Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/4FHMDZWvxvewqMBGvw-xh0KN_G0.roa
File: 4FHMDZWvxvewqMBGvw-xh0KN_G0.roa (raw, json)
Hash identifier: 0EaBjvgwFzBThrV1hEk0HH9iv01Y2/7YhVkbbCeGrCE=
Subject key identifier: E0:51:CC:0D:95:AF:C6:F7:B0:A8:C0:46:BF:0F:B1:87:42:8D:FC:6D
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 01837E7FCFC9BFB66C470E5CD7492FE54E2D
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/4FHMDZWvxvewqMBGvw-xh0KN_G0.roa
Signing time: Tue 27 Sep 2022 10:30:48 +0000
ROA not before: Tue 27 Sep 2022 10:30:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209242
IP address blocks: 185.174.138.0/24 maxlen: 24
45.8.211.0/24 maxlen: 24
185.109.21.0/24 maxlen: 24
45.133.247.0/24 maxlen: 24
185.221.160.0/24 maxlen: 24
45.142.120.0/24 maxlen: 24
194.53.53.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:7e:7f:cf:c9:bf:b6:6c:47:0e:5c:d7:49:2f:e5:4e:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Sep 27 10:30:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e051cc0d95afc6f7b0a8c046bf0fb187428dfc6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:0d:d5:38:d5:29:53:a6:37:20:ae:aa:ea:e8:
98:9a:ce:eb:af:6f:ea:d1:6f:c3:4c:4e:23:59:49:
59:f3:be:d1:1e:ab:16:58:ab:92:2e:ad:f0:17:8c:
ef:cb:64:fb:13:d6:55:ed:44:ed:b0:3c:33:37:2d:
82:b2:75:b9:f6:70:1b:a8:a8:af:cd:85:fa:89:5c:
58:ca:9d:74:8f:0c:a2:7f:dc:bc:55:64:f8:fe:46:
cd:3c:82:b5:32:21:af:13:7b:37:bd:67:e7:bf:13:
6f:d6:f7:70:d1:d8:1b:42:14:e0:18:e2:3b:db:83:
72:96:cd:52:30:bd:e3:2f:1a:b3:d6:4e:c3:49:8b:
4e:e1:30:b9:a8:96:7f:fa:d0:4d:d3:a6:ea:a9:d4:
f6:d3:c4:cf:d1:c4:3e:12:ff:64:62:c6:72:7b:64:
49:08:b3:3c:e7:93:72:89:81:2f:ad:9f:af:29:a8:
22:39:c2:44:2a:5f:85:b1:a4:25:76:c1:0d:f9:4b:
d2:eb:ec:90:0e:06:02:62:c9:68:f7:80:a0:db:ab:
48:ed:dc:b6:b1:59:07:2a:dc:17:15:aa:49:e7:ff:
85:86:1d:80:4b:68:95:35:3f:37:93:21:b7:ab:20:
7c:f1:9d:46:68:66:2f:e7:7c:6d:d8:a9:7b:58:75:
09:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:51:CC:0D:95:AF:C6:F7:B0:A8:C0:46:BF:0F:B1:87:42:8D:FC:6D
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/4FHMDZWvxvewqMBGvw-xh0KN_G0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.211.0/24
45.133.247.0/24
45.142.120.0/24
185.109.21.0/24
185.174.138.0/24
185.221.160.0/24
194.53.53.0/24
Signature Algorithm: sha256WithRSAEncryption
ab:e6:ea:df:e2:82:74:53:c5:e0:67:e1:ae:dc:35:a5:58:22:
52:76:8f:a6:34:7e:15:97:2b:ea:22:48:0f:ba:5a:6f:c2:cd:
8e:09:be:c3:e9:d4:b5:56:34:41:03:3f:51:a8:0c:b4:61:8b:
cd:c5:56:7d:3e:ea:69:ac:8a:43:ac:bf:64:97:fc:7f:3e:7f:
ff:64:21:fd:75:97:2c:db:89:0d:f3:3a:fc:ad:e8:74:c2:24:
a5:79:5c:58:00:50:8e:76:af:6b:42:db:75:f0:59:32:5a:4c:
aa:12:83:c9:4e:24:6d:4f:1a:9d:5e:dd:ea:46:cc:c5:5b:1e:
4c:20:59:0a:9b:d2:32:ab:a6:b5:92:11:1a:89:fd:a8:cb:04:
e6:1e:20:20:84:47:b3:c4:c0:92:88:27:97:19:fc:2c:d0:2d:
4c:21:05:74:25:1e:97:61:eb:7b:8d:30:46:2b:a9:b1:c3:70:
b4:e3:28:d2:df:94:63:b6:6f:c3:2a:d7:8f:e2:64:4d:13:d1:
7f:f4:da:02:f4:24:34:3f:60:34:48:9f:d7:9d:29:82:b9:41:
c4:f6:20:8a:79:1e:10:b1:69:b3:80:2a:75:b4:b3:48:00:ab:
3b:c4:00:60:04:a6:29:c4:c0:a2:7e:45:c5:66:9f:f9:b8:60:
f5:b1:10:b4
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYN+f8/Jv7ZsRw5c10kv5U4tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjIwOTI3MTAzMDQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDUxY2MwZDk1YWZjNmY3YjBhOGMwNDZiZjBmYjE4NzQyOGRmYzZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlw3VONUpU6Y3IK6q6uiYms7rr2/q
0W/DTE4jWUlZ877RHqsWWKuSLq3wF4zvy2T7E9ZV7UTtsDwzNy2CsnW59nAbqKiv
zYX6iVxYyp10jwyif9y8VWT4/kbNPIK1MiGvE3s3vWfnvxNv1vdw0dgbQhTgGOI7
24Nyls1SML3jLxqz1k7DSYtO4TC5qJZ/+tBN06bqqdT208TP0cQ+Ev9kYsZye2RJ
CLM855NyiYEvrZ+vKagiOcJEKl+FsaQldsEN+UvS6+yQDgYCYslo94Cg26tI7dy2
sVkHKtwXFapJ5/+Fhh2AS2iVNT83kyG3qyB88Z1GaGYv53xt2Kl7WHUJzQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFOBRzA2Vr8b3sKjARr8PsYdCjfxtMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvNEZITURaV3Z4dmV3cU1CR3Z3LXhoMEtOX0cwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALQjTAwQA
LYX3AwQALY54AwQAuW0VAwQAua6KAwQAud2gAwQAwjU1MA0GCSqGSIb3DQEBCwUA
A4IBAQCr5urf4oJ0U8XgZ+Gu3DWlWCJSdo+mNH4VlyvqIkgPulpvws2OCb7D6dS1
VjRBAz9RqAy0YYvNxVZ9PupprIpDrL9kl/x/Pn//ZCH9dZcs24kN8zr8reh0wiSl
eVxYAFCOdq9rQtt18FkyWkyqEoPJTiRtTxqdXt3qRszFWx5MIFkKm9Iyq6a1khEa
if2oywTmHiAghEezxMCSiCeXGfws0C1MIQV0JR6XYet7jTBGK6mxw3C04yjS35Rj
tm/DKteP4mRNE9F/9NoC9CQ0P2A0SJ/XnSmCuUHE9iCKeR4QsWmzgCp1tLNIAKs7
xABgBKYpxMCifkXFZp/5uGD1sRC0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:07 2024 by rpki-client on console-fra.rpki-client.org