Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/1GU43WrPWGThQa3rq2VRWTva9IU.roa
File: 1GU43WrPWGThQa3rq2VRWTva9IU.roa (raw, json)
Hash identifier: sxx4VupDarqyvPf8klE3P7qwsOSWv6+QpIaWV2AY+XY=
Subject key identifier: D4:65:38:DD:6A:CF:58:64:E1:41:AD:EB:AB:65:51:59:3B:DA:F4:85
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0D32C0D8
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/1GU43WrPWGThQa3rq2VRWTva9IU.roa
Signing time: Tue 08 Feb 2022 10:02:01 +0000
ROA not before: Tue 08 Feb 2022 10:02:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206092
IP address blocks: 45.130.83.0/24 maxlen: 24
203.26.81.0/24 maxlen: 24
185.192.71.0/24 maxlen: 24
188.212.135.0/24 maxlen: 24
89.47.15.0/24 maxlen: 24
193.19.109.0/24 maxlen: 24
45.135.186.0/24 maxlen: 24
45.135.187.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 221429976 (0xd32c0d8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Feb 8 10:02:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d46538dd6acf5864e141adebab6551593bdaf485
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:19:6b:a1:dc:56:f1:8e:4f:98:d1:c7:2f:31:
c3:ae:89:f9:0f:11:99:44:84:6c:8f:96:8a:96:85:
2e:08:5c:1c:a1:4a:c2:5f:76:91:28:20:d8:90:b9:
35:0b:0a:cc:18:30:99:a9:6a:5d:72:d1:39:16:46:
bb:6f:e2:68:0a:ee:62:3a:2c:63:0b:33:75:7c:18:
07:db:63:ef:59:f2:88:55:46:15:8c:9f:ad:99:c5:
80:78:9b:3c:65:d0:ec:0a:5c:e9:ba:12:d0:37:4c:
32:b2:61:ae:a3:89:a4:f3:81:7f:1f:c0:30:33:9d:
61:7e:17:dc:0a:94:b4:7f:4d:2a:f7:31:e8:64:bf:
83:40:51:f9:d0:fe:ca:09:39:41:93:41:6f:6c:b2:
c1:44:11:0f:3d:0b:e1:39:de:ba:01:d1:43:82:f6:
21:d8:36:a2:64:3a:56:84:a8:37:27:f4:33:2a:8e:
a9:25:f9:b3:f0:7d:4e:64:ae:63:dd:2b:ad:64:d7:
ba:d9:d2:0e:53:50:83:1f:4c:65:fc:a8:78:84:1e:
ce:db:94:97:7f:ec:8a:63:71:e1:3c:33:6e:36:0b:
87:46:f4:72:67:d0:83:66:c5:7c:9c:fd:d6:39:34:
07:ac:55:fc:2f:55:20:d1:18:a8:cb:ee:1d:11:e2:
46:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:65:38:DD:6A:CF:58:64:E1:41:AD:EB:AB:65:51:59:3B:DA:F4:85
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/1GU43WrPWGThQa3rq2VRWTva9IU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.130.83.0/24
45.135.186.0/23
89.47.15.0/24
185.192.71.0/24
188.212.135.0/24
193.19.109.0/24
203.26.81.0/24
Signature Algorithm: sha256WithRSAEncryption
79:b4:65:3f:1b:27:e7:e2:0a:17:1e:a4:87:91:d4:31:2b:3c:
04:6a:91:2a:bf:84:13:30:ea:83:02:26:75:d1:3e:28:d6:e2:
ea:37:21:d4:4c:7d:d9:d0:e3:a7:a6:9f:73:94:2d:1b:fd:9a:
dc:e5:13:fc:88:e5:48:23:15:88:05:d0:a1:b2:09:ba:f7:8e:
ea:61:40:ae:17:17:d5:9a:5f:d2:d0:18:ec:81:82:e1:6e:a4:
60:83:3c:f8:46:68:e4:76:7e:93:3e:44:af:ad:c3:17:13:e2:
91:9d:2f:bb:52:93:1e:74:2c:3d:a8:54:76:1c:ec:7b:cd:e6:
71:0d:12:b4:b0:f1:45:e7:55:24:c6:12:59:ec:00:b3:a4:68:
25:6b:70:c9:60:f7:b8:1b:02:29:9a:7e:cb:70:04:9e:0a:35:
6b:e6:79:3b:0d:cf:e2:07:ca:29:58:b8:50:2d:3f:54:af:7d:
a4:24:48:19:0f:95:98:e6:fa:5e:0a:fc:69:72:69:29:82:87:
1e:cd:8c:b7:25:6e:81:ee:62:39:6d:58:9e:63:d7:22:38:3b:
71:fc:c1:5c:4c:5f:f3:e6:db:d1:1c:57:a2:0e:e1:ca:a6:15:
f6:28:af:9a:c2:38:09:d2:c2:9e:6c:5d:af:e0:b6:a6:9a:c0:
c2:4a:4b:bc
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgIEDTLA2DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NmMyYTRiN2Q1ZDczYzViNTcwNDYyMjNiZjMwZWI2NTMwMDViMGUyMB4XDTIyMDIw
ODEwMDIwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDQ2NTM4ZGQ2YWNm
NTg2NGUxNDFhZGViYWI2NTUxNTkzYmRhZjQ4NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALkZa6HcVvGOT5jRxy8xw66J+Q8RmUSEbI+WipaFLghcHKFK
wl92kSgg2JC5NQsKzBgwmalqXXLRORZGu2/iaAruYjosYwszdXwYB9tj71nyiFVG
FYyfrZnFgHibPGXQ7Apc6boS0DdMMrJhrqOJpPOBfx/AMDOdYX4X3AqUtH9NKvcx
6GS/g0BR+dD+ygk5QZNBb2yywUQRDz0L4TneugHRQ4L2Idg2omQ6VoSoNyf0MyqO
qSX5s/B9TmSuY90rrWTXutnSDlNQgx9MZfyoeIQeztuUl3/simNx4TwzbjYLh0b0
cmfQg2bFfJz91jk0B6xV/C9VINEYqMvuHRHiRi8CAwEAAaOCAi0wggIpMB0GA1Ud
DgQWBBTUZTjdas9YZOFBreurZVFZO9r0hTAfBgNVHSMEGDAWgBQ2wqS31dc8W1cE
YiO/MOtlMAWw4jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05zS2t0OVhYUEZ0WEJHSWp2ekRyWlRBRnNPSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmMvOGRkODVhLWJmOGYtNDI1ZS1hMjRiLTJjY2VkYjk2NmE1OC8x
LzFHVTQzV3JQV0dUaFFhM3JxMlZSV1R2YTlJVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmMv
OGRkODVhLWJmOGYtNDI1ZS1hMjRiLTJjY2VkYjk2NmE1OC8xL05zS2t0OVhYUEZ0
WEJHSWp2ekRyWlRBRnNPSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBD
BggrBgEFBQcBBwEB/wQ0MDIwMAQCAAEwKgMEAC2CUwMEAS2HugMEAFkvDwMEALnA
RwMEALzUhwMEAMETbQMEAMsaUTANBgkqhkiG9w0BAQsFAAOCAQEAebRlPxsn5+IK
Fx6kh5HUMSs8BGqRKr+EEzDqgwImddE+KNbi6jch1Ex92dDjp6afc5QtG/2a3OUT
/IjlSCMViAXQobIJuveO6mFArhcX1Zpf0tAY7IGC4W6kYIM8+EZo5HZ+kz5Er63D
FxPikZ0vu1KTHnQsPahUdhzse83mcQ0StLDxRedVJMYSWewAs6RoJWtwyWD3uBsC
KZp+y3AEngo1a+Z5Ow3P4gfKKVi4UC0/VK99pCRIGQ+VmOb6Xgr8aXJpKYKHHs2M
tyVuge5iOW1YnmPXIjg7cfzBXExf8+bb0RxXog7hyqYV9iivmsI4CdLCnmxdr+C2
pprAwkpLvA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:53 2023 by rpki-client on console-ams.rpki-client.org