Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/A2sKqu-3zIbwymrb4SC_-c3mgwk.roa
File: A2sKqu-3zIbwymrb4SC_-c3mgwk.roa (raw, json)
Hash identifier: NHAl9W7LDtqphiNJd5nTp4bl5Z1nwA5q3pAB4SHb7Os=
Subject key identifier: 03:6B:0A:AA:EF:B7:CC:86:F0:CA:6A:DB:E1:20:BF:F9:CD:E6:83:09
Certificate issuer: /CN=d4e2971e5d8169c940af020db027bedad8991590
Certificate serial: 01870A31C6A92E3EA2AF919891409DC35F97
Authority key identifier: D4:E2:97:1E:5D:81:69:C9:40:AF:02:0D:B0:27:BE:DA:D8:99:15:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1OKXHl2BaclArwINsCe-2tiZFZA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/A2sKqu-3zIbwymrb4SC_-c3mgwk.roa
Signing time: Wed 22 Mar 2023 16:40:46 +0000
ROA not before: Wed 22 Mar 2023 16:40:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48294
IP address blocks: 185.124.0.0/22 maxlen: 22
185.70.32.0/22 maxlen: 22
91.132.128.0/22 maxlen: 22
185.126.160.0/22 maxlen: 22
85.9.192.0/18 maxlen: 24
45.86.222.0/23 maxlen: 23
45.91.36.0/22 maxlen: 22
84.252.104.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:0a:31:c6:a9:2e:3e:a2:af:91:98:91:40:9d:c3:5f:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4e2971e5d8169c940af020db027bedad8991590
Validity
Not Before: Mar 22 16:40:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=036b0aaaefb7cc86f0ca6adbe120bff9cde68309
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:15:28:e1:7a:6c:58:eb:02:41:27:19:29:99:
b9:3e:52:e3:ff:58:84:4d:33:be:b6:3e:6b:9b:97:
99:75:03:8e:7b:63:01:56:19:51:19:cb:2b:9c:df:
50:ba:60:7a:09:1d:11:43:6c:c2:94:a1:5b:8c:0c:
09:bf:13:f1:c7:26:27:bb:0a:5c:5f:b4:29:9a:d0:
07:99:6a:64:61:02:b2:73:45:ae:ff:d4:dc:08:61:
a7:06:21:48:b2:9b:24:de:b0:d8:36:0c:0d:a5:68:
ab:0d:fb:79:dc:9b:f7:9c:de:66:d5:d8:17:cf:c0:
1a:27:90:fd:9f:d4:9d:67:c6:36:9d:5e:da:05:ae:
ce:ca:39:3c:df:92:9e:f6:66:24:e3:a0:c9:3c:95:
f1:d1:6c:18:b1:22:b9:b0:01:f7:1a:92:1a:71:68:
32:d0:b6:51:f2:f7:9f:2e:5e:0c:c3:c2:91:ce:16:
e2:88:f3:ec:61:42:c6:55:15:9c:d9:50:ed:4d:31:
12:3d:0d:8a:88:c9:5a:6d:1b:67:c0:53:84:5d:4d:
c2:db:60:b0:9d:eb:a9:eb:2f:6c:60:72:f8:e2:85:
8d:5e:86:74:23:ee:fb:67:ae:e7:4f:8b:aa:f3:30:
51:46:61:e3:70:53:19:64:68:cf:cf:56:50:50:b0:
c6:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:6B:0A:AA:EF:B7:CC:86:F0:CA:6A:DB:E1:20:BF:F9:CD:E6:83:09
X509v3 Authority Key Identifier:
keyid:D4:E2:97:1E:5D:81:69:C9:40:AF:02:0D:B0:27:BE:DA:D8:99:15:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1OKXHl2BaclArwINsCe-2tiZFZA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/A2sKqu-3zIbwymrb4SC_-c3mgwk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.222.0/23
45.91.36.0/22
84.252.104.0/24
85.9.192.0/18
91.132.128.0/22
185.70.32.0/22
185.124.0.0/22
185.126.160.0/22
Signature Algorithm: sha256WithRSAEncryption
84:3a:7c:8e:e7:42:8a:87:37:2a:33:11:00:39:64:4a:0e:4d:
40:69:14:d9:86:80:b2:8f:06:37:24:5f:e6:8c:ba:e9:bd:4a:
b6:03:a2:ad:94:eb:cd:5a:a1:11:f6:14:cc:f4:6a:35:39:e4:
ba:54:d9:24:f4:c0:65:23:ea:7f:3d:0a:8c:70:54:1a:bc:55:
ef:1b:e4:48:4e:a5:d3:59:3d:7d:74:3c:93:52:5a:76:fd:2d:
03:8b:5d:6b:8b:c6:1a:54:4f:10:3d:ed:a2:49:82:e3:f0:ff:
17:6f:d0:b9:4c:58:f6:a3:25:d0:8e:e2:17:8b:a2:55:64:7a:
13:13:67:ba:45:64:4d:a0:f7:d9:11:36:82:b9:8a:00:7c:ba:
1b:0a:78:87:f8:a2:6f:97:1b:70:50:16:00:5f:8d:f3:57:38:
55:5b:e6:10:67:9b:3c:30:51:e7:47:f6:80:25:b8:0c:15:15:
5a:24:85:87:70:2a:9f:0e:91:93:57:59:3c:a2:8b:9d:89:f0:
06:3a:41:90:df:86:68:2d:0f:30:39:3a:ae:b2:db:25:26:a1:
3f:64:cb:a4:fa:25:cb:ee:eb:36:c1:68:ab:2c:97:18:84:1f:
24:6b:b9:1f:f5:2d:82:0a:7c:50:b8:1f:94:33:96:9b:ed:b5:
91:d8:2b:8f
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYcKMcapLj6ir5GYkUCdw1+XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0ZTI5NzFlNWQ4MTY5Yzk0MGFmMDIwZGIwMjdiZWRhZDg5
OTE1OTAwHhcNMjMwMzIyMTY0MDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzZiMGFhYWVmYjdjYzg2ZjBjYTZhZGJlMTIwYmZmOWNkZTY4MzA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqRUo4XpsWOsCQScZKZm5PlLj/1iE
TTO+tj5rm5eZdQOOe2MBVhlRGcsrnN9QumB6CR0RQ2zClKFbjAwJvxPxxyYnuwpc
X7QpmtAHmWpkYQKyc0Wu/9TcCGGnBiFIspsk3rDYNgwNpWirDft53Jv3nN5m1dgX
z8AaJ5D9n9SdZ8Y2nV7aBa7Oyjk835Ke9mYk46DJPJXx0WwYsSK5sAH3GpIacWgy
0LZR8vefLl4Mw8KRzhbiiPPsYULGVRWc2VDtTTESPQ2KiMlabRtnwFOEXU3C22Cw
neup6y9sYHL44oWNXoZ0I+77Z67nT4uq8zBRRmHjcFMZZGjPz1ZQULDGQQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFANrCqrvt8yG8Mpq2+Egv/nN5oMJMB8GA1UdIwQY
MBaAFNTilx5dgWnJQK8CDbAnvtrYmRWQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMU9LWEhsMkJhY2xBcndJTnNDZS0ydGlaRlpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80NzhhZWEtNmI5NC00OWEzLWFhN2Yt
MTg5NDkwZDYwZWE2LzEvQTJzS3F1LTN6SWJ3eW1yYjRTQ18tYzNtZ3drLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80NzhhZWEtNmI5NC00OWEzLWFhN2YtMTg5NDkwZDYwZWE2
LzEvMU9LWEhsMkJhY2xBcndJTnNDZS0ydGlaRlpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQBLVbeAwQC
LVskAwQAVPxoAwQGVQnAAwQCW4SAAwQCuUYgAwQCuXwAAwQCuX6gMA0GCSqGSIb3
DQEBCwUAA4IBAQCEOnyO50KKhzcqMxEAOWRKDk1AaRTZhoCyjwY3JF/mjLrpvUq2
A6KtlOvNWqER9hTM9Go1OeS6VNkk9MBlI+p/PQqMcFQavFXvG+RITqXTWT19dDyT
Ulp2/S0Di11ri8YaVE8QPe2iSYLj8P8Xb9C5TFj2oyXQjuIXi6JVZHoTE2e6RWRN
oPfZETaCuYoAfLobCniH+KJvlxtwUBYAX43zVzhVW+YQZ5s8MFHnR/aAJbgMFRVa
JIWHcCqfDpGTV1k8ooudifAGOkGQ34ZoLQ8wOTqustslJqE/ZMuk+iXL7us2wWir
LJcYhB8ka7kf9S2CCnxQuB+UM5ab7bWR2CuP
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:37:28 2025 by rpki-client