Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/2SBVyzbUnvlH-uytxouIlS-uwtc.roa
File: 2SBVyzbUnvlH-uytxouIlS-uwtc.roa (raw, json)
Hash identifier: NVL6k6HkX5BllBwV10MahCcbd/lfbEEn3i3w+da9k9s=
Subject key identifier: D9:20:55:CB:36:D4:9E:F9:47:FA:EC:AD:C6:8B:88:95:2F:AE:C2:D7
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 01850B78072091308C3884EC520B121EF81B
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/2SBVyzbUnvlH-uytxouIlS-uwtc.roa
Signing time: Tue 13 Dec 2022 12:31:33 +0000
ROA not before: Tue 13 Dec 2022 12:31:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207279
IP address blocks: 45.90.16.0/24 maxlen: 24
185.218.22.0/24 maxlen: 24
45.90.19.0/24 maxlen: 24
185.126.83.0/24 maxlen: 24
193.58.144.0/24 maxlen: 24
185.228.73.0/24 maxlen: 24
45.147.224.0/24 maxlen: 24
194.147.16.0/24 maxlen: 24
45.131.134.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:0b:78:07:20:91:30:8c:38:84:ec:52:0b:12:1e:f8:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Dec 13 12:31:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d92055cb36d49ef947faecadc68b88952faec2d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:89:44:30:20:88:06:ac:1f:12:31:c4:85:d0:
43:b9:b9:4a:cb:98:3c:a5:8e:c8:e6:e9:ce:65:f5:
df:da:94:4e:7a:b2:82:37:53:82:bc:c2:2a:6e:60:
44:dc:f7:5c:b7:4d:a7:ee:60:1c:ff:a5:2e:e6:c9:
10:63:2e:48:99:97:ee:10:fe:f1:ca:22:e0:98:e9:
f5:60:4c:b1:96:5f:6c:59:5c:bb:81:b0:47:6f:52:
4b:c8:80:bd:f7:b0:8a:10:87:5e:c0:11:b1:04:f3:
ab:43:72:38:89:a7:eb:c4:6b:9c:ec:e1:af:7c:6b:
f1:e6:79:78:9c:cc:a3:8c:5b:67:ad:81:10:29:de:
ff:2b:f0:78:b3:a3:18:5e:00:97:f2:3e:a3:ec:00:
e4:ba:f9:11:c0:77:fc:2c:98:9a:32:92:d2:18:37:
6e:d0:d0:05:31:60:91:b5:43:0e:13:d7:17:97:75:
26:94:11:bf:3b:c5:f0:dc:7c:56:25:7a:ca:8a:ef:
60:0f:37:45:ec:bd:3a:a0:df:3d:41:32:fe:0a:4d:
8e:2d:6b:51:19:d8:55:5b:9d:01:6b:30:a1:a0:7f:
eb:52:7f:2e:f2:29:fb:ee:4e:d8:d7:b2:5c:56:d0:
fc:60:05:cd:a4:0f:1f:d6:70:15:83:1a:45:c7:9e:
4c:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:20:55:CB:36:D4:9E:F9:47:FA:EC:AD:C6:8B:88:95:2F:AE:C2:D7
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/2SBVyzbUnvlH-uytxouIlS-uwtc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.16.0/24
45.90.19.0/24
45.131.134.0/24
45.147.224.0/24
185.126.83.0/24
185.218.22.0/24
185.228.73.0/24
193.58.144.0/24
194.147.16.0/24
Signature Algorithm: sha256WithRSAEncryption
06:c9:f8:5e:98:45:71:21:a3:ce:13:e5:6a:69:3e:e3:26:ca:
9c:fd:b9:cb:b0:5b:94:5e:64:97:5e:a1:cc:aa:f5:c7:88:53:
1c:97:43:a2:88:5b:b5:2f:2c:e2:ac:90:c8:19:78:4e:64:69:
23:af:3b:35:cd:48:00:d2:c5:24:d6:94:76:19:a0:b4:28:34:
dd:80:40:eb:05:22:9a:77:df:d7:f5:c9:e3:3b:21:7d:f3:d0:
9f:20:1d:f0:d1:dd:fe:bf:c0:1c:4b:9f:06:b4:43:e5:ac:27:
16:d5:87:df:90:2a:90:4c:90:d2:5f:fc:03:49:76:2f:56:32:
9a:f9:a4:54:2b:8d:5c:78:ae:f4:b5:dd:ef:25:7a:31:a5:70:
25:63:5c:e0:e6:ff:d3:c0:d6:99:e5:6d:6e:c0:64:40:0b:7d:
03:b9:86:e9:f0:de:03:45:c9:56:81:5a:18:3c:5d:d4:1b:3d:
77:d6:a9:b2:2f:de:03:6b:55:07:a8:df:f9:8b:2e:8a:d1:23:
38:f3:e6:bd:16:2a:1c:39:dd:9a:58:b6:fe:85:6e:6b:2b:11:
be:51:cf:6d:a7:9e:ee:6d:6e:8a:19:bd:b5:ba:53:d2:14:6f:
a9:c4:df:bc:84:18:d8:23:fb:76:e6:d6:23:ac:79:95:ad:cd:
7a:16:ab:95
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYULeAcgkTCMOITsUgsSHvgbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjIxMjEzMTIzMTMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTIwNTVjYjM2ZDQ5ZWY5NDdmYWVjYWRjNjhiODg5NTJmYWVjMmQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtIlEMCCIBqwfEjHEhdBDublKy5g8
pY7I5unOZfXf2pROerKCN1OCvMIqbmBE3Pdct02n7mAc/6Uu5skQYy5ImZfuEP7x
yiLgmOn1YEyxll9sWVy7gbBHb1JLyIC997CKEIdewBGxBPOrQ3I4iafrxGuc7OGv
fGvx5nl4nMyjjFtnrYEQKd7/K/B4s6MYXgCX8j6j7ADkuvkRwHf8LJiaMpLSGDdu
0NAFMWCRtUMOE9cXl3UmlBG/O8Xw3HxWJXrKiu9gDzdF7L06oN89QTL+Ck2OLWtR
GdhVW50BazChoH/rUn8u8in77k7Y17JcVtD8YAXNpA8f1nAVgxpFx55MjwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFNkgVcs21J75R/rsrcaLiJUvrsLXMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvMlNCVnl6YlVudmxILXV5dHhvdUlsUy11d3RjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQALVoQAwQA
LVoTAwQALYOGAwQALZPgAwQAuX5TAwQAudoWAwQAueRJAwQAwTqQAwQAwpMQMA0G
CSqGSIb3DQEBCwUAA4IBAQAGyfhemEVxIaPOE+VqaT7jJsqc/bnLsFuUXmSXXqHM
qvXHiFMcl0OiiFu1LyzirJDIGXhOZGkjrzs1zUgA0sUk1pR2GaC0KDTdgEDrBSKa
d9/X9cnjOyF989CfIB3w0d3+v8AcS58GtEPlrCcW1YffkCqQTJDSX/wDSXYvVjKa
+aRUK41ceK70td3vJXoxpXAlY1zg5v/TwNaZ5W1uwGRAC30DuYbp8N4DRclWgVoY
PF3UGz131qmyL94Da1UHqN/5iy6K0SM48+a9FiocOd2aWLb+hW5rKxG+Uc9tp57u
bW6KGb21ulPSFG+pxN+8hBjYI/t25tYjrHmVrc16FquV
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:20 2024 by rpki-client on console-ams.rpki-client.org