Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/9f37d1-14ca-4dcf-98f7-2e7213767628/1/fZyP7YbjEjzk3Ki7L3GyX6_dHes.roa
File: fZyP7YbjEjzk3Ki7L3GyX6_dHes.roa (raw, json)
Hash identifier: LvBYjlG8PLvA1E6ScZLtJSg7dJQiGrUJWBVFIdVhe9U=
Subject key identifier: 7D:9C:8F:ED:86:E3:12:3C:E4:DC:A8:BB:2F:71:B2:5F:AF:DD:1D:EB
Certificate issuer: /CN=8a009e171baf8c2a3a94d29b24879ef97f096602
Certificate serial: 04351CC1
Authority key identifier: 8A:00:9E:17:1B:AF:8C:2A:3A:94:D2:9B:24:87:9E:F9:7F:09:66:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/igCeFxuvjCo6lNKbJIee-X8JZgI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/9f37d1-14ca-4dcf-98f7-2e7213767628/1/fZyP7YbjEjzk3Ki7L3GyX6_dHes.roa
Signing time: Sat 01 Jan 2022 14:04:01 +0000
ROA not before: Sat 01 Jan 2022 14:04:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51447
IP address blocks: 45.137.20.0/24 maxlen: 24
45.137.23.0/24 maxlen: 24
45.137.22.0/24 maxlen: 24
45.137.21.0/24 maxlen: 24
185.222.58.0/24 maxlen: 24
185.222.57.0/24 maxlen: 24
185.222.56.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 70589633 (0x4351cc1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a009e171baf8c2a3a94d29b24879ef97f096602
Validity
Not Before: Jan 1 14:04:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7d9c8fed86e3123ce4dca8bb2f71b25fafdd1deb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:c2:a8:a7:c0:4d:a0:16:d3:0f:f1:a5:79:9d:
47:93:eb:98:f9:2f:7a:de:ef:09:93:b3:bb:41:01:
96:e5:3f:26:44:28:8a:d3:01:d0:ee:45:08:10:53:
00:71:ac:29:84:b3:8f:90:54:68:95:ae:fc:55:93:
3c:d1:7e:9f:d6:ef:9e:fc:de:04:d5:83:56:aa:7d:
6a:c8:0f:7d:d8:08:00:75:12:d6:cc:fd:9d:1e:c6:
6a:77:eb:13:6b:e1:51:02:7e:b8:9c:e7:f3:35:7b:
62:a5:50:76:8d:03:6a:d0:a8:ca:99:53:be:5a:c0:
e6:7b:a8:06:94:a4:1c:5c:77:7d:7d:33:7b:bc:59:
5b:c2:57:81:de:40:89:a6:1c:d6:43:8b:97:65:c6:
35:d4:4a:cd:f0:34:17:98:83:c6:33:b0:a9:ef:c6:
48:e2:b9:fd:9d:79:45:25:4a:2a:58:6f:5c:8c:e8:
e6:fc:37:d2:44:19:c9:0d:0f:7b:0d:6e:9a:2e:c2:
f4:ee:81:f2:1c:35:bf:82:f7:88:7d:29:6e:47:48:
38:23:0e:19:52:90:0f:91:6b:9f:09:d0:86:ad:25:
85:50:44:38:39:e9:ba:2c:9c:02:c0:f1:5c:f6:42:
42:2b:54:d8:31:12:bb:71:e0:94:03:7a:df:b4:db:
03:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:9C:8F:ED:86:E3:12:3C:E4:DC:A8:BB:2F:71:B2:5F:AF:DD:1D:EB
X509v3 Authority Key Identifier:
keyid:8A:00:9E:17:1B:AF:8C:2A:3A:94:D2:9B:24:87:9E:F9:7F:09:66:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/igCeFxuvjCo6lNKbJIee-X8JZgI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/9f37d1-14ca-4dcf-98f7-2e7213767628/1/fZyP7YbjEjzk3Ki7L3GyX6_dHes.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/9f37d1-14ca-4dcf-98f7-2e7213767628/1/igCeFxuvjCo6lNKbJIee-X8JZgI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.20.0/22
185.222.56.0-185.222.58.255
Signature Algorithm: sha256WithRSAEncryption
76:71:40:98:40:91:0e:ca:f3:d1:1e:cd:ec:a4:ee:de:2b:5d:
1b:c5:90:cf:18:18:b5:3d:70:a7:af:25:c4:50:a9:37:b6:21:
d3:c5:e2:27:db:eb:4e:c1:04:a3:f0:28:bb:5c:3a:2a:ef:ba:
e7:97:5f:fa:e1:2c:3c:9f:2e:75:67:ac:40:7c:23:bb:4d:9c:
bc:69:75:eb:e6:9e:9d:fd:2a:58:b2:0c:cc:e0:49:48:61:01:
c6:48:ef:0f:fe:df:08:7e:0a:cc:8a:7e:ad:4a:78:3a:7d:84:
f4:2d:41:cf:7e:a4:b3:6c:2a:90:a3:1b:84:d6:87:79:21:01:
44:d2:40:08:d0:b3:f8:b3:9d:85:55:be:b5:5d:b9:62:15:4e:
d3:ec:a3:da:1f:68:61:2d:16:b8:da:73:30:5a:b1:d4:05:a6:
b8:22:bf:81:77:a9:0a:b6:63:8c:87:67:a1:3d:d6:b5:13:5b:
99:c5:9c:a2:f4:ae:fe:82:b1:43:00:7d:e3:60:6e:af:ba:05:
1c:c5:74:5b:93:1f:ad:21:04:fc:25:dc:7e:a0:4e:99:24:85:
43:d4:3b:94:32:7a:8d:60:36:8e:f2:66:de:a6:b3:ef:5d:f6:
e9:9b:b7:60:d5:51:39:4c:29:66:e7:68:1d:2d:e2:57:0f:d4:
2f:72:e7:1e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIEBDUcwTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
YTAwOWUxNzFiYWY4YzJhM2E5NGQyOWIyNDg3OWVmOTdmMDk2NjAyMB4XDTIyMDEw
MTE0MDQwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2Q5YzhmZWQ4NmUz
MTIzY2U0ZGNhOGJiMmY3MWIyNWZhZmRkMWRlYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMnCqKfATaAW0w/xpXmdR5PrmPkvet7vCZOzu0EBluU/JkQo
itMB0O5FCBBTAHGsKYSzj5BUaJWu/FWTPNF+n9bvnvzeBNWDVqp9asgPfdgIAHUS
1sz9nR7GanfrE2vhUQJ+uJzn8zV7YqVQdo0DatCoyplTvlrA5nuoBpSkHFx3fX0z
e7xZW8JXgd5AiaYc1kOLl2XGNdRKzfA0F5iDxjOwqe/GSOK5/Z15RSVKKlhvXIzo
5vw30kQZyQ0Pew1umi7C9O6B8hw1v4L3iH0pbkdIOCMOGVKQD5FrnwnQhq0lhVBE
ODnpuiycAsDxXPZCQitU2DESu3HglAN637TbA4kCAwEAAaOCAhcwggITMB0GA1Ud
DgQWBBR9nI/thuMSPOTcqLsvcbJfr90d6zAfBgNVHSMEGDAWgBSKAJ4XG6+MKjqU
0pskh575fwlmAjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2lnQ2VGeHV2akNvNmxOS2JKSWVlLVg4SlpnSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWMvOWYzN2QxLTE0Y2EtNGRjZi05OGY3LTJlNzIxMzc2NzYyOC8x
L2ZaeVA3WWJqRWp6azNLaTdMM0d5WDZfZEhlcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWMv
OWYzN2QxLTE0Y2EtNGRjZi05OGY3LTJlNzIxMzc2NzYyOC8xL2lnQ2VGeHV2akNv
NmxOS2JKSWVlLVg4SlpnSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAt
BggrBgEFBQcBBwEB/wQeMBwwGgQCAAEwFAMEAi2JFDAMAwQDud44AwQAud46MA0G
CSqGSIb3DQEBCwUAA4IBAQB2cUCYQJEOyvPRHs3spO7eK10bxZDPGBi1PXCnryXE
UKk3tiHTxeIn2+tOwQSj8Ci7XDoq77rnl1/64Sw8ny51Z6xAfCO7TZy8aXXr5p6d
/SpYsgzM4ElIYQHGSO8P/t8IfgrMin6tSng6fYT0LUHPfqSzbCqQoxuE1od5IQFE
0kAI0LP4s52FVb61XbliFU7T7KPaH2hhLRa42nMwWrHUBaa4Ir+Bd6kKtmOMh2eh
Pda1E1uZxZyi9K7+grFDAH3jYG6vugUcxXRbkx+tIQT8Jdx+oE6ZJIVD1DuUMnqN
YDaO8mbeprPvXfbpm7dg1VE5TClm52gdLeJXD9Qvcuce
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:05 2024 by rpki-client on console-ams.rpki-client.org