Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/cjOPH4gP22GEyavfItyxNL9XFsQ.roa
File: cjOPH4gP22GEyavfItyxNL9XFsQ.roa (raw, json)
Hash identifier: 605UUPaw/Oj/ySGH1EH7A4kcg6M1In0v2wqm6qoE/Oc=
Subject key identifier: 72:33:8F:1F:88:0F:DB:61:84:C9:AB:DF:22:DC:B1:34:BF:57:16:C4
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 0183548D44E793DA649C670D25BC82A2D0C9
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/cjOPH4gP22GEyavfItyxNL9XFsQ.roa
Signing time: Mon 19 Sep 2022 07:01:27 +0000
ROA not before: Mon 19 Sep 2022 07:01:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 28753
IP address blocks: 185.172.130.0/24 maxlen: 24
185.172.131.0/24 maxlen: 24
185.94.166.0/24 maxlen: 24
91.103.253.0/24 maxlen: 24
185.125.51.0/24 maxlen: 24
45.138.72.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:54:8d:44:e7:93:da:64:9c:67:0d:25:bc:82:a2:d0:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Sep 19 07:01:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=72338f1f880fdb6184c9abdf22dcb134bf5716c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:23:d2:c3:b6:af:dc:2a:d3:1a:7e:f8:7b:90:
86:30:73:0d:bb:b6:05:ed:90:8f:56:ee:47:75:0b:
5b:29:49:24:5c:70:0f:4b:b6:75:ad:2c:0a:2e:af:
1d:98:2a:af:0a:7b:d0:65:a2:bc:7d:44:1c:0d:ec:
b2:3a:60:8b:19:73:d3:b2:fd:4c:b2:bf:bc:38:d7:
d5:5d:9c:28:d4:50:60:0e:7f:d0:f0:f9:aa:c5:7b:
ff:9c:8f:a1:a3:eb:ba:0d:05:40:65:fc:43:ca:72:
47:8e:f9:5f:69:39:57:16:fa:49:f8:0a:69:55:54:
99:80:56:2c:00:90:59:58:4d:cb:e8:15:26:26:d2:
5c:0c:d2:b8:8a:56:53:d8:55:c9:a1:e5:5b:5b:52:
90:b6:e4:80:64:08:01:0c:36:d7:db:3c:cf:49:05:
ce:dc:d5:2e:a2:b7:cf:83:9e:dd:dc:e4:c2:ff:bc:
38:43:85:61:f0:b1:c2:99:17:d9:47:33:b2:b5:17:
ed:8a:2d:88:df:83:7a:f2:bb:35:83:c7:56:39:e8:
d8:b0:b4:35:e2:6d:26:db:bd:b6:27:f2:8b:6d:c1:
65:37:0a:e3:70:12:4f:63:41:7b:ef:46:46:5a:40:
24:c1:70:ef:ce:3a:b4:d3:c7:a3:60:6e:a2:e7:dc:
da:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:33:8F:1F:88:0F:DB:61:84:C9:AB:DF:22:DC:B1:34:BF:57:16:C4
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/cjOPH4gP22GEyavfItyxNL9XFsQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.138.72.0/24
91.103.253.0/24
185.94.166.0/24
185.125.51.0/24
185.172.130.0/23
Signature Algorithm: sha256WithRSAEncryption
0d:8e:27:30:c5:33:80:c7:3b:13:82:3d:74:5b:4f:76:2e:7c:
54:72:b0:19:4a:e9:7c:db:3f:c5:e5:7a:82:cb:ea:44:f1:b0:
06:f4:f8:dc:c5:0c:26:2d:ec:e7:08:f5:62:e5:9d:df:1e:98:
d0:46:b1:55:c7:03:81:e9:6f:3e:a6:5f:28:98:62:29:cb:62:
bd:65:2f:7e:7c:be:05:63:5a:d3:51:eb:fe:3d:94:55:38:6f:
76:ee:f7:d2:a3:cc:51:8f:2a:9a:c4:43:82:15:58:a5:99:44:
3d:a5:38:1f:8e:4a:a0:a9:38:c7:f8:c9:8f:29:13:78:60:74:
03:9d:d9:00:d3:8e:00:e1:bc:3c:58:21:24:ca:51:4b:79:54:
e5:32:28:36:a0:0c:3e:de:a9:fa:94:99:b4:bf:d0:10:12:fd:
90:32:55:6f:09:80:4b:63:c4:e8:94:93:86:a4:83:b7:d0:49:
3a:4b:66:3c:fa:8a:b5:33:75:6a:74:58:71:c3:48:dd:f8:11:
28:d7:62:d6:7b:61:ae:38:55:3c:8e:b0:a9:ea:63:75:cb:c0:
fb:cd:a4:40:ab:ea:24:8f:7c:0b:cc:8d:e7:58:d7:44:50:b9:
9a:a9:44:0c:34:34:45:93:9e:33:d4:ff:c6:fd:4c:a9:38:71:
7d:0e:f2:03
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYNUjUTnk9pknGcNJbyCotDJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjIwOTE5MDcwMTI3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjMzOGYxZjg4MGZkYjYxODRjOWFiZGYyMmRjYjEzNGJmNTcxNmM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvyPSw7av3CrTGn74e5CGMHMNu7YF
7ZCPVu5HdQtbKUkkXHAPS7Z1rSwKLq8dmCqvCnvQZaK8fUQcDeyyOmCLGXPTsv1M
sr+8ONfVXZwo1FBgDn/Q8PmqxXv/nI+ho+u6DQVAZfxDynJHjvlfaTlXFvpJ+App
VVSZgFYsAJBZWE3L6BUmJtJcDNK4ilZT2FXJoeVbW1KQtuSAZAgBDDbX2zzPSQXO
3NUuorfPg57d3OTC/7w4Q4Vh8LHCmRfZRzOytRftii2I34N68rs1g8dWOejYsLQ1
4m0m2722J/KLbcFlNwrjcBJPY0F770ZGWkAkwXDvzjq008ejYG6i59zaNwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFHIzjx+ID9thhMmr3yLcsTS/VxbEMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvY2pPUEg0Z1AyMkdFeWF2Zkl0eXhOTDlYRnNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALYpIAwQA
W2f9AwQAuV6mAwQAuX0zAwQBuayCMA0GCSqGSIb3DQEBCwUAA4IBAQANjicwxTOA
xzsTgj10W092LnxUcrAZSul82z/F5XqCy+pE8bAG9PjcxQwmLeznCPVi5Z3fHpjQ
RrFVxwOB6W8+pl8omGIpy2K9ZS9+fL4FY1rTUev+PZRVOG927vfSo8xRjyqaxEOC
FVilmUQ9pTgfjkqgqTjH+MmPKRN4YHQDndkA044A4bw8WCEkylFLeVTlMig2oAw+
3qn6lJm0v9AQEv2QMlVvCYBLY8TolJOGpIO30Ek6S2Y8+oq1M3VqdFhxw0jd+BEo
12LWe2GuOFU8jrCp6mN1y8D7zaRAq+okj3wLzI3nWNdEULmaqUQMNDRFk54z1P/G
/UypOHF9DvID
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:08 2024 by rpki-client on console-fra.rpki-client.org