Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/Swi8XFDeBb1ziSVkWWuDXLpLZPs.roa
File: Swi8XFDeBb1ziSVkWWuDXLpLZPs.roa (raw, json)
Hash identifier: y3o7o39pGlw/KCH20SGuGBPYIO9c1iv6AR0lxdt/Xjw=
Subject key identifier: 4B:08:BC:5C:50:DE:05:BD:73:89:25:64:59:6B:83:5C:BA:4B:64:FB
Certificate issuer: /CN=c398060f1bf22f0999cb071b1b42696dbc43e10c
Certificate serial: 2FBBD512
Authority key identifier: C3:98:06:0F:1B:F2:2F:09:99:CB:07:1B:1B:42:69:6D:BC:43:E1:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w5gGDxvyLwmZywcbG0JpbbxD4Qw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/Swi8XFDeBb1ziSVkWWuDXLpLZPs.roa
Signing time: Sat 01 Jan 2022 10:04:51 +0000
ROA not before: Sat 01 Jan 2022 10:04:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 28685
IP address blocks: 145.128.160.0/19 maxlen: 19
145.131.160.0/19 maxlen: 19
145.131.64.0/18 maxlen: 18
145.128.192.0/19 maxlen: 19
145.131.192.0/18 maxlen: 18
145.128.224.0/19 maxlen: 19
145.128.128.0/19 maxlen: 19
145.131.128.0/19 maxlen: 19
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 800838930 (0x2fbbd512)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c398060f1bf22f0999cb071b1b42696dbc43e10c
Validity
Not Before: Jan 1 10:04:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4b08bc5c50de05bd73892564596b835cba4b64fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:2f:d1:fd:09:f9:17:cb:89:9f:75:d1:6d:89:
07:6c:00:ab:85:dd:fb:3c:42:65:41:ec:df:fa:18:
57:51:a1:27:d6:0c:b3:0d:98:c5:ad:cc:d7:d2:39:
0b:a5:23:9e:5b:2b:11:e5:54:5b:84:c9:7c:c7:21:
49:aa:b4:63:7a:e1:fb:7a:79:55:b2:fd:94:ff:4b:
70:58:f3:66:c5:60:db:4d:4c:b7:87:0a:c7:1d:24:
34:58:93:a2:3e:c3:d5:a9:59:e4:59:18:6f:78:26:
89:95:88:1d:ca:96:77:c9:c8:b9:22:46:75:e3:c9:
83:c2:fa:4e:71:22:8f:e2:3b:ba:fc:97:f5:47:57:
06:a6:a1:00:08:81:dd:96:13:f6:e4:57:66:0c:22:
08:22:bc:2f:44:4f:f2:b1:d8:60:da:d2:d5:09:c5:
0d:08:32:b3:bd:c3:ee:1c:c5:db:cd:ef:c7:82:fe:
35:b8:b8:f0:c1:3c:89:67:d4:fa:dc:38:70:c4:dc:
91:7c:05:a1:bd:e6:ee:03:82:e1:73:60:e9:cd:ac:
a8:4a:1a:c3:e1:65:d1:8b:94:15:34:aa:75:c8:90:
75:ae:17:ad:59:90:a3:7a:4d:4b:cb:f2:05:2d:52:
70:8b:b9:42:1d:bb:31:a7:2c:2e:b8:c6:9e:53:bc:
3a:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:08:BC:5C:50:DE:05:BD:73:89:25:64:59:6B:83:5C:BA:4B:64:FB
X509v3 Authority Key Identifier:
keyid:C3:98:06:0F:1B:F2:2F:09:99:CB:07:1B:1B:42:69:6D:BC:43:E1:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w5gGDxvyLwmZywcbG0JpbbxD4Qw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/Swi8XFDeBb1ziSVkWWuDXLpLZPs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/w5gGDxvyLwmZywcbG0JpbbxD4Qw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.128.128.0/17
145.131.64.0-145.131.255.255
Signature Algorithm: sha256WithRSAEncryption
29:8d:16:99:5b:31:a6:44:2f:98:46:0f:83:b0:36:5c:31:58:
30:e4:36:35:ca:94:e2:90:e0:2c:8b:69:dd:fc:2f:f3:1a:58:
26:7e:08:d2:a8:74:d2:32:0c:e3:13:8b:e4:17:a6:3c:bd:89:
0f:fd:84:e0:de:a2:ca:30:85:09:ca:cf:85:92:69:c4:58:b5:
20:ec:f1:6a:dc:70:e7:57:a9:58:5d:b7:67:6d:c4:09:2d:57:
5d:98:21:4b:41:55:9b:bd:dc:7c:18:9c:e4:95:54:8d:22:40:
93:ee:fa:9b:3a:33:55:63:c5:16:ed:62:89:df:97:a1:38:bc:
c5:68:e2:9f:a9:6d:f8:86:9c:38:e8:e7:44:d5:ad:4d:fb:a4:
51:f7:cb:a0:b1:15:c2:f6:28:12:96:0e:f9:3c:d1:dc:70:3f:
c6:bf:d5:d9:48:c4:06:75:9e:48:75:f8:5f:5e:a9:31:ad:3d:
27:f2:40:4b:2e:dc:6c:b2:7a:2b:4e:f1:8b:91:73:e9:8a:df:
c1:7c:ba:b0:3e:37:77:ae:01:14:ef:d1:63:a4:40:22:2f:dc:
32:32:15:c5:15:01:8f:1d:38:31:b9:73:a2:25:bb:f1:86:17:
1d:6d:fb:cd:e1:43:40:be:bc:8e:60:cc:35:c8:b5:2a:73:e7:
15:0d:ca:1a
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgIEL7vVEjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
Mzk4MDYwZjFiZjIyZjA5OTljYjA3MWIxYjQyNjk2ZGJjNDNlMTBjMB4XDTIyMDEw
MTEwMDQ1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGIwOGJjNWM1MGRl
MDViZDczODkyNTY0NTk2YjgzNWNiYTRiNjRmYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANgv0f0J+RfLiZ910W2JB2wAq4Xd+zxCZUHs3/oYV1GhJ9YM
sw2Yxa3M19I5C6UjnlsrEeVUW4TJfMchSaq0Y3rh+3p5VbL9lP9LcFjzZsVg201M
t4cKxx0kNFiToj7D1alZ5FkYb3gmiZWIHcqWd8nIuSJGdePJg8L6TnEij+I7uvyX
9UdXBqahAAiB3ZYT9uRXZgwiCCK8L0RP8rHYYNrS1QnFDQgys73D7hzF283vx4L+
Nbi48ME8iWfU+tw4cMTckXwFob3m7gOC4XNg6c2sqEoaw+Fl0YuUFTSqdciQda4X
rVmQo3pNS8vyBS1ScIu5Qh27MacsLrjGnlO8OmcCAwEAAaOCAhYwggISMB0GA1Ud
DgQWBBRLCLxcUN4FvXOJJWRZa4Ncuktk+zAfBgNVHSMEGDAWgBTDmAYPG/IvCZnL
BxsbQmltvEPhDDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3c1Z0dEeHZ5THdtWnl3Y2JHMEpwYmJ4RDRRdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjAvM2JmYzMxLWRjMzItNDU0MS04NDYwLWM5MjdiOGMyYzdjNC8x
L1N3aThYRkRlQmIxemlTVmtXV3VEWExwTFpQcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjAv
M2JmYzMxLWRjMzItNDU0MS04NDYwLWM5MjdiOGMyYzdjNC8xL3c1Z0dEeHZ5THdt
Wnl3Y2JHMEpwYmJ4RDRRdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAs
BggrBgEFBQcBBwEB/wQdMBswGQQCAAEwEwMEB5GAgDALAwQGkYNAAwMCkYAwDQYJ
KoZIhvcNAQELBQADggEBACmNFplbMaZEL5hGD4OwNlwxWDDkNjXKlOKQ4CyLad38
L/MaWCZ+CNKodNIyDOMTi+QXpjy9iQ/9hODeosowhQnKz4WSacRYtSDs8WrccOdX
qVhdt2dtxAktV12YIUtBVZu93HwYnOSVVI0iQJPu+ps6M1VjxRbtYonfl6E4vMVo
4p+pbfiGnDjo50TVrU37pFH3y6CxFcL2KBKWDvk80dxwP8a/1dlIxAZ1nkh1+F9e
qTGtPSfyQEsu3GyyeitO8YuRc+mK38F8urA+N3euARTv0WOkQCIv3DIyFcUVAY8d
ODG5c6Ilu/GGFx1t+83hQ0C+vI5gzDXItSpz5xUNyho=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:02 2024 by rpki-client on console-fra.rpki-client.org