Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/a2ea51-87a6-4814-9b82-278cbb0b4e73/1/T6jhVCtQt9mOa0RReKdWAodchC0.roa
File: T6jhVCtQt9mOa0RReKdWAodchC0.roa (raw, json)
Hash identifier: yL5FYLay1WG3bJlO8BYcua09Swjr8mHvjvGI1hZf5vU=
Subject key identifier: 4F:A8:E1:54:2B:50:B7:D9:8E:6B:44:51:78:A7:56:02:87:5C:84:2D
Certificate issuer: /CN=7d2ae80cde5cd769c8f144e6c266113bfaedec3e
Certificate serial: 0F2036C6
Authority key identifier: 7D:2A:E8:0C:DE:5C:D7:69:C8:F1:44:E6:C2:66:11:3B:FA:ED:EC:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fSroDN5c12nI8UTmwmYRO_rt7D4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/a2ea51-87a6-4814-9b82-278cbb0b4e73/1/T6jhVCtQt9mOa0RReKdWAodchC0.roa
Signing time: Wed 23 Mar 2022 13:33:09 +0000
ROA not before: Wed 23 Mar 2022 13:33:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205668
IP address blocks: 185.44.128.0/22 maxlen: 24
185.200.101.0/24 maxlen: 24
185.200.102.0/24 maxlen: 24
185.200.103.0/24 maxlen: 24
185.200.100.0/24 maxlen: 24
185.129.71.0/24 maxlen: 24
185.129.68.0/22 maxlen: 24
185.129.68.0/24 maxlen: 24
185.129.69.0/24 maxlen: 24
185.129.70.0/24 maxlen: 24
45.148.168.0/22 maxlen: 24
2a0a:aa40::/32 maxlen: 32
2a01:74e0::/32 maxlen: 32
2a0a:aa42::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 253769414 (0xf2036c6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d2ae80cde5cd769c8f144e6c266113bfaedec3e
Validity
Not Before: Mar 23 13:33:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4fa8e1542b50b7d98e6b445178a75602875c842d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:32:33:bf:fd:17:4e:38:f9:cb:39:55:78:53:
75:1c:51:66:bd:75:df:3c:d1:65:8c:88:87:26:ea:
52:f2:42:2e:29:0d:6d:86:78:54:83:3b:f8:b8:ab:
1b:f5:e6:35:e0:82:7b:17:6d:45:a2:cc:e0:13:8b:
6b:71:12:eb:e8:3c:0b:52:d4:c2:b8:f4:97:09:4e:
76:5c:88:ba:61:21:e6:2a:ae:07:ba:2c:5e:89:5f:
5b:23:ce:89:96:14:ff:d8:33:0c:0b:e7:ca:fb:50:
72:21:cb:cb:f2:53:3a:b7:b5:ce:a5:26:8c:bc:d8:
00:b9:a0:d2:2b:8d:1c:95:12:aa:50:1a:87:4a:27:
2c:3f:93:7f:2d:25:b9:dd:0b:8e:79:bc:19:dd:01:
3b:06:9d:db:ca:c7:18:ef:d7:fe:98:6d:3f:c3:c9:
88:15:70:eb:8f:7a:04:3c:c3:31:23:87:17:de:30:
55:d6:bb:b2:69:1c:59:1d:08:76:52:04:8c:ed:46:
d7:78:a8:34:90:1b:ed:f9:d7:f0:2d:ca:76:4b:25:
87:47:7b:a4:96:4f:86:a7:31:60:96:1b:b7:06:8b:
e9:0b:0a:c6:f4:a5:71:47:01:8d:b7:43:67:9c:58:
94:90:69:d3:73:0c:65:41:9b:6b:61:d1:c8:3c:69:
e9:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:A8:E1:54:2B:50:B7:D9:8E:6B:44:51:78:A7:56:02:87:5C:84:2D
X509v3 Authority Key Identifier:
keyid:7D:2A:E8:0C:DE:5C:D7:69:C8:F1:44:E6:C2:66:11:3B:FA:ED:EC:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fSroDN5c12nI8UTmwmYRO_rt7D4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/a2ea51-87a6-4814-9b82-278cbb0b4e73/1/T6jhVCtQt9mOa0RReKdWAodchC0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/a2ea51-87a6-4814-9b82-278cbb0b4e73/1/fSroDN5c12nI8UTmwmYRO_rt7D4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.148.168.0/22
185.44.128.0/22
185.129.68.0/22
185.200.100.0/22
IPv6:
2a01:74e0::/32
2a0a:aa40::/32
2a0a:aa42::/32
Signature Algorithm: sha256WithRSAEncryption
0c:90:a1:1a:ec:bf:2d:73:b1:93:92:19:f1:ac:d0:3f:5c:77:
7d:fa:d3:9c:c7:8c:94:c5:ed:58:4d:48:29:61:93:7c:51:39:
3d:38:d4:e2:5e:ec:f0:b7:8b:f9:b3:ae:e4:76:1c:6e:d6:14:
f2:c0:3d:0f:e4:0f:f5:90:04:8a:0b:3c:47:f6:ee:35:21:9f:
6b:d8:06:4f:26:08:0a:f4:b1:b7:2a:38:f9:66:dc:13:86:91:
9a:63:98:af:61:fa:77:3e:ea:bb:b6:5b:64:71:dc:cf:0d:58:
e8:3d:36:d5:d4:21:3c:a2:e8:74:a5:14:fc:6a:7f:50:9e:7b:
94:a4:e7:94:d1:e5:0a:41:b1:08:ed:e7:ac:91:a4:66:12:42:
97:da:94:6d:12:0c:e7:94:a3:c8:68:b3:9b:cb:fb:4a:5f:9a:
1d:90:56:e5:0f:a5:1b:91:26:80:ee:54:54:f9:e5:9d:21:0e:
7a:36:f9:5e:f3:ce:8b:45:51:3a:13:ce:50:df:9d:51:35:5e:
9b:17:b4:e4:e4:89:ff:75:de:92:10:c5:0d:d7:32:c7:0f:5c:
49:d4:d4:92:11:1c:66:81:2e:ee:fa:82:74:b3:8a:12:0b:60:
24:74:dd:9a:a0:64:92:fd:8d:f8:f9:97:ee:41:65:b9:0c:36:
b0:13:f9:0e
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgIEDyA2xjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
ZDJhZTgwY2RlNWNkNzY5YzhmMTQ0ZTZjMjY2MTEzYmZhZWRlYzNlMB4XDTIyMDMy
MzEzMzMwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGZhOGUxNTQyYjUw
YjdkOThlNmI0NDUxNzhhNzU2MDI4NzVjODQyZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJcyM7/9F044+cs5VXhTdRxRZr113zzRZYyIhybqUvJCLikN
bYZ4VIM7+LirG/XmNeCCexdtRaLM4BOLa3ES6+g8C1LUwrj0lwlOdlyIumEh5iqu
B7osXolfWyPOiZYU/9gzDAvnyvtQciHLy/JTOre1zqUmjLzYALmg0iuNHJUSqlAa
h0onLD+Tfy0lud0Ljnm8Gd0BOwad28rHGO/X/phtP8PJiBVw6496BDzDMSOHF94w
Vda7smkcWR0IdlIEjO1G13ioNJAb7fnX8C3Kdkslh0d7pJZPhqcxYJYbtwaL6QsK
xvSlcUcBjbdDZ5xYlJBp03MMZUGba2HRyDxp6SsCAwEAAaOCAjgwggI0MB0GA1Ud
DgQWBBRPqOFUK1C32Y5rRFF4p1YCh1yELTAfBgNVHSMEGDAWgBR9KugM3lzXacjx
RObCZhE7+u3sPjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ZTcm9ETjVjMTJuSThVVG13bVlST19ydDdENC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjUvYTJlYTUxLTg3YTYtNDgxNC05YjgyLTI3OGNiYjBiNGU3My8x
L1Q2amhWQ3RRdDltT2EwUlJlS2RXQW9kY2hDMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjUv
YTJlYTUxLTg3YTYtNDgxNC05YjgyLTI3OGNiYjBiNGU3My8xL2ZTcm9ETjVjMTJu
SThVVG13bVlST19ydDdENC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBO
BggrBgEFBQcBBwEB/wQ/MD0wHgQCAAEwGAMEAi2UqAMEArksgAMEArmBRAMEArnI
ZDAbBAIAAjAVAwUAKgF04AMFACoKqkADBQAqCqpCMA0GCSqGSIb3DQEBCwUAA4IB
AQAMkKEa7L8tc7GTkhnxrNA/XHd9+tOcx4yUxe1YTUgpYZN8UTk9ONTiXuzwt4v5
s67kdhxu1hTywD0P5A/1kASKCzxH9u41IZ9r2AZPJggK9LG3Kjj5ZtwThpGaY5iv
Yfp3Puq7tltkcdzPDVjoPTbV1CE8ouh0pRT8an9QnnuUpOeU0eUKQbEI7eeskaRm
EkKX2pRtEgznlKPIaLOby/tKX5odkFblD6UbkSaA7lRU+eWdIQ56Nvle886LRVE6
E85Q351RNV6bF7Tk5In/dd6SEMUN1zLHD1xJ1NSSERxmgS7u+oJ0s4oSC2AkdN2a
oGSS/Y34+ZfuQWW5DDawE/kO
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:30 2023 by rpki-client on console-ams.rpki-client.org