Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/93d297-8038-4b9a-8f7b-b36491ee6ee4/1/ih7UHNplY6hDRrTFnnLTvsUcsnI.roa
File: ih7UHNplY6hDRrTFnnLTvsUcsnI.roa (raw, json)
Hash identifier: PNvqTsV2WGFSTQJX44c3w4hTnOUoRn4T+fpzwmWeAxg=
Subject key identifier: 8A:1E:D4:1C:DA:65:63:A8:43:46:B4:C5:9E:72:D3:BE:C5:1C:B2:72
Certificate issuer: /CN=134efe7c541f5406dc7e0ff268d05582baefc996
Certificate serial: 019E1546
Authority key identifier: 13:4E:FE:7C:54:1F:54:06:DC:7E:0F:F2:68:D0:55:82:BA:EF:C9:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E07-fFQfVAbcfg_yaNBVgrrvyZY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/93d297-8038-4b9a-8f7b-b36491ee6ee4/1/ih7UHNplY6hDRrTFnnLTvsUcsnI.roa
Signing time: Tue 14 Jun 2022 09:02:44 +0000
ROA not before: Tue 14 Jun 2022 09:02:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212238
IP address blocks: 45.91.40.0/22 maxlen: 22
185.212.7.0/24 maxlen: 24
185.126.33.0/24 maxlen: 24
94.140.6.0/23 maxlen: 23
94.140.5.0/24 maxlen: 24
195.85.6.0/23 maxlen: 23
91.208.213.0/24 maxlen: 24
89.147.104.0/22 maxlen: 22
83.229.28.0/23 maxlen: 23
89.35.228.0/24 maxlen: 24
195.158.236.0/23 maxlen: 23
2a10:13c0:da7a::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 27137350 (0x19e1546)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=134efe7c541f5406dc7e0ff268d05582baefc996
Validity
Not Before: Jun 14 09:02:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8a1ed41cda6563a84346b4c59e72d3bec51cb272
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:0c:74:af:c0:93:5a:d8:f1:89:06:27:56:3f:
2c:d2:6e:99:5a:f3:1d:07:64:bb:00:fc:1c:bc:f2:
c1:b5:e8:df:ad:66:49:75:7c:be:41:2c:5a:f8:5e:
ed:ca:9a:9b:91:1f:77:d0:4f:83:4a:36:c6:2b:24:
66:44:d7:ef:09:ae:1a:2f:ab:6f:b5:6a:18:55:09:
63:8d:a4:ee:cb:e2:cd:87:a4:e9:c5:8d:c4:1f:4e:
78:c0:97:cc:86:c1:b6:53:10:99:89:bd:04:6b:54:
a0:d8:ec:26:0a:a2:ed:09:5f:da:b4:91:e4:f2:23:
6a:1a:bb:55:d0:19:4b:bd:86:2e:35:fa:cc:ec:db:
cd:58:f0:91:4b:93:81:6f:31:f9:56:bc:62:66:50:
6f:d9:7f:94:24:14:1b:b1:ae:22:fe:06:06:be:4a:
f1:34:42:51:d4:9c:3a:08:d6:85:56:bf:6c:b6:57:
31:5c:1d:4c:50:b8:53:8b:98:41:63:c5:b2:82:60:
23:98:65:29:37:c9:1d:f4:25:d2:c6:cd:ad:a6:6f:
fd:14:35:26:27:52:b8:94:d7:52:0e:69:e3:69:76:
32:5d:cf:a2:49:e4:a6:22:70:e2:29:f4:a7:20:8d:
45:62:d0:00:0f:9b:18:01:fc:0e:ce:29:21:3e:5f:
6c:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:1E:D4:1C:DA:65:63:A8:43:46:B4:C5:9E:72:D3:BE:C5:1C:B2:72
X509v3 Authority Key Identifier:
keyid:13:4E:FE:7C:54:1F:54:06:DC:7E:0F:F2:68:D0:55:82:BA:EF:C9:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E07-fFQfVAbcfg_yaNBVgrrvyZY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/93d297-8038-4b9a-8f7b-b36491ee6ee4/1/ih7UHNplY6hDRrTFnnLTvsUcsnI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/93d297-8038-4b9a-8f7b-b36491ee6ee4/1/E07-fFQfVAbcfg_yaNBVgrrvyZY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.40.0/22
83.229.28.0/23
89.35.228.0/24
89.147.104.0/22
91.208.213.0/24
94.140.5.0-94.140.7.255
185.126.33.0/24
185.212.7.0/24
195.85.6.0/23
195.158.236.0/23
IPv6:
2a10:13c0:da7a::/48
Signature Algorithm: sha256WithRSAEncryption
19:72:ac:33:68:d6:7a:15:37:a9:52:1d:1f:2a:09:0e:a9:b0:
53:74:b2:72:53:cb:dc:bc:eb:f4:10:d1:8b:fd:f6:dc:73:94:
94:94:c8:8d:99:cc:16:3d:da:ad:c3:15:e6:f6:18:58:a3:6c:
eb:fa:b5:a0:56:f1:fd:91:c0:5f:28:d3:28:ee:7d:8a:da:cb:
1c:5c:e2:9c:58:56:0f:fe:10:f9:66:2b:4a:52:d2:00:a8:41:
34:8d:3a:e7:d3:4c:6a:ed:b6:e1:e7:c4:2d:f0:9d:f5:84:67:
1c:f7:e2:bc:70:c5:17:62:7a:dc:84:cf:a1:01:f5:80:8f:f1:
75:5c:d4:84:77:ce:b5:8d:50:a3:ec:cd:3f:95:14:c5:59:c6:
1f:84:36:47:30:e4:5a:a9:eb:ef:ec:67:5d:2c:7a:eb:61:0c:
8f:d2:c7:bc:db:5f:93:87:c4:e8:b0:62:36:0f:94:71:14:3b:
ea:71:39:13:69:8e:08:2f:2d:52:9c:34:2c:b2:70:81:df:4c:
8b:b7:1e:fc:92:d7:2c:cb:32:5a:16:89:62:c0:7d:19:47:ac:
49:f7:f8:45:66:1d:11:ad:2d:22:22:3b:23:98:10:80:0c:fe:
9e:6a:98:40:77:74:8b:7c:df:5e:af:d4:2d:48:5f:bb:d1:68:
9b:ad:8a:a1
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgIEAZ4VRjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MzRlZmU3YzU0MWY1NDA2ZGM3ZTBmZjI2OGQwNTU4MmJhZWZjOTk2MB4XDTIyMDYx
NDA5MDI0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGExZWQ0MWNkYTY1
NjNhODQzNDZiNGM1OWU3MmQzYmVjNTFjYjI3MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMYMdK/Ak1rY8YkGJ1Y/LNJumVrzHQdkuwD8HLzywbXo361m
SXV8vkEsWvhe7cqam5Efd9BPg0o2xiskZkTX7wmuGi+rb7VqGFUJY42k7svizYek
6cWNxB9OeMCXzIbBtlMQmYm9BGtUoNjsJgqi7Qlf2rSR5PIjahq7VdAZS72GLjX6
zOzbzVjwkUuTgW8x+Va8YmZQb9l/lCQUG7GuIv4GBr5K8TRCUdScOgjWhVa/bLZX
MVwdTFC4U4uYQWPFsoJgI5hlKTfJHfQl0sbNraZv/RQ1JidSuJTXUg5p42l2Ml3P
oknkpiJw4in0pyCNRWLQAA+bGAH8Ds4pIT5fbNsCAwEAAaOCAlgwggJUMB0GA1Ud
DgQWBBSKHtQc2mVjqENGtMWectO+xRyycjAfBgNVHSMEGDAWgBQTTv58VB9UBtx+
D/Jo0FWCuu/JljAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0UwNy1mRlFmVkFiY2ZnX3lhTkJWZ3JydnlaWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTYvOTNkMjk3LTgwMzgtNGI5YS04ZjdiLWIzNjQ5MWVlNmVlNC8x
L2loN1VITnBsWTZoRFJyVEZubkxUdnNVY3NuSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTYv
OTNkMjk3LTgwMzgtNGI5YS04ZjdiLWIzNjQ5MWVlNmVlNC8xL0UwNy1mRlFmVkFi
Y2ZnX3lhTkJWZ3JydnlaWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBu
BggrBgEFBQcBBwEB/wRfMF0wSgQCAAEwRAMEAi1bKAMEAVPlHAMEAFkj5AMEAlmT
aAMEAFvQ1TAMAwQAXowFAwQDXowAAwQAuX4hAwQAudQHAwQBw1UGAwQBw57sMA8E
AgACMAkDBwAqEBPA2nowDQYJKoZIhvcNAQELBQADggEBABlyrDNo1noVN6lSHR8q
CQ6psFN0snJTy9y86/QQ0Yv99txzlJSUyI2ZzBY92q3DFeb2GFijbOv6taBW8f2R
wF8o0yjufYrayxxc4pxYVg/+EPlmK0pS0gCoQTSNOufTTGrttuHnxC3wnfWEZxz3
4rxwxRdietyEz6EB9YCP8XVc1IR3zrWNUKPszT+VFMVZxh+ENkcw5Fqp6+/sZ10s
euthDI/Sx7zbX5OHxOiwYjYPlHEUO+pxORNpjggvLVKcNCyycIHfTIu3HvyS1yzL
MloWiWLAfRlHrEn3+EVmHRGtLSIiOyOYEIAM/p5qmEB3dIt8316v1C1IX7vRaJut
iqE=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:41 2023 by rpki-client on console-ams.rpki-client.org