Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/4tHZkX4pMocpHRfQZH0515OF9Vg.roa
File: 4tHZkX4pMocpHRfQZH0515OF9Vg.roa (raw, json)
Hash identifier: 4/IdIxIVwN6gLqWp3KgFwY6H4tXD9/TNP25D3BUoCOw=
Subject key identifier: E2:D1:D9:91:7E:29:32:87:29:1D:17:D0:64:7D:39:D7:93:85:F5:58
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 0432C405
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/4tHZkX4pMocpHRfQZH0515OF9Vg.roa
Signing time: Fri 18 Mar 2022 12:19:10 +0000
ROA not before: Fri 18 Mar 2022 12:19:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207569
IP address blocks: 5.180.136.0/24 maxlen: 24
5.180.137.0/24 maxlen: 24
5.180.138.0/24 maxlen: 24
5.180.139.0/24 maxlen: 24
185.94.164.0/24 maxlen: 24
185.94.167.0/24 maxlen: 24
45.133.245.0/24 maxlen: 24
185.188.181.0/24 maxlen: 24
95.214.8.0/24 maxlen: 24
185.17.2.0/24 maxlen: 24
85.209.0.0/24 maxlen: 24
5.252.116.0/24 maxlen: 24
45.89.64.0/24 maxlen: 24
46.17.106.0/24 maxlen: 24
2a0a:9300:1::/48 maxlen: 48
2a0a:9300:aaaa::/48 maxlen: 48
2a0a:9300::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 70435845 (0x432c405)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Mar 18 12:19:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e2d1d9917e293287291d17d0647d39d79385f558
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:eb:8f:ff:bc:3d:d7:38:e3:a6:87:72:23:c3:
23:e5:8c:5f:35:51:71:de:39:01:d0:cc:54:c5:a0:
b7:1d:27:4d:f8:8b:9b:ee:55:7b:bd:d6:ac:0f:ec:
80:d0:14:1e:37:70:1b:68:cc:c1:85:c5:82:d7:05:
41:3b:b4:99:c1:6b:36:c0:0e:b6:35:97:6c:09:44:
1e:08:e6:ec:3e:7f:85:30:cc:33:6c:29:8e:9f:13:
db:53:29:96:49:91:8e:4e:9c:f5:b6:9f:a1:7c:f4:
66:f7:75:17:0f:42:45:42:61:8c:b0:1b:d4:41:e4:
3b:4e:ef:6a:70:ec:99:dc:c3:20:d1:d3:5b:79:d8:
02:63:f3:68:3a:4e:f0:04:59:28:b5:96:35:d2:d6:
5e:23:ed:87:2a:d3:f5:51:e3:2b:fe:51:6f:05:64:
75:d6:49:6f:2d:22:66:50:e5:aa:5f:12:16:42:c1:
92:3a:ca:9d:fb:87:14:9f:b5:92:da:cc:d0:b3:36:
e0:e6:b2:40:3f:61:b5:e1:cd:22:9a:e6:12:0d:28:
95:5d:b5:2b:cb:86:d5:25:15:13:54:3a:d2:ab:f8:
4c:5e:ac:74:a4:fa:4c:b3:ea:60:d2:9d:10:f3:13:
2c:82:27:78:d8:15:9d:4c:87:78:4c:d0:b8:b5:88:
03:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:D1:D9:91:7E:29:32:87:29:1D:17:D0:64:7D:39:D7:93:85:F5:58
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/4tHZkX4pMocpHRfQZH0515OF9Vg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.136.0/22
5.252.116.0/24
45.89.64.0/24
45.133.245.0/24
46.17.106.0/24
85.209.0.0/24
95.214.8.0/24
185.17.2.0/24
185.94.164.0/24
185.94.167.0/24
185.188.181.0/24
IPv6:
2a0a:9300::/32
Signature Algorithm: sha256WithRSAEncryption
48:48:fa:4c:b6:f6:db:f6:92:75:f9:d5:47:67:07:33:af:93:
04:20:00:df:ca:50:51:07:c0:f1:e6:08:97:14:82:5b:6a:31:
03:89:ef:5b:61:a3:81:a3:09:4c:75:d2:1d:de:57:b6:60:36:
58:38:c8:13:a8:a3:5e:f6:f0:c1:98:28:37:87:dc:c3:35:b9:
9f:1a:56:ed:00:7c:8d:40:e5:95:4b:28:50:a0:8c:35:ae:fb:
e1:09:07:b3:cd:73:5a:b6:fc:5c:8b:9b:e5:3e:40:d0:9d:e6:
e6:d6:74:9d:e3:6f:d0:e4:9e:fb:28:9f:57:cd:01:0a:b5:13:
de:c1:8c:6d:b3:4d:d6:44:a3:f9:7a:f4:e3:89:5f:40:74:15:
a3:0f:6b:16:6e:39:87:01:45:f9:55:40:1e:f6:09:3f:ff:99:
0c:78:7b:77:53:b0:3c:2b:d0:d4:a4:ce:ba:27:6a:d4:f2:6e:
43:cd:ae:25:04:60:2a:59:bc:cb:10:54:11:66:70:06:18:0f:
2a:84:e5:ed:ae:f5:0c:8e:7d:8d:b2:5a:f5:48:bc:89:e4:11:
59:01:08:5d:98:35:0d:81:64:cc:09:2e:68:fc:7f:80:bf:45:
6f:97:f4:b6:10:3d:c2:0e:e6:d8:b6:e1:dc:bf:5a:2c:c0:85:
08:b1:d3:07
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIEBDLEBTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NGY5NjM0NWQzZjIyZWRiMzk1ZDI0N2Y3Yjg2ZDJkNzNlNGEwMDkxMB4XDTIyMDMx
ODEyMTkxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTJkMWQ5OTE3ZTI5
MzI4NzI5MWQxN2QwNjQ3ZDM5ZDc5Mzg1ZjU1ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANfrj/+8Pdc446aHciPDI+WMXzVRcd45AdDMVMWgtx0nTfiL
m+5Ve73WrA/sgNAUHjdwG2jMwYXFgtcFQTu0mcFrNsAOtjWXbAlEHgjm7D5/hTDM
M2wpjp8T21MplkmRjk6c9bafoXz0Zvd1Fw9CRUJhjLAb1EHkO07vanDsmdzDINHT
W3nYAmPzaDpO8ARZKLWWNdLWXiPthyrT9VHjK/5RbwVkddZJby0iZlDlql8SFkLB
kjrKnfuHFJ+1ktrM0LM24OayQD9hteHNIprmEg0olV21K8uG1SUVE1Q60qv4TF6s
dKT6TLPqYNKdEPMTLIIneNgVnUyHeEzQuLWIAw0CAwEAAaOCAlQwggJQMB0GA1Ud
DgQWBBTi0dmRfikyhykdF9BkfTnXk4X1WDAfBgNVHSMEGDAWgBS0+WNF0/Iu2zld
JH97htLXPkoAkTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RQbGpSZFB5THRzNVhTUl9lNGJTMXo1S0FKRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzUvOGUxMjFkLTczYjMtNDM4YS04M2M0LTZmYzM0M2Q3N2NkMi8x
LzR0SFprWDRwTW9jcEhSZlFaSDA1MTVPRjlWZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzUv
OGUxMjFkLTczYjMtNDM4YS04M2M0LTZmYzM0M2Q3N2NkMi8xL3RQbGpSZFB5THRz
NVhTUl9lNGJTMXo1S0FKRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBq
BggrBgEFBQcBBwEB/wRbMFkwSAQCAAEwQgMEAgW0iAMEAAX8dAMEAC1ZQAMEAC2F
9QMEAC4RagMEAFXRAAMEAF/WCAMEALkRAgMEALlepAMEALlepwMEALm8tTANBAIA
AjAHAwUAKgqTADANBgkqhkiG9w0BAQsFAAOCAQEASEj6TLb22/aSdfnVR2cHM6+T
BCAA38pQUQfA8eYIlxSCW2oxA4nvW2GjgaMJTHXSHd5XtmA2WDjIE6ijXvbwwZgo
N4fcwzW5nxpW7QB8jUDllUsoUKCMNa774QkHs81zWrb8XIub5T5A0J3m5tZ0neNv
0OSe+yifV80BCrUT3sGMbbNN1kSj+Xr044lfQHQVow9rFm45hwFF+VVAHvYJP/+Z
DHh7d1OwPCvQ1KTOuidq1PJuQ82uJQRgKlm8yxBUEWZwBhgPKoTl7a71DI59jbJa
9Ui8ieQRWQEIXZg1DYFkzAkuaPx/gL9Fb5f0thA9wg7m2Lbh3L9aLMCFCLHTBw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:28 2023 by rpki-client on console-ams.rpki-client.org