Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/mB3I44PUbiCzbaqLnGB6Rw86gSI.roa
File: mB3I44PUbiCzbaqLnGB6Rw86gSI.roa (raw, json)
Hash identifier: L9oyItwePtldaQej9fMLg+1BCZaLrNOFZZWlbbVi61U=
Subject key identifier: 98:1D:C8:E3:83:D4:6E:20:B3:6D:AA:8B:9C:60:7A:47:0F:3A:81:22
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 0435F016
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/mB3I44PUbiCzbaqLnGB6Rw86gSI.roa
Signing time: Sat 19 Mar 2022 08:40:06 +0000
ROA not before: Sat 19 Mar 2022 08:40:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205090
IP address blocks: 185.112.101.0/24 maxlen: 24
185.112.102.0/24 maxlen: 24
185.112.103.0/24 maxlen: 24
45.9.73.0/24 maxlen: 24
45.9.75.0/24 maxlen: 24
193.162.143.0/24 maxlen: 24
185.105.90.0/24 maxlen: 24
185.105.91.0/24 maxlen: 24
185.105.88.0/24 maxlen: 24
185.105.89.0/24 maxlen: 24
185.221.162.0/24 maxlen: 24
45.95.202.0/24 maxlen: 24
45.95.203.0/24 maxlen: 24
45.90.216.0/24 maxlen: 24
45.90.217.0/24 maxlen: 24
45.90.218.0/24 maxlen: 24
45.90.219.0/24 maxlen: 24
84.252.73.0/24 maxlen: 24
84.252.74.0/24 maxlen: 24
84.252.75.0/24 maxlen: 24
185.128.105.0/24 maxlen: 24
45.89.65.0/24 maxlen: 24
85.209.2.0/24 maxlen: 24
185.103.109.0/24 maxlen: 24
185.128.106.0/24 maxlen: 24
185.128.107.0/24 maxlen: 24
193.168.227.0/24 maxlen: 24
185.217.198.0/24 maxlen: 24
185.217.199.0/24 maxlen: 24
2a09:5302::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 70643734 (0x435f016)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Mar 19 08:40:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=981dc8e383d46e20b36daa8b9c607a470f3a8122
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:c8:29:43:ac:47:56:49:fa:4b:3c:f5:11:37:
c6:dd:a1:a5:ae:2d:32:ef:a3:e4:f0:50:99:1f:6d:
03:61:76:7e:ec:79:08:bb:b9:01:45:6a:30:09:22:
be:0a:64:be:9c:68:e1:e7:c1:53:40:04:ca:7f:ff:
1a:69:f1:90:87:c6:92:3a:1e:f9:98:91:7e:69:54:
96:40:85:a4:2d:f7:bc:2f:08:50:b8:30:b7:54:8e:
c2:6b:50:56:33:fe:a0:80:79:1e:62:d3:80:57:c9:
cb:47:90:0d:31:4d:c1:12:4e:96:16:9b:fc:04:28:
c4:66:e6:84:29:16:1e:9d:9e:70:9d:e6:77:3f:e2:
0d:05:de:74:fc:fc:7e:e7:d9:0e:5f:67:c9:25:cd:
63:93:25:3c:b0:28:cd:b1:77:46:df:a4:23:c3:81:
21:03:02:ed:5f:9f:ec:16:0d:e6:67:85:c3:da:51:
79:c2:33:b1:12:62:bd:56:66:ea:8c:c5:12:a0:3a:
ef:af:e2:16:46:50:4f:ee:54:3a:02:ca:90:02:eb:
dd:44:f5:bb:2d:6f:c8:53:82:0f:17:7b:da:cb:c6:
8f:08:90:a7:96:e6:bf:6e:b8:ab:19:79:f1:ea:c0:
e5:d0:b2:05:36:b1:ab:4b:e8:f2:bb:6d:a7:6b:21:
5f:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:1D:C8:E3:83:D4:6E:20:B3:6D:AA:8B:9C:60:7A:47:0F:3A:81:22
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/mB3I44PUbiCzbaqLnGB6Rw86gSI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.73.0/24
45.9.75.0/24
45.89.65.0/24
45.90.216.0/22
45.95.202.0/23
84.252.73.0-84.252.75.255
85.209.2.0/24
185.103.109.0/24
185.105.88.0/22
185.112.101.0-185.112.103.255
185.128.105.0-185.128.107.255
185.217.198.0/23
185.221.162.0/24
193.162.143.0/24
193.168.227.0/24
IPv6:
2a09:5302::/32
Signature Algorithm: sha256WithRSAEncryption
3c:c0:51:3f:da:ba:1f:60:9e:36:00:6b:34:b2:5e:04:12:7e:
45:37:9b:22:89:e7:14:e6:a3:52:d4:5b:d2:75:db:6b:4e:04:
72:ea:49:2f:16:32:e2:e3:b8:12:bf:99:51:72:e7:09:3a:db:
18:62:36:50:75:c0:8d:24:08:b3:57:25:10:bc:43:52:63:76:
66:a8:67:8c:ff:76:d0:fc:96:31:af:87:b5:5c:85:b9:4d:10:
fb:8d:48:4a:a0:47:96:8c:5c:a4:14:72:a8:39:05:0a:4a:f4:
94:b5:4e:15:19:ef:80:a3:ba:db:64:ef:5e:ba:fc:a0:5a:1e:
57:ff:48:90:27:d5:43:a7:73:55:de:13:97:b2:5c:87:00:fc:
58:73:ce:3b:73:94:63:b1:fb:13:6b:b1:9e:f3:95:42:76:71:
4e:f8:2e:50:2e:45:6f:98:b1:27:41:75:2c:72:ba:d8:ea:f1:
59:8c:09:fb:b2:73:43:db:df:81:4c:55:8d:37:62:07:7a:f8:
7c:87:e3:b6:c7:56:b8:08:29:26:39:ca:71:43:a6:89:cc:e1:
c2:b6:1d:67:8e:ee:a6:1a:c3:75:3d:ec:ae:5e:08:59:49:1b:
53:4a:49:8a:01:41:94:00:07:42:24:39:e6:6f:b5:63:13:37:
d3:2a:17:ca
-----BEGIN CERTIFICATE-----
MIIFbTCCBFWgAwIBAgIEBDXwFjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NGY5NjM0NWQzZjIyZWRiMzk1ZDI0N2Y3Yjg2ZDJkNzNlNGEwMDkxMB4XDTIyMDMx
OTA4NDAwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTgxZGM4ZTM4M2Q0
NmUyMGIzNmRhYThiOWM2MDdhNDcwZjNhODEyMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALHIKUOsR1ZJ+ks89RE3xt2hpa4tMu+j5PBQmR9tA2F2fux5
CLu5AUVqMAkivgpkvpxo4efBU0AEyn//GmnxkIfGkjoe+ZiRfmlUlkCFpC33vC8I
ULgwt1SOwmtQVjP+oIB5HmLTgFfJy0eQDTFNwRJOlhab/AQoxGbmhCkWHp2ecJ3m
dz/iDQXedPz8fufZDl9nySXNY5MlPLAozbF3Rt+kI8OBIQMC7V+f7BYN5meFw9pR
ecIzsRJivVZm6ozFEqA676/iFkZQT+5UOgLKkALr3UT1uy1vyFOCDxd72svGjwiQ
p5bmv264qxl58erA5dCyBTaxq0vo8rttp2shXzsCAwEAAaOCAocwggKDMB0GA1Ud
DgQWBBSYHcjjg9RuILNtqoucYHpHDzqBIjAfBgNVHSMEGDAWgBS0+WNF0/Iu2zld
JH97htLXPkoAkTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RQbGpSZFB5THRzNVhTUl9lNGJTMXo1S0FKRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzUvOGUxMjFkLTczYjMtNDM4YS04M2M0LTZmYzM0M2Q3N2NkMi8x
L21CM0k0NFBVYmlDemJhcUxuR0I2Unc4NmdTSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzUv
OGUxMjFkLTczYjMtNDM4YS04M2M0LTZmYzM0M2Q3N2NkMi8xL3RQbGpSZFB5THRz
NVhTUl9lNGJTMXo1S0FKRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
nAYIKwYBBQUHAQcBAf8EgYwwgYkweAQCAAEwcgMEAC0JSQMEAC0JSwMEAC1ZQQME
Ai1a2AMEAS1fyjAMAwQAVPxJAwQCVPxIAwQAVdECAwQAuWdtAwQCuWlYMAwDBAC5
cGUDBAO5cGAwDAMEALmAaQMEArmAaAMEAbnZxgMEALndogMEAMGijwMEAMGo4zAN
BAIAAjAHAwUAKglTAjANBgkqhkiG9w0BAQsFAAOCAQEAPMBRP9q6H2CeNgBrNLJe
BBJ+RTebIonnFOajUtRb0nXba04EcupJLxYy4uO4Er+ZUXLnCTrbGGI2UHXAjSQI
s1clELxDUmN2ZqhnjP920PyWMa+HtVyFuU0Q+41ISqBHloxcpBRyqDkFCkr0lLVO
FRnvgKO622TvXrr8oFoeV/9IkCfVQ6dzVd4Tl7JchwD8WHPOO3OUY7H7E2uxnvOV
QnZxTvguUC5Fb5ixJ0F1LHK62OrxWYwJ+7JzQ9vfgUxVjTdiB3r4fIfjtsdWuAgp
JjnKcUOmiczhwrYdZ47uphrDdT3srl4IWUkbU0pJigFBlAAHQiQ55m+1YxM30yoX
yg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:38 2023 by rpki-client on console-fra.rpki-client.org