Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/uErzX2e9IhsMlaNT6MlqwbKd4Sw.roa
File: uErzX2e9IhsMlaNT6MlqwbKd4Sw.roa (raw, json)
Hash identifier: dsf/hwLd1EAS6mPvYK7MeK1GMny2Xyqp2VD3SwO3Wq0=
Subject key identifier: B8:4A:F3:5F:67:BD:22:1B:0C:95:A3:53:E8:C9:6A:C1:B2:9D:E1:2C
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 01852F811230E7B43345CE419FF74B66F4C0
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/uErzX2e9IhsMlaNT6MlqwbKd4Sw.roa
Signing time: Tue 20 Dec 2022 12:27:46 +0000
ROA not before: Tue 20 Dec 2022 12:27:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29119
IP address blocks: 45.146.224.0/22 maxlen: 24
185.131.188.0/22 maxlen: 24
141.98.52.0/22 maxlen: 24
185.114.64.0/22 maxlen: 24
185.123.136.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:2f:81:12:30:e7:b4:33:45:ce:41:9f:f7:4b:66:f4:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Dec 20 12:27:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b84af35f67bd221b0c95a353e8c96ac1b29de12c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:41:b2:58:9a:01:63:94:e9:d7:97:c6:d3:4a:
03:07:c3:23:35:b2:49:8a:50:38:22:79:38:9a:2a:
37:1b:a1:de:8d:09:a7:e1:ba:9c:2f:44:b6:36:cd:
8e:04:1d:8b:58:87:1b:22:0b:b0:40:70:67:c5:7f:
b4:a6:c8:27:52:a3:f0:08:4c:4d:fb:c6:c2:05:7b:
c7:3f:c8:50:78:a2:59:eb:cb:71:ef:b5:00:e2:87:
78:57:53:a1:b2:7e:08:64:22:f8:eb:17:84:00:1d:
26:27:8e:e5:f4:78:4b:42:93:3b:b6:c3:87:59:8f:
ee:ca:a9:47:f3:d8:fa:06:2b:dc:55:54:b0:d9:71:
5c:9c:b4:d9:94:14:0b:52:97:bd:57:b3:ef:af:c2:
7e:ef:d6:9f:56:01:ef:fd:f0:5d:ba:27:6e:0b:06:
29:b6:f9:ce:59:14:e5:90:ed:cb:de:49:e4:01:e0:
41:51:7a:ff:ed:98:8d:02:1a:50:d9:01:e2:5b:a4:
f0:55:27:dc:9d:8b:71:88:36:48:56:af:cb:ef:76:
28:95:6f:83:ec:0a:6b:f6:88:4d:33:b1:23:9a:35:
34:13:c8:ed:17:c0:c5:c3:d2:fc:ee:4c:90:5d:ed:
20:00:72:29:9b:0d:d9:57:5d:aa:2f:a4:b6:b7:7a:
61:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:4A:F3:5F:67:BD:22:1B:0C:95:A3:53:E8:C9:6A:C1:B2:9D:E1:2C
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/uErzX2e9IhsMlaNT6MlqwbKd4Sw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.224.0/22
141.98.52.0/22
185.114.64.0/22
185.123.136.0/22
185.131.188.0/22
Signature Algorithm: sha256WithRSAEncryption
44:43:e8:61:fa:94:c9:98:58:ed:3d:23:a5:01:6a:f2:c7:d9:
e9:be:80:0f:3f:ba:66:06:8f:ec:0b:fa:09:b4:30:52:d1:26:
26:89:c3:9d:ff:31:de:f1:8f:31:2d:e1:f3:8e:ae:80:e5:fd:
cf:80:b0:64:9f:46:40:29:c0:c8:25:67:98:b5:6f:74:dc:93:
a7:5c:a0:1d:be:f9:17:37:16:21:64:32:1f:83:fd:8d:a0:4b:
f2:78:0a:9f:5a:fc:cb:d2:67:17:0a:06:bb:1e:33:90:0f:da:
de:d2:52:b3:81:17:c7:6b:46:4e:6f:92:8f:67:12:24:ad:37:
60:a0:c3:69:c1:58:2b:be:c0:b5:4c:4b:b2:57:1f:1f:58:f3:
84:3e:50:1d:b3:3d:01:bd:22:1c:e8:8e:b9:69:b5:7f:42:3b:
e0:58:48:47:86:b1:b3:c4:d9:52:09:56:41:11:db:1e:80:4a:
22:7e:7c:4d:9d:0b:67:f0:41:be:64:af:ea:2c:e8:49:1a:91:
d0:fb:03:46:40:9d:31:16:08:a8:f5:74:bb:85:cd:a3:ac:3d:
98:d3:6b:70:2f:25:71:55:d0:cb:bf:57:fb:5b:0f:fe:00:ed:
85:32:f9:9d:0c:fe:4d:9a:d1:7e:67:70:8d:79:7c:d9:df:0f:
bb:51:fa:36
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYUvgRIw57QzRc5Bn/dLZvTAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjIxMjIwMTIyNzQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODRhZjM1ZjY3YmQyMjFiMGM5NWEzNTNlOGM5NmFjMWIyOWRlMTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlkGyWJoBY5Tp15fG00oDB8MjNbJJ
ilA4Ink4mio3G6HejQmn4bqcL0S2Ns2OBB2LWIcbIguwQHBnxX+0psgnUqPwCExN
+8bCBXvHP8hQeKJZ68tx77UA4od4V1Ohsn4IZCL46xeEAB0mJ47l9HhLQpM7tsOH
WY/uyqlH89j6BivcVVSw2XFcnLTZlBQLUpe9V7Pvr8J+79afVgHv/fBduiduCwYp
tvnOWRTlkO3L3knkAeBBUXr/7ZiNAhpQ2QHiW6TwVSfcnYtxiDZIVq/L73YolW+D
7Apr9ohNM7EjmjU0E8jtF8DFw9L87kyQXe0gAHIpmw3ZV12qL6S2t3ph2QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFLhK819nvSIbDJWjU+jJasGyneEsMB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvdUVyelgyZTlJaHNNbGFOVDZNbHF3YktkNFN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCLZLgAwQC
jWI0AwQCuXJAAwQCuXuIAwQCuYO8MA0GCSqGSIb3DQEBCwUAA4IBAQBEQ+hh+pTJ
mFjtPSOlAWryx9npvoAPP7pmBo/sC/oJtDBS0SYmicOd/zHe8Y8xLeHzjq6A5f3P
gLBkn0ZAKcDIJWeYtW903JOnXKAdvvkXNxYhZDIfg/2NoEvyeAqfWvzL0mcXCga7
HjOQD9re0lKzgRfHa0ZOb5KPZxIkrTdgoMNpwVgrvsC1TEuyVx8fWPOEPlAdsz0B
vSIc6I65abV/QjvgWEhHhrGzxNlSCVZBEdsegEoifnxNnQtn8EG+ZK/qLOhJGpHQ
+wNGQJ0xFgio9XS7hc2jrD2Y02twLyVxVdDLv1f7Ww/+AO2FMvmdDP5NmtF+Z3CN
eXzZ3w+7Ufo2
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:37 2024 by rpki-client on console-fra.rpki-client.org