Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/oEGcOdAkwXwxmlccyg_zF7aR5RQ.roa
File: oEGcOdAkwXwxmlccyg_zF7aR5RQ.roa (raw, json)
Hash identifier: 6gqPrv9xebu9+rZ2q6NOy2m/C/aqo6ird9ADvFVuMVM=
Subject key identifier: A0:41:9C:39:D0:24:C1:7C:31:9A:57:1C:CA:0F:F3:17:B6:91:E5:14
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 032DFB62
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/oEGcOdAkwXwxmlccyg_zF7aR5RQ.roa
Signing time: Sat 01 Jan 2022 16:04:27 +0000
ROA not before: Sat 01 Jan 2022 16:04:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200740
IP address blocks: 45.9.72.0/24 maxlen: 24
91.217.76.0/24 maxlen: 24
185.103.254.0/24 maxlen: 24
185.117.119.0/24 maxlen: 24
185.103.255.0/24 maxlen: 24
185.103.254.0/23 maxlen: 23
194.36.178.0/23 maxlen: 23
46.17.105.0/24 maxlen: 24
2a04:5201:4::/48 maxlen: 48
2a04:5200:68::/48 maxlen: 48
2a04:5201:6::/48 maxlen: 48
2a04:5201:2::/48 maxlen: 48
2a04:5201:7::/48 maxlen: 48
2a04:5201:8018::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 53345122 (0x32dfb62)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Jan 1 16:04:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a0419c39d024c17c319a571cca0ff317b691e514
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:b2:fb:30:7a:23:2d:64:cf:a4:5b:cd:80:7e:
e2:af:06:be:48:73:a5:d4:c8:06:69:0d:3d:93:a2:
c1:9f:5f:56:5e:88:2d:4e:e8:3b:69:2a:95:0b:e8:
a9:24:10:ee:cf:d0:0d:5a:81:6f:04:25:0f:16:d0:
64:d7:89:de:d5:f0:56:52:93:70:ec:e9:bf:2c:85:
33:4b:86:b9:c2:ac:5b:a4:ed:18:4f:32:95:d2:d7:
d1:c6:c3:bd:73:70:ac:1d:65:48:ea:39:de:6c:05:
a9:2d:53:9a:88:6c:a6:44:96:6d:92:c4:67:df:fd:
cc:80:4b:41:91:55:25:99:fa:29:37:85:88:ac:a8:
17:3a:7a:1a:ce:89:09:6b:2e:c8:67:79:8a:eb:8a:
1e:33:f5:67:a3:8a:b9:52:bb:30:bf:f3:66:af:24:
20:8a:e0:ce:f4:dd:3d:81:8d:a5:26:70:63:8a:ad:
ae:2b:f1:a4:cf:fb:a6:e6:a9:87:b3:c5:a4:24:85:
a8:89:4e:06:c7:a1:2d:0b:c2:99:18:00:92:34:82:
67:c8:2b:b4:56:86:cd:50:11:a1:da:4f:1d:b8:52:
e9:a5:74:95:37:dc:db:93:c5:f5:71:94:b0:e8:8f:
cf:82:92:b5:00:ed:7b:03:b8:ae:4c:d3:cf:d1:26:
57:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:41:9C:39:D0:24:C1:7C:31:9A:57:1C:CA:0F:F3:17:B6:91:E5:14
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/oEGcOdAkwXwxmlccyg_zF7aR5RQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.72.0/24
46.17.105.0/24
91.217.76.0/24
185.103.254.0/23
185.117.119.0/24
194.36.178.0/23
IPv6:
2a04:5200:68::/48
2a04:5201:2::/48
2a04:5201:4::/48
2a04:5201:6::/47
2a04:5201:8018::/48
Signature Algorithm: sha256WithRSAEncryption
b0:b0:2b:61:46:6c:bd:67:7e:23:3b:3e:46:46:f0:8b:11:b9:
04:2c:61:87:93:95:89:94:31:0f:4a:c3:23:02:d2:a8:48:c8:
3d:b9:ad:82:33:31:98:0b:73:47:ff:c8:25:1e:e5:0b:d4:24:
4b:85:9b:62:f5:00:f5:24:f9:be:5e:ad:ed:f2:53:e0:66:ca:
c3:fd:64:5e:b7:21:39:07:c7:6d:ae:d0:70:ee:b2:30:6c:7d:
b8:94:77:5b:2c:d3:ad:7f:08:d9:e2:00:48:7d:5e:3d:cb:78:
cb:ce:a6:52:7c:6b:f4:dd:02:13:3a:79:0a:24:4c:39:3a:c4:
cb:c0:ff:49:99:ed:64:f3:05:ae:c1:b4:a9:07:2b:57:c9:56:
99:fb:5e:88:bc:2d:49:c7:95:af:a7:a6:28:5a:ba:0f:b3:31:
e5:23:24:17:2f:75:08:49:cc:87:78:3b:5c:39:8c:27:40:24:
37:ed:87:76:76:c4:45:f7:0d:b6:fa:e3:36:4c:a7:2e:a4:2a:
be:89:da:8c:fb:b9:d7:90:58:a2:8d:8a:e5:4d:0f:58:96:d9:
fc:fc:5a:7b:52:58:69:9f:54:05:de:21:ed:7b:ba:ec:c4:59:
b0:8c:79:d1:05:b9:c0:69:a5:52:73:d4:83:05:d3:c6:77:ae:
0c:1f:4e:af
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgIEAy37YjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NGY5NjM0NWQzZjIyZWRiMzk1ZDI0N2Y3Yjg2ZDJkNzNlNGEwMDkxMB4XDTIyMDEw
MTE2MDQyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTA0MTljMzlkMDI0
YzE3YzMxOWE1NzFjY2EwZmYzMTdiNjkxZTUxNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMqy+zB6Iy1kz6RbzYB+4q8GvkhzpdTIBmkNPZOiwZ9fVl6I
LU7oO2kqlQvoqSQQ7s/QDVqBbwQlDxbQZNeJ3tXwVlKTcOzpvyyFM0uGucKsW6Tt
GE8yldLX0cbDvXNwrB1lSOo53mwFqS1TmohspkSWbZLEZ9/9zIBLQZFVJZn6KTeF
iKyoFzp6Gs6JCWsuyGd5iuuKHjP1Z6OKuVK7ML/zZq8kIIrgzvTdPYGNpSZwY4qt
rivxpM/7puaph7PFpCSFqIlOBsehLQvCmRgAkjSCZ8grtFaGzVARodpPHbhS6aV0
lTfc25PF9XGUsOiPz4KStQDtewO4rkzTz9EmV98CAwEAAaOCAlwwggJYMB0GA1Ud
DgQWBBSgQZw50CTBfDGaVxzKD/MXtpHlFDAfBgNVHSMEGDAWgBS0+WNF0/Iu2zld
JH97htLXPkoAkTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RQbGpSZFB5THRzNVhTUl9lNGJTMXo1S0FKRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzUvOGUxMjFkLTczYjMtNDM4YS04M2M0LTZmYzM0M2Q3N2NkMi8x
L29FR2NPZEFrd1h3eG1sY2N5Z196RjdhUjVSUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzUv
OGUxMjFkLTczYjMtNDM4YS04M2M0LTZmYzM0M2Q3N2NkMi8xL3RQbGpSZFB5THRz
NVhTUl9lNGJTMXo1S0FKRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBy
BggrBgEFBQcBBwEB/wRjMGEwKgQCAAEwJAMEAC0JSAMEAC4RaQMEAFvZTAMEAbln
/gMEALl1dwMEAcIksjAzBAIAAjAtAwcAKgRSAABoAwcAKgRSAQACAwcAKgRSAQAE
AwcBKgRSAQAGAwcAKgRSAYAYMA0GCSqGSIb3DQEBCwUAA4IBAQCwsCthRmy9Z34j
Oz5GRvCLEbkELGGHk5WJlDEPSsMjAtKoSMg9ua2CMzGYC3NH/8glHuUL1CRLhZti
9QD1JPm+Xq3t8lPgZsrD/WRetyE5B8dtrtBw7rIwbH24lHdbLNOtfwjZ4gBIfV49
y3jLzqZSfGv03QITOnkKJEw5OsTLwP9Jme1k8wWuwbSpBytXyVaZ+16IvC1Jx5Wv
p6YoWroPszHlIyQXL3UIScyHeDtcOYwnQCQ37Yd2dsRF9w22+uM2TKcupCq+idqM
+7nXkFiijYrlTQ9Yltn8/Fp7Ulhpn1QF3iHte7rsxFmwjHnRBbnAaaVSc9SDBdPG
d64MH06v
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:29 2023 by rpki-client on console-ams.rpki-client.org