Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/kdKzi3V6ylHZTUphOU7lSe4Ifl4.roa
File: kdKzi3V6ylHZTUphOU7lSe4Ifl4.roa (raw, json)
Hash identifier: jiShOAQJr1TUiSJPNOFYJgR/+aTtWM3RQcZmNuWmShs=
Subject key identifier: 91:D2:B3:8B:75:7A:CA:51:D9:4D:4A:61:39:4E:E5:49:EE:08:7E:5E
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 0183C1274B19CA94390DF2D5DA8E7502AD03
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/kdKzi3V6ylHZTUphOU7lSe4Ifl4.roa
Signing time: Mon 10 Oct 2022 09:08:41 +0000
ROA not before: Mon 10 Oct 2022 09:08:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204339
IP address blocks: 45.133.246.0/24 maxlen: 24
45.95.200.0/24 maxlen: 24
2a0d:2dc2::/32 maxlen: 32
2a0b:da01::/32 maxlen: 32
2a0c:aa42::/32 maxlen: 32
2a0b:7782::/32 maxlen: 32
2a0d:2dc1::/32 maxlen: 32
2a0c:aa41::/32 maxlen: 32
2a0b:7781::/32 maxlen: 32
2a0b:da02::/32 maxlen: 32
2a0d:2dc0::/32 maxlen: 32
2a0b:da03::/32 maxlen: 32
2a0b:da00::/32 maxlen: 32
2a0c:aa46::/32 maxlen: 32
2a0b:7786::/32 maxlen: 32
2a0d:2dc3::/32 maxlen: 32
2a0c:aa43::/32 maxlen: 32
2a0b:da06::/32 maxlen: 32
2a0b:7783::/32 maxlen: 32
2a0c:aa40::/32 maxlen: 32
2a0b:7780::/32 maxlen: 32
2a0d:2dc6::/32 maxlen: 32
2a0b:da04::/32 maxlen: 32
2a0d:2dc5::/32 maxlen: 32
2a0c:aa45::/32 maxlen: 32
2a0b:7785::/32 maxlen: 32
2a0d:2dc7::/32 maxlen: 32
2a0b:7784::/32 maxlen: 32
2a0b:da05::/32 maxlen: 32
2a0c:aa44::/32 maxlen: 32
2a0b:7787::/32 maxlen: 32
2a0c:aa47::/32 maxlen: 32
2a0d:2dc4::/32 maxlen: 32
2a0b:da07::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:c1:27:4b:19:ca:94:39:0d:f2:d5:da:8e:75:02:ad:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Oct 10 09:08:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=91d2b38b757aca51d94d4a61394ee549ee087e5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:5e:7c:59:95:2d:52:d2:85:1b:a7:19:3a:34:
7c:e1:72:e2:86:58:f3:15:08:38:bf:50:cd:0b:c0:
6c:51:dd:86:5b:0a:06:e6:7d:e1:37:7d:8f:a7:4a:
5c:60:6f:b3:c7:66:d9:9d:f4:88:ee:5f:e4:e0:ed:
9b:1d:a2:80:5a:ac:c0:51:4a:e6:68:ec:b3:f5:6f:
c1:3d:61:6b:ee:a1:f3:ff:b4:ba:ca:a7:f0:0d:c1:
70:a1:8c:cd:41:56:27:0b:04:92:72:2e:37:4b:ef:
7f:63:4b:48:b0:f7:ec:15:d4:2f:eb:4e:cb:e2:d1:
57:1a:52:1c:7f:75:7a:9f:81:4c:14:f4:cd:d8:34:
23:fe:7e:51:6d:44:c6:8a:ff:81:97:e4:07:f0:59:
bb:fc:b3:ff:e4:0b:af:a6:06:6a:5a:da:14:12:20:
cd:b1:78:77:27:80:e1:37:75:d5:f3:05:6d:03:22:
ff:ef:93:63:0a:98:94:0e:d5:80:78:4d:ab:b5:ef:
6c:3f:20:0f:12:3e:4e:9d:90:63:3d:b4:f5:4f:87:
fc:95:66:cc:6a:60:3b:c4:ca:8d:04:c6:f8:7e:e7:
bb:77:67:00:c6:90:58:e3:ca:34:a1:78:54:06:32:
9a:8c:2c:c6:64:00:55:ea:e0:20:83:4a:13:55:9a:
d7:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:D2:B3:8B:75:7A:CA:51:D9:4D:4A:61:39:4E:E5:49:EE:08:7E:5E
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/kdKzi3V6ylHZTUphOU7lSe4Ifl4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.200.0/24
45.133.246.0/24
IPv6:
2a0b:7780::/29
2a0b:da00::/29
2a0c:aa40::/29
2a0d:2dc0::/29
Signature Algorithm: sha256WithRSAEncryption
77:06:e7:f8:01:b9:cc:45:ab:79:49:ff:0c:9b:0f:fc:3a:05:
46:c9:22:d5:5a:11:f2:f4:0a:84:0e:ae:2a:c7:fc:00:95:a6:
d9:53:69:2c:af:db:d5:ff:54:82:c5:64:1e:6d:cd:93:a8:cf:
54:aa:3d:2b:d4:e6:b6:00:56:97:e7:68:a9:a0:4b:cc:77:8e:
76:43:bf:30:d2:cc:e9:b4:37:fb:cf:51:bb:f2:d4:80:e7:84:
af:d7:ed:0b:be:8b:d7:20:a3:ff:89:38:ff:8e:6f:0d:20:a1:
8f:f1:29:b6:40:24:53:65:ad:7b:20:e2:2f:da:71:a7:f3:be:
0b:c1:7b:f8:83:2c:b1:db:0b:2b:a4:37:c6:bf:a0:2d:d9:29:
61:01:6d:e9:55:3c:c8:63:e3:b2:d6:cb:7b:29:52:9c:d5:84:
06:4e:40:80:16:c3:08:6d:0f:0e:8e:66:14:8d:92:ef:9a:2d:
25:a3:18:17:34:4e:b0:b6:6b:40:fa:ae:2f:0f:20:72:75:0d:
56:c8:9a:75:a4:ee:a3:76:0f:a4:df:e9:3c:66:06:aa:d7:fb:
b6:60:1a:1d:18:c1:27:f3:54:47:90:61:17:e2:c4:3a:17:eb:
b5:54:86:04:8d:47:0d:e6:98:e2:d2:76:25:0c:e9:c2:5a:0a:
c1:f4:9d:55
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYPBJ0sZypQ5DfLV2o51Aq0DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjIxMDEwMDkwODQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWQyYjM4Yjc1N2FjYTUxZDk0ZDRhNjEzOTRlZTU0OWVlMDg3ZTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtF58WZUtUtKFG6cZOjR84XLihljz
FQg4v1DNC8BsUd2GWwoG5n3hN32Pp0pcYG+zx2bZnfSI7l/k4O2bHaKAWqzAUUrm
aOyz9W/BPWFr7qHz/7S6yqfwDcFwoYzNQVYnCwSSci43S+9/Y0tIsPfsFdQv607L
4tFXGlIcf3V6n4FMFPTN2DQj/n5RbUTGiv+Bl+QH8Fm7/LP/5AuvpgZqWtoUEiDN
sXh3J4DhN3XV8wVtAyL/75NjCpiUDtWAeE2rte9sPyAPEj5OnZBjPbT1T4f8lWbM
amA7xMqNBMb4fue7d2cAxpBY48o0oXhUBjKajCzGZABV6uAgg0oTVZrXwwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFJHSs4t1espR2U1KYTlO5UnuCH5eMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEva2RLemkzVjZ5bEhaVFVwaE9VN2xTZTRJZmw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODASBAIAATAMAwQALV/IAwQA
LYX2MCIEAgACMBwDBQMqC3eAAwUDKgvaAAMFAyoMqkADBQMqDS3AMA0GCSqGSIb3
DQEBCwUAA4IBAQB3Buf4AbnMRat5Sf8Mmw/8OgVGySLVWhHy9AqEDq4qx/wAlabZ
U2ksr9vV/1SCxWQebc2TqM9Uqj0r1Oa2AFaX52ipoEvMd452Q78w0szptDf7z1G7
8tSA54Sv1+0LvovXIKP/iTj/jm8NIKGP8Sm2QCRTZa17IOIv2nGn874LwXv4gyyx
2wsrpDfGv6At2SlhAW3pVTzIY+Oy1st7KVKc1YQGTkCAFsMIbQ8OjmYUjZLvmi0l
oxgXNE6wtmtA+q4vDyBydQ1WyJp1pO6jdg+k3+k8Zgaq1/u2YBodGMEn81RHkGEX
4sQ6F+u1VIYEjUcN5pji0nYlDOnCWgrB9J1V
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:10 2024 by rpki-client on console-ams.rpki-client.org