Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/482896-826a-4bed-b14f-affba2df3d62/1/sx117CwR0EIb_9pG17sVBZH3VQ4.roa
File: sx117CwR0EIb_9pG17sVBZH3VQ4.roa (raw, json)
Hash identifier: XPvNKMCs4b+6ZUQtFH1xw0+qeZh/cgE0fuFfgeTkK+g=
Subject key identifier: B3:1D:75:EC:2C:11:D0:42:1B:FF:DA:46:D7:BB:15:05:91:F7:55:0E
Certificate issuer: /CN=9255218b69e551143c51fa1d919512e1a44c5c9d
Certificate serial: 03F219AA
Authority key identifier: 92:55:21:8B:69:E5:51:14:3C:51:FA:1D:91:95:12:E1:A4:4C:5C:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/klUhi2nlURQ8UfodkZUS4aRMXJ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/482896-826a-4bed-b14f-affba2df3d62/1/sx117CwR0EIb_9pG17sVBZH3VQ4.roa
Signing time: Sat 01 Jan 2022 03:51:41 +0000
ROA not before: Sat 01 Jan 2022 03:51:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47196
IP address blocks: 91.203.192.0/24 maxlen: 24
91.203.194.0/24 maxlen: 24
91.203.195.0/24 maxlen: 24
91.203.193.0/24 maxlen: 24
46.173.212.0/24 maxlen: 24
46.173.212.0/23 maxlen: 23
46.173.213.0/24 maxlen: 24
46.173.211.0/24 maxlen: 24
46.173.209.0/24 maxlen: 24
46.173.210.0/24 maxlen: 24
46.173.217.0/24 maxlen: 24
46.173.214.0/23 maxlen: 23
46.173.214.0/24 maxlen: 24
46.173.215.0/24 maxlen: 24
46.173.218.0/23 maxlen: 23
46.173.218.0/24 maxlen: 24
45.143.137.0/24 maxlen: 24
46.173.219.0/24 maxlen: 24
46.173.216.0/24 maxlen: 24
46.173.216.0/23 maxlen: 23
45.143.136.0/24 maxlen: 24
45.143.138.0/24 maxlen: 24
45.143.139.0/24 maxlen: 24
45.143.136.0/22 maxlen: 22
46.173.223.0/24 maxlen: 24
195.128.120.0/22 maxlen: 22
195.128.121.0/24 maxlen: 24
195.128.120.0/24 maxlen: 24
195.128.124.0/24 maxlen: 24
195.128.124.0/22 maxlen: 22
195.128.125.0/24 maxlen: 24
195.128.122.0/24 maxlen: 24
195.128.123.0/24 maxlen: 24
195.128.127.0/24 maxlen: 24
195.128.126.0/24 maxlen: 24
2a0f:6f80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66197930 (0x3f219aa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9255218b69e551143c51fa1d919512e1a44c5c9d
Validity
Not Before: Jan 1 03:51:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b31d75ec2c11d0421bffda46d7bb150591f7550e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:50:f3:2d:19:d5:61:a7:ae:9f:17:d4:72:55:
6e:6f:be:ee:c2:24:e0:6a:bc:4f:f0:ba:49:8f:a6:
25:4a:97:86:ae:6b:94:cc:7c:5c:7e:3b:99:d9:b7:
0b:55:62:ff:26:e6:96:11:6e:83:63:9a:fa:9a:06:
12:a6:ab:85:cd:0c:1f:47:1d:0c:b5:54:55:c3:34:
d4:8a:81:74:03:9a:6d:80:e6:a3:c5:a3:63:0a:50:
46:a5:dd:2e:69:28:a1:0e:6f:e3:a8:e7:b1:16:f8:
b3:15:ff:15:23:86:82:51:9e:c9:27:ba:3c:76:76:
fd:d0:95:83:d1:e0:17:fa:63:66:40:3e:dd:79:38:
20:44:90:a6:98:3d:d0:92:88:f0:29:1b:10:9b:fb:
a8:45:6e:8d:a6:cb:f1:8c:51:d9:e0:8b:b4:ed:ce:
5a:ff:13:a6:9f:09:77:74:cb:2e:3a:2e:90:13:5d:
66:da:41:8e:60:d6:3c:ec:6f:55:07:41:55:d9:9c:
e2:8d:ce:a6:ba:de:43:59:26:22:ba:5e:1f:4b:f7:
52:b6:dd:7e:d9:ff:4d:54:de:fb:9d:e8:0c:f2:cb:
ad:81:05:65:45:db:7e:10:06:b4:88:f3:c6:aa:ac:
6c:70:0f:1f:56:37:e2:39:5b:59:8c:e5:62:02:ed:
e7:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:1D:75:EC:2C:11:D0:42:1B:FF:DA:46:D7:BB:15:05:91:F7:55:0E
X509v3 Authority Key Identifier:
keyid:92:55:21:8B:69:E5:51:14:3C:51:FA:1D:91:95:12:E1:A4:4C:5C:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/klUhi2nlURQ8UfodkZUS4aRMXJ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/482896-826a-4bed-b14f-affba2df3d62/1/sx117CwR0EIb_9pG17sVBZH3VQ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/482896-826a-4bed-b14f-affba2df3d62/1/klUhi2nlURQ8UfodkZUS4aRMXJ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.136.0/22
46.173.209.0-46.173.219.255
46.173.223.0/24
91.203.192.0/22
195.128.120.0/21
IPv6:
2a0f:6f80::/29
Signature Algorithm: sha256WithRSAEncryption
5b:1c:10:cd:e2:b9:93:d3:b8:72:f3:4d:ae:48:66:bd:21:02:
bd:d1:a2:50:27:0e:c9:55:16:a2:92:2f:14:0a:fc:c6:61:fc:
ad:f2:a5:2e:1e:b7:98:53:28:f5:68:42:a1:51:fb:59:11:2f:
42:4d:0c:4c:9d:ed:33:86:db:a1:8d:43:1b:6d:a6:01:40:f3:
98:4a:9b:a3:9a:31:41:e4:d9:bf:22:e3:35:16:c2:f7:cf:e5:
fb:ff:9d:c0:a9:65:4f:34:d7:d5:3f:98:ea:93:a5:07:5f:eb:
4a:29:cb:0f:69:b3:a8:35:8f:13:e9:47:29:7d:04:bf:fc:23:
34:e6:a8:e5:db:f3:4b:58:67:a8:53:1e:b7:59:b5:7f:47:eb:
79:a6:c9:3a:0e:6b:43:70:95:48:1a:84:1c:b9:70:d9:83:54:
1a:af:74:87:96:a5:45:8a:72:b3:d8:2e:70:e4:82:ab:bd:7f:
64:e6:bc:f2:01:bf:39:c8:1b:a4:0f:22:f7:21:c8:2f:f6:eb:
54:ba:e4:8c:14:30:d1:45:58:ce:4d:a0:a7:29:32:c4:16:82:
24:d0:b8:5a:b8:ae:14:95:2f:ca:4b:18:1d:0b:43:1e:9a:d5:
f5:2e:76:a0:28:04:ff:52:c2:1b:69:de:1b:6a:f4:27:1a:f4:
91:a5:4a:9a
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgIEA/IZqjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MjU1MjE4YjY5ZTU1MTE0M2M1MWZhMWQ5MTk1MTJlMWE0NGM1YzlkMB4XDTIyMDEw
MTAzNTE0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjMxZDc1ZWMyYzEx
ZDA0MjFiZmZkYTQ2ZDdiYjE1MDU5MWY3NTUwZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALBQ8y0Z1WGnrp8X1HJVbm++7sIk4Gq8T/C6SY+mJUqXhq5r
lMx8XH47mdm3C1Vi/ybmlhFug2Oa+poGEqarhc0MH0cdDLVUVcM01IqBdAOabYDm
o8WjYwpQRqXdLmkooQ5v46jnsRb4sxX/FSOGglGeySe6PHZ2/dCVg9HgF/pjZkA+
3Xk4IESQppg90JKI8CkbEJv7qEVujabL8YxR2eCLtO3OWv8Tpp8Jd3TLLjoukBNd
ZtpBjmDWPOxvVQdBVdmc4o3OprreQ1kmIrpeH0v3Urbdftn/TVTe+53oDPLLrYEF
ZUXbfhAGtIjzxqqsbHAPH1Y34jlbWYzlYgLt55MCAwEAAaOCAjgwggI0MB0GA1Ud
DgQWBBSzHXXsLBHQQhv/2kbXuxUFkfdVDjAfBgNVHSMEGDAWgBSSVSGLaeVRFDxR
+h2RlRLhpExcnTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2tsVWhpMm5sVVJROFVmb2RrWlVTNGFSTVhKMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzUvNDgyODk2LTgyNmEtNGJlZC1iMTRmLWFmZmJhMmRmM2Q2Mi8x
L3N4MTE3Q3dSMEVJYl85cEcxN3NWQlpIM1ZRNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzUv
NDgyODk2LTgyNmEtNGJlZC1iMTRmLWFmZmJhMmRmM2Q2Mi8xL2tsVWhpMm5sVVJR
OFVmb2RrWlVTNGFSTVhKMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBO
BggrBgEFBQcBBwEB/wQ/MD0wLAQCAAEwJgMEAi2PiDAMAwQALq3RAwQCLq3YAwQA
Lq3fAwQCW8vAAwQDw4B4MA0EAgACMAcDBQMqD2+AMA0GCSqGSIb3DQEBCwUAA4IB
AQBbHBDN4rmT07hy802uSGa9IQK90aJQJw7JVRaiki8UCvzGYfyt8qUuHreYUyj1
aEKhUftZES9CTQxMne0zhtuhjUMbbaYBQPOYSpujmjFB5Nm/IuM1FsL3z+X7/53A
qWVPNNfVP5jqk6UHX+tKKcsPabOoNY8T6UcpfQS//CM05qjl2/NLWGeoUx63WbV/
R+t5psk6DmtDcJVIGoQcuXDZg1Qar3SHlqVFinKz2C5w5IKrvX9k5rzyAb85yBuk
DyL3Icgv9utUuuSMFDDRRVjOTaCnKTLEFoIk0LhauK4UlS/KSxgdC0MemtX1Lnag
KAT/UsIbad4bavQnGvSRpUqa
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:06 2024 by rpki-client on console-ams.rpki-client.org