Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/1-k1LT8c6LQBSo16d8VVZGR-AB5Y.roa
File: 1-k1LT8c6LQBSo16d8VVZGR-AB5Y.roa (raw, json)
Hash identifier: h49lzNMZNWsZ0Sk6DFwe88CmjIIF7Z2JLg0AePcAbQk=
Subject key identifier: FA:4D:4B:4F:C7:3A:2D:00:52:A3:5E:9D:F1:55:59:19:1F:80:07:96
Certificate issuer: /CN=ba4d0e69ab769f65bb2b155bdfa83a7186eeac44
Certificate serial: 04B7B6F9
Authority key identifier: BA:4D:0E:69:AB:76:9F:65:BB:2B:15:5B:DF:A8:3A:71:86:EE:AC:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uk0Oaat2n2W7KxVb36g6cYburEQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/1-k1LT8c6LQBSo16d8VVZGR-AB5Y.roa
Signing time: Sat 01 Jan 2022 05:01:58 +0000
ROA not before: Sat 01 Jan 2022 05:01:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 194.246.36.0/23 maxlen: 24
194.247.44.0/23 maxlen: 24
45.143.160.0/22 maxlen: 24
45.149.164.0/22 maxlen: 22
45.149.166.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79148793 (0x4b7b6f9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba4d0e69ab769f65bb2b155bdfa83a7186eeac44
Validity
Not Before: Jan 1 05:01:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fa4d4b4fc73a2d0052a35e9df15559191f800796
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:3a:12:5b:57:c7:c2:59:65:0a:0b:4a:8b:33:
be:a1:c6:0c:f7:7c:9c:cb:45:47:ab:d8:ac:64:8d:
d9:e7:63:d4:31:b1:97:99:9b:8c:45:68:57:c5:4d:
23:c0:ba:06:a0:0f:d7:8c:f4:73:7f:ab:83:40:e0:
7e:bb:f3:28:90:52:22:59:cc:22:61:09:a3:b9:7d:
3a:aa:29:a8:57:2f:45:58:8f:79:c5:a2:29:29:df:
1e:60:11:59:b7:35:8b:ab:c3:ca:6c:e8:ed:fe:eb:
f3:a3:c0:77:c9:26:5e:84:36:7e:a9:15:49:dd:e6:
64:a4:9b:94:51:b7:b7:f7:75:30:3f:68:3e:f4:52:
65:e6:fe:bb:d7:83:ce:76:13:ce:c0:62:60:ff:1b:
a0:ed:c3:51:91:78:53:6e:46:6b:6f:53:fb:f5:f0:
1f:2b:d1:7f:46:91:9f:01:50:14:c2:f3:8c:2e:22:
0e:22:d4:56:0b:95:7a:42:3c:b3:c3:d2:36:17:73:
a4:c2:e3:04:c4:01:6e:cf:18:a3:7a:1b:30:83:0c:
aa:78:b6:51:2d:be:69:5a:7d:92:99:37:3b:f8:b8:
5c:2a:6d:52:20:39:a6:26:07:f8:c5:6b:61:88:31:
0b:7e:c4:6e:d5:b1:a6:c4:b5:0a:9e:40:82:3e:52:
d8:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:4D:4B:4F:C7:3A:2D:00:52:A3:5E:9D:F1:55:59:19:1F:80:07:96
X509v3 Authority Key Identifier:
keyid:BA:4D:0E:69:AB:76:9F:65:BB:2B:15:5B:DF:A8:3A:71:86:EE:AC:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uk0Oaat2n2W7KxVb36g6cYburEQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/1-k1LT8c6LQBSo16d8VVZGR-AB5Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/uk0Oaat2n2W7KxVb36g6cYburEQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.160.0/22
45.149.164.0/22
194.246.36.0/23
194.247.44.0/23
Signature Algorithm: sha256WithRSAEncryption
08:14:77:b0:dd:98:38:ce:46:3c:9b:bb:cc:92:92:fa:85:12:
47:58:63:09:86:74:86:eb:07:aa:aa:c9:08:fd:8c:60:bc:68:
52:a6:07:69:4c:eb:c6:4b:ff:11:75:db:b8:73:e6:6b:a0:ab:
35:d9:24:5a:32:48:6e:5f:16:3c:c7:4f:28:a7:dd:f2:db:54:
f6:fc:39:52:37:53:ef:c4:cc:44:ff:f7:98:27:d8:47:10:b1:
76:9b:86:dd:ca:d3:54:4f:f9:2e:32:00:ab:e3:67:ab:39:c8:
70:6a:32:bd:e9:1e:3e:41:4a:0c:2b:96:21:a0:19:0b:2b:3f:
5d:e4:5c:a9:61:d1:68:60:a3:e8:7c:f2:22:28:e3:76:35:68:
51:ca:aa:b5:4e:53:bc:69:89:31:4e:74:21:af:c6:a5:f8:5f:
1e:c9:00:60:c9:f5:9c:cb:0c:d4:95:62:3d:d6:38:a6:3f:b3:
a3:e6:f0:4e:03:4c:ae:87:19:9f:6a:21:8c:ad:7d:33:82:f8:
3c:18:02:e3:ef:8a:ed:1d:fd:5e:00:47:e8:59:65:08:cd:cc:
96:52:f6:20:0c:33:4d:5c:7a:5d:3d:57:3a:f2:e8:4a:3a:c4:
48:a4:6c:39:32:b3:fd:f3:52:99:eb:09:90:11:d7:24:9e:b6:
38:a8:75:bb
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgIEBLe2+TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
YTRkMGU2OWFiNzY5ZjY1YmIyYjE1NWJkZmE4M2E3MTg2ZWVhYzQ0MB4XDTIyMDEw
MTA1MDE1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmE0ZDRiNGZjNzNh
MmQwMDUyYTM1ZTlkZjE1NTU5MTkxZjgwMDc5NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALU6EltXx8JZZQoLSoszvqHGDPd8nMtFR6vYrGSN2edj1DGx
l5mbjEVoV8VNI8C6BqAP14z0c3+rg0DgfrvzKJBSIlnMImEJo7l9OqopqFcvRViP
ecWiKSnfHmARWbc1i6vDymzo7f7r86PAd8kmXoQ2fqkVSd3mZKSblFG3t/d1MD9o
PvRSZeb+u9eDznYTzsBiYP8boO3DUZF4U25Ga29T+/XwHyvRf0aRnwFQFMLzjC4i
DiLUVguVekI8s8PSNhdzpMLjBMQBbs8Yo3obMIMMqni2US2+aVp9kpk3O/i4XCpt
UiA5piYH+MVrYYgxC37EbtWxpsS1Cp5Agj5S2NcCAwEAAaOCAhwwggIYMB0GA1Ud
DgQWBBT6TUtPxzotAFKjXp3xVVkZH4AHljAfBgNVHSMEGDAWgBS6TQ5pq3afZbsr
FVvfqDpxhu6sRDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3VrME9hYXQybjJXN0t4VmIzNmc2Y1lidXJFUS5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTgvM2Q2ZDZjLWY1OGQtNDJlNi1iNjg4LThlZmYzZmQzYzQ4YS8x
LzEtazFMVDhjNkxRQlNvMTZkOFZWWkdSLUFCNVkucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2E4
LzNkNmQ2Yy1mNThkLTQyZTYtYjY4OC04ZWZmM2ZkM2M0OGEvMS91azBPYWF0Mm4y
VzdLeFZiMzZnNmNZYnVyRVEuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
MQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBAItj6ADBAItlaQDBAHC9iQDBAHC
9ywwDQYJKoZIhvcNAQELBQADggEBAAgUd7DdmDjORjybu8ySkvqFEkdYYwmGdIbr
B6qqyQj9jGC8aFKmB2lM68ZL/xF127hz5mugqzXZJFoySG5fFjzHTyin3fLbVPb8
OVI3U+/EzET/95gn2EcQsXabht3K01RP+S4yAKvjZ6s5yHBqMr3pHj5BSgwrliGg
GQsrP13kXKlh0Whgo+h88iIo43Y1aFHKqrVOU7xpiTFOdCGvxqX4Xx7JAGDJ9ZzL
DNSVYj3WOKY/s6Pm8E4DTK6HGZ9qIYytfTOC+DwYAuPviu0d/V4AR+hZZQjNzJZS
9iAMM01cel09Vzry6Eo6xEikbDkys/3zUpnrCZAR1ySetjiodbs=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:53 2023 by rpki-client on console-fra.rpki-client.org