Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/82e2ba-442c-42b0-9315-bc0dba932b35/1/PRF4hDtRzIp1hcN4rd5yoZfTa98.roa
File: PRF4hDtRzIp1hcN4rd5yoZfTa98.roa (raw, json)
Hash identifier: uiNBeIBtXSb0Afxq88tdlfGwLQRGBbQz8es1r2tzIik=
Subject key identifier: 3D:11:78:84:3B:51:CC:8A:75:85:C3:78:AD:DE:72:A1:97:D3:6B:DF
Certificate issuer: /CN=44e888a76e99851b01fb86cec537d4d8e610de16
Certificate serial: 0646811C
Authority key identifier: 44:E8:88:A7:6E:99:85:1B:01:FB:86:CE:C5:37:D4:D8:E6:10:DE:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ROiIp26ZhRsB-4bOxTfU2OYQ3hY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/82e2ba-442c-42b0-9315-bc0dba932b35/1/PRF4hDtRzIp1hcN4rd5yoZfTa98.roa
Signing time: Sat 01 Jan 2022 08:02:09 +0000
ROA not before: Sat 01 Jan 2022 08:02:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48095
IP address blocks: 193.228.12.0/22 maxlen: 22
194.76.32.0/22 maxlen: 22
91.132.248.0/23 maxlen: 23
91.132.250.0/23 maxlen: 23
109.196.168.0/23 maxlen: 23
109.196.170.0/23 maxlen: 23
185.245.245.0/24 maxlen: 24
192.144.24.0/23 maxlen: 23
91.197.36.0/22 maxlen: 22
192.144.26.0/23 maxlen: 23
185.249.0.0/22 maxlen: 22
193.39.88.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 105283868 (0x646811c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44e888a76e99851b01fb86cec537d4d8e610de16
Validity
Not Before: Jan 1 08:02:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3d1178843b51cc8a7585c378adde72a197d36bdf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:e6:3e:3d:5b:55:1c:0c:16:1d:15:29:e0:de:
c6:36:69:71:e1:98:23:98:04:2b:e2:86:a2:c7:e7:
6b:86:a4:dd:c5:8a:0b:6f:94:f6:63:8b:6a:c2:b9:
49:7b:ad:48:a2:a9:fa:ca:7a:c9:ba:f1:7a:aa:7b:
07:f8:19:f6:dc:e1:d1:eb:ab:63:19:93:9d:c3:4d:
9e:1e:31:dc:7e:cc:8a:58:4b:59:be:cb:06:16:bd:
e0:71:d8:92:a8:6b:74:0e:59:fc:c3:3f:9c:44:f5:
59:3e:3d:2d:d5:14:aa:f1:d4:27:48:b5:dc:1c:21:
0e:4f:c9:92:b1:e0:3e:5a:4d:07:c0:44:86:db:34:
67:ab:a4:24:3e:9e:e5:1b:12:74:ab:3e:c7:9a:4c:
da:80:66:24:51:6f:d3:4b:a5:18:98:94:2a:9a:6a:
07:7b:f1:8f:d0:18:2d:54:7a:52:62:96:d3:3f:12:
47:a7:d7:85:85:c9:33:c7:f9:65:e0:07:a0:dc:ab:
e9:3a:a0:0f:f7:19:a9:da:f5:ff:77:60:2c:d3:12:
63:f0:7f:91:99:fc:ad:e9:3d:ec:b3:1a:83:4f:bd:
c2:94:b1:a1:02:62:ae:69:6f:19:b4:d7:75:b2:44:
9b:ed:27:c7:13:eb:e6:cc:f6:3a:dd:a8:58:4e:19:
1a:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:11:78:84:3B:51:CC:8A:75:85:C3:78:AD:DE:72:A1:97:D3:6B:DF
X509v3 Authority Key Identifier:
keyid:44:E8:88:A7:6E:99:85:1B:01:FB:86:CE:C5:37:D4:D8:E6:10:DE:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ROiIp26ZhRsB-4bOxTfU2OYQ3hY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/82e2ba-442c-42b0-9315-bc0dba932b35/1/PRF4hDtRzIp1hcN4rd5yoZfTa98.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/82e2ba-442c-42b0-9315-bc0dba932b35/1/ROiIp26ZhRsB-4bOxTfU2OYQ3hY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.132.248.0/22
91.197.36.0/22
109.196.168.0/22
185.245.245.0/24
185.249.0.0/22
192.144.24.0/22
193.39.88.0/22
193.228.12.0/22
194.76.32.0/22
Signature Algorithm: sha256WithRSAEncryption
0d:9b:78:76:d0:84:2f:12:cc:22:c5:ba:44:15:3d:8d:89:d3:
62:42:a3:83:cf:b0:e8:15:b9:e6:37:b6:cd:2e:ec:57:6d:84:
aa:21:f7:4c:17:c8:d8:15:fb:d5:93:38:f2:ff:75:a0:2e:f8:
10:96:5f:e1:a3:5d:45:43:21:1c:19:a7:10:9d:0c:47:57:72:
1c:71:07:6f:65:da:9d:99:6f:c4:36:f3:83:2e:41:2c:80:22:
52:fd:63:bb:20:49:d8:72:27:36:ce:16:54:f1:ca:a7:94:95:
61:70:ef:59:dc:dd:a5:33:41:eb:35:aa:cf:3d:36:cd:54:98:
91:12:e8:76:65:4f:78:62:71:8d:ad:dc:a2:6b:2d:51:52:36:
04:4b:75:f9:fb:65:4f:97:13:64:4f:5c:e1:79:58:04:09:31:
ce:da:1b:f9:4e:1a:33:a7:fc:02:32:21:b3:fd:bf:c1:c3:22:
b9:70:1a:41:eb:3c:db:a1:d9:8b:0c:04:6d:58:54:38:ee:55:
da:60:6b:5c:c7:0a:03:e5:83:57:5b:eb:3c:62:21:2e:68:30:
8a:a6:a2:1d:f1:42:a5:43:13:e3:04:e4:77:07:4e:d8:fd:4c:
1a:02:14:12:d3:ec:df:3d:6f:bd:b2:a5:8b:d7:3e:c9:c6:b3:
28:e8:ef:02
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgIEBkaBHDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
NGU4ODhhNzZlOTk4NTFiMDFmYjg2Y2VjNTM3ZDRkOGU2MTBkZTE2MB4XDTIyMDEw
MTA4MDIwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2QxMTc4ODQzYjUx
Y2M4YTc1ODVjMzc4YWRkZTcyYTE5N2QzNmJkZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMXmPj1bVRwMFh0VKeDexjZpceGYI5gEK+KGosfna4ak3cWK
C2+U9mOLasK5SXutSKKp+sp6ybrxeqp7B/gZ9tzh0eurYxmTncNNnh4x3H7MilhL
Wb7LBha94HHYkqhrdA5Z/MM/nET1WT49LdUUqvHUJ0i13BwhDk/JkrHgPlpNB8BE
hts0Z6ukJD6e5RsSdKs+x5pM2oBmJFFv00ulGJiUKppqB3vxj9AYLVR6UmKW0z8S
R6fXhYXJM8f5ZeAHoNyr6TqgD/cZqdr1/3dgLNMSY/B/kZn8rek97LMag0+9wpSx
oQJirmlvGbTXdbJEm+0nxxPr5sz2Ot2oWE4ZGk0CAwEAAaOCAjkwggI1MB0GA1Ud
DgQWBBQ9EXiEO1HMinWFw3it3nKhl9Nr3zAfBgNVHSMEGDAWgBRE6IinbpmFGwH7
hs7FN9TY5hDeFjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1JPaUlwMjZaaFJzQi00Yk94VGZVMk9ZUTNoWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzEvODJlMmJhLTQ0MmMtNDJiMC05MzE1LWJjMGRiYTkzMmIzNS8x
L1BSRjRoRHRSeklwMWhjTjRyZDV5b1pmVGE5OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzEv
ODJlMmJhLTQ0MmMtNDJiMC05MzE1LWJjMGRiYTkzMmIzNS8xL1JPaUlwMjZaaFJz
Qi00Yk94VGZVMk9ZUTNoWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBP
BggrBgEFBQcBBwEB/wRAMD4wPAQCAAEwNgMEAluE+AMEAlvFJAMEAm3EqAMEALn1
9QMEArn5AAMEAsCQGAMEAsEnWAMEAsHkDAMEAsJMIDANBgkqhkiG9w0BAQsFAAOC
AQEADZt4dtCELxLMIsW6RBU9jYnTYkKjg8+w6BW55je2zS7sV22EqiH3TBfI2BX7
1ZM48v91oC74EJZf4aNdRUMhHBmnEJ0MR1dyHHEHb2XanZlvxDbzgy5BLIAiUv1j
uyBJ2HInNs4WVPHKp5SVYXDvWdzdpTNB6zWqzz02zVSYkRLodmVPeGJxja3comst
UVI2BEt1+ftlT5cTZE9c4XlYBAkxztob+U4aM6f8AjIhs/2/wcMiuXAaQes826HZ
iwwEbVhUOO5V2mBrXMcKA+WDV1vrPGIhLmgwiqaiHfFCpUMT4wTkdwdO2P1MGgIU
EtPs3z1vvbKli9c+ycazKOjvAg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:23 2023 by rpki-client on console-fra.rpki-client.org