Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/1-2l4XNmtVY8y_O-4N3X2JF9rdro.roa
File: 1-2l4XNmtVY8y_O-4N3X2JF9rdro.roa (raw, json)
Hash identifier: +xWsAVNQr0X+tvqeSOnUt05wL8T92qEgYPDwgR7tJ+Q=
Subject key identifier: FB:69:78:5C:D9:AD:55:8F:32:FC:EF:B8:37:75:F6:24:5F:6B:76:BA
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 03D8B3FB
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/1-2l4XNmtVY8y_O-4N3X2JF9rdro.roa
Signing time: Thu 17 Feb 2022 14:28:18 +0000
ROA not before: Thu 17 Feb 2022 14:28:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207569
IP address blocks: 5.180.136.0/24 maxlen: 24
5.180.137.0/24 maxlen: 24
5.180.138.0/24 maxlen: 24
5.180.139.0/24 maxlen: 24
45.133.245.0/24 maxlen: 24
95.214.8.0/24 maxlen: 24
185.17.2.0/24 maxlen: 24
85.209.0.0/24 maxlen: 24
5.252.116.0/24 maxlen: 24
45.89.64.0/24 maxlen: 24
46.17.106.0/24 maxlen: 24
2a0a:9300:1::/48 maxlen: 48
2a0a:9300:aaaa::/48 maxlen: 48
2a0a:9300::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64533499 (0x3d8b3fb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Feb 17 14:28:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fb69785cd9ad558f32fcefb83775f6245f6b76ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:08:94:59:a1:3c:45:0e:48:4a:aa:a7:d4:1c:
86:4d:96:49:10:ad:74:f8:55:2b:85:99:4a:a4:13:
82:62:40:85:ce:23:55:12:08:47:f8:05:22:29:97:
5a:56:cd:ea:17:1f:41:f6:ca:87:98:c3:3c:10:4d:
64:5b:3b:7e:8d:66:c8:ef:45:8e:9e:21:fc:9b:8e:
04:68:11:3e:79:2a:4b:f9:f6:d9:71:be:1c:08:8d:
ac:8c:7a:77:54:1a:ea:42:75:e0:29:b7:fc:a5:52:
9c:ef:eb:99:2d:1f:f0:00:1e:50:b5:30:6d:ad:57:
f0:f9:9b:61:de:3f:70:4a:32:25:54:f5:e8:84:83:
c1:1c:a4:c3:37:01:86:32:68:e7:65:a8:14:c6:ea:
7a:f4:50:9b:2c:f7:14:8e:37:8d:3d:6f:3f:83:e6:
7c:1b:ab:4d:02:7d:60:08:56:28:bb:ba:54:f8:ae:
f4:42:7d:e6:4f:05:25:da:d6:45:ab:a2:a5:fd:85:
65:ca:8b:c5:d1:37:a7:b7:63:65:89:05:fe:fa:a5:
c1:f3:3d:cd:e5:99:9e:25:d1:3f:df:94:f1:9b:5c:
38:cf:df:58:8e:ba:46:f0:90:ce:f8:52:fd:fb:87:
d9:04:08:37:ad:e7:bb:83:b1:24:30:28:55:b6:b0:
27:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:69:78:5C:D9:AD:55:8F:32:FC:EF:B8:37:75:F6:24:5F:6B:76:BA
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/1-2l4XNmtVY8y_O-4N3X2JF9rdro.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.136.0/22
5.252.116.0/24
45.89.64.0/24
45.133.245.0/24
46.17.106.0/24
85.209.0.0/24
95.214.8.0/24
185.17.2.0/24
IPv6:
2a0a:9300::/32
Signature Algorithm: sha256WithRSAEncryption
09:e1:9a:83:89:ab:46:8d:cb:a2:32:89:34:7b:ce:90:41:d4:
3d:3a:fb:26:9a:3f:c7:44:b8:00:4c:58:d9:be:a5:4f:62:b0:
cf:37:fd:6b:11:f9:a7:06:c6:10:59:1f:a0:d1:15:a6:0e:27:
96:6c:f3:c6:0a:9b:10:c7:ef:95:d1:60:00:7a:26:25:28:b2:
64:71:b6:af:fd:bd:2b:a6:dd:ec:2d:1a:85:d0:f9:7c:61:0e:
72:ae:31:a8:70:f0:61:fc:a6:ff:f7:b8:ae:82:a1:1b:bd:84:
e4:ee:44:67:21:7d:a4:bc:81:f5:e5:fd:af:10:22:de:3c:17:
03:f9:00:cd:a8:97:0c:4c:9f:f5:d6:4e:44:99:45:94:1c:40:
a1:f7:ec:ac:5f:7b:06:e1:9a:9b:9e:4e:34:9d:93:1f:37:85:
ad:32:95:b8:03:85:ee:66:d7:03:5a:d2:0c:5e:46:c1:d2:3b:
42:87:25:61:13:64:eb:13:c2:55:e4:6c:25:49:42:8b:d4:9b:
1f:9e:54:63:43:2b:fa:12:2f:a0:28:1b:ce:dd:1e:fb:5f:38:
d4:d6:8d:5e:9e:b1:25:74:6a:5a:93:dc:0c:d6:a6:73:f5:69:
19:4f:f8:2f:40:77:d2:84:38:d9:de:73:09:4d:c1:32:1c:d2:
7d:f6:54:63
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgIEA9iz+zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NGY5NjM0NWQzZjIyZWRiMzk1ZDI0N2Y3Yjg2ZDJkNzNlNGEwMDkxMB4XDTIyMDIx
NzE0MjgxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmI2OTc4NWNkOWFk
NTU4ZjMyZmNlZmI4Mzc3NWY2MjQ1ZjZiNzZiYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMMIlFmhPEUOSEqqp9Qchk2WSRCtdPhVK4WZSqQTgmJAhc4j
VRIIR/gFIimXWlbN6hcfQfbKh5jDPBBNZFs7fo1myO9Fjp4h/JuOBGgRPnkqS/n2
2XG+HAiNrIx6d1Qa6kJ14Cm3/KVSnO/rmS0f8AAeULUwba1X8PmbYd4/cEoyJVT1
6ISDwRykwzcBhjJo52WoFMbqevRQmyz3FI43jT1vP4PmfBurTQJ9YAhWKLu6VPiu
9EJ95k8FJdrWRauipf2FZcqLxdE3p7djZYkF/vqlwfM9zeWZniXRP9+U8ZtcOM/f
WI66RvCQzvhS/fuH2QQIN63nu4OxJDAoVbawJ3UCAwEAAaOCAkMwggI/MB0GA1Ud
DgQWBBT7aXhc2a1VjzL877g3dfYkX2t2ujAfBgNVHSMEGDAWgBS0+WNF0/Iu2zld
JH97htLXPkoAkTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RQbGpSZFB5THRzNVhTUl9lNGJTMXo1S0FKRS5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzUvOGUxMjFkLTczYjMtNDM4YS04M2M0LTZmYzM0M2Q3N2NkMi8x
LzEtMmw0WE5tdFZZOHlfTy00TjNYMkpGOXJkcm8ucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2M1
LzhlMTIxZC03M2IzLTQzOGEtODNjNC02ZmMzNDNkNzdjZDIvMS90UGxqUmRQeUx0
czVYU1JfZTRiUzF6NUtBSkUuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
WAYIKwYBBQUHAQcBAf8ESTBHMDYEAgABMDADBAIFtIgDBAAF/HQDBAAtWUADBAAt
hfUDBAAuEWoDBABV0QADBABf1ggDBAC5EQIwDQQCAAIwBwMFACoKkwAwDQYJKoZI
hvcNAQELBQADggEBAAnhmoOJq0aNy6IyiTR7zpBB1D06+yaaP8dEuABMWNm+pU9i
sM83/WsR+acGxhBZH6DRFaYOJ5Zs88YKmxDH75XRYAB6JiUosmRxtq/9vSum3ewt
GoXQ+XxhDnKuMahw8GH8pv/3uK6CoRu9hOTuRGchfaS8gfXl/a8QIt48FwP5AM2o
lwxMn/XWTkSZRZQcQKH37KxfewbhmpueTjSdkx83ha0ylbgDhe5m1wNa0gxeRsHS
O0KHJWETZOsTwlXkbCVJQovUmx+eVGNDK/oSL6AoG87dHvtfONTWjV6esSV0alqT
3AzWpnP1aRlP+C9Ad9KEONnecwlNwTIc0n32VGM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:08 2024 by rpki-client on console-ams.rpki-client.org