Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/f95ac5-0b8b-45d6-be9a-2db2245f2985/1/_Jz2UJHmqDDpnVvNg9zH16aHIE4.roa
File: _Jz2UJHmqDDpnVvNg9zH16aHIE4.roa (raw, json)
Hash identifier: Gp+CSWjrIpJNQbJFgHjYDEwPHH0IN6IUrSPM6qkAVPA=
Subject key identifier: FC:9C:F6:50:91:E6:A8:30:E9:9D:5B:CD:83:DC:C7:D7:A6:87:20:4E
Certificate issuer: /CN=c546e15819eacd05bccebf80019ca3cb7c4a38e0
Certificate serial: 0DE4B277
Authority key identifier: C5:46:E1:58:19:EA:CD:05:BC:CE:BF:80:01:9C:A3:CB:7C:4A:38:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xUbhWBnqzQW8zr-AAZyjy3xKOOA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/f95ac5-0b8b-45d6-be9a-2db2245f2985/1/_Jz2UJHmqDDpnVvNg9zH16aHIE4.roa
Signing time: Sat 01 Jan 2022 04:57:22 +0000
ROA not before: Sat 01 Jan 2022 04:57:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57389
IP address blocks: 45.146.0.0/22 maxlen: 22
185.106.112.0/22 maxlen: 22
185.5.230.0/23 maxlen: 23
185.5.228.0/22 maxlen: 22
185.5.228.0/23 maxlen: 23
45.14.92.0/22 maxlen: 22
185.182.212.0/23 maxlen: 23
185.182.212.0/22 maxlen: 22
185.221.140.0/22 maxlen: 23
185.182.214.0/23 maxlen: 23
185.180.88.0/22 maxlen: 22
185.130.178.0/24 maxlen: 24
185.130.176.0/23 maxlen: 23
194.48.174.0/23 maxlen: 23
81.16.192.0/20 maxlen: 20
194.48.188.0/23 maxlen: 23
185.232.80.0/22 maxlen: 22
81.16.206.0/23 maxlen: 23
81.16.204.0/22 maxlen: 22
81.16.204.0/23 maxlen: 23
141.98.248.0/22 maxlen: 22
185.205.248.0/22 maxlen: 22
185.174.16.0/22 maxlen: 22
2a07:1100::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 233091703 (0xde4b277)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c546e15819eacd05bccebf80019ca3cb7c4a38e0
Validity
Not Before: Jan 1 04:57:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fc9cf65091e6a830e99d5bcd83dcc7d7a687204e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:bb:0d:ad:55:a3:f4:88:82:bb:4e:fc:41:b5:
5e:92:4c:86:bf:ba:ef:00:e5:47:87:cf:37:87:b6:
11:a7:20:4d:4c:03:40:2c:a1:1b:e5:d2:c9:d6:d1:
43:0c:8b:55:f3:0d:b2:5a:f9:b2:55:67:0b:a3:cd:
df:ce:73:34:6e:fb:8b:29:a8:53:45:98:24:26:d8:
77:47:a0:1c:e8:79:2c:70:28:54:77:28:bb:81:49:
31:59:10:a0:a4:77:e8:b2:4d:6d:70:a1:7c:41:ec:
2d:eb:38:de:ea:7e:85:5f:81:54:da:1e:eb:f2:b4:
05:2c:40:ba:0d:cc:f9:9d:27:a5:32:8e:03:f9:85:
b5:d2:5a:64:11:0a:00:fd:82:ff:1a:cd:5c:07:c0:
7f:0d:2e:1d:58:3a:6e:7e:38:ec:7b:6b:34:f4:7f:
e2:2e:bb:a5:3b:50:a5:16:a9:26:ad:d4:99:de:14:
d0:d6:c5:2f:aa:42:b1:c0:ea:0d:88:da:34:cf:b0:
81:2d:70:cd:75:f4:b7:d6:de:79:05:58:62:90:cd:
b2:6b:f1:47:d0:10:2b:50:5f:80:08:34:d0:ea:a4:
f5:c4:f9:04:a1:b5:64:aa:9c:2b:87:ef:7e:63:80:
37:28:ec:1a:3a:cb:dd:ed:64:31:67:ed:cc:a8:eb:
3c:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:9C:F6:50:91:E6:A8:30:E9:9D:5B:CD:83:DC:C7:D7:A6:87:20:4E
X509v3 Authority Key Identifier:
keyid:C5:46:E1:58:19:EA:CD:05:BC:CE:BF:80:01:9C:A3:CB:7C:4A:38:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xUbhWBnqzQW8zr-AAZyjy3xKOOA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/f95ac5-0b8b-45d6-be9a-2db2245f2985/1/_Jz2UJHmqDDpnVvNg9zH16aHIE4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/f95ac5-0b8b-45d6-be9a-2db2245f2985/1/xUbhWBnqzQW8zr-AAZyjy3xKOOA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.92.0/22
45.146.0.0/22
81.16.192.0/20
141.98.248.0/22
185.5.228.0/22
185.106.112.0/22
185.130.176.0-185.130.178.255
185.174.16.0/22
185.180.88.0/22
185.182.212.0/22
185.205.248.0/22
185.221.140.0/22
185.232.80.0/22
194.48.174.0/23
194.48.188.0/23
IPv6:
2a07:1100::/29
Signature Algorithm: sha256WithRSAEncryption
59:d2:ed:9e:d9:98:db:a2:26:cd:23:f2:56:17:e9:65:b8:ca:
74:9e:3c:f1:fc:f5:40:ac:ee:22:c6:c3:a0:9f:6c:f0:44:5f:
6f:2a:04:f4:50:25:2b:e1:8e:0f:44:59:53:1a:bb:35:04:75:
9f:3e:dd:12:67:19:fa:64:69:ac:a2:f8:73:d9:b9:e6:7d:a3:
20:a6:c5:c0:6a:13:1c:9c:6c:86:ce:0d:fc:1a:96:c6:b2:00:
42:6c:15:13:1b:39:cd:3d:c0:cb:11:51:1c:01:a2:93:88:89:
9c:9b:ed:d7:6c:4b:bc:ec:b3:1a:47:77:fa:a8:b9:97:ff:d3:
f6:77:73:b4:d4:eb:d1:71:76:2c:44:ba:fd:51:b5:97:c9:15:
36:f8:e3:cc:3b:e7:2c:ae:fa:0e:cf:16:78:51:df:6b:51:bc:
ac:46:fe:ea:45:dd:20:c7:4c:56:38:de:59:8b:7c:1f:ef:b2:
33:ee:ef:72:31:c3:3b:3c:f8:c4:bb:28:a0:5b:d1:30:f0:b1:
0f:21:e4:e5:f8:42:7a:57:8c:e9:b2:23:28:bb:9c:d8:f0:8e:
16:da:01:32:a1:35:25:cf:21:45:49:5b:34:41:75:73:39:e5:
b2:ae:05:2d:27:7d:c1:34:01:00:91:57:7b:86:54:e0:38:f0:
cf:6c:ac:c2
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgIEDeSydzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NTQ2ZTE1ODE5ZWFjZDA1YmNjZWJmODAwMTljYTNjYjdjNGEzOGUwMB4XDTIyMDEw
MTA0NTcyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmM5Y2Y2NTA5MWU2
YTgzMGU5OWQ1YmNkODNkY2M3ZDdhNjg3MjA0ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMu7Da1Vo/SIgrtO/EG1XpJMhr+67wDlR4fPN4e2EacgTUwD
QCyhG+XSydbRQwyLVfMNslr5slVnC6PN385zNG77iymoU0WYJCbYd0egHOh5LHAo
VHcou4FJMVkQoKR36LJNbXChfEHsLes43up+hV+BVNoe6/K0BSxAug3M+Z0npTKO
A/mFtdJaZBEKAP2C/xrNXAfAfw0uHVg6bn447HtrNPR/4i67pTtQpRapJq3Umd4U
0NbFL6pCscDqDYjaNM+wgS1wzXX0t9beeQVYYpDNsmvxR9AQK1BfgAg00Oqk9cT5
BKG1ZKqcK4fvfmOANyjsGjrL3e1kMWftzKjrPPMCAwEAAaOCAnUwggJxMB0GA1Ud
DgQWBBT8nPZQkeaoMOmdW82D3MfXpocgTjAfBgNVHSMEGDAWgBTFRuFYGerNBbzO
v4ABnKPLfEo44DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3hVYmhXQm5xelFXOHpyLUFBWnlqeTN4S09PQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWEvZjk1YWM1LTBiOGItNDVkNi1iZTlhLTJkYjIyNDVmMjk4NS8x
L19KejJVSkhtcUREcG5Wdk5nOXpIMTZhSElFNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWEv
Zjk1YWM1LTBiOGItNDVkNi1iZTlhLTJkYjIyNDVmMjk4NS8xL3hVYmhXQm5xelFX
OHpyLUFBWnlqeTN4S09PQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
igYIKwYBBQUHAQcBAf8EezB5MGgEAgABMGIDBAItDlwDBAItkgADBARREMADBAKN
YvgDBAK5BeQDBAK5anAwDAMEBLmCsAMEALmCsgMEArmuEAMEArm0WAMEArm21AME
ArnN+AMEArndjAMEArnoUAMEAcIwrgMEAcIwvDANBAIAAjAHAwUDKgcRADANBgkq
hkiG9w0BAQsFAAOCAQEAWdLtntmY26ImzSPyVhfpZbjKdJ488fz1QKzuIsbDoJ9s
8ERfbyoE9FAlK+GOD0RZUxq7NQR1nz7dEmcZ+mRprKL4c9m55n2jIKbFwGoTHJxs
hs4N/BqWxrIAQmwVExs5zT3AyxFRHAGik4iJnJvt12xLvOyzGkd3+qi5l//T9ndz
tNTr0XF2LES6/VG1l8kVNvjjzDvnLK76Ds8WeFHfa1G8rEb+6kXdIMdMVjjeWYt8
H++yM+7vcjHDOzz4xLsooFvRMPCxDyHk5fhCeleM6bIjKLuc2PCOFtoBMqE1Jc8h
RUlbNEF1cznlsq4FLSd9wTQBAJFXe4ZU4Djwz2yswg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:44 2024 by rpki-client on console-ams.rpki-client.org