Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/9f37d1-14ca-4dcf-98f7-2e7213767628/1/E9omhKyO-6EW1fONL8zn3L1v0H0.roa
File: E9omhKyO-6EW1fONL8zn3L1v0H0.roa (raw, json)
Hash identifier: IiIZKCJC2u4wVgaxYpPYtRsWu0QUYyZVQCG1RjD4gQ8=
Subject key identifier: 13:DA:26:84:AC:8E:FB:A1:16:D5:F3:8D:2F:CC:E7:DC:BD:6F:D0:7D
Certificate issuer: /CN=8a009e171baf8c2a3a94d29b24879ef97f096602
Certificate serial: 018272348E391530570F559CBC1BC79D3E7A
Authority key identifier: 8A:00:9E:17:1B:AF:8C:2A:3A:94:D2:9B:24:87:9E:F9:7F:09:66:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/igCeFxuvjCo6lNKbJIee-X8JZgI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/9f37d1-14ca-4dcf-98f7-2e7213767628/1/E9omhKyO-6EW1fONL8zn3L1v0H0.roa
Signing time: Sat 06 Aug 2022 08:10:23 +0000
ROA not before: Sat 06 Aug 2022 08:10:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51447
IP address blocks: 45.137.20.0/24 maxlen: 24
45.137.23.0/24 maxlen: 24
45.137.22.0/24 maxlen: 24
45.137.21.0/24 maxlen: 24
185.222.58.0/24 maxlen: 24
185.222.57.0/24 maxlen: 24
185.222.56.0/24 maxlen: 24
185.222.59.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:72:34:8e:39:15:30:57:0f:55:9c:bc:1b:c7:9d:3e:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a009e171baf8c2a3a94d29b24879ef97f096602
Validity
Not Before: Aug 6 08:10:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=13da2684ac8efba116d5f38d2fcce7dcbd6fd07d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:c4:e9:81:9c:94:43:c2:1a:b6:d9:16:88:bb:
bc:85:5b:fd:1a:23:90:72:ae:0f:1e:ee:9f:4a:95:
3c:55:26:b6:05:7a:fd:4b:ba:9a:ac:be:94:38:de:
90:28:1e:55:0f:01:f2:79:62:98:45:2b:35:f2:ce:
88:1e:51:ef:2e:1f:c5:a0:23:f6:da:e9:e1:cc:7a:
f2:54:f8:df:1d:06:a3:56:78:3b:a8:6d:60:f8:e7:
23:9e:b9:a8:89:3b:92:4f:df:7e:03:1d:37:7a:c3:
bf:67:e4:bd:40:31:e3:24:de:80:4e:2e:1b:bf:0b:
32:8d:48:a3:f9:16:83:b8:4e:40:82:f0:53:51:f7:
88:03:90:81:d9:a4:52:f2:92:21:c1:a9:dc:21:29:
75:49:db:9c:fa:60:be:74:ab:51:9a:6b:cd:57:e4:
00:d0:21:63:4b:54:74:ec:8b:76:79:06:5e:fc:cf:
86:3e:98:ab:ad:6e:98:d8:53:33:9d:1b:44:70:72:
6e:15:d9:ea:8c:83:4e:30:ef:5d:d8:9c:65:b3:f2:
2d:ec:9f:aa:07:da:33:34:ac:bf:52:2c:91:d4:25:
28:a0:b3:29:17:89:8a:5e:3a:a6:6b:9c:91:34:11:
09:6b:a0:0a:f4:7a:55:98:0d:d7:9d:92:45:72:d9:
2e:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:DA:26:84:AC:8E:FB:A1:16:D5:F3:8D:2F:CC:E7:DC:BD:6F:D0:7D
X509v3 Authority Key Identifier:
keyid:8A:00:9E:17:1B:AF:8C:2A:3A:94:D2:9B:24:87:9E:F9:7F:09:66:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/igCeFxuvjCo6lNKbJIee-X8JZgI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/9f37d1-14ca-4dcf-98f7-2e7213767628/1/E9omhKyO-6EW1fONL8zn3L1v0H0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/9f37d1-14ca-4dcf-98f7-2e7213767628/1/igCeFxuvjCo6lNKbJIee-X8JZgI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.20.0/22
185.222.56.0/22
Signature Algorithm: sha256WithRSAEncryption
79:ec:f3:97:5c:c9:f7:c5:5c:81:ed:da:d9:73:5e:d6:61:68:
93:85:b8:aa:b4:b9:53:25:61:23:19:bc:ec:dc:60:9b:e0:ed:
c6:a5:19:16:19:fb:42:2a:f6:fe:b7:26:2f:8c:80:af:94:66:
54:fa:ba:18:0a:bc:c6:f2:74:53:38:0e:c2:a6:85:49:eb:19:
1c:75:c2:d4:9b:92:4d:47:e4:73:e3:8d:86:e4:93:d7:bb:30:
b2:37:e9:7f:64:9d:95:db:b0:93:b4:74:79:9c:77:51:90:88:
e8:25:66:42:1a:23:57:b6:23:0c:45:3f:1b:ff:e1:bb:75:ca:
a2:af:d6:f3:ad:70:e7:21:e7:bd:97:0f:dc:5e:9c:ee:bd:10:
07:4a:65:ca:de:7d:f4:e4:ae:be:6b:13:79:0d:56:b4:b6:03:
9e:73:ba:9b:0f:ee:da:f5:f5:4e:09:b9:84:b7:f1:e6:af:f9:
14:b3:de:6b:7b:74:53:ad:4f:b2:a8:4c:61:c4:e0:b4:9c:cf:
0e:34:c8:dc:33:51:b5:d6:04:59:dc:52:1c:3a:97:9d:fc:b6:
72:f2:b1:1f:de:37:3e:f9:39:8c:b1:4b:8c:6a:16:a0:16:44:
dd:49:db:15:9a:24:dc:60:4b:a3:59:58:2a:e3:36:2c:09:60:
30:e2:71:37
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYJyNI45FTBXD1WcvBvHnT56MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhMDA5ZTE3MWJhZjhjMmEzYTk0ZDI5YjI0ODc5ZWY5N2Yw
OTY2MDIwHhcNMjIwODA2MDgxMDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxM2RhMjY4NGFjOGVmYmExMTZkNWYzOGQyZmNjZTdkY2JkNmZkMDdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArcTpgZyUQ8IattkWiLu8hVv9GiOQ
cq4PHu6fSpU8VSa2BXr9S7qarL6UON6QKB5VDwHyeWKYRSs18s6IHlHvLh/FoCP2
2unhzHryVPjfHQajVng7qG1g+OcjnrmoiTuST99+Ax03esO/Z+S9QDHjJN6ATi4b
vwsyjUij+RaDuE5AgvBTUfeIA5CB2aRS8pIhwancISl1Sduc+mC+dKtRmmvNV+QA
0CFjS1R07It2eQZe/M+GPpirrW6Y2FMznRtEcHJuFdnqjINOMO9d2Jxls/It7J+q
B9ozNKy/UiyR1CUooLMpF4mKXjqma5yRNBEJa6AK9HpVmA3XnZJFctkuGwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBPaJoSsjvuhFtXzjS/M59y9b9B9MB8GA1UdIwQY
MBaAFIoAnhcbr4wqOpTSmySHnvl/CWYCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWdDZUZ4dXZqQ282bE5LYkpJZWUtWDhKWmdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy85ZjM3ZDEtMTRjYS00ZGNmLTk4Zjct
MmU3MjEzNzY3NjI4LzEvRTlvbWhLeU8tNkVXMWZPTkw4em4zTDF2MEgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy85ZjM3ZDEtMTRjYS00ZGNmLTk4ZjctMmU3MjEzNzY3NjI4
LzEvaWdDZUZ4dXZqQ282bE5LYkpJZWUtWDhKWmdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLYkUAwQC
ud44MA0GCSqGSIb3DQEBCwUAA4IBAQB57POXXMn3xVyB7drZc17WYWiThbiqtLlT
JWEjGbzs3GCb4O3GpRkWGftCKvb+tyYvjICvlGZU+roYCrzG8nRTOA7CpoVJ6xkc
dcLUm5JNR+Rz442G5JPXuzCyN+l/ZJ2V27CTtHR5nHdRkIjoJWZCGiNXtiMMRT8b
/+G7dcqir9bzrXDnIee9lw/cXpzuvRAHSmXK3n305K6+axN5DVa0tgOec7qbD+7a
9fVOCbmEt/Hmr/kUs95re3RTrU+yqExhxOC0nM8ONMjcM1G11gRZ3FIcOped/LZy
8rEf3jc++TmMsUuMahagFkTdSdsVmiTcYEujWVgq4zYsCWAw4nE3
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:30 2024 by rpki-client on console-fra.rpki-client.org