Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/cRkcbBjO5vb9EMGcNkF1FSbODlI.roa
File: cRkcbBjO5vb9EMGcNkF1FSbODlI.roa (raw, json)
Hash identifier: gBoyj/RWZ/SeyHLXFeodv/VS7D7EgRFjyE6gC/x0yds=
Subject key identifier: 71:19:1C:6C:18:CE:E6:F6:FD:10:C1:9C:36:41:75:15:26:CE:0E:52
Certificate issuer: /CN=ba4d0e69ab769f65bb2b155bdfa83a7186eeac44
Certificate serial: 018479F85A5C912BBEA1DDC27BE1372F3BA9
Authority key identifier: BA:4D:0E:69:AB:76:9F:65:BB:2B:15:5B:DF:A8:3A:71:86:EE:AC:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uk0Oaat2n2W7KxVb36g6cYburEQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/cRkcbBjO5vb9EMGcNkF1FSbODlI.roa
Signing time: Tue 15 Nov 2022 06:27:09 +0000
ROA not before: Tue 15 Nov 2022 06:27:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 194.246.36.0/24 maxlen: 24
194.246.36.0/23 maxlen: 24
194.247.44.0/23 maxlen: 24
45.149.166.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:79:f8:5a:5c:91:2b:be:a1:dd:c2:7b:e1:37:2f:3b:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba4d0e69ab769f65bb2b155bdfa83a7186eeac44
Validity
Not Before: Nov 15 06:27:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=71191c6c18cee6f6fd10c19c3641751526ce0e52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:88:1d:60:bb:04:d2:b4:a2:67:4f:86:af:df:
dd:f7:04:e7:e3:fb:57:8f:66:d0:af:30:48:ba:13:
bd:ff:e7:e7:b1:a6:ff:e5:aa:1c:4e:9d:1f:d8:d5:
1a:6d:df:df:cd:a6:80:44:b4:25:84:c4:0f:c8:58:
5d:93:a4:9b:e2:0c:b7:d1:d6:48:43:a0:52:8d:7c:
62:a2:b5:b9:10:5e:76:b2:da:94:59:55:c6:ec:02:
9c:08:04:bb:ed:de:61:92:8c:9c:d6:c0:fe:33:49:
37:c3:fb:1f:0c:4a:db:cb:52:cc:96:81:b7:ff:60:
49:36:88:99:01:45:80:fc:eb:8a:bb:f2:ef:ec:47:
8e:55:38:ad:a1:0a:4c:a8:3c:dc:84:ee:a1:be:fd:
b3:4a:e7:85:81:49:60:58:c7:8f:8c:0e:3b:d7:83:
f7:71:14:65:7c:10:b1:b9:12:2c:74:76:fc:e0:61:
e5:54:0c:85:1a:09:d8:df:80:69:90:21:60:05:55:
a7:7b:2c:d4:8f:7e:20:c2:6e:a3:fd:bd:06:e9:2f:
a5:dd:0a:ab:ec:43:9b:b3:0c:1f:85:fe:f8:b6:63:
a8:ef:e2:0d:58:37:b5:72:cd:cc:69:ff:22:1d:9f:
76:ab:ab:a9:15:e6:2c:46:16:b7:5a:11:0c:f7:66:
b7:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:19:1C:6C:18:CE:E6:F6:FD:10:C1:9C:36:41:75:15:26:CE:0E:52
X509v3 Authority Key Identifier:
keyid:BA:4D:0E:69:AB:76:9F:65:BB:2B:15:5B:DF:A8:3A:71:86:EE:AC:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uk0Oaat2n2W7KxVb36g6cYburEQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/cRkcbBjO5vb9EMGcNkF1FSbODlI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/uk0Oaat2n2W7KxVb36g6cYburEQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.166.0/24
194.246.36.0/23
194.247.44.0/23
Signature Algorithm: sha256WithRSAEncryption
6f:b9:d1:b9:6f:42:34:04:7c:5a:e8:6d:b6:88:12:72:05:1b:
3c:69:d4:22:13:c5:e0:9d:b5:e7:8f:13:6d:e4:98:cb:b6:c0:
52:d8:c6:95:f6:88:6c:02:52:62:92:0c:8d:54:a2:0b:48:e9:
72:af:78:69:ba:24:f8:d1:00:13:d4:da:b0:17:01:4f:84:75:
4c:95:c2:4e:9c:c0:5d:f3:a1:20:2b:1c:2a:51:7b:8f:6b:d0:
e5:63:08:70:92:ca:2f:c8:26:d3:83:f8:2a:0c:64:7d:61:07:
37:72:7e:19:e1:86:9d:e7:0b:d1:92:b8:74:da:a3:0d:c8:db:
50:a2:8b:1e:aa:ee:a8:ef:93:3a:b8:bd:3a:fc:4c:2a:b0:d9:
64:b3:1f:02:d8:02:81:98:c6:92:c1:89:9f:77:2e:55:0f:00:
8b:80:d3:19:ed:5e:53:e0:3c:0f:5c:ac:cf:6a:9e:2f:0a:8c:
94:1a:5b:73:4c:ad:ed:f0:c6:5a:c0:a7:51:2f:66:28:2c:4a:
98:53:cf:8c:f5:fb:f8:4e:3b:55:df:78:57:e0:13:b5:0b:44:
f5:fa:f1:f1:f2:d9:cd:25:ed:d0:81:97:57:28:d4:e8:c6:3c:
75:64:dd:8e:25:0b:fd:0d:e4:e3:67:18:bb:39:3d:02:82:1d:
59:bb:41:3d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYR5+FpckSu+od3Ce+E3LzupMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNGQwZTY5YWI3NjlmNjViYjJiMTU1YmRmYTgzYTcxODZl
ZWFjNDQwHhcNMjIxMTE1MDYyNzA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTE5MWM2YzE4Y2VlNmY2ZmQxMGMxOWMzNjQxNzUxNTI2Y2UwZTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2YgdYLsE0rSiZ0+Gr9/d9wTn4/tX
j2bQrzBIuhO9/+fnsab/5aocTp0f2NUabd/fzaaARLQlhMQPyFhdk6Sb4gy30dZI
Q6BSjXxiorW5EF52stqUWVXG7AKcCAS77d5hkoyc1sD+M0k3w/sfDErby1LMloG3
/2BJNoiZAUWA/OuKu/Lv7EeOVTitoQpMqDzchO6hvv2zSueFgUlgWMePjA4714P3
cRRlfBCxuRIsdHb84GHlVAyFGgnY34BpkCFgBVWneyzUj34gwm6j/b0G6S+l3Qqr
7EObswwfhf74tmOo7+INWDe1cs3Maf8iHZ92q6upFeYsRha3WhEM92a32QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHEZHGwYzub2/RDBnDZBdRUmzg5SMB8GA1UdIwQY
MBaAFLpNDmmrdp9luysVW9+oOnGG7qxEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWswT2FhdDJuMlc3S3hWYjM2ZzZjWWJ1ckVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC8zZDZkNmMtZjU4ZC00MmU2LWI2ODgt
OGVmZjNmZDNjNDhhLzEvY1JrY2JCak81dmI5RU1HY05rRjFGU2JPRGxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC8zZDZkNmMtZjU4ZC00MmU2LWI2ODgtOGVmZjNmZDNjNDhh
LzEvdWswT2FhdDJuMlc3S3hWYjM2ZzZjWWJ1ckVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALZWmAwQB
wvYkAwQBwvcsMA0GCSqGSIb3DQEBCwUAA4IBAQBvudG5b0I0BHxa6G22iBJyBRs8
adQiE8XgnbXnjxNt5JjLtsBS2MaV9ohsAlJikgyNVKILSOlyr3hpuiT40QAT1Nqw
FwFPhHVMlcJOnMBd86EgKxwqUXuPa9DlYwhwksovyCbTg/gqDGR9YQc3cn4Z4Yad
5wvRkrh02qMNyNtQoosequ6o75M6uL06/EwqsNlksx8C2AKBmMaSwYmfdy5VDwCL
gNMZ7V5T4DwPXKzPap4vCoyUGltzTK3t8MZawKdRL2YoLEqYU8+M9fv4TjtV33hX
4BO1C0T1+vHx8tnNJe3QgZdXKNToxjx1ZN2OJQv9DeTjZxi7OT0Cgh1Zu0E9
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:51 2024 by rpki-client on console-fra.rpki-client.org