Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/4XRrp_ANA7HwdSUgLIUdDNu6tIM.roa
File: 4XRrp_ANA7HwdSUgLIUdDNu6tIM.roa (raw, json)
Hash identifier: RRg7WelKw6DfmTAP2MB2bIuFUbEyjC7UVbtlxujKdIA=
Subject key identifier: E1:74:6B:A7:F0:0D:03:B1:F0:75:25:20:2C:85:1D:0C:DB:BA:B4:83
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 1A081344
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/4XRrp_ANA7HwdSUgLIUdDNu6tIM.roa
Signing time: Thu 05 May 2022 08:50:23 +0000
ROA not before: Thu 05 May 2022 08:50:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 54600
IP address blocks: 45.81.236.0/22 maxlen: 32
45.82.204.0/23 maxlen: 32
45.12.234.0/24 maxlen: 32
45.12.235.0/24 maxlen: 32
185.182.63.0/24 maxlen: 24
45.12.162.0/24 maxlen: 32
185.240.236.0/22 maxlen: 24
45.81.11.0/24 maxlen: 32
45.81.10.0/24 maxlen: 32
45.14.47.0/24 maxlen: 32
185.172.144.0/24 maxlen: 24
185.253.249.0/24 maxlen: 24
45.130.74.0/24 maxlen: 24
45.83.252.0/23 maxlen: 32
45.83.253.0/24 maxlen: 32
45.83.252.0/24 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 436736836 (0x1a081344)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: May 5 08:50:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e1746ba7f00d03b1f07525202c851d0cdbbab483
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:8d:4f:04:2a:c3:19:ab:83:25:75:22:7b:5a:
83:8e:0d:81:22:91:e4:0d:98:f0:22:d0:ec:3a:a2:
4b:19:4a:b2:c9:20:db:c4:5d:0e:da:27:cd:ac:1e:
88:a1:3f:2d:c2:4b:3d:55:c2:48:d4:e4:ed:4a:3c:
9c:4f:51:00:3d:12:bd:7c:80:93:5d:82:96:4b:53:
df:d2:a3:82:e9:97:7d:f6:09:26:72:33:93:da:44:
7d:19:f4:03:d9:fa:8d:4d:d5:87:f1:f7:ab:2a:6a:
a1:c4:0f:49:a5:e4:3a:a8:6b:5e:20:e9:18:f5:44:
f1:b1:a7:f6:a3:6e:d8:5a:05:21:04:d5:e4:0f:64:
cb:c9:9c:28:7f:5a:57:bf:46:06:77:7b:44:8c:f1:
34:68:14:de:79:1a:91:6f:ca:d4:6f:45:35:77:1e:
ba:c6:29:ad:20:d1:11:26:12:4a:75:24:4a:99:6e:
82:cb:68:34:27:19:28:5b:1f:e6:6b:a4:1f:7f:e7:
a6:19:05:06:c2:68:31:24:6b:37:ef:f3:24:b6:3c:
24:70:2b:ff:ce:86:a6:b2:08:fb:b4:96:c2:74:57:
09:d6:48:e1:c9:da:ba:af:5f:f5:a9:46:06:46:35:
3c:bd:d5:54:4d:5e:7a:c9:4f:70:ce:9f:8c:37:67:
6e:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:74:6B:A7:F0:0D:03:B1:F0:75:25:20:2C:85:1D:0C:DB:BA:B4:83
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/4XRrp_ANA7HwdSUgLIUdDNu6tIM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.162.0/24
45.12.234.0/23
45.14.47.0/24
45.81.10.0/23
45.81.236.0/22
45.82.204.0/23
45.83.252.0/23
45.130.74.0/24
185.172.144.0/24
185.182.63.0/24
185.240.236.0/22
185.253.249.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:8a:95:2b:0e:be:8e:cb:bd:ec:ee:16:52:01:e3:31:d9:46:
b4:c2:d0:01:06:40:4c:c8:fc:a5:06:cf:d4:c7:ed:3a:a1:74:
7e:bf:da:8b:3b:fd:ce:d7:cd:80:ea:59:b8:95:24:4d:8c:8f:
86:dd:58:fc:88:0a:e7:73:76:4b:27:75:8e:3a:bb:b0:3d:06:
ba:f9:6b:7e:2a:86:3e:af:26:b7:be:5a:d7:d1:0c:b1:98:70:
a9:8d:68:28:06:dc:08:84:33:82:a0:0e:bc:98:85:84:30:77:
37:51:27:84:9b:0d:7e:8a:7a:6a:a3:c9:59:ce:ee:a7:63:0d:
db:a7:f6:75:db:9f:e8:d4:c9:70:28:c8:96:45:67:1e:c8:75:
1e:42:1c:05:c9:e3:7e:73:73:c8:39:ef:75:9d:c0:7f:2b:1d:
af:ec:1c:c7:6c:32:ba:0b:de:a6:a5:a3:a2:ba:12:5c:18:65:
0d:3d:f9:6f:d6:be:d3:30:0b:1e:cd:d6:b6:19:7b:e5:8b:db:
98:ab:48:c4:0f:2d:c9:18:a9:13:0f:c8:ea:14:c3:cb:f7:52:
6d:e1:84:eb:3f:16:e7:a0:bc:5d:13:f2:4d:27:ee:6d:76:ee:
28:42:70:28:90:1a:0a:5e:89:e8:6b:37:90:3b:c0:07:73:7c:
fb:8e:da:f8
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIEGggTRDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzhmZDFhOGFlNTk5NmMxZTU2OTJjMWE4YzQyYmZlOWMzYmE1NzQ1MB4XDTIyMDUw
NTA4NTAyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTE3NDZiYTdmMDBk
MDNiMWYwNzUyNTIwMmM4NTFkMGNkYmJhYjQ4MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANGNTwQqwxmrgyV1Intag44NgSKR5A2Y8CLQ7DqiSxlKsskg
28RdDtonzaweiKE/LcJLPVXCSNTk7Uo8nE9RAD0SvXyAk12ClktT39KjgumXffYJ
JnIzk9pEfRn0A9n6jU3Vh/H3qypqocQPSaXkOqhrXiDpGPVE8bGn9qNu2FoFIQTV
5A9ky8mcKH9aV79GBnd7RIzxNGgU3nkakW/K1G9FNXceusYprSDRESYSSnUkSplu
gstoNCcZKFsf5mukH3/nphkFBsJoMSRrN+/zJLY8JHAr/86GprII+7SWwnRXCdZI
4cnauq9f9alGBkY1PL3VVE1eeslPcM6fjDdnbs0CAwEAAaOCAkswggJHMB0GA1Ud
DgQWBBThdGun8A0DsfB1JSAshR0M27q0gzAfBgNVHSMEGDAWgBRsj9GorlmWweVp
LBqMQr/pw7pXRTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JJX1JxSzVabHNIbGFTd2FqRUtfNmNPNlYwVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8x
LzRYUnJwX0FOQTdId2RTVWdMSVVkRE51NnRJTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8xL2JJX1JxSzVabHNI
bGFTd2FqRUtfNmNPNlYwVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBh
BggrBgEFBQcBBwEB/wRSMFAwTgQCAAEwSAMEAC0MogMEAS0M6gMEAC0OLwMEAS1R
CgMEAi1R7AMEAS1SzAMEAS1T/AMEAC2CSgMEALmskAMEALm2PwMEArnw7AMEALn9
+TANBgkqhkiG9w0BAQsFAAOCAQEAD4qVKw6+jsu97O4WUgHjMdlGtMLQAQZATMj8
pQbP1MftOqF0fr/aizv9ztfNgOpZuJUkTYyPht1Y/IgK53N2Syd1jjq7sD0Guvlr
fiqGPq8mt75a19EMsZhwqY1oKAbcCIQzgqAOvJiFhDB3N1EnhJsNfop6aqPJWc7u
p2MN26f2dduf6NTJcCjIlkVnHsh1HkIcBcnjfnNzyDnvdZ3Afysdr+wcx2wyugve
pqWjoroSXBhlDT35b9a+0zALHs3Wthl75YvbmKtIxA8tyRipEw/I6hTDy/dSbeGE
6z8W56C8XRPyTSfubXbuKEJwKJAaCl6J6Gs3kDvAB3N8+47a+A==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:09 2023 by rpki-client on console-ams.rpki-client.org