Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/ueHyqVsKv4IdVBGv74lTw91YKUk.roa
File: ueHyqVsKv4IdVBGv74lTw91YKUk.roa (raw, json)
Hash identifier: CmlSwS/yLUB1v9x30j51bNAqAGNnZhwknVZvCdnGX8U=
Subject key identifier: B9:E1:F2:A9:5B:0A:BF:82:1D:54:11:AF:EF:89:53:C3:DD:58:29:49
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0D159DD1
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/ueHyqVsKv4IdVBGv74lTw91YKUk.roa
Signing time: Tue 25 Jan 2022 11:58:08 +0000
ROA not before: Tue 25 Jan 2022 11:58:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206092
IP address blocks: 45.130.83.0/24 maxlen: 24
203.26.81.0/24 maxlen: 24
185.192.71.0/24 maxlen: 24
188.212.135.0/24 maxlen: 24
89.47.15.0/24 maxlen: 24
45.135.186.0/24 maxlen: 24
45.135.187.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 219520465 (0xd159dd1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 25 11:58:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b9e1f2a95b0abf821d5411afef8953c3dd582949
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:5c:bb:e5:1d:6e:ec:08:7e:f0:1c:af:e9:41:
bc:c6:31:1a:c0:7a:0e:f1:80:c0:a8:12:a3:ed:7b:
6a:2a:8d:1e:30:13:6c:0f:d8:df:97:c3:2b:a8:58:
e8:1e:5d:76:1e:fb:50:63:8d:14:22:6f:6f:8f:a7:
7d:80:d7:bb:45:52:65:f8:28:38:d9:99:b9:0d:d4:
4d:21:e0:42:78:36:3a:fb:d5:0d:81:70:d3:68:66:
40:49:ef:e8:f8:0f:03:d1:df:8e:ce:da:70:ed:62:
a1:ca:32:17:e9:38:20:bd:26:7b:39:e5:d8:58:7c:
4d:52:11:fc:0f:48:12:a6:16:61:11:d2:45:e0:79:
c0:02:96:9c:54:28:26:23:46:86:06:30:94:5f:5d:
56:9f:48:72:05:ce:15:4d:7e:46:1b:05:70:6c:dd:
3a:3e:1b:33:17:fd:43:e2:64:4e:78:67:fb:59:bd:
0d:45:a9:94:f6:b6:bd:e0:af:fa:1e:91:78:35:9a:
a6:55:55:5f:62:00:50:16:23:96:71:9f:d5:09:76:
f4:45:04:be:30:a5:17:7f:35:1f:e8:5a:a8:8e:a2:
36:2b:8d:fc:6d:c1:c3:aa:f7:29:89:58:23:d3:e1:
73:1f:b9:f6:51:ec:33:cb:98:18:00:67:8c:b1:9a:
25:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:E1:F2:A9:5B:0A:BF:82:1D:54:11:AF:EF:89:53:C3:DD:58:29:49
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/ueHyqVsKv4IdVBGv74lTw91YKUk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.130.83.0/24
45.135.186.0/23
89.47.15.0/24
185.192.71.0/24
188.212.135.0/24
203.26.81.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:c0:da:6e:16:62:7a:b8:28:24:6a:37:54:0f:0d:00:f6:98:
73:97:df:c7:09:ba:4d:8d:31:76:9c:7e:1d:1e:b7:5c:63:e1:
c1:d9:cc:8e:f1:dd:5e:60:5f:f0:8a:37:65:8c:db:c0:ba:73:
ae:16:fc:3e:24:cd:48:8f:1f:66:dc:d1:4b:61:4c:f8:45:09:
eb:d6:a8:cb:a6:ae:1e:f5:e6:98:15:b1:6f:9c:19:43:2e:7a:
66:b1:a6:dc:1f:a9:18:ca:c7:31:a9:71:37:f8:ed:19:5e:76:
dd:c1:02:18:49:cb:09:bb:dd:d2:45:b7:b9:af:44:5b:38:89:
c8:5b:be:45:b5:d5:2b:90:76:b8:e2:e9:72:b7:99:8e:2b:8d:
e8:12:35:c8:48:49:b0:61:de:52:42:c4:88:4e:dd:5b:13:e5:
00:89:10:24:48:10:26:86:42:23:90:04:ad:4f:b1:11:a9:cf:
38:a9:ae:02:99:98:9c:bb:14:fa:d5:a7:6a:b9:74:3b:bb:e0:
cc:4e:e7:9e:54:6d:67:c9:8b:69:b1:32:20:78:83:10:56:68:
c4:89:04:1d:5f:0c:b5:00:ea:97:41:d3:64:e0:61:c5:60:07:
32:fa:1a:17:cb:44:93:00:d7:ef:ed:be:00:e8:aa:4e:64:76:
c6:de:34:58
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIEDRWd0TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NmMyYTRiN2Q1ZDczYzViNTcwNDYyMjNiZjMwZWI2NTMwMDViMGUyMB4XDTIyMDEy
NTExNTgwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjllMWYyYTk1YjBh
YmY4MjFkNTQxMWFmZWY4OTUzYzNkZDU4Mjk0OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOJcu+UdbuwIfvAcr+lBvMYxGsB6DvGAwKgSo+17aiqNHjAT
bA/Y35fDK6hY6B5ddh77UGONFCJvb4+nfYDXu0VSZfgoONmZuQ3UTSHgQng2OvvV
DYFw02hmQEnv6PgPA9Hfjs7acO1iocoyF+k4IL0meznl2Fh8TVIR/A9IEqYWYRHS
ReB5wAKWnFQoJiNGhgYwlF9dVp9IcgXOFU1+RhsFcGzdOj4bMxf9Q+JkTnhn+1m9
DUWplPa2veCv+h6ReDWaplVVX2IAUBYjlnGf1Ql29EUEvjClF381H+haqI6iNiuN
/G3Bw6r3KYlYI9Phcx+59lHsM8uYGABnjLGaJdcCAwEAAaOCAicwggIjMB0GA1Ud
DgQWBBS54fKpWwq/gh1UEa/viVPD3VgpSTAfBgNVHSMEGDAWgBQ2wqS31dc8W1cE
YiO/MOtlMAWw4jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05zS2t0OVhYUEZ0WEJHSWp2ekRyWlRBRnNPSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmMvOGRkODVhLWJmOGYtNDI1ZS1hMjRiLTJjY2VkYjk2NmE1OC8x
L3VlSHlxVnNLdjRJZFZCR3Y3NGxUdzkxWUtVay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmMv
OGRkODVhLWJmOGYtNDI1ZS1hMjRiLTJjY2VkYjk2NmE1OC8xL05zS2t0OVhYUEZ0
WEJHSWp2ekRyWlRBRnNPSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9
BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEAC2CUwMEAS2HugMEAFkvDwMEALnA
RwMEALzUhwMEAMsaUTANBgkqhkiG9w0BAQsFAAOCAQEAKsDabhZiergoJGo3VA8N
APaYc5ffxwm6TY0xdpx+HR63XGPhwdnMjvHdXmBf8Io3ZYzbwLpzrhb8PiTNSI8f
ZtzRS2FM+EUJ69aoy6auHvXmmBWxb5wZQy56ZrGm3B+pGMrHMalxN/jtGV523cEC
GEnLCbvd0kW3ua9EWziJyFu+RbXVK5B2uOLpcreZjiuN6BI1yEhJsGHeUkLEiE7d
WxPlAIkQJEgQJoZCI5AErU+xEanPOKmuApmYnLsU+tWnarl0O7vgzE7nnlRtZ8mL
abEyIHiDEFZoxIkEHV8MtQDql0HTZOBhxWAHMvoaF8tEkwDX7+2+AOiqTmR2xt40
WA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:57 2023 by rpki-client on console-ams.rpki-client.org