Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/cf943d-c921-4ef7-9aa0-e3fcb23e3438/1/pTedfHlOEZhYlDQfJQ2VQSrYH2I.roa
File: pTedfHlOEZhYlDQfJQ2VQSrYH2I.roa (raw, json)
Hash identifier: yzgHEFDHc+XO4rcCwjLFcRb/CIalXtIc/5DhA4R3HOM=
Subject key identifier: A5:37:9D:7C:79:4E:11:98:58:94:34:1F:25:0D:95:41:2A:D8:1F:62
Certificate issuer: /CN=352f8919e6bc1ef5663489018fc875be34c0f24c
Certificate serial: 07398DB9
Authority key identifier: 35:2F:89:19:E6:BC:1E:F5:66:34:89:01:8F:C8:75:BE:34:C0:F2:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NS-JGea8HvVmNIkBj8h1vjTA8kw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/cf943d-c921-4ef7-9aa0-e3fcb23e3438/1/pTedfHlOEZhYlDQfJQ2VQSrYH2I.roa
Signing time: Tue 04 Jan 2022 10:20:04 +0000
ROA not before: Tue 04 Jan 2022 10:20:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 45.84.112.0/22 maxlen: 24
91.221.92.0/23 maxlen: 24
91.221.106.0/23 maxlen: 24
185.48.132.0/22 maxlen: 24
185.74.52.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 121212345 (0x7398db9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=352f8919e6bc1ef5663489018fc875be34c0f24c
Validity
Not Before: Jan 4 10:20:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a5379d7c794e11985894341f250d95412ad81f62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:50:23:c4:f2:dd:db:22:71:4c:4b:46:38:ba:
b3:e3:7d:9b:1e:5d:75:c9:d1:e8:84:67:18:51:3a:
39:b0:96:90:a1:5d:01:10:64:b0:a7:c7:55:19:ae:
2b:dd:b9:c1:ec:b5:76:fd:82:34:71:0a:38:58:16:
07:32:ec:c3:c5:e3:e7:12:a8:0d:62:80:b7:e5:94:
15:9f:f3:df:e1:bf:dd:58:90:10:bd:4c:0f:0f:bc:
4e:e8:1b:fb:4c:81:23:50:2d:76:87:b2:8b:12:5c:
01:b5:1a:37:dd:64:37:03:2d:45:a2:5c:b7:ca:13:
26:e1:d0:78:3e:15:b0:6c:e0:d8:88:82:e5:cf:48:
d5:28:62:c2:d3:36:a5:c2:82:86:5a:e2:a3:34:20:
1c:ca:54:92:10:01:41:9e:e8:fd:61:60:c0:d8:8d:
b5:f0:e0:ba:94:59:46:7d:52:5e:ab:64:ca:c4:31:
52:6b:0c:09:78:92:06:7c:d6:8a:b8:85:19:53:f4:
76:c7:79:04:cc:ad:b5:70:06:82:0e:a8:37:91:e0:
f9:5c:2e:92:93:68:a2:b4:af:4e:1d:63:51:c1:b7:
44:25:e1:77:3b:a0:50:9a:06:80:f6:0f:4a:a9:91:
f7:4f:96:58:d6:db:1d:80:58:53:06:07:c7:da:95:
b7:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:37:9D:7C:79:4E:11:98:58:94:34:1F:25:0D:95:41:2A:D8:1F:62
X509v3 Authority Key Identifier:
keyid:35:2F:89:19:E6:BC:1E:F5:66:34:89:01:8F:C8:75:BE:34:C0:F2:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NS-JGea8HvVmNIkBj8h1vjTA8kw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/cf943d-c921-4ef7-9aa0-e3fcb23e3438/1/pTedfHlOEZhYlDQfJQ2VQSrYH2I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/cf943d-c921-4ef7-9aa0-e3fcb23e3438/1/NS-JGea8HvVmNIkBj8h1vjTA8kw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.112.0/22
91.221.92.0/23
91.221.106.0/23
185.48.132.0/22
185.74.52.0/22
Signature Algorithm: sha256WithRSAEncryption
20:f5:8f:4b:8e:d9:0e:2c:6a:30:36:9c:ec:d4:9c:66:ff:e8:
7f:c0:07:5f:d1:50:0f:22:0b:6e:ea:dc:8f:cf:26:85:81:94:
b3:c1:42:20:f2:2b:44:62:18:00:9f:7e:18:6b:0b:11:41:c6:
56:cb:69:c7:e4:7c:e7:94:94:0f:58:8e:80:3d:d4:74:cf:2a:
c5:f4:53:29:69:61:5b:b8:fe:03:3e:e9:d7:34:3e:6e:f3:d2:
8f:3b:b1:78:5a:00:0a:e0:7d:df:86:d0:0d:38:ec:7b:48:4a:
51:08:43:8d:be:5f:1e:e6:e6:51:ad:d0:3d:2b:ad:4a:f6:34:
0a:fb:5c:a5:87:70:76:34:2a:77:4b:9d:69:c7:79:cd:b6:7f:
0f:bc:ff:ab:6d:b9:9c:cf:f7:ce:e0:5d:b9:0c:8e:bd:99:d7:
32:3d:98:2e:65:25:26:99:d3:53:7a:cc:d7:92:4f:56:68:c4:
9a:d1:e1:e4:37:52:04:f8:d0:03:3c:9f:6c:c5:29:9e:3b:38:
8a:d8:84:b1:6c:c1:2c:6b:e0:46:14:c8:77:e0:04:0f:1e:53:
6d:d0:77:46:b5:e9:2a:6e:96:62:10:24:4b:f2:64:11:59:43:
b7:06:bb:99:01:ae:1d:52:09:df:04:6d:fd:b0:1a:cc:5e:ca:
a1:38:04:7a
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIEBzmNuTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NTJmODkxOWU2YmMxZWY1NjYzNDg5MDE4ZmM4NzViZTM0YzBmMjRjMB4XDTIyMDEw
NDEwMjAwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTUzNzlkN2M3OTRl
MTE5ODU4OTQzNDFmMjUwZDk1NDEyYWQ4MWY2MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL5QI8Ty3dsicUxLRji6s+N9mx5ddcnR6IRnGFE6ObCWkKFd
ARBksKfHVRmuK925wey1dv2CNHEKOFgWBzLsw8Xj5xKoDWKAt+WUFZ/z3+G/3ViQ
EL1MDw+8Tugb+0yBI1AtdoeyixJcAbUaN91kNwMtRaJct8oTJuHQeD4VsGzg2IiC
5c9I1ShiwtM2pcKChlriozQgHMpUkhABQZ7o/WFgwNiNtfDgupRZRn1SXqtkysQx
UmsMCXiSBnzWiriFGVP0dsd5BMyttXAGgg6oN5Hg+VwukpNoorSvTh1jUcG3RCXh
dzugUJoGgPYPSqmR90+WWNbbHYBYUwYHx9qVt90CAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBSlN518eU4RmFiUNB8lDZVBKtgfYjAfBgNVHSMEGDAWgBQ1L4kZ5rwe9WY0
iQGPyHW+NMDyTDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05TLUpHZWE4SHZWbU5Ja0JqOGgxdmpUQThrdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzEvY2Y5NDNkLWM5MjEtNGVmNy05YWEwLWUzZmNiMjNlMzQzOC8x
L3BUZWRmSGxPRVpoWWxEUWZKUTJWUVNyWUgySS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzEv
Y2Y5NDNkLWM5MjEtNGVmNy05YWEwLWUzZmNiMjNlMzQzOC8xL05TLUpHZWE4SHZW
bU5Ja0JqOGgxdmpUQThrdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAi1UcAMEAVvdXAMEAVvdagMEArkw
hAMEArlKNDANBgkqhkiG9w0BAQsFAAOCAQEAIPWPS47ZDixqMDac7NScZv/of8AH
X9FQDyILburcj88mhYGUs8FCIPIrRGIYAJ9+GGsLEUHGVstpx+R855SUD1iOgD3U
dM8qxfRTKWlhW7j+Az7p1zQ+bvPSjzuxeFoACuB934bQDTjse0hKUQhDjb5fHubm
Ua3QPSutSvY0CvtcpYdwdjQqd0udacd5zbZ/D7z/q225nM/3zuBduQyOvZnXMj2Y
LmUlJpnTU3rM15JPVmjEmtHh5DdSBPjQAzyfbMUpnjs4itiEsWzBLGvgRhTId+AE
Dx5TbdB3RrXpKm6WYhAkS/JkEVlDtwa7mQGuHVIJ3wRt/bAazF7KoTgEeg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:37 2024 by rpki-client on console-fra.rpki-client.org