Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/P7qlSlvi-D4pNMbvpRMFpIo0-n8.roa
File: P7qlSlvi-D4pNMbvpRMFpIo0-n8.roa (raw, json)
Hash identifier: rjDDgH4Ll9oFM6mgK6iiQRb4CP1Hlz1VeX6mHao/y4U=
Subject key identifier: 3F:BA:A5:4A:5B:E2:F8:3E:29:34:C6:EF:A5:13:05:A4:8A:34:FA:7F
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0185117A1C0A41533627F8906A0F85A9457B
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/P7qlSlvi-D4pNMbvpRMFpIo0-n8.roa
Signing time: Wed 14 Dec 2022 16:31:33 +0000
ROA not before: Wed 14 Dec 2022 16:31:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211237
IP address blocks: 45.90.18.0/24 maxlen: 24
45.147.226.0/24 maxlen: 24
185.246.112.0/24 maxlen: 24
194.147.17.0/24 maxlen: 24
185.246.113.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:11:7a:1c:0a:41:53:36:27:f8:90:6a:0f:85:a9:45:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Dec 14 16:31:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3fbaa54a5be2f83e2934c6efa51305a48a34fa7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:40:7b:78:f6:8f:8c:d6:c6:3d:0a:bc:2b:19:
3e:ea:81:4a:96:f7:e2:cd:5a:2d:5b:fd:26:68:0d:
52:e7:9d:5b:7f:43:49:41:29:c4:6d:a9:42:da:b4:
9d:0c:78:ab:3b:96:a1:05:21:bb:3a:80:71:30:f1:
37:fd:b1:85:b3:33:8d:c5:4f:cc:71:b1:b2:af:f3:
de:9b:c5:9d:32:52:2a:7a:07:03:ce:dc:fb:2a:10:
d4:5b:17:bf:0d:80:5d:99:82:d1:67:62:b5:99:55:
f1:3e:94:89:76:de:01:51:f5:b4:d9:a0:da:83:49:
59:db:8a:df:5a:cc:00:f2:c7:e5:5c:38:f7:e2:d4:
47:8c:60:e8:82:be:b6:38:53:ad:b5:4b:67:03:00:
b2:8d:bd:f5:0f:e6:5f:31:0e:a6:4e:47:43:39:f7:
16:59:aa:ca:23:6c:48:4c:d6:ff:d8:ec:b3:49:1b:
24:e5:97:1f:4a:f8:06:b8:21:5a:67:da:08:a1:17:
83:0f:dc:0c:bd:9b:24:b9:37:e4:85:9d:20:53:e6:
28:00:1f:2a:a8:be:ef:8f:c5:d5:df:91:30:23:b9:
9e:e7:8f:7c:2d:e8:b5:dc:4e:de:63:06:58:4f:7e:
e8:05:7d:ce:ed:1d:7c:e2:89:24:70:5e:76:e3:f8:
8a:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:BA:A5:4A:5B:E2:F8:3E:29:34:C6:EF:A5:13:05:A4:8A:34:FA:7F
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/P7qlSlvi-D4pNMbvpRMFpIo0-n8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.18.0/24
45.147.226.0/24
185.246.112.0/23
194.147.17.0/24
Signature Algorithm: sha256WithRSAEncryption
95:cd:ec:fd:70:d0:f9:00:4a:54:f4:d4:1f:91:6c:48:2c:66:
3a:be:9b:ed:01:73:e3:6b:c2:67:a4:1c:31:59:82:14:60:65:
22:35:10:c2:24:fb:a5:90:dd:44:13:58:fe:60:27:4e:b9:a8:
31:6c:a1:5e:08:9a:8f:79:f8:d7:e9:e4:67:4d:76:12:32:75:
b2:4b:bc:08:92:db:ea:da:b3:f0:0c:28:42:20:a5:aa:e7:07:
9a:e8:94:6a:7c:be:6b:48:75:8a:8b:d6:c8:c1:81:7a:86:61:
7c:9a:fc:a6:29:fb:10:c3:ad:60:b2:52:ae:21:78:b1:d7:a9:
2b:f8:45:98:16:d0:a8:b4:05:ab:84:a3:a6:ef:2b:d6:32:b8:
fb:2a:ed:29:bc:84:a3:df:8d:49:3c:a2:bf:34:44:07:da:34:
08:a4:55:b0:04:68:59:18:0f:1a:c3:af:aa:c6:f4:41:ed:4a:
84:6b:01:29:ec:2e:a5:ae:2c:75:c4:e1:f2:01:05:6a:c4:f2:
14:10:52:d2:e5:4e:5a:1f:a4:eb:9b:87:52:17:b3:de:fb:b8:
d9:41:1b:52:28:d5:ea:d2:4c:70:8b:41:40:41:99:3e:34:63:
d7:c1:9f:91:5e:ea:62:2d:55:e5:2c:16:3a:03:51:a8:13:5e:
45:21:59:97
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYURehwKQVM2J/iQag+FqUV7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjIxMjE0MTYzMTMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZmJhYTU0YTViZTJmODNlMjkzNGM2ZWZhNTEzMDVhNDhhMzRmYTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiEB7ePaPjNbGPQq8Kxk+6oFKlvfi
zVotW/0maA1S551bf0NJQSnEbalC2rSdDHirO5ahBSG7OoBxMPE3/bGFszONxU/M
cbGyr/Pem8WdMlIqegcDztz7KhDUWxe/DYBdmYLRZ2K1mVXxPpSJdt4BUfW02aDa
g0lZ24rfWswA8sflXDj34tRHjGDogr62OFOttUtnAwCyjb31D+ZfMQ6mTkdDOfcW
WarKI2xITNb/2OyzSRsk5ZcfSvgGuCFaZ9oIoReDD9wMvZskuTfkhZ0gU+YoAB8q
qL7vj8XV35EwI7me5498Lei13E7eYwZYT37oBX3O7R184okkcF524/iKlQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFD+6pUpb4vg+KTTG76UTBaSKNPp/MB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvUDdxbFNsdmktRDRwTk1idnBSTUZwSW8wLW44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALVoSAwQA
LZPiAwQBufZwAwQAwpMRMA0GCSqGSIb3DQEBCwUAA4IBAQCVzez9cND5AEpU9NQf
kWxILGY6vpvtAXPja8JnpBwxWYIUYGUiNRDCJPulkN1EE1j+YCdOuagxbKFeCJqP
efjX6eRnTXYSMnWyS7wIktvq2rPwDChCIKWq5wea6JRqfL5rSHWKi9bIwYF6hmF8
mvymKfsQw61gslKuIXix16kr+EWYFtCotAWrhKOm7yvWMrj7Ku0pvISj341JPKK/
NEQH2jQIpFWwBGhZGA8aw6+qxvRB7UqEawEp7C6lrix1xOHyAQVqxPIUEFLS5U5a
H6Trm4dSF7Pe+7jZQRtSKNXq0kxwi0FAQZk+NGPXwZ+RXupiLVXlLBY6A1GoE15F
IVmX
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:22 2024 by rpki-client on console-ams.rpki-client.org