Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/eecf8b-3d63-4c9c-bd84-cd0d9e5742cb/1/r4ebEeoiqwXoJmNSCbPIydvzk1g.roa
File: r4ebEeoiqwXoJmNSCbPIydvzk1g.roa (raw, json)
Hash identifier: KWfmIclHXCxquFYBzeLR7HqbITAAcGUQ3KvjEzmQer8=
Subject key identifier: AF:87:9B:11:EA:22:AB:05:E8:26:63:52:09:B3:C8:C9:DB:F3:93:58
Certificate issuer: /CN=04a9cff24981d7263d1b7d63779f5d673de2bdbc
Certificate serial: 0728F11E
Authority key identifier: 04:A9:CF:F2:49:81:D7:26:3D:1B:7D:63:77:9F:5D:67:3D:E2:BD:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BKnP8kmB1yY9G31jd59dZz3ivbw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/eecf8b-3d63-4c9c-bd84-cd0d9e5742cb/1/r4ebEeoiqwXoJmNSCbPIydvzk1g.roa
Signing time: Sat 01 Jan 2022 14:58:34 +0000
ROA not before: Sat 01 Jan 2022 14:58:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205495
IP address blocks: 185.136.184.0/23 maxlen: 23
185.136.184.0/22 maxlen: 22
185.136.186.0/23 maxlen: 23
45.153.44.0/23 maxlen: 23
45.153.44.0/22 maxlen: 22
185.216.80.0/23 maxlen: 23
45.153.46.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 120123678 (0x728f11e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04a9cff24981d7263d1b7d63779f5d673de2bdbc
Validity
Not Before: Jan 1 14:58:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=af879b11ea22ab05e826635209b3c8c9dbf39358
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:07:3c:56:34:f7:fb:c9:f8:4e:d5:01:93:8b:
45:55:c5:b2:0f:a6:80:7a:43:60:f2:3d:71:73:ef:
0a:cf:07:12:60:ba:6b:45:55:23:89:9b:97:dc:db:
ea:aa:79:07:25:f9:43:5c:8c:b4:05:85:6b:6d:81:
6e:3d:0d:12:3c:7c:20:e7:e1:a1:19:d5:16:67:36:
1e:98:08:ca:c9:ce:54:2c:58:47:c3:f5:9d:a1:f6:
a2:02:67:e8:d9:28:0a:5b:e4:ff:3a:5a:82:06:e2:
4d:af:16:b0:7a:cc:99:45:15:64:6c:fc:f8:32:0a:
bc:4c:70:99:12:37:8d:21:13:f5:52:fc:f1:b8:b8:
84:3d:70:aa:d1:ac:c4:4d:1b:fd:01:90:d8:9c:6d:
4b:87:b6:c5:ac:03:39:04:a1:23:b6:05:c4:9e:e4:
f2:ac:51:ad:cd:34:3c:4d:9b:ad:76:77:0e:a5:ae:
9a:8c:3f:71:41:7b:72:23:eb:5c:6e:96:24:91:5c:
ef:54:26:14:52:dc:4a:f8:9a:5d:7e:a5:28:f5:d9:
0b:53:3d:81:5a:71:9e:e1:67:24:25:37:24:73:9d:
ec:dd:f5:a1:d2:9b:71:73:aa:88:02:61:94:c9:1c:
eb:17:03:e1:43:c4:ed:c2:eb:1b:26:84:0a:4c:e6:
5b:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:87:9B:11:EA:22:AB:05:E8:26:63:52:09:B3:C8:C9:DB:F3:93:58
X509v3 Authority Key Identifier:
keyid:04:A9:CF:F2:49:81:D7:26:3D:1B:7D:63:77:9F:5D:67:3D:E2:BD:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BKnP8kmB1yY9G31jd59dZz3ivbw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/eecf8b-3d63-4c9c-bd84-cd0d9e5742cb/1/r4ebEeoiqwXoJmNSCbPIydvzk1g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/eecf8b-3d63-4c9c-bd84-cd0d9e5742cb/1/BKnP8kmB1yY9G31jd59dZz3ivbw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.44.0/22
185.136.184.0/22
185.216.80.0/23
Signature Algorithm: sha256WithRSAEncryption
5b:42:84:59:f9:3b:58:af:63:93:2a:7a:bf:52:f5:f3:7b:f3:
2b:c2:c5:95:51:30:fb:b0:7d:74:58:64:e0:62:7e:87:57:ab:
b6:a8:f9:81:aa:3e:62:d3:83:a7:49:b2:e6:f3:d3:64:5d:c7:
b7:95:82:8c:82:a3:ff:5e:bd:f3:c5:2c:07:a1:19:f6:bd:4c:
13:c6:84:d2:b1:66:d0:16:a3:fc:66:9e:5b:44:16:d7:fe:af:
14:eb:d7:dd:c4:e8:d4:3c:d1:6d:c5:ed:26:2f:f6:1e:45:8b:
40:a1:dd:36:95:54:40:7f:b6:31:f7:dc:59:c4:57:4b:8b:50:
f8:00:7f:8f:71:b3:b4:de:20:96:bc:b5:02:01:1c:7b:ae:6c:
08:45:41:e2:01:38:e4:b9:cc:1b:fe:ef:ea:1c:a7:36:77:8d:
53:cf:cb:d1:10:db:e8:30:81:04:ca:e1:28:08:df:4f:40:63:
22:eb:27:ce:ad:95:36:c5:c0:76:74:40:6d:b2:77:22:a2:41:
56:f8:76:cf:66:c3:8c:5b:0d:8b:fd:94:42:0a:d3:f4:89:26:
a0:9c:47:75:77:b9:32:63:aa:13:f3:2c:54:32:9f:2c:7a:83:
e0:1b:a0:20:75:c8:83:f1:c4:a9:b3:56:31:fe:78:e4:f7:8a:
20:14:83:5a
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEByjxHjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NGE5Y2ZmMjQ5ODFkNzI2M2QxYjdkNjM3NzlmNWQ2NzNkZTJiZGJjMB4XDTIyMDEw
MTE0NTgzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWY4NzliMTFlYTIy
YWIwNWU4MjY2MzUyMDliM2M4YzlkYmYzOTM1ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMYHPFY09/vJ+E7VAZOLRVXFsg+mgHpDYPI9cXPvCs8HEmC6
a0VVI4mbl9zb6qp5ByX5Q1yMtAWFa22Bbj0NEjx8IOfhoRnVFmc2HpgIysnOVCxY
R8P1naH2ogJn6NkoClvk/zpaggbiTa8WsHrMmUUVZGz8+DIKvExwmRI3jSET9VL8
8bi4hD1wqtGsxE0b/QGQ2JxtS4e2xawDOQShI7YFxJ7k8qxRrc00PE2brXZ3DqWu
mow/cUF7ciPrXG6WJJFc71QmFFLcSviaXX6lKPXZC1M9gVpxnuFnJCU3JHOd7N31
odKbcXOqiAJhlMkc6xcD4UPE7cLrGyaECkzmW0kCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBSvh5sR6iKrBegmY1IJs8jJ2/OTWDAfBgNVHSMEGDAWgBQEqc/ySYHXJj0b
fWN3n11nPeK9vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JLblA4a21CMXlZOUczMWpkNTlkWnozaXZidy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjkvZWVjZjhiLTNkNjMtNGM5Yy1iZDg0LWNkMGQ5ZTU3NDJjYi8x
L3I0ZWJFZW9pcXdYb0ptTlNDYlBJeWR2emsxZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjkv
ZWVjZjhiLTNkNjMtNGM5Yy1iZDg0LWNkMGQ5ZTU3NDJjYi8xL0JLblA4a21CMXlZ
OUczMWpkNTlkWnozaXZidy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAi2ZLAMEArmIuAMEAbnYUDANBgkq
hkiG9w0BAQsFAAOCAQEAW0KEWfk7WK9jkyp6v1L183vzK8LFlVEw+7B9dFhk4GJ+
h1ertqj5gao+YtODp0my5vPTZF3Ht5WCjIKj/16988UsB6EZ9r1ME8aE0rFm0Baj
/GaeW0QW1/6vFOvX3cTo1DzRbcXtJi/2HkWLQKHdNpVUQH+2MffcWcRXS4tQ+AB/
j3GztN4glry1AgEce65sCEVB4gE45LnMG/7v6hynNneNU8/L0RDb6DCBBMrhKAjf
T0BjIusnzq2VNsXAdnRAbbJ3IqJBVvh2z2bDjFsNi/2UQgrT9IkmoJxHdXe5MmOq
E/MsVDKfLHqD4BugIHXIg/HEqbNWMf545PeKIBSDWg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:21 2024 by rpki-client on console-fra.rpki-client.org