Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/237wajVIenwF3L-VbXsUm0Y3TAk.roa
File: 237wajVIenwF3L-VbXsUm0Y3TAk.roa (raw, json)
Hash identifier: zxyXy81gzDnk2fUG9DHkY/xWPzQFQDrwOegZ2j2D2vw=
Subject key identifier: DB:7E:F0:6A:35:48:7A:7C:05:DC:BF:95:6D:7B:14:9B:46:37:4C:09
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 1A8F2E88
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/237wajVIenwF3L-VbXsUm0Y3TAk.roa
Signing time: Fri 24 Jun 2022 22:54:36 +0000
ROA not before: Fri 24 Jun 2022 22:54:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 52423
IP address blocks: 45.85.85.0/24 maxlen: 24
45.85.86.0/24 maxlen: 24
77.243.92.0/24 maxlen: 32
185.190.80.0/24 maxlen: 32
77.243.94.0/24 maxlen: 32
185.184.141.0/24 maxlen: 32
185.184.143.0/24 maxlen: 24
185.184.142.0/24 maxlen: 24
91.188.200.0/24 maxlen: 32
185.185.248.0/24 maxlen: 24
2.59.172.0/23 maxlen: 32
185.185.249.0/24 maxlen: 24
45.130.72.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 445591176 (0x1a8f2e88)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jun 24 22:54:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=db7ef06a35487a7c05dcbf956d7b149b46374c09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:5a:5d:94:45:56:f4:e4:14:6d:e2:5e:c8:84:
b1:0e:dd:35:91:22:99:0a:8d:08:3a:be:c9:fc:b3:
14:06:c1:1b:4c:54:1b:8e:77:d1:24:e2:94:5e:89:
57:1e:b5:37:e4:53:9f:2a:63:61:78:91:5f:7e:3f:
0f:96:8b:33:d7:fc:17:30:7b:74:b6:ed:51:17:24:
b2:53:d6:7b:9a:62:6c:1a:6e:6d:94:15:e4:01:b8:
ef:9e:6a:39:2b:f8:68:f1:b5:72:aa:bc:8b:3c:0c:
26:a4:e7:30:90:bb:59:c3:3f:d3:2d:0a:7c:bc:77:
e0:a5:97:e6:45:b5:57:97:83:4c:9b:54:13:bc:28:
15:eb:6c:4c:1b:d4:82:68:90:96:e1:77:35:12:41:
ca:48:10:a5:34:14:44:6a:7e:3f:f6:b1:61:34:3c:
97:4e:15:06:c4:a2:dc:ad:dd:ab:31:45:ef:a4:c1:
9c:bf:ea:4a:f0:3a:52:b8:7a:ac:25:d1:33:4d:46:
1c:0c:6f:e7:b3:1d:3a:e5:9a:f7:78:ae:04:5c:e6:
38:de:93:56:ed:a2:5e:ec:3f:af:52:d8:d4:15:ce:
a4:60:b7:34:2b:0d:67:14:27:c4:90:ac:1f:79:5b:
b7:3c:b3:a7:3e:4e:1f:62:07:da:5b:e7:f6:c1:6d:
91:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:7E:F0:6A:35:48:7A:7C:05:DC:BF:95:6D:7B:14:9B:46:37:4C:09
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/237wajVIenwF3L-VbXsUm0Y3TAk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.172.0/23
45.85.85.0-45.85.86.255
45.130.72.0/23
77.243.92.0/24
77.243.94.0/24
91.188.200.0/24
185.184.141.0-185.184.143.255
185.185.248.0/23
185.190.80.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:6c:50:1a:5f:7e:df:5e:58:ac:59:80:6e:f1:89:4f:b1:55:
70:5e:55:90:bf:77:0e:4c:51:4f:86:66:8d:2f:05:ce:1a:09:
20:f9:3a:8a:b2:b9:da:5f:07:46:0c:08:63:3e:37:b0:68:fe:
f3:da:29:fe:b6:b9:50:fe:49:00:c3:05:da:32:99:4e:05:11:
31:52:a9:50:1c:08:a5:ff:4e:ec:a8:a0:5a:4b:bf:50:7a:a3:
2e:8f:36:17:a1:9e:b4:f0:61:f2:18:81:22:a8:8d:07:0d:56:
c4:e4:6d:51:47:cf:84:cb:90:36:ac:d9:08:6f:88:23:3d:15:
9c:3e:d5:e5:8c:aa:19:b7:d3:52:14:ef:06:f8:59:f9:8c:d1:
21:cb:c6:9b:14:92:58:ec:79:9d:76:75:39:cd:98:64:41:07:
da:3c:ea:8d:ce:a3:60:9d:77:63:af:bf:c7:1f:61:37:df:c4:
35:85:d5:67:9c:40:35:ff:8b:f5:3c:58:fe:00:e5:75:96:f6:
e9:1f:82:4f:eb:27:93:e4:a3:7a:1d:9f:e4:e8:ec:cd:55:0e:
53:32:58:22:f8:10:d1:76:81:4a:0e:7a:1d:a0:d2:c8:6a:7c:
0d:92:1c:d9:29:a4:8c:b2:2b:76:26:dd:64:8d:5a:a7:5b:e1:
8e:5c:b2:1f
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIEGo8uiDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzhmZDFhOGFlNTk5NmMxZTU2OTJjMWE4YzQyYmZlOWMzYmE1NzQ1MB4XDTIyMDYy
NDIyNTQzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGI3ZWYwNmEzNTQ4
N2E3YzA1ZGNiZjk1NmQ3YjE0OWI0NjM3NGMwOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKpaXZRFVvTkFG3iXsiEsQ7dNZEimQqNCDq+yfyzFAbBG0xU
G4530STilF6JVx61N+RTnypjYXiRX34/D5aLM9f8FzB7dLbtURckslPWe5pibBpu
bZQV5AG4755qOSv4aPG1cqq8izwMJqTnMJC7WcM/0y0KfLx34KWX5kW1V5eDTJtU
E7woFetsTBvUgmiQluF3NRJBykgQpTQURGp+P/axYTQ8l04VBsSi3K3dqzFF76TB
nL/qSvA6Urh6rCXRM01GHAxv57MdOuWa93iuBFzmON6TVu2iXuw/r1LY1BXOpGC3
NCsNZxQnxJCsH3lbtzyzpz5OH2IH2lvn9sFtkTECAwEAAaOCAkkwggJFMB0GA1Ud
DgQWBBTbfvBqNUh6fAXcv5VtexSbRjdMCTAfBgNVHSMEGDAWgBRsj9GorlmWweVp
LBqMQr/pw7pXRTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JJX1JxSzVabHNIbGFTd2FqRUtfNmNPNlYwVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8x
LzIzN3dhalZJZW53RjNMLVZiWHNVbTBZM1RBay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8xL2JJX1JxSzVabHNI
bGFTd2FqRUtfNmNPNlYwVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBf
BggrBgEFBQcBBwEB/wRQME4wTAQCAAEwRgMEAQI7rDAMAwQALVVVAwQALVVWAwQB
LYJIAwQATfNcAwQATfNeAwQAW7zIMAwDBAC5uI0DBAS5uIADBAG5ufgDBAC5vlAw
DQYJKoZIhvcNAQELBQADggEBAHpsUBpfft9eWKxZgG7xiU+xVXBeVZC/dw5MUU+G
Zo0vBc4aCSD5OoqyudpfB0YMCGM+N7Bo/vPaKf62uVD+SQDDBdoymU4FETFSqVAc
CKX/TuyooFpLv1B6oy6PNhehnrTwYfIYgSKojQcNVsTkbVFHz4TLkDas2QhviCM9
FZw+1eWMqhm301IU7wb4WfmM0SHLxpsUkljseZ12dTnNmGRBB9o86o3Oo2Cdd2Ov
v8cfYTffxDWF1WecQDX/i/U8WP4A5XWW9ukfgk/rJ5Pko3odn+To7M1VDlMyWCL4
ENF2gUoOeh2g0shqfA2SHNkppIyyK3Ym3WSNWqdb4Y5csh8=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:09 2023 by rpki-client on console-ams.rpki-client.org