Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/Nd7Uzahg7hjN0sruzL8_rfudTGA.roa
File: Nd7Uzahg7hjN0sruzL8_rfudTGA.roa (raw, json)
Hash identifier: t09arAItqW036oHCR2tuiOToSfmlMvlIgyqvIybFvS8=
Subject key identifier: 35:DE:D4:CD:A8:60:EE:18:CD:D2:CA:EE:CC:BF:3F:AD:FB:9D:4C:60
Certificate issuer: /CN=32474ac7ca85e09c2d48b33e7bf66f8ed764de0f
Certificate serial: 07D6E4CB
Authority key identifier: 32:47:4A:C7:CA:85:E0:9C:2D:48:B3:3E:7B:F6:6F:8E:D7:64:DE:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/Nd7Uzahg7hjN0sruzL8_rfudTGA.roa
Signing time: Sat 01 Jan 2022 10:56:59 +0000
ROA not before: Sat 01 Jan 2022 10:56:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59741
IP address blocks: 185.73.240.0/24 maxlen: 24
185.73.241.0/24 maxlen: 24
45.141.54.0/24 maxlen: 24
45.141.52.0/22 maxlen: 24
2a05:4740::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 131523787 (0x7d6e4cb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=32474ac7ca85e09c2d48b33e7bf66f8ed764de0f
Validity
Not Before: Jan 1 10:56:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=35ded4cda860ee18cdd2caeeccbf3fadfb9d4c60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:64:69:4b:11:c3:3e:c4:32:11:8c:22:15:82:
3a:e2:8e:22:b2:a6:12:64:91:03:50:63:24:5d:b6:
b9:6b:d2:52:01:99:f1:71:f7:bb:51:2f:48:fb:a5:
14:86:90:94:ae:0b:2b:39:aa:3a:47:48:45:7b:bc:
23:f2:ba:a1:45:5a:68:9a:f4:43:e3:18:d1:0b:92:
91:50:b9:41:bf:62:25:e8:cb:3b:5a:e6:18:0e:5c:
19:2b:0d:a4:36:93:8a:5e:04:60:0b:77:f3:f4:8c:
45:b2:ea:d4:a1:15:c9:66:f2:af:8a:b4:7e:13:81:
67:ff:fa:57:08:38:b1:cd:ee:af:1a:8c:e5:cf:c8:
f7:ea:09:5f:bc:6f:10:e0:03:b3:12:50:e8:dd:94:
c3:e5:e9:67:cf:2c:03:90:81:d4:f3:09:81:79:ab:
16:de:47:f3:7a:bf:28:55:10:85:ea:4c:67:fc:cd:
77:94:1d:29:9d:89:9c:6d:e6:74:eb:6a:bf:65:82:
62:b9:4c:cf:58:84:5f:86:c5:ee:0c:9d:d8:26:f3:
c0:90:4e:aa:de:e6:91:af:e5:12:ac:47:83:ea:0a:
6b:01:a0:7a:db:db:f6:a7:8e:12:aa:be:9f:a3:3f:
8d:4e:a1:c4:f9:7b:68:1d:43:5a:8d:6c:af:65:ff:
1c:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:DE:D4:CD:A8:60:EE:18:CD:D2:CA:EE:CC:BF:3F:AD:FB:9D:4C:60
X509v3 Authority Key Identifier:
keyid:32:47:4A:C7:CA:85:E0:9C:2D:48:B3:3E:7B:F6:6F:8E:D7:64:DE:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/Nd7Uzahg7hjN0sruzL8_rfudTGA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.52.0/22
185.73.240.0/23
IPv6:
2a05:4740::/32
Signature Algorithm: sha256WithRSAEncryption
44:14:49:32:fc:7d:33:73:f5:86:6a:4d:81:ea:bd:6f:28:24:
74:e4:3d:94:ad:99:c6:18:e0:3a:f2:3e:c6:61:bb:b4:47:2b:
3b:1a:22:b4:7b:a1:c5:a1:0f:22:ee:2d:11:cb:38:61:f7:09:
2e:cb:46:fd:81:8d:35:b8:4e:2f:be:ed:1e:ba:b4:19:98:f7:
f8:93:16:78:c4:61:05:ea:88:0c:66:42:0f:cf:2c:7e:c1:fe:
7c:ba:f2:14:b6:a7:70:a8:54:67:5b:c0:96:8b:ec:08:88:7f:
43:0c:51:00:32:a6:21:ac:b7:a7:8d:e1:e1:62:7c:95:2e:85:
93:fa:21:4e:bc:6c:98:9b:56:8f:b1:d0:2f:0f:1f:9e:e4:01:
92:38:7b:59:7c:12:6e:70:5e:06:10:d7:68:66:66:78:2d:0d:
d6:91:fc:50:38:22:d5:78:ed:d7:48:ea:eb:83:d5:b9:47:c9:
53:0a:66:ab:54:a7:3a:47:fc:e1:52:9b:2a:3f:91:3e:a6:ad:
29:8f:3f:bf:b2:09:c8:5e:ce:5f:fb:70:6e:57:64:29:f7:ff:
bf:16:15:19:c4:26:1d:18:7e:35:5c:51:4c:c4:f2:f3:8c:20:
81:a0:3b:31:bd:8a:06:98:22:ba:24:b6:78:1c:da:49:1e:52:
66:58:9c:d2
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEB9bkyzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MjQ3NGFjN2NhODVlMDljMmQ0OGIzM2U3YmY2NmY4ZWQ3NjRkZTBmMB4XDTIyMDEw
MTEwNTY1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzVkZWQ0Y2RhODYw
ZWUxOGNkZDJjYWVlY2NiZjNmYWRmYjlkNGM2MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKdkaUsRwz7EMhGMIhWCOuKOIrKmEmSRA1BjJF22uWvSUgGZ
8XH3u1EvSPulFIaQlK4LKzmqOkdIRXu8I/K6oUVaaJr0Q+MY0QuSkVC5Qb9iJejL
O1rmGA5cGSsNpDaTil4EYAt38/SMRbLq1KEVyWbyr4q0fhOBZ//6Vwg4sc3urxqM
5c/I9+oJX7xvEOADsxJQ6N2Uw+XpZ88sA5CB1PMJgXmrFt5H83q/KFUQhepMZ/zN
d5QdKZ2JnG3mdOtqv2WCYrlMz1iEX4bF7gyd2CbzwJBOqt7mka/lEqxHg+oKawGg
etvb9qeOEqq+n6M/jU6hxPl7aB1DWo1sr2X/HDUCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBQ13tTNqGDuGM3Syu7Mvz+t+51MYDAfBgNVHSMEGDAWgBQyR0rHyoXgnC1I
sz579m+O12TeDzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01rZEt4OHFGNEp3dFNMTS1lX1p2anRkazNnOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmQvMWZkMGE2LTQ1MTctNGEwYi1iM2M5LTEyZWMyMmM5YzVhMi8x
L05kN1V6YWhnN2hqTjBzcnV6TDhfcmZ1ZFRHQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmQv
MWZkMGE2LTQ1MTctNGEwYi1iM2M5LTEyZWMyMmM5YzVhMi8xL01rZEt4OHFGNEp3
dFNMTS1lX1p2anRkazNnOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAi2NNAMEAblJ8DANBAIAAjAHAwUA
KgVHQDANBgkqhkiG9w0BAQsFAAOCAQEARBRJMvx9M3P1hmpNgeq9bygkdOQ9lK2Z
xhjgOvI+xmG7tEcrOxoitHuhxaEPIu4tEcs4YfcJLstG/YGNNbhOL77tHrq0GZj3
+JMWeMRhBeqIDGZCD88sfsH+fLryFLancKhUZ1vAlovsCIh/QwxRADKmIay3p43h
4WJ8lS6Fk/ohTrxsmJtWj7HQLw8fnuQBkjh7WXwSbnBeBhDXaGZmeC0N1pH8UDgi
1Xjt10jq64PVuUfJUwpmq1SnOkf84VKbKj+RPqatKY8/v7IJyF7OX/twbldkKff/
vxYVGcQmHRh+NVxRTMTy84wggaA7Mb2KBpgiuiS2eBzaSR5SZlic0g==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:59 2023 by rpki-client on console-ams.rpki-client.org