Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/h-SmLsgMxJEm3CoHzEnWv15Q_Vw.roa
File: h-SmLsgMxJEm3CoHzEnWv15Q_Vw.roa (raw, json)
Hash identifier: 0BgZ9Dgvnw76uxEeauNbb2n+A/YxFPA/PA78dFSo9rg=
Subject key identifier: 87:E4:A6:2E:C8:0C:C4:91:26:DC:2A:07:CC:49:D6:BF:5E:50:FD:5C
Certificate issuer: /CN=d4e2971e5d8169c940af020db027bedad8991590
Certificate serial: 0183EA905837567375BE9C5764A1133552C6
Authority key identifier: D4:E2:97:1E:5D:81:69:C9:40:AF:02:0D:B0:27:BE:DA:D8:99:15:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1OKXHl2BaclArwINsCe-2tiZFZA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/h-SmLsgMxJEm3CoHzEnWv15Q_Vw.roa
Signing time: Tue 18 Oct 2022 10:07:51 +0000
ROA not before: Tue 18 Oct 2022 10:07:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48294
IP address blocks: 185.124.0.0/22 maxlen: 22
185.70.32.0/22 maxlen: 22
91.132.128.0/22 maxlen: 22
185.126.160.0/22 maxlen: 22
85.9.192.0/18 maxlen: 18
45.86.222.0/23 maxlen: 23
45.91.36.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:ea:90:58:37:56:73:75:be:9c:57:64:a1:13:35:52:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4e2971e5d8169c940af020db027bedad8991590
Validity
Not Before: Oct 18 10:07:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=87e4a62ec80cc49126dc2a07cc49d6bf5e50fd5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:24:91:d3:a2:2e:67:de:24:49:bd:0b:a2:29:
07:55:c5:c1:32:f6:18:95:4d:f4:08:81:84:b1:f5:
1c:17:65:6c:b2:c6:d0:6f:c9:c9:27:cd:27:c1:1f:
36:86:71:d3:76:f9:13:94:2c:71:2f:39:3a:b7:e4:
9e:fc:76:57:bd:ae:df:a5:c0:7f:79:2a:8c:c8:88:
67:ba:08:d5:54:5f:7c:8f:3d:61:d9:0c:04:31:7e:
40:2d:89:21:fa:bb:c0:c2:22:49:33:4d:9f:ee:fe:
d9:06:94:f5:71:01:37:74:ab:78:39:d5:b5:f0:fe:
9b:d6:46:1d:bc:d2:36:e9:2f:d8:e9:9a:9d:2c:27:
b4:fa:fe:9c:8c:64:c7:10:df:9e:87:2a:69:d3:76:
09:87:f9:1c:33:4d:f5:3b:13:61:a6:01:33:4a:b9:
2f:55:f5:5c:e0:d2:b8:a4:f9:e3:25:aa:15:c1:58:
60:c4:2f:7f:31:f5:e1:2a:59:c7:62:63:b4:7b:b4:
4d:cf:18:c3:ed:92:f3:1b:ea:9a:08:9f:fc:57:28:
5c:e9:81:7d:20:e7:90:2a:23:35:68:95:54:4d:e7:
00:08:01:06:d8:85:7d:68:3b:a4:8b:de:d0:6d:30:
9c:34:28:b1:c6:e9:1f:f6:a1:1e:f6:62:25:b6:d3:
5a:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:E4:A6:2E:C8:0C:C4:91:26:DC:2A:07:CC:49:D6:BF:5E:50:FD:5C
X509v3 Authority Key Identifier:
keyid:D4:E2:97:1E:5D:81:69:C9:40:AF:02:0D:B0:27:BE:DA:D8:99:15:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1OKXHl2BaclArwINsCe-2tiZFZA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/h-SmLsgMxJEm3CoHzEnWv15Q_Vw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/478aea-6b94-49a3-aa7f-189490d60ea6/1/1OKXHl2BaclArwINsCe-2tiZFZA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.222.0/23
45.91.36.0/22
85.9.192.0/18
91.132.128.0/22
185.70.32.0/22
185.124.0.0/22
185.126.160.0/22
Signature Algorithm: sha256WithRSAEncryption
66:51:5d:bf:87:b1:7e:f5:d1:a2:14:de:9f:f2:45:3d:d8:8e:
85:6a:3a:58:f1:3a:a0:df:c9:4f:98:92:b1:16:4b:9a:9a:7e:
12:8a:89:64:27:e0:20:a9:bb:61:27:a4:ed:77:72:3a:33:53:
9d:c7:71:41:17:0a:67:66:9b:b5:b2:fb:69:f2:60:df:1f:e5:
e7:49:14:4b:fa:3c:62:46:ba:da:46:62:08:95:ac:f3:47:4d:
bc:c8:05:e1:05:a9:a0:7a:c3:3e:9a:68:6d:4c:da:e0:14:ae:
5c:6d:d1:a4:e1:b0:c6:0c:cd:cd:63:f6:46:64:72:60:8e:03:
54:4a:5f:ac:72:08:c5:7f:f1:9b:3f:37:27:ba:4c:42:e9:9a:
a4:68:38:c0:a8:e2:44:67:af:c9:12:dc:ac:5b:7d:c4:67:4d:
b4:f2:6c:33:a5:08:01:4f:79:7e:df:9a:e4:70:b6:bd:d4:f4:
22:dd:f0:fc:02:af:c6:b8:e6:f6:39:94:c0:4f:18:f1:22:50:
59:ff:48:3e:9a:90:5b:ee:9d:ff:d3:96:44:6f:77:7b:bd:95:
4b:2f:67:cd:7e:42:22:dc:1c:1b:b9:49:26:b3:20:33:f6:56:
33:ed:57:2d:76:db:de:32:54:c5:e6:7a:de:f5:e7:e8:fd:13:
10:88:27:99
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYPqkFg3VnN1vpxXZKETNVLGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0ZTI5NzFlNWQ4MTY5Yzk0MGFmMDIwZGIwMjdiZWRhZDg5
OTE1OTAwHhcNMjIxMDE4MTAwNzUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2U0YTYyZWM4MGNjNDkxMjZkYzJhMDdjYzQ5ZDZiZjVlNTBmZDVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsCSR06IuZ94kSb0LoikHVcXBMvYY
lU30CIGEsfUcF2VsssbQb8nJJ80nwR82hnHTdvkTlCxxLzk6t+Se/HZXva7fpcB/
eSqMyIhnugjVVF98jz1h2QwEMX5ALYkh+rvAwiJJM02f7v7ZBpT1cQE3dKt4OdW1
8P6b1kYdvNI26S/Y6ZqdLCe0+v6cjGTHEN+ehypp03YJh/kcM031OxNhpgEzSrkv
VfVc4NK4pPnjJaoVwVhgxC9/MfXhKlnHYmO0e7RNzxjD7ZLzG+qaCJ/8Vyhc6YF9
IOeQKiM1aJVUTecACAEG2IV9aDuki97QbTCcNCixxukf9qEe9mIlttNaYQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFIfkpi7IDMSRJtwqB8xJ1r9eUP1cMB8GA1UdIwQY
MBaAFNTilx5dgWnJQK8CDbAnvtrYmRWQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMU9LWEhsMkJhY2xBcndJTnNDZS0ydGlaRlpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80NzhhZWEtNmI5NC00OWEzLWFhN2Yt
MTg5NDkwZDYwZWE2LzEvaC1TbUxzZ014SkVtM0NvSHpFbld2MTVRX1Z3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80NzhhZWEtNmI5NC00OWEzLWFhN2YtMTg5NDkwZDYwZWE2
LzEvMU9LWEhsMkJhY2xBcndJTnNDZS0ydGlaRlpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBLVbeAwQC
LVskAwQGVQnAAwQCW4SAAwQCuUYgAwQCuXwAAwQCuX6gMA0GCSqGSIb3DQEBCwUA
A4IBAQBmUV2/h7F+9dGiFN6f8kU92I6FajpY8Tqg38lPmJKxFkuamn4SiolkJ+Ag
qbthJ6Ttd3I6M1Odx3FBFwpnZpu1svtp8mDfH+XnSRRL+jxiRrraRmIIlazzR028
yAXhBamgesM+mmhtTNrgFK5cbdGk4bDGDM3NY/ZGZHJgjgNUSl+scgjFf/GbPzcn
ukxC6ZqkaDjAqOJEZ6/JEtysW33EZ0208mwzpQgBT3l+35rkcLa91PQi3fD8Aq/G
uOb2OZTATxjxIlBZ/0g+mpBb7p3/05ZEb3d7vZVLL2fNfkIi3BwbuUkmsyAz9lYz
7VctdtveMlTF5nre9efo/RMQiCeZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:21 2024 by rpki-client on console-fra.rpki-client.org