Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/4de665-a7e3-440b-93a7-f9b7836f2391/1/12sUvI2mXuT-LTDshgMbC2QGjb4.roa
File: 12sUvI2mXuT-LTDshgMbC2QGjb4.roa (raw, json)
Hash identifier: fwxrH6aT5XxJvRbHqsly9dGzkBP5e6OsfaHyFGNHEdE=
Subject key identifier: D7:6B:14:BC:8D:A6:5E:E4:FE:2D:30:EC:86:03:1B:0B:64:06:8D:BE
Certificate issuer: /CN=4419e02f046e1bfb5927fe731ff725e469599171
Certificate serial: 0233AAF1
Authority key identifier: 44:19:E0:2F:04:6E:1B:FB:59:27:FE:73:1F:F7:25:E4:69:59:91:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RBngLwRuG_tZJ_5zH_cl5GlZkXE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/4de665-a7e3-440b-93a7-f9b7836f2391/1/12sUvI2mXuT-LTDshgMbC2QGjb4.roa
Signing time: Wed 05 Jan 2022 08:44:32 +0000
ROA not before: Wed 05 Jan 2022 08:44:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51013
IP address blocks: 185.87.12.0/22 maxlen: 24
37.9.168.0/21 maxlen: 24
195.210.28.0/23 maxlen: 24
45.13.137.0/24 maxlen: 24
45.138.184.0/24 maxlen: 24
2a00:4b40::/32 maxlen: 64
2a0e:bb40::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 36940529 (0x233aaf1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4419e02f046e1bfb5927fe731ff725e469599171
Validity
Not Before: Jan 5 08:44:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d76b14bc8da65ee4fe2d30ec86031b0b64068dbe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:e9:bd:ef:39:23:f3:2b:9d:2a:ee:a4:ce:5d:
77:95:cc:57:25:03:00:5c:91:5b:bd:c6:d3:7d:67:
47:c3:ec:3d:74:ea:d5:1e:0a:70:34:fc:98:3c:0e:
7f:de:5e:27:f0:95:49:c7:e8:3b:02:d0:12:95:77:
d0:c6:c5:4c:79:a1:30:73:a0:c0:ca:c1:e9:bc:d0:
24:24:5f:19:70:d4:38:23:8e:c1:1c:71:2d:ce:a0:
2e:f3:4c:e5:ba:59:34:3c:da:e1:42:ab:23:80:36:
8b:e5:b2:47:14:07:cc:42:64:95:6f:d5:e4:a5:d7:
c6:59:11:2f:57:b6:78:48:8a:25:ec:82:8c:6e:5c:
88:ae:5e:a5:29:db:b0:ec:1d:e6:ec:4f:b4:39:c7:
d3:88:45:18:b6:b8:4e:ba:72:e3:93:15:26:3f:21:
a7:60:7d:b5:5c:b8:d7:7d:0d:53:2f:ad:47:4c:a3:
9d:f6:d3:64:dd:42:15:96:e9:44:40:ce:aa:f9:53:
c4:bf:68:9e:fb:7b:cd:20:b7:49:93:64:c2:6b:cb:
b2:b0:f8:9f:52:22:88:e2:f1:a4:b8:ce:09:33:0d:
86:38:85:44:2f:09:02:85:66:3d:fb:78:14:4c:c2:
d3:20:50:04:ed:0e:ab:14:df:37:0f:86:a2:55:1b:
01:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:6B:14:BC:8D:A6:5E:E4:FE:2D:30:EC:86:03:1B:0B:64:06:8D:BE
X509v3 Authority Key Identifier:
keyid:44:19:E0:2F:04:6E:1B:FB:59:27:FE:73:1F:F7:25:E4:69:59:91:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RBngLwRuG_tZJ_5zH_cl5GlZkXE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/4de665-a7e3-440b-93a7-f9b7836f2391/1/12sUvI2mXuT-LTDshgMbC2QGjb4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/4de665-a7e3-440b-93a7-f9b7836f2391/1/RBngLwRuG_tZJ_5zH_cl5GlZkXE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.9.168.0/21
45.13.137.0/24
45.138.184.0/24
185.87.12.0/22
195.210.28.0/23
IPv6:
2a00:4b40::/32
2a0e:bb40::/48
Signature Algorithm: sha256WithRSAEncryption
12:04:97:8c:e6:9a:4b:1a:5c:82:f7:3d:95:1a:0f:cf:80:5c:
bb:ea:86:0d:81:cc:34:f4:1d:8a:e4:9a:49:1c:29:db:79:50:
a6:c2:55:22:72:a4:47:43:bb:5d:4c:91:5c:84:e3:44:ce:9a:
9a:dd:30:46:56:5c:d5:bb:f3:3c:25:41:09:49:9b:ec:67:da:
9f:db:7c:9b:81:8a:00:29:c6:68:df:7f:f3:e7:c5:be:69:33:
1e:d5:05:18:65:64:02:d4:73:94:28:7c:e8:a6:78:65:7d:59:
7e:91:33:01:45:6b:ee:0c:36:50:a9:94:95:1f:9c:66:c7:a5:
d7:b4:d8:dd:33:10:3e:9d:e1:c3:f8:c3:e4:ab:56:45:22:77:
71:63:94:d5:43:c5:cb:77:e0:0a:01:84:54:43:73:96:ff:2d:
7f:f0:60:ff:d8:fb:72:fd:28:33:48:dc:b8:4a:0e:a0:ed:30:
3e:15:87:98:49:7c:29:ed:ff:37:07:fb:f7:47:25:27:a2:26:
d0:06:ce:b8:98:b9:1a:b4:62:d2:34:f7:81:01:41:90:3c:39:
a0:f6:78:8a:a2:df:8d:68:2e:e4:f2:cf:5a:a0:01:c0:b8:5c:
69:b4:19:e5:57:41:3c:6f:30:f9:a2:5f:69:45:61:49:55:85:
bc:1b:a0:e5
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgIEAjOq8TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
NDE5ZTAyZjA0NmUxYmZiNTkyN2ZlNzMxZmY3MjVlNDY5NTk5MTcxMB4XDTIyMDEw
NTA4NDQzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDc2YjE0YmM4ZGE2
NWVlNGZlMmQzMGVjODYwMzFiMGI2NDA2OGRiZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMvpve85I/MrnSrupM5dd5XMVyUDAFyRW73G031nR8PsPXTq
1R4KcDT8mDwOf95eJ/CVScfoOwLQEpV30MbFTHmhMHOgwMrB6bzQJCRfGXDUOCOO
wRxxLc6gLvNM5bpZNDza4UKrI4A2i+WyRxQHzEJklW/V5KXXxlkRL1e2eEiKJeyC
jG5ciK5epSnbsOwd5uxPtDnH04hFGLa4Trpy45MVJj8hp2B9tVy4130NUy+tR0yj
nfbTZN1CFZbpREDOqvlTxL9onvt7zSC3SZNkwmvLsrD4n1IiiOLxpLjOCTMNhjiF
RC8JAoVmPft4FEzC0yBQBO0OqxTfNw+GolUbAbsCAwEAAaOCAjkwggI1MB0GA1Ud
DgQWBBTXaxS8jaZe5P4tMOyGAxsLZAaNvjAfBgNVHSMEGDAWgBREGeAvBG4b+1kn
/nMf9yXkaVmRcTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1JCbmdMd1J1R190WkpfNXpIX2NsNUdsWmtYRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzQvNGRlNjY1LWE3ZTMtNDQwYi05M2E3LWY5Yjc4MzZmMjM5MS8x
LzEyc1V2STJtWHVULUxURHNoZ01iQzJRR2piNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzQv
NGRlNjY1LWE3ZTMtNDQwYi05M2E3LWY5Yjc4MzZmMjM5MS8xL1JCbmdMd1J1R190
WkpfNXpIX2NsNUdsWmtYRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBP
BggrBgEFBQcBBwEB/wRAMD4wJAQCAAEwHgMEAyUJqAMEAC0NiQMEAC2KuAMEArlX
DAMEAcPSHDAWBAIAAjAQAwUAKgBLQAMHACoOu0AAADANBgkqhkiG9w0BAQsFAAOC
AQEAEgSXjOaaSxpcgvc9lRoPz4Bcu+qGDYHMNPQdiuSaSRwp23lQpsJVInKkR0O7
XUyRXITjRM6amt0wRlZc1bvzPCVBCUmb7Gfan9t8m4GKACnGaN9/8+fFvmkzHtUF
GGVkAtRzlCh86KZ4ZX1ZfpEzAUVr7gw2UKmUlR+cZsel17TY3TMQPp3hw/jD5KtW
RSJ3cWOU1UPFy3fgCgGEVENzlv8tf/Bg/9j7cv0oM0jcuEoOoO0wPhWHmEl8Ke3/
Nwf790clJ6Im0AbOuJi5GrRi0jT3gQFBkDw5oPZ4iqLfjWgu5PLPWqABwLhcabQZ
5VdBPG8w+aJfaUVhSVWFvBug5Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:54 2024 by rpki-client on console-ams.rpki-client.org