Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/PDAMAt2dz0pJfuiZqrjQGDio6qk.roa
File: PDAMAt2dz0pJfuiZqrjQGDio6qk.roa (raw, json)
Hash identifier: oGd9Hb21F50A5tZHz+7em2OVusu03hQpotQbMsfd9NQ=
Subject key identifier: 3C:30:0C:02:DD:9D:CF:4A:49:7E:E8:99:AA:B8:D0:18:38:A8:EA:A9
Certificate issuer: /CN=ba4d0e69ab769f65bb2b155bdfa83a7186eeac44
Certificate serial: 0184861268E8807E8B7F15A36941F59A94BE
Authority key identifier: BA:4D:0E:69:AB:76:9F:65:BB:2B:15:5B:DF:A8:3A:71:86:EE:AC:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uk0Oaat2n2W7KxVb36g6cYburEQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/PDAMAt2dz0pJfuiZqrjQGDio6qk.roa
Signing time: Thu 17 Nov 2022 14:51:04 +0000
ROA not before: Thu 17 Nov 2022 14:51:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 194.246.36.0/24 maxlen: 24
194.246.36.0/23 maxlen: 24
194.247.44.0/23 maxlen: 24
45.143.160.0/24 maxlen: 24
45.143.162.0/24 maxlen: 24
45.149.166.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:86:12:68:e8:80:7e:8b:7f:15:a3:69:41:f5:9a:94:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba4d0e69ab769f65bb2b155bdfa83a7186eeac44
Validity
Not Before: Nov 17 14:51:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3c300c02dd9dcf4a497ee899aab8d01838a8eaa9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:82:0c:c1:4c:83:55:dd:fa:c5:9c:40:05:06:
df:34:28:72:c2:9b:95:a7:60:e9:2b:b8:e3:6b:1b:
c4:0a:c1:be:b5:ba:13:6c:3e:65:52:19:e9:e3:df:
1e:15:d9:63:02:f1:41:bf:22:3d:ee:0c:99:35:78:
c0:2c:43:dc:0d:1d:1c:4e:12:17:65:f2:67:db:02:
24:97:c3:fd:b2:0d:23:8b:e4:79:50:03:dc:e7:d3:
d6:08:e1:6e:ae:ac:16:2b:16:9a:60:92:f5:52:b5:
06:71:2f:02:cf:87:9d:df:5a:7f:92:c6:e6:15:c3:
06:1c:9a:3e:d0:3f:38:55:30:d6:12:aa:76:33:68:
c9:b8:da:52:82:cb:a9:52:8b:a5:cc:c1:15:9c:76:
30:d5:bd:e8:80:b2:23:73:58:e4:ed:1c:00:cb:02:
b5:b7:0f:a7:9e:8a:ed:be:4e:5f:d5:5c:6b:07:3d:
e9:e0:eb:87:e5:49:23:da:69:a0:fc:9e:d9:62:ce:
83:6f:ac:6e:d1:ab:49:b2:b1:b6:cd:b4:8d:c3:6c:
8b:f8:3d:f6:a1:31:12:b9:99:96:05:51:dd:1c:8a:
94:e8:a2:e2:46:6d:4f:46:1e:20:d5:f9:af:8f:28:
bf:3d:3d:18:69:b4:00:8f:8e:7f:74:30:a9:93:2b:
73:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:30:0C:02:DD:9D:CF:4A:49:7E:E8:99:AA:B8:D0:18:38:A8:EA:A9
X509v3 Authority Key Identifier:
keyid:BA:4D:0E:69:AB:76:9F:65:BB:2B:15:5B:DF:A8:3A:71:86:EE:AC:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uk0Oaat2n2W7KxVb36g6cYburEQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/PDAMAt2dz0pJfuiZqrjQGDio6qk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/uk0Oaat2n2W7KxVb36g6cYburEQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.160.0/24
45.143.162.0/24
45.149.166.0/24
194.246.36.0/23
194.247.44.0/23
Signature Algorithm: sha256WithRSAEncryption
a2:fb:85:43:fe:98:e4:8e:fc:55:ee:5c:2b:8c:9e:a8:bf:2f:
2e:33:37:6e:f5:01:25:de:5b:ad:85:2e:3d:3d:14:98:9e:d1:
b8:45:5a:5a:63:7a:22:d1:33:b7:62:13:8c:de:5d:fa:e0:5c:
03:5a:84:31:c7:ec:d6:5a:8c:ff:6f:61:74:ae:64:90:de:6c:
33:f5:04:d6:77:f9:51:54:ac:8e:da:8a:64:c1:47:a1:e4:fe:
48:87:d3:83:02:cf:48:bc:dc:3f:35:5f:2d:4e:67:ca:e9:12:
d4:58:cd:93:a1:8b:7c:09:7d:cd:ab:2c:f3:5e:95:13:20:64:
75:a0:53:8e:8a:a0:2d:3c:3f:e3:16:45:1c:98:6e:2a:84:55:
6f:92:8c:55:8e:ee:bc:da:25:74:39:90:b7:4a:9f:4e:ca:7a:
81:79:06:b1:15:26:be:c2:8e:18:c1:bf:64:3c:71:06:1d:8d:
42:fa:3f:05:98:29:d3:56:c7:76:23:9f:92:65:ec:40:10:54:
9e:a6:dc:20:93:0c:49:9c:6f:c8:a7:39:5b:ec:86:ac:46:96:
51:27:78:d2:5d:3f:cb:8e:64:36:2d:59:2f:5b:da:69:60:ca:
5d:58:19:1e:c8:31:09:de:ba:8f:4d:fd:db:c0:08:11:8e:8c:
90:89:9b:4b
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYSGEmjogH6LfxWjaUH1mpS+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNGQwZTY5YWI3NjlmNjViYjJiMTU1YmRmYTgzYTcxODZl
ZWFjNDQwHhcNMjIxMTE3MTQ1MTA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzMwMGMwMmRkOWRjZjRhNDk3ZWU4OTlhYWI4ZDAxODM4YThlYWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw4IMwUyDVd36xZxABQbfNChywpuV
p2DpK7jjaxvECsG+tboTbD5lUhnp498eFdljAvFBvyI97gyZNXjALEPcDR0cThIX
ZfJn2wIkl8P9sg0ji+R5UAPc59PWCOFurqwWKxaaYJL1UrUGcS8Cz4ed31p/ksbm
FcMGHJo+0D84VTDWEqp2M2jJuNpSgsupUoulzMEVnHYw1b3ogLIjc1jk7RwAywK1
tw+nnortvk5f1VxrBz3p4OuH5Ukj2mmg/J7ZYs6Db6xu0atJsrG2zbSNw2yL+D32
oTESuZmWBVHdHIqU6KLiRm1PRh4g1fmvjyi/PT0YabQAj45/dDCpkytzwwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFDwwDALdnc9KSX7omaq40Bg4qOqpMB8GA1UdIwQY
MBaAFLpNDmmrdp9luysVW9+oOnGG7qxEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWswT2FhdDJuMlc3S3hWYjM2ZzZjWWJ1ckVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC8zZDZkNmMtZjU4ZC00MmU2LWI2ODgt
OGVmZjNmZDNjNDhhLzEvUERBTUF0MmR6MHBKZnVpWnFyalFHRGlvNnFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC8zZDZkNmMtZjU4ZC00MmU2LWI2ODgtOGVmZjNmZDNjNDhh
LzEvdWswT2FhdDJuMlc3S3hWYjM2ZzZjWWJ1ckVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALY+gAwQA
LY+iAwQALZWmAwQBwvYkAwQBwvcsMA0GCSqGSIb3DQEBCwUAA4IBAQCi+4VD/pjk
jvxV7lwrjJ6ovy8uMzdu9QEl3luthS49PRSYntG4RVpaY3oi0TO3YhOM3l364FwD
WoQxx+zWWoz/b2F0rmSQ3mwz9QTWd/lRVKyO2opkwUeh5P5Ih9ODAs9IvNw/NV8t
TmfK6RLUWM2ToYt8CX3NqyzzXpUTIGR1oFOOiqAtPD/jFkUcmG4qhFVvkoxVju68
2iV0OZC3Sp9OynqBeQaxFSa+wo4Ywb9kPHEGHY1C+j8FmCnTVsd2I5+SZexAEFSe
ptwgkwxJnG/Ipzlb7IasRpZRJ3jSXT/LjmQ2LVkvW9ppYMpdWBkeyDEJ3rqPTf3b
wAgRjoyQiZtL
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:08 2024 by rpki-client on console-ams.rpki-client.org