Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/uoYIjIj4X-OFFHmNJK58KLIRN_U.roa
File: uoYIjIj4X-OFFHmNJK58KLIRN_U.roa (raw, json)
Hash identifier: fS/sT6s/jP/pMKbnr33RggY5k5CKMZb4hCy91WZYtMw=
Subject key identifier: BA:86:08:8C:88:F8:5F:E3:85:14:79:8D:24:AE:7C:28:B2:11:37:F5
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0185027D8CFC6076C06BB55B11ACFE6A0AED
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/uoYIjIj4X-OFFHmNJK58KLIRN_U.roa
Signing time: Sun 11 Dec 2022 18:41:00 +0000
ROA not before: Sun 11 Dec 2022 18:41:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210636
IP address blocks: 91.190.106.0/24 maxlen: 24
185.241.211.0/24 maxlen: 24
45.83.30.0/23 maxlen: 23
45.80.156.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:02:7d:8c:fc:60:76:c0:6b:b5:5b:11:ac:fe:6a:0a:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Dec 11 18:41:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ba86088c88f85fe38514798d24ae7c28b21137f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:08:4b:a3:76:66:c2:34:28:b7:76:a9:ff:10:
95:39:87:69:92:c4:e6:fa:d4:a0:07:3d:86:47:5f:
b2:7d:35:c1:02:80:aa:d3:03:8d:01:d0:f3:07:f3:
ae:74:a4:64:7c:fa:7a:21:d2:71:54:39:09:10:64:
0f:af:ef:2c:d3:b1:32:8c:0b:0e:17:ff:76:0a:1f:
ee:04:11:4c:4c:c4:32:ab:ad:f7:11:68:c0:f3:73:
f2:54:05:47:7a:14:a9:9b:82:90:66:20:d0:8e:e6:
f0:d0:58:37:fa:ca:7f:ca:2d:c8:65:ae:3c:61:6a:
6f:63:34:1a:ec:f0:0f:41:71:62:a4:d8:be:2e:cf:
80:79:23:7e:68:16:11:ae:4b:29:bf:ed:b1:57:4e:
a7:1c:f8:03:63:7e:7c:22:fd:56:b5:bb:47:49:21:
08:68:7e:a5:d5:0d:f0:77:a3:fe:b0:3c:ae:02:10:
39:4d:ff:36:7f:bc:5c:2c:5b:f8:9d:91:38:66:7b:
9b:b0:ad:70:a9:84:da:f9:bc:06:8b:98:fe:bf:87:
14:5c:c3:b4:b1:da:56:a3:78:60:02:e2:f6:38:b3:
31:19:a9:b3:63:1b:44:f6:e4:c4:45:39:96:a3:56:
5a:ef:06:55:3e:55:ee:59:90:3f:a6:95:c8:ab:1c:
7d:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:86:08:8C:88:F8:5F:E3:85:14:79:8D:24:AE:7C:28:B2:11:37:F5
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/uoYIjIj4X-OFFHmNJK58KLIRN_U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.80.156.0/24
45.83.30.0/23
91.190.106.0/24
185.241.211.0/24
Signature Algorithm: sha256WithRSAEncryption
89:3b:f2:d6:7a:75:d2:9e:43:61:09:50:3f:fb:e0:65:5d:d3:
18:c4:6c:06:78:03:86:be:57:cd:37:1f:14:8a:74:88:21:a2:
5a:e7:16:2f:4c:73:dd:65:05:2a:b4:8b:00:5e:65:3a:82:06:
25:ad:7e:0c:f5:91:8f:a0:3a:18:23:01:35:93:a6:c2:61:64:
b6:c8:83:ba:79:4e:00:b3:14:eb:f6:a6:5e:64:9e:8c:a7:50:
17:d8:be:37:5c:31:9a:6a:5b:e0:4a:93:bd:7b:22:94:15:f8:
0f:c3:8c:f8:7f:22:37:29:5e:27:0e:ab:53:76:4d:b1:d0:76:
04:34:df:f2:cb:0d:d8:4c:ad:9d:07:d2:07:b6:b3:c6:dd:52:
94:53:64:25:4a:59:59:83:64:9d:d9:d6:57:40:ac:56:80:53:
8a:76:92:d4:4a:bf:38:17:65:46:44:24:59:94:0c:b4:dc:77:
02:5f:c4:10:8a:64:30:6b:53:ed:d5:76:b5:4f:6e:52:b3:55:
0b:2e:82:d8:0c:84:c1:d2:29:ce:9f:00:1e:f6:0c:f8:16:69:
d4:2e:b3:8e:57:44:51:2e:aa:46:4e:90:67:1e:d4:4f:9a:ca:
cc:c7:91:f9:b7:74:b6:65:ab:4f:00:9a:4a:ce:84:3c:2f:12:
0a:4d:6a:33
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYUCfYz8YHbAa7VbEaz+agrtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjIxMjExMTg0MTAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTg2MDg4Yzg4Zjg1ZmUzODUxNDc5OGQyNGFlN2MyOGIyMTEzN2Y1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtAhLo3ZmwjQot3ap/xCVOYdpksTm
+tSgBz2GR1+yfTXBAoCq0wONAdDzB/OudKRkfPp6IdJxVDkJEGQPr+8s07EyjAsO
F/92Ch/uBBFMTMQyq633EWjA83PyVAVHehSpm4KQZiDQjubw0Fg3+sp/yi3IZa48
YWpvYzQa7PAPQXFipNi+Ls+AeSN+aBYRrkspv+2xV06nHPgDY358Iv1WtbtHSSEI
aH6l1Q3wd6P+sDyuAhA5Tf82f7xcLFv4nZE4ZnubsK1wqYTa+bwGi5j+v4cUXMO0
sdpWo3hgAuL2OLMxGamzYxtE9uTERTmWo1Za7wZVPlXuWZA/ppXIqxx9kwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLqGCIyI+F/jhRR5jSSufCiyETf1MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvdW9ZSWpJajRYLU9GRkhtTkpLNThLTElSTl9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALVCcAwQB
LVMeAwQAW75qAwQAufHTMA0GCSqGSIb3DQEBCwUAA4IBAQCJO/LWenXSnkNhCVA/
++BlXdMYxGwGeAOGvlfNNx8UinSIIaJa5xYvTHPdZQUqtIsAXmU6ggYlrX4M9ZGP
oDoYIwE1k6bCYWS2yIO6eU4AsxTr9qZeZJ6Mp1AX2L43XDGaalvgSpO9eyKUFfgP
w4z4fyI3KV4nDqtTdk2x0HYENN/yyw3YTK2dB9IHtrPG3VKUU2QlSllZg2Sd2dZX
QKxWgFOKdpLUSr84F2VGRCRZlAy03HcCX8QQimQwa1Pt1Xa1T25Ss1ULLoLYDITB
0inOnwAe9gz4FmnULrOOV0RRLqpGTpBnHtRPmsrMx5H5t3S2ZatPAJpKzoQ8LxIK
TWoz
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:03 2023 by rpki-client on console-fra.rpki-client.org