Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/UrW0xF6kTuFT9B3Bjcbv_JXVh3w.roa
File: UrW0xF6kTuFT9B3Bjcbv_JXVh3w.roa (raw, json)
Hash identifier: 2+uMzDFQiawd7TofdKdjFFSNHKX3q6FMOXEfAXUSoQQ=
Subject key identifier: 52:B5:B4:C4:5E:A4:4E:E1:53:F4:1D:C1:8D:C6:EF:FC:95:D5:87:7C
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01825E0CA54865DAEF4A32DCD6D5C905E097
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/UrW0xF6kTuFT9B3Bjcbv_JXVh3w.roa
Signing time: Tue 02 Aug 2022 10:14:23 +0000
ROA not before: Tue 02 Aug 2022 10:14:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 137409
IP address blocks: 194.5.83.0/24 maxlen: 24
45.8.70.0/24 maxlen: 24
194.5.82.0/24 maxlen: 24
45.130.202.0/23 maxlen: 24
45.133.6.0/24 maxlen: 24
45.133.5.0/24 maxlen: 24
45.133.7.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:5e:0c:a5:48:65:da:ef:4a:32:dc:d6:d5:c9:05:e0:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Aug 2 10:14:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=52b5b4c45ea44ee153f41dc18dc6effc95d5877c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:43:cf:e0:7a:bb:fb:f3:cd:35:a6:ea:3d:f4:
e4:15:b5:66:37:c9:a3:32:e4:d0:e0:22:03:63:a0:
f8:89:c7:1e:4f:fb:a9:a4:7e:ee:96:d2:c8:81:6a:
c8:31:bc:91:31:a0:3b:7e:51:6c:89:96:a2:a7:75:
91:e9:a8:b9:1e:20:94:48:b8:54:ed:80:59:77:35:
5d:56:3e:ed:d7:23:c3:4d:2d:56:9b:0a:71:c5:cc:
b4:48:eb:42:77:c8:7a:1e:0b:6f:7e:76:32:b3:a4:
d5:a1:0e:c2:67:fe:26:7e:09:73:20:43:34:6a:8d:
10:48:e0:d5:bf:5b:b5:f6:d4:9b:ce:cb:01:67:1b:
44:ab:9d:0e:54:c9:f9:0b:b3:f2:b0:3d:f3:ee:72:
51:53:2d:23:18:aa:54:cd:a1:55:36:41:4b:f6:7e:
01:25:e1:c5:ce:51:d9:6e:36:87:dc:d9:be:31:a2:
e5:5c:a9:be:1f:ac:a7:de:3d:3b:2b:8f:87:9d:3e:
d7:3c:a1:2a:76:e2:69:03:be:c8:a7:62:59:b2:c8:
a1:38:74:64:d9:a4:5f:8a:35:bb:94:08:35:c6:6e:
62:31:13:cd:fe:bc:40:66:64:15:fd:02:8a:df:29:
92:61:44:11:73:75:ef:3b:5f:f6:e9:d1:fc:8d:12:
56:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:B5:B4:C4:5E:A4:4E:E1:53:F4:1D:C1:8D:C6:EF:FC:95:D5:87:7C
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/UrW0xF6kTuFT9B3Bjcbv_JXVh3w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.70.0/24
45.130.202.0/23
45.133.5.0-45.133.7.255
194.5.82.0/23
Signature Algorithm: sha256WithRSAEncryption
96:8f:3b:a0:fa:94:db:5f:81:9c:74:40:a0:4e:52:c1:ef:ff:
29:5f:c4:89:ba:ee:73:d6:86:14:a5:67:83:74:74:6d:2b:3d:
b1:e9:d7:0e:24:5a:c1:71:fb:c9:88:35:1d:a4:a9:0d:a9:c7:
cc:4b:c9:4a:73:1e:e3:3f:66:ff:fa:51:c0:f9:fa:80:99:71:
f8:95:32:3b:48:a8:03:1a:bb:0b:9b:76:82:a1:64:67:47:02:
a0:28:0c:f5:39:e6:a2:ae:cd:b7:59:51:a7:78:16:c2:af:2a:
94:5a:57:23:22:c8:7f:e9:5d:b1:1e:8b:a1:d9:72:fb:35:e8:
ce:ef:5e:5d:76:05:1d:35:7a:2d:88:14:f7:75:04:fe:4d:1b:
34:b1:aa:66:4c:43:54:89:46:f7:a0:98:2b:e9:97:32:16:04:
0f:0b:c2:bf:cc:49:4c:2c:42:e7:2a:53:f6:04:ab:6f:39:4d:
b3:21:07:d3:bf:07:74:a4:3b:13:46:c2:db:4b:da:6e:bd:8a:
a1:b9:6e:e9:95:d8:c4:ef:5f:20:29:e9:6c:66:81:6e:40:80:
45:79:42:cc:7a:f3:af:ed:51:7c:59:83:f6:48:e9:f5:96:e3:
a3:d5:3b:a4:6c:28:35:30:d0:20:17:99:5a:d4:cd:43:82:eb:
6f:e7:d4:ea
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYJeDKVIZdrvSjLc1tXJBeCXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjIwODAyMTAxNDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmI1YjRjNDVlYTQ0ZWUxNTNmNDFkYzE4ZGM2ZWZmYzk1ZDU4NzdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkkPP4Hq7+/PNNabqPfTkFbVmN8mj
MuTQ4CIDY6D4icceT/uppH7ultLIgWrIMbyRMaA7flFsiZaip3WR6ai5HiCUSLhU
7YBZdzVdVj7t1yPDTS1Wmwpxxcy0SOtCd8h6HgtvfnYys6TVoQ7CZ/4mfglzIEM0
ao0QSODVv1u19tSbzssBZxtEq50OVMn5C7PysD3z7nJRUy0jGKpUzaFVNkFL9n4B
JeHFzlHZbjaH3Nm+MaLlXKm+H6yn3j07K4+HnT7XPKEqduJpA77Ip2JZssihOHRk
2aRfijW7lAg1xm5iMRPN/rxAZmQV/QKK3ymSYUQRc3XvO1/26dH8jRJWtQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFFK1tMRepE7hU/QdwY3G7/yV1Yd8MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvVXJXMHhGNmtUdUZUOUIzQmpjYnZfSlhWaDN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQALQhGAwQB
LYLKMAwDBAAthQUDBAMthQADBAHCBVIwDQYJKoZIhvcNAQELBQADggEBAJaPO6D6
lNtfgZx0QKBOUsHv/ylfxIm67nPWhhSlZ4N0dG0rPbHp1w4kWsFx+8mINR2kqQ2p
x8xLyUpzHuM/Zv/6UcD5+oCZcfiVMjtIqAMauwubdoKhZGdHAqAoDPU55qKuzbdZ
Uad4FsKvKpRaVyMiyH/pXbEei6HZcvs16M7vXl12BR01ei2IFPd1BP5NGzSxqmZM
Q1SJRvegmCvplzIWBA8Lwr/MSUwsQucqU/YEq285TbMhB9O/B3SkOxNGwttL2m69
iqG5bumV2MTvXyAp6WxmgW5AgEV5Qsx686/tUXxZg/ZI6fWW46PVO6RsKDUw0CAX
mVrUzUOC62/n1Oo=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:02 2023 by rpki-client on console-fra.rpki-client.org