Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/QnN2z6eRpN_AZs4alVCpK-TT-nU.roa
File: QnN2z6eRpN_AZs4alVCpK-TT-nU.roa (raw, json)
Hash identifier: WyanmC8XON3L3/AvkdlEB84aXQLajLj+K/m1WcStwEM=
Subject key identifier: 42:73:76:CF:A7:91:A4:DF:C0:66:CE:1A:95:50:A9:2B:E4:D3:FA:75
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 01850B1E4F0EB9A785C7BCA118A32DB33C60
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/QnN2z6eRpN_AZs4alVCpK-TT-nU.roa
Signing time: Tue 13 Dec 2022 10:53:33 +0000
ROA not before: Tue 13 Dec 2022 10:53:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207279
IP address blocks: 45.90.16.0/24 maxlen: 24
185.218.22.0/24 maxlen: 24
45.90.19.0/24 maxlen: 24
185.126.83.0/24 maxlen: 24
185.228.73.0/24 maxlen: 24
45.147.224.0/24 maxlen: 24
194.147.16.0/24 maxlen: 24
45.131.134.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:0b:1e:4f:0e:b9:a7:85:c7:bc:a1:18:a3:2d:b3:3c:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Dec 13 10:53:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=427376cfa791a4dfc066ce1a9550a92be4d3fa75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:ab:e6:2b:e9:dd:6f:7d:b8:f8:aa:83:48:4f:
e7:c6:9f:6b:39:80:53:aa:30:fc:20:3a:ed:02:03:
6b:2a:93:da:31:62:7c:a7:9a:0a:b0:71:c1:eb:41:
7a:41:45:47:c3:9c:35:d8:c9:74:87:7e:2b:c5:d9:
fe:60:49:d8:aa:eb:1b:54:7d:b4:07:89:ea:51:72:
bd:fe:93:03:34:ac:84:14:f4:0a:6b:d3:75:e7:a5:
a3:bd:bd:4c:48:24:25:c5:d5:25:7c:a6:a3:c2:c3:
74:70:92:89:b1:65:4d:4c:bc:97:48:5e:81:ff:e9:
a9:47:5d:b4:5e:d0:35:ef:37:4d:fc:91:36:fe:8a:
ba:3f:82:62:df:f7:35:d1:7d:42:57:f2:31:c1:d4:
19:2f:84:b4:60:29:99:0b:ad:d0:90:9e:5c:22:0d:
95:41:fe:97:98:32:e8:b9:8f:30:c0:ca:a6:ae:42:
25:2b:d4:99:cd:15:53:06:0d:6e:b6:22:ac:29:d0:
db:d1:af:14:74:2b:5d:2b:1b:40:58:e6:e8:2a:28:
57:bd:fe:db:3d:11:11:34:d4:0c:94:bd:04:e7:bc:
57:8f:cd:92:e0:5c:e1:26:51:7e:f6:ad:da:b7:d5:
da:37:ef:56:f1:cf:b7:75:5f:b5:bf:bf:40:61:89:
b8:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:73:76:CF:A7:91:A4:DF:C0:66:CE:1A:95:50:A9:2B:E4:D3:FA:75
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/QnN2z6eRpN_AZs4alVCpK-TT-nU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.16.0/24
45.90.19.0/24
45.131.134.0/24
45.147.224.0/24
185.126.83.0/24
185.218.22.0/24
185.228.73.0/24
194.147.16.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:f0:6e:a9:2a:d8:e1:7c:b7:82:5b:24:8b:be:ad:14:50:79:
d2:9b:c1:79:6a:a3:01:ea:89:80:3e:ce:a1:2a:05:88:dc:ea:
6c:fd:d8:05:2a:c1:1d:79:ad:06:d4:95:bf:a0:a3:c8:db:a8:
af:58:ff:d5:08:01:d5:fc:65:06:62:4a:98:b7:38:6e:1c:ec:
c7:28:b4:2c:27:00:65:b3:99:6e:78:05:b9:b6:2b:0c:3a:30:
67:c2:8f:0d:7f:c2:f1:ed:02:bb:a3:89:16:e5:d9:91:c6:0c:
bc:88:0b:4b:29:4b:cf:d4:db:6a:72:98:37:6c:cd:68:e2:3e:
ce:e2:18:a8:1e:15:8a:b4:f7:10:94:89:52:5a:d7:0f:b3:ec:
e3:83:bc:a9:2d:ea:29:98:be:01:42:c5:23:27:72:f1:0f:ed:
8a:5d:f3:c1:c6:b4:be:d2:da:30:62:4f:6c:11:e9:30:fb:de:
b7:30:d0:ee:f6:a6:db:fe:33:29:fe:68:52:25:0e:4d:0f:87:
15:82:ec:85:0e:15:37:82:a8:ea:e3:89:c0:b1:f1:2a:cf:8a:
ff:b3:9d:a9:0c:93:78:07:ea:8d:f8:58:f9:72:fa:38:57:90:
27:83:37:c3:ec:9f:7a:ca:46:09:37:c0:fa:28:6b:c3:85:fd:
cf:c5:aa:6c
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYULHk8OuaeFx7yhGKMtszxgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjIxMjEzMTA1MzMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjczNzZjZmE3OTFhNGRmYzA2NmNlMWE5NTUwYTkyYmU0ZDNmYTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3avmK+ndb324+KqDSE/nxp9rOYBT
qjD8IDrtAgNrKpPaMWJ8p5oKsHHB60F6QUVHw5w12Ml0h34rxdn+YEnYqusbVH20
B4nqUXK9/pMDNKyEFPQKa9N156Wjvb1MSCQlxdUlfKajwsN0cJKJsWVNTLyXSF6B
/+mpR120XtA17zdN/JE2/oq6P4Ji3/c10X1CV/IxwdQZL4S0YCmZC63QkJ5cIg2V
Qf6XmDLouY8wwMqmrkIlK9SZzRVTBg1utiKsKdDb0a8UdCtdKxtAWOboKihXvf7b
PRERNNQMlL0E57xXj82S4FzhJlF+9q3at9XaN+9W8c+3dV+1v79AYYm45QIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFEJzds+nkaTfwGbOGpVQqSvk0/p1MB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvUW5OMno2ZVJwTl9BWnM0YWxWQ3BLLVRULW5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQALVoQAwQA
LVoTAwQALYOGAwQALZPgAwQAuX5TAwQAudoWAwQAueRJAwQAwpMQMA0GCSqGSIb3
DQEBCwUAA4IBAQCd8G6pKtjhfLeCWySLvq0UUHnSm8F5aqMB6omAPs6hKgWI3Ops
/dgFKsEdea0G1JW/oKPI26ivWP/VCAHV/GUGYkqYtzhuHOzHKLQsJwBls5lueAW5
tisMOjBnwo8Nf8Lx7QK7o4kW5dmRxgy8iAtLKUvP1Ntqcpg3bM1o4j7O4hioHhWK
tPcQlIlSWtcPs+zjg7ypLeopmL4BQsUjJ3LxD+2KXfPBxrS+0towYk9sEekw+963
MNDu9qbb/jMp/mhSJQ5ND4cVguyFDhU3gqjq44nAsfEqz4r/s52pDJN4B+qN+Fj5
cvo4V5AngzfD7J96ykYJN8D6KGvDhf3Pxaps
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:41 2024 by rpki-client on console-fra.rpki-client.org