Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/074z_bhDad2Xj73_2HpeLjZ2YRA.roa
File: 074z_bhDad2Xj73_2HpeLjZ2YRA.roa (raw, json)
Hash identifier: 5heaOK0WyQ2rmj1GhEqkMoIcFB1UANhtK/56Vm0NqVI=
Subject key identifier: D3:BE:33:FD:B8:43:69:DD:97:8F:BD:FF:D8:7A:5E:2E:36:76:61:10
Certificate issuer: /CN=d4e2971e5d8169c940af020db027bedad8991590
Certificate serial: 173DAF0A
Authority key identifier: D4:E2:97:1E:5D:81:69:C9:40:AF:02:0D:B0:27:BE:DA:D8:99:15:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1OKXHl2BaclArwINsCe-2tiZFZA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/074z_bhDad2Xj73_2HpeLjZ2YRA.roa
Signing time: Sun 20 Mar 2022 15:44:03 +0000
ROA not before: Sun 20 Mar 2022 15:44:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48294
IP address blocks: 185.124.0.0/22 maxlen: 22
185.70.32.0/22 maxlen: 22
91.132.128.0/22 maxlen: 22
185.126.160.0/22 maxlen: 22
45.86.222.0/23 maxlen: 23
45.91.36.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 389918474 (0x173daf0a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4e2971e5d8169c940af020db027bedad8991590
Validity
Not Before: Mar 20 15:44:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d3be33fdb84369dd978fbdffd87a5e2e36766110
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:bd:57:8b:75:28:1f:c4:19:ee:58:3e:37:d2:
b2:74:11:35:46:63:2d:93:ac:14:25:b9:d5:22:bd:
5d:e8:a0:32:38:90:1c:22:78:ed:fe:8a:1a:61:7a:
c8:a0:79:ae:d8:28:cc:b1:9c:5b:64:97:b9:ff:1b:
1e:16:12:06:e5:f8:0e:87:cb:46:b3:e5:92:fd:aa:
4d:c7:14:b1:d1:ad:c8:e5:c6:62:5e:70:da:71:bc:
05:5b:1b:6d:33:04:b1:10:40:5a:a3:d1:e3:cf:a0:
41:9e:c4:e9:6d:3c:14:b7:81:e9:97:da:bd:9f:62:
e0:b6:b5:27:5a:af:5f:36:28:d4:d2:31:fd:38:65:
e8:ca:5c:48:43:87:f2:31:6b:05:ec:fa:2f:8a:c6:
15:90:14:f1:6e:60:82:8d:ea:5e:dc:0e:bd:f6:3e:
94:f9:c1:9f:c3:ea:12:dc:ef:d8:90:98:47:db:52:
ca:45:70:ac:a4:99:50:7f:3c:3f:e6:7d:32:6f:ba:
ad:b8:fe:5e:7d:c9:9e:bf:bc:21:10:a2:a4:d2:0d:
07:a2:1f:81:ed:c1:5a:6d:6b:6f:0d:90:82:9a:5d:
bf:b0:fd:69:bc:3d:9f:9e:ea:0c:8b:d5:22:df:d4:
5a:f2:50:9b:8a:ac:1d:a3:54:15:dc:e0:86:66:c1:
e7:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:BE:33:FD:B8:43:69:DD:97:8F:BD:FF:D8:7A:5E:2E:36:76:61:10
X509v3 Authority Key Identifier:
keyid:D4:E2:97:1E:5D:81:69:C9:40:AF:02:0D:B0:27:BE:DA:D8:99:15:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1OKXHl2BaclArwINsCe-2tiZFZA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/074z_bhDad2Xj73_2HpeLjZ2YRA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.222.0/23
45.91.36.0/22
91.132.128.0/22
185.70.32.0/22
185.124.0.0/22
185.126.160.0/22
Signature Algorithm: sha256WithRSAEncryption
21:af:7b:94:ac:00:0c:ce:c3:83:ed:e8:cb:c5:1a:76:b1:9b:
40:00:c3:8f:cb:27:f3:9c:8d:22:71:8b:48:47:8e:24:89:c0:
0e:b3:f7:0d:fe:0a:04:95:ce:d9:77:4e:4f:1b:e8:fd:5c:7b:
30:e0:67:86:89:c6:a0:8d:52:5b:b2:d2:cd:95:b7:f6:87:16:
5e:bc:db:d1:a4:ff:f3:dc:a2:06:ea:c9:95:3b:6c:65:7d:c9:
e6:5b:08:76:11:a1:0c:f7:e7:d3:cf:48:e5:35:38:b0:df:a7:
d2:eb:20:2e:a2:46:21:28:9a:12:fc:ec:1b:32:92:12:74:b5:
95:51:11:13:97:71:32:b1:0a:90:1f:6e:6e:35:24:01:a6:7f:
76:9b:c2:7b:8a:51:13:c7:77:82:67:a4:5f:ef:13:d2:3c:af:
80:f2:e7:23:61:8a:92:d2:fd:6e:5b:9a:60:ca:1f:b6:95:95:
86:70:15:c1:b8:a1:cd:53:b9:f3:fd:90:c5:7d:25:d0:c3:b4:
bd:87:64:9a:a5:94:fe:c2:1e:ae:e6:3d:1e:e8:6c:e3:36:b0:
10:39:9d:f5:7c:65:7a:c1:9f:04:5a:be:e2:ca:8a:2b:8e:67:
7b:40:da:53:80:f7:48:77:85:2d:0e:35:65:46:6e:06:ee:35:
c0:f1:d7:4d
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIEFz2vCjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NGUyOTcxZTVkODE2OWM5NDBhZjAyMGRiMDI3YmVkYWQ4OTkxNTkwMB4XDTIyMDMy
MDE1NDQwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDNiZTMzZmRiODQz
NjlkZDk3OGZiZGZmZDg3YTVlMmUzNjc2NjExMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALq9V4t1KB/EGe5YPjfSsnQRNUZjLZOsFCW51SK9XeigMjiQ
HCJ47f6KGmF6yKB5rtgozLGcW2SXuf8bHhYSBuX4DofLRrPlkv2qTccUsdGtyOXG
Yl5w2nG8BVsbbTMEsRBAWqPR48+gQZ7E6W08FLeB6ZfavZ9i4La1J1qvXzYo1NIx
/Thl6MpcSEOH8jFrBez6L4rGFZAU8W5ggo3qXtwOvfY+lPnBn8PqEtzv2JCYR9tS
ykVwrKSZUH88P+Z9Mm+6rbj+Xn3Jnr+8IRCipNINB6Ifge3BWm1rbw2Qgppdv7D9
abw9n57qDIvVIt/UWvJQm4qsHaNUFdzghmbB588CAwEAAaOCAicwggIjMB0GA1Ud
DgQWBBTTvjP9uENp3ZePvf/Yel4uNnZhEDAfBgNVHSMEGDAWgBTU4pceXYFpyUCv
Ag2wJ77a2JkVkDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFPS1hIbDJCYWNsQXJ3SU5zQ2UtMnRpWkZaQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzAvNDc4YWVhLTZiOTQtNDlhMy1hYTdmLTE4OTQ5MGQ2MGVhNi8x
LzA3NHpfYmhEYWQyWGo3M18ySHBlTGpaMllSQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzAv
NDc4YWVhLTZiOTQtNDlhMy1hYTdmLTE4OTQ5MGQ2MGVhNi8xLzFPS1hIbDJCYWNs
QXJ3SU5zQ2UtMnRpWkZaQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9
BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEAS1W3gMEAi1bJAMEAluEgAMEArlG
IAMEArl8AAMEArl+oDANBgkqhkiG9w0BAQsFAAOCAQEAIa97lKwADM7Dg+3oy8Ua
drGbQADDj8sn85yNInGLSEeOJInADrP3Df4KBJXO2XdOTxvo/Vx7MOBnhonGoI1S
W7LSzZW39ocWXrzb0aT/89yiBurJlTtsZX3J5lsIdhGhDPfn089I5TU4sN+n0usg
LqJGISiaEvzsGzKSEnS1lVERE5dxMrEKkB9ubjUkAaZ/dpvCe4pRE8d3gmekX+8T
0jyvgPLnI2GKktL9bluaYMoftpWVhnAVwbihzVO58/2QxX0l0MO0vYdkmqWU/sIe
ruY9Huhs4zawEDmd9XxlesGfBFq+4sqKK45ne0DaU4D3SHeFLQ41ZUZuBu41wPHX
TQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:09 2023 by rpki-client on console-ams.rpki-client.org