df067df29a37d4d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:15:ec:bf:36:55:15:a5:91:49:30:1e:d1:67:
94:37:54:14:ed:45:0e:87:4a:41:8d:57:a0:c1:10:
40:2f:3a:93:e2:90:e7:e3:c0:b8:d7:34:ce:e5:bf:
ef:46:c1:77:1e:50:d9:41:70:d4:19:2d:c6:4b:59:
15:a9:39:28:d2:9d:9f:4c:d1:1f:1b:c8:62:ea:30:
21:f9:a2:8c:3f:e9:d0:f9:56:57:cf:03:69:16:0e:
a1:e1:7c:c7:20:c7:d1:54:55:eb:6a:e4:5c:3e:89:
fa:50:ea:0e:64:6c:ce:2d:65:85:2b:1d:ba:43:f6:
cf:59:39:76:9f:8c:95:b0:0e:6a:3c:56:dd:7c:56:
fd:a1:de:07:3b:8d:68:f4:69:b5:10:42:e3:4a:d5:
56:5e:b5:0d:c6:b2:a1:c1:ef:52:52:4d:08:7a:b5:
90:61:70:ca:49:b7:99:dc:9f:07:c7:a1:f1:bc:cd:
b6:33:ef:7b:b4:f4:45:28:52:50:28:b3:be:f7:f5:
ee:9e:a8:53:d7:4e:18:a2:fc:bb:4f:0f:f1:e9:5e:
09:e9:80:dc:12:97:7a:1b:72:63:3e:3a:f0:6b:16:
5e:5c:de:b1:55:8c:93:6d:25:46:24:62:83:ac:ad:
c2:db:ba:64:96:66:32:e0:b7:b9:15:20:f0:d8:a6:
43:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:02:5E:46:6E:F1:D9:E1:F7:A0:FD:75:DF:06:7D:F2:9A:37:D4:D5
X509v3 Authority Key Identifier:
keyid:B2:85:3A:A1:EB:32:BF:EE:0F:EB:14:83:C1:49:36:D1:01:F1:6E:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/soU6oesyv-4P6xSDwUk20QHxbt8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/31c815-d96a-4bb6-8ccf-f2b81079b746/1/7QJeRm7x2eH3oP113wZ98po31NU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/31c815-d96a-4bb6-8ccf-f2b81079b746/1/soU6oesyv-4P6xSDwUk20QHxbt8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.240.0/22
91.215.40.0/22
185.129.100.0/22
185.178.208.0-185.178.210.255
IPv6:
2a0a:4180::/48
Signature Algorithm: sha256WithRSAEncryption
64:d1:ef:62:8a:d2:a1:7c:10:48:9d:c8:ad:2d:14:22:b6:59:
e2:a5:2d:12:a7:c6:e6:22:5b:be:94:d4:b7:c5:ed:b6:89:8f:
ac:f8:83:d0:23:c7:32:3b:1d:01:d7:0b:c3:c5:08:fe:cc:9b:
fa:60:08:55:7e:d9:02:00:15:83:a7:20:56:0e:36:21:6c:23:
2b:1c:a7:77:a6:62:a3:c6:3f:e2:aa:3d:9e:e4:98:9e:28:0c:
c1:e5:85:d4:6a:eb:3e:cc:b9:56:d2:ed:6b:2c:68:38:ff:3d:
7b:4a:9e:84:04:31:f2:76:33:5c:1f:b2:cb:2b:56:25:47:47:
9f:83:9c:07:f0:2f:20:d2:da:19:75:38:82:f4:f8:be:35:0c:
a8:ad:1f:19:bb:71:61:11:c0:2b:17:16:e2:2c:91:af:3b:e9:
c6:6f:0c:3b:62:39:48:32:85:76:48:da:3b:9f:7c:23:21:e1:
70:ec:2c:a4:47:81:4e:45:da:26:65:96:12:b5:ac:7f:79:1c:
f7:46:f2:59:f9:98:00:41:e7:11:78:2e:57:1d:8b:5a:a8:df:
45:97:44:0f:16:2f:0f:fd:78:a3:83:ca:5d:61:7f:5d:55:28:
39:f3:99:d0:24:f3:9e:18:ca:7d:76:e6:b9:e2:9a:00:4f:4f:
1a:ec:44:cb
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgIECx7DLzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
Mjg1M2FhMWViMzJiZmVlMGZlYjE0ODNjMTQ5MzZkMTAxZjE2ZWRmMB4XDTIyMDQw
NTA5MzEwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWQwMjVlNDY2ZWYx
ZDllMWY3YTBmZDc1ZGYwNjdkZjI5YTM3ZDRkNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANEV7L82VRWlkUkwHtFnlDdUFO1FDodKQY1XoMEQQC86k+KQ
5+PAuNc0zuW/70bBdx5Q2UFw1BktxktZFak5KNKdn0zRHxvIYuowIfmijD/p0PlW
V88DaRYOoeF8xyDH0VRV62rkXD6J+lDqDmRszi1lhSsdukP2z1k5dp+MlbAOajxW
3XxW/aHeBzuNaPRptRBC40rVVl61DcayocHvUlJNCHq1kGFwykm3mdyfB8eh8bzN
tjPve7T0RShSUCizvvf17p6oU9dOGKL8u08P8eleCemA3BKXehtyYz468GsWXlze
sVWMk20lRiRig6ytwtu6ZJZmMuC3uRUg8NimQxUCAwEAAaOCAjQwggIwMB0GA1Ud
DgQWBBTtAl5GbvHZ4feg/XXfBn3ymjfU1TAfBgNVHSMEGDAWgBSyhTqh6zK/7g/r
FIPBSTbRAfFu3zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NvVTZvZXN5di00UDZ4U0R3VWsyMFFIeGJ0OC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTYvMzFjODE1LWQ5NmEtNGJiNi04Y2NmLWYyYjgxMDc5Yjc0Ni8x
LzdRSmVSbTd4MmVIM29QMTEzd1o5OHBvMzFOVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTYv
MzFjODE1LWQ5NmEtNGJiNi04Y2NmLWYyYjgxMDc5Yjc0Ni8xL3NvVTZvZXN5di00
UDZ4U0R3VWsyMFFIeGJ0OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBK
BggrBgEFBQcBBwEB/wQ7MDkwJgQCAAEwIAMEAi0K8AMEAlvXKAMEArmBZDAMAwQE
ubLQAwQAubLSMA8EAgACMAkDBwAqCkGAAAAwDQYJKoZIhvcNAQELBQADggEBAGTR
72KK0qF8EEidyK0tFCK2WeKlLRKnxuYiW76U1LfF7baJj6z4g9AjxzI7HQHXC8PF
CP7Mm/pgCFV+2QIAFYOnIFYONiFsIyscp3emYqPGP+KqPZ7kmJ4oDMHlhdRq6z7M
uVbS7WssaDj/PXtKnoQEMfJ2M1wfsssrViVHR5+DnAfwLyDS2hl1OIL0+L41DKit
Hxm7cWERwCsXFuIska876cZvDDtiOUgyhXZI2juffCMh4XDsLKRHgU5F2iZllhK1
rH95HPdG8ln5mABB5xF4Llcdi1qo30WXRA8WLw/9eKODyl1hf11VKDnzmdAk854Y
yn125rnimgBPTxrsRMs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:35 2024 by rpki-client on console-fra.rpki-client.org