Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/rrrlTTbzSOS2zOnRfp795VLxbS0.roa
File: rrrlTTbzSOS2zOnRfp795VLxbS0.roa (raw, json)
Hash identifier: 0vh9stBJ2NE+a+s/OTQ32QYk+YA2VnAWoA3wHhxZwhw=
Subject key identifier: AE:BA:E5:4D:36:F3:48:E4:B6:CC:E9:D1:7E:9E:FD:E5:52:F1:6D:2D
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 0442A6C0
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/rrrlTTbzSOS2zOnRfp795VLxbS0.roa
Signing time: Mon 21 Mar 2022 14:38:19 +0000
ROA not before: Mon 21 Mar 2022 14:38:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209242
IP address blocks: 185.174.138.0/24 maxlen: 24
5.252.118.0/24 maxlen: 24
45.8.211.0/24 maxlen: 24
185.109.21.0/24 maxlen: 24
45.133.246.0/24 maxlen: 24
45.133.247.0/24 maxlen: 24
194.53.55.0/24 maxlen: 24
194.53.53.0/24 maxlen: 24
185.221.160.0/24 maxlen: 24
185.221.161.0/24 maxlen: 24
45.142.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 71476928 (0x442a6c0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Mar 21 14:38:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=aebae54d36f348e4b6cce9d17e9efde552f16d2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:8b:3d:a5:5b:36:c6:20:a8:ba:80:db:bc:dc:
7c:38:64:d9:26:ee:4c:15:66:59:f5:9a:0a:f9:6b:
0e:59:ad:6e:38:b4:0a:b6:48:29:5d:55:42:b5:5d:
a5:e7:05:53:2a:2d:9e:39:95:41:87:01:9c:ea:4f:
61:24:48:b6:d0:7f:77:ba:8c:54:a1:de:f3:0e:96:
02:e0:87:72:79:69:0c:dc:7a:a0:dc:72:00:37:3c:
7c:2c:38:77:fc:26:ce:3e:cc:2c:2d:a9:7e:69:40:
0e:84:28:ad:21:de:36:79:b7:13:eb:83:60:93:b8:
50:78:b2:80:58:27:b5:3f:78:5a:47:5f:45:29:35:
bd:15:e3:05:ba:f7:ee:e0:af:7d:b6:7c:a2:d7:22:
54:ae:b4:e2:ec:be:de:0f:28:72:de:5c:3e:b7:05:
a7:25:50:68:d3:a1:b7:fb:4a:66:d2:7a:29:d9:09:
7a:53:e3:af:c0:05:4f:79:33:44:58:75:81:e1:d5:
51:ed:38:a4:ba:cc:15:1e:b0:e8:ac:e7:14:cd:a7:
43:6a:96:39:b7:0c:2f:07:c8:db:91:6c:20:89:56:
62:16:d8:41:a6:54:09:03:f9:a6:d5:05:bd:95:61:
22:96:9f:a6:3d:ad:b4:b6:df:a5:ec:d2:9f:c6:a6:
57:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:BA:E5:4D:36:F3:48:E4:B6:CC:E9:D1:7E:9E:FD:E5:52:F1:6D:2D
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/rrrlTTbzSOS2zOnRfp795VLxbS0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.118.0/24
45.8.211.0/24
45.133.246.0/23
45.142.120.0/24
185.109.21.0/24
185.174.138.0/24
185.221.160.0/23
194.53.53.0/24
194.53.55.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:04:d5:66:58:ba:fb:90:60:bf:7a:47:a7:b0:2e:d2:8b:20:
32:66:6f:cf:e2:0d:f6:fa:b3:eb:29:a4:cf:ff:f2:fc:8d:ba:
10:ce:23:9c:3e:4e:7e:b5:1b:f6:23:f9:55:da:f7:bf:20:3c:
e7:79:40:99:c8:b7:ef:77:bf:34:eb:bc:92:03:92:2c:4e:8a:
54:36:bf:45:10:b3:a4:5f:25:e1:c1:1d:11:7c:99:1a:85:e1:
3d:db:99:b3:43:b8:83:0e:ac:0f:d4:d6:ff:60:a1:49:84:4e:
b2:f7:69:96:b7:73:7b:7b:19:91:22:3b:09:01:7d:99:9f:d4:
ac:38:18:25:6e:91:b1:9f:6c:2a:b9:85:5a:36:e5:a8:76:fc:
9a:e1:19:54:87:ed:6a:0e:d0:90:5b:83:b3:96:67:ca:c7:77:
89:fa:f5:97:1f:bb:e5:bb:d6:6c:93:f1:4b:24:18:61:82:b9:
68:bd:92:6a:e7:21:12:cc:5b:92:27:02:b8:42:3a:ed:59:e9:
86:9a:08:11:c0:64:1e:c3:9d:1c:f4:0b:94:15:54:3a:27:bd:
39:fe:39:8b:44:b7:21:ec:90:3b:d4:7b:97:d4:55:fd:ef:2a:
51:b1:ae:57:ef:a3:41:8e:1e:8b:fe:8f:28:12:02:ac:39:05:
06:a7:bb:a0
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgIEBEKmwDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NGY5NjM0NWQzZjIyZWRiMzk1ZDI0N2Y3Yjg2ZDJkNzNlNGEwMDkxMB4XDTIyMDMy
MTE0MzgxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWViYWU1NGQzNmYz
NDhlNGI2Y2NlOWQxN2U5ZWZkZTU1MmYxNmQyZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANmLPaVbNsYgqLqA27zcfDhk2SbuTBVmWfWaCvlrDlmtbji0
CrZIKV1VQrVdpecFUyotnjmVQYcBnOpPYSRIttB/d7qMVKHe8w6WAuCHcnlpDNx6
oNxyADc8fCw4d/wmzj7MLC2pfmlADoQorSHeNnm3E+uDYJO4UHiygFgntT94Wkdf
RSk1vRXjBbr37uCvfbZ8otciVK604uy+3g8oct5cPrcFpyVQaNOht/tKZtJ6KdkJ
elPjr8AFT3kzRFh1geHVUe04pLrMFR6w6KznFM2nQ2qWObcMLwfI25FsIIlWYhbY
QaZUCQP5ptUFvZVhIpafpj2ttLbfpezSn8amV0kCAwEAAaOCAjkwggI1MB0GA1Ud
DgQWBBSuuuVNNvNI5LbM6dF+nv3lUvFtLTAfBgNVHSMEGDAWgBS0+WNF0/Iu2zld
JH97htLXPkoAkTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RQbGpSZFB5THRzNVhTUl9lNGJTMXo1S0FKRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzUvOGUxMjFkLTczYjMtNDM4YS04M2M0LTZmYzM0M2Q3N2NkMi8x
L3JycmxUVGJ6U09TMnpPblJmcDc5NVZMeGJTMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzUv
OGUxMjFkLTczYjMtNDM4YS04M2M0LTZmYzM0M2Q3N2NkMi8xL3RQbGpSZFB5THRz
NVhTUl9lNGJTMXo1S0FKRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBP
BggrBgEFBQcBBwEB/wRAMD4wPAQCAAEwNgMEAAX8dgMEAC0I0wMEAS2F9gMEAC2O
eAMEALltFQMEALmuigMEAbndoAMEAMI1NQMEAMI1NzANBgkqhkiG9w0BAQsFAAOC
AQEAjQTVZli6+5Bgv3pHp7Au0osgMmZvz+IN9vqz6ymkz//y/I26EM4jnD5OfrUb
9iP5Vdr3vyA853lAmci373e/NOu8kgOSLE6KVDa/RRCzpF8l4cEdEXyZGoXhPduZ
s0O4gw6sD9TW/2ChSYROsvdplrdze3sZkSI7CQF9mZ/UrDgYJW6RsZ9sKrmFWjbl
qHb8muEZVIftag7QkFuDs5Znysd3ifr1lx+75bvWbJPxSyQYYYK5aL2SauchEsxb
kicCuEI67VnphpoIEcBkHsOdHPQLlBVUOie9Of45i0S3IeyQO9R7l9RV/e8qUbGu
V++jQY4ei/6PKBICrDkFBqe7oA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:29 2023 by rpki-client on console-ams.rpki-client.org