Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/usbw41PLdzLnIb5fLF1pgdPAC94.roa
File: usbw41PLdzLnIb5fLF1pgdPAC94.roa (raw, json)
Hash identifier: +/eKzSd14h/NjiAlccIRw6XKkWns9aXcIumfdhY/wsk=
Subject key identifier: BA:C6:F0:E3:53:CB:77:32:E7:21:BE:5F:2C:5D:69:81:D3:C0:0B:DE
Certificate issuer: /CN=9b0c0d04225566db95e9ad3b2ef605014975aaa2
Certificate serial: 08A69ABD
Authority key identifier: 9B:0C:0D:04:22:55:66:DB:95:E9:AD:3B:2E:F6:05:01:49:75:AA:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mwwNBCJVZtuV6a07LvYFAUl1qqI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/usbw41PLdzLnIb5fLF1pgdPAC94.roa
Signing time: Wed 11 May 2022 05:42:01 +0000
ROA not before: Wed 11 May 2022 05:42:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 176.105.228.0/22 maxlen: 24
45.150.52.0/23 maxlen: 24
91.239.148.0/23 maxlen: 24
91.238.92.0/23 maxlen: 24
212.115.124.0/22 maxlen: 24
45.132.80.0/22 maxlen: 24
91.244.199.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 145136317 (0x8a69abd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b0c0d04225566db95e9ad3b2ef605014975aaa2
Validity
Not Before: May 11 05:42:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bac6f0e353cb7732e721be5f2c5d6981d3c00bde
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:4d:26:6c:5b:b6:64:bb:fb:4b:07:fb:41:2f:
6a:c6:57:2f:66:cf:23:6d:48:5f:83:22:e6:e5:ef:
b5:93:9b:c2:ca:01:18:66:4f:f7:4c:17:cc:02:ba:
73:af:37:c6:c5:a3:93:0d:f4:d3:7c:b1:75:ec:76:
94:ce:2b:33:b4:22:f9:f9:84:9b:f6:38:e5:0d:b7:
d9:ec:47:a9:28:71:39:c1:fc:88:5e:34:b2:17:5c:
69:79:ce:10:eb:4f:e6:49:48:e6:29:97:5d:7a:93:
62:ab:29:35:ef:53:65:06:54:5d:05:8c:15:63:ba:
6d:e6:7f:3c:89:98:bc:55:6f:7d:64:b5:d2:00:84:
7a:77:0f:db:f1:5c:4e:d9:02:02:a2:63:05:63:bb:
b4:6c:cc:30:99:9f:6f:c5:4e:9a:16:a5:30:fd:6e:
e0:80:4b:f3:61:0f:ff:41:30:2b:45:29:be:e0:32:
0d:12:d1:13:53:90:cd:49:ae:2b:46:e9:2b:31:c0:
9e:38:55:3e:f0:c6:f9:bc:fd:ae:06:a9:5e:34:a9:
31:10:d0:01:e6:30:5f:a7:88:11:0b:77:60:f2:14:
75:78:23:cd:31:81:62:26:cc:ad:5d:e3:4d:09:d1:
9d:88:19:69:98:fd:e6:48:2a:4c:b5:b9:01:50:d3:
84:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:C6:F0:E3:53:CB:77:32:E7:21:BE:5F:2C:5D:69:81:D3:C0:0B:DE
X509v3 Authority Key Identifier:
keyid:9B:0C:0D:04:22:55:66:DB:95:E9:AD:3B:2E:F6:05:01:49:75:AA:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mwwNBCJVZtuV6a07LvYFAUl1qqI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/usbw41PLdzLnIb5fLF1pgdPAC94.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/mwwNBCJVZtuV6a07LvYFAUl1qqI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.80.0/22
45.150.52.0/23
91.238.92.0/23
91.239.148.0/23
91.244.199.0/24
176.105.228.0/22
212.115.124.0/22
Signature Algorithm: sha256WithRSAEncryption
3a:ec:0a:d0:44:aa:47:fc:da:a1:ac:21:7c:26:66:d1:5b:c1:
c0:d2:f5:5b:c3:c9:42:f2:dc:7f:70:62:fa:86:ed:14:fb:63:
6b:c0:e8:e9:69:9b:b6:d9:02:9e:76:20:05:51:2b:75:68:96:
c9:b4:fd:ab:a2:34:18:38:76:e5:86:75:41:0f:b1:78:fa:c2:
d5:db:94:f7:ee:46:22:ec:39:3a:e1:e9:ed:29:c2:b6:dd:f1:
19:5f:29:3b:2b:42:9d:91:80:69:eb:d9:f7:66:7b:12:cc:3b:
6d:46:5c:a2:ac:65:8e:52:04:a1:ea:86:5c:da:08:40:f2:99:
8f:80:70:08:d4:60:4c:58:3e:62:60:56:06:61:a3:09:4c:67:
60:33:79:a0:15:06:aa:b7:3f:9a:53:9c:33:58:f1:60:3f:7c:
6a:24:df:3b:8c:3e:da:37:a2:97:ba:78:63:b1:20:e0:67:f3:
bd:60:12:96:76:3c:b4:4e:a1:2b:7d:fc:31:59:8c:04:68:8a:
cd:f4:22:69:6e:c1:b9:4a:d5:80:a6:a3:ce:35:73:71:7b:7d:
21:a4:8a:6b:c7:34:2f:d3:d7:43:ea:a6:80:2e:12:af:de:8d:
b9:dc:b4:f0:85:80:2b:b2:4b:e2:3a:7b:38:26:27:94:f8:3c:
cb:07:18:b5
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgIECKaavTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
YjBjMGQwNDIyNTU2NmRiOTVlOWFkM2IyZWY2MDUwMTQ5NzVhYWEyMB4XDTIyMDUx
MTA1NDIwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmFjNmYwZTM1M2Ni
NzczMmU3MjFiZTVmMmM1ZDY5ODFkM2MwMGJkZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOFNJmxbtmS7+0sH+0EvasZXL2bPI21IX4Mi5uXvtZObwsoB
GGZP90wXzAK6c683xsWjkw3003yxdex2lM4rM7Qi+fmEm/Y45Q232exHqShxOcH8
iF40shdcaXnOEOtP5klI5imXXXqTYqspNe9TZQZUXQWMFWO6beZ/PImYvFVvfWS1
0gCEencP2/FcTtkCAqJjBWO7tGzMMJmfb8VOmhalMP1u4IBL82EP/0EwK0UpvuAy
DRLRE1OQzUmuK0bpKzHAnjhVPvDG+bz9rgapXjSpMRDQAeYwX6eIEQt3YPIUdXgj
zTGBYibMrV3jTQnRnYgZaZj95kgqTLW5AVDThDcCAwEAAaOCAi0wggIpMB0GA1Ud
DgQWBBS6xvDjU8t3Muchvl8sXWmB08AL3jAfBgNVHSMEGDAWgBSbDA0EIlVm25Xp
rTsu9gUBSXWqojAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L213d05CQ0pWWnR1VjZhMDdMdllGQVVsMXFxSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjAvMGVjNmQyLWYxZDctNGIwYS1hZDMzLWU4ZWYyZjA5NTk4ZS8x
L3VzYnc0MVBMZHpMbkliNWZMRjFwZ2RQQUM5NC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjAv
MGVjNmQyLWYxZDctNGIwYS1hZDMzLWU4ZWYyZjA5NTk4ZS8xL213d05CQ0pWWnR1
VjZhMDdMdllGQVVsMXFxSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBD
BggrBgEFBQcBBwEB/wQ0MDIwMAQCAAEwKgMEAi2EUAMEAS2WNAMEAVvuXAMEAVvv
lAMEAFv0xwMEArBp5AMEAtRzfDANBgkqhkiG9w0BAQsFAAOCAQEAOuwK0ESqR/za
oawhfCZm0VvBwNL1W8PJQvLcf3Bi+obtFPtja8Do6WmbttkCnnYgBVErdWiWybT9
q6I0GDh25YZ1QQ+xePrC1duU9+5GIuw5OuHp7SnCtt3xGV8pOytCnZGAaevZ92Z7
Esw7bUZcoqxljlIEoeqGXNoIQPKZj4BwCNRgTFg+YmBWBmGjCUxnYDN5oBUGqrc/
mlOcM1jxYD98aiTfO4w+2jeil7p4Y7Eg4GfzvWASlnY8tE6hK338MVmMBGiKzfQi
aW7BuUrVgKajzjVzcXt9IaSKa8c0L9PXQ+qmgC4Sr96Nudy08IWAK7JL4jp7OCYn
lPg8ywcYtQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:12 2023 by rpki-client on console-ams.rpki-client.org