Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/I3Rwo6MjvSCcFoQrvSX6JP_Ekeo.roa
File: I3Rwo6MjvSCcFoQrvSX6JP_Ekeo.roa (raw, json)
Hash identifier: aW8TeHC3oebujF1Lrs1w5b6rNvM7o41vMMn3Nj7+T00=
Subject key identifier: 23:74:70:A3:A3:23:BD:20:9C:16:84:2B:BD:25:FA:24:FF:C4:91:EA
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 19D7E0C7
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/I3Rwo6MjvSCcFoQrvSX6JP_Ekeo.roa
Signing time: Sun 24 Apr 2022 09:16:43 +0000
ROA not before: Sun 24 Apr 2022 09:16:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 132422
IP address blocks: 45.158.35.0/24 maxlen: 32
194.145.142.0/24 maxlen: 24
194.145.143.0/24 maxlen: 24
128.0.117.0/24 maxlen: 24
128.0.119.0/24 maxlen: 24
194.145.197.0/24 maxlen: 24
194.145.196.0/24 maxlen: 24
45.134.1.0/24 maxlen: 32
194.49.109.0/24 maxlen: 24
194.49.112.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 433578183 (0x19d7e0c7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Apr 24 09:16:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=237470a3a323bd209c16842bbd25fa24ffc491ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:83:66:2d:62:c4:84:22:c4:79:8b:d3:ee:ee:
50:dc:c2:1c:73:74:0f:2b:e7:3d:cf:93:25:c3:f1:
d1:8b:41:bb:ee:0b:2b:97:b4:fb:5a:a3:bf:2a:6e:
68:b9:91:33:5b:65:d1:5d:05:c2:b9:bb:ea:aa:35:
eb:94:6f:2c:56:4b:0c:74:b0:ad:ec:e4:a3:f1:15:
c3:51:7d:f1:0c:49:37:66:9c:cd:48:1a:62:71:bd:
65:7f:38:ef:a3:15:31:53:a3:13:fc:23:f8:ce:b0:
5e:63:b7:35:01:ca:c3:a6:51:9e:c3:4e:8b:a9:50:
77:03:43:90:a3:71:df:6e:4c:09:72:05:84:92:b7:
42:da:e1:0d:c4:b7:98:75:4d:a5:66:86:e9:4a:13:
ea:1a:92:7d:8e:17:c3:cc:c7:fa:30:39:68:71:5d:
96:8a:84:21:1d:72:70:32:22:b8:e9:53:ce:2b:37:
4b:f7:33:d1:01:9d:33:fe:81:55:a4:c5:d7:25:fc:
36:53:a2:e4:21:27:17:c8:ce:86:7e:d2:05:3f:62:
f0:bd:0f:80:cc:1e:fe:7b:29:f0:44:13:2e:a1:f9:
cb:da:26:4e:5e:b4:a6:6d:b0:02:62:82:25:99:52:
00:e6:60:2d:a0:45:ff:ee:80:bd:8f:06:87:46:85:
df:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:74:70:A3:A3:23:BD:20:9C:16:84:2B:BD:25:FA:24:FF:C4:91:EA
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/I3Rwo6MjvSCcFoQrvSX6JP_Ekeo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.134.1.0/24
45.158.35.0/24
128.0.117.0/24
128.0.119.0/24
194.49.109.0/24
194.49.112.0/24
194.145.142.0/23
194.145.196.0/23
Signature Algorithm: sha256WithRSAEncryption
33:a4:a5:84:c0:bd:d5:d8:79:11:12:69:95:52:eb:c3:9f:9a:
84:b5:40:1e:72:bb:e8:85:ce:06:c8:b0:3d:d6:b6:9a:27:ba:
a8:48:11:72:82:06:ed:b4:88:cf:10:32:b8:ad:77:57:e8:ca:
e1:80:cf:a2:5f:82:99:45:10:b7:c1:c8:c2:f9:0a:66:48:98:
eb:7d:05:2d:d5:55:9d:f4:2b:12:3a:64:bc:ab:c8:e3:5d:4f:
92:fb:0d:49:e7:b1:d9:8f:b3:50:df:44:79:38:c4:b0:d0:8f:
32:6f:22:d2:b8:57:b2:13:8d:e2:9a:f0:e1:8d:fc:e5:6a:9f:
31:01:0c:84:06:54:49:85:ff:46:13:88:fd:59:ce:74:03:51:
0d:7b:fc:b3:4f:2f:ae:fb:bd:ef:51:f9:ec:e8:7e:ce:36:0f:
4a:bd:0d:e3:95:e6:e3:d7:ff:b4:ab:45:a8:27:21:2b:d9:78:
41:c0:69:23:40:9a:c4:8c:41:ea:21:7b:de:ad:db:63:a2:21:
51:91:83:e9:4e:9a:17:42:c7:0d:16:43:0b:4b:6f:de:37:27:
d7:ec:a1:a2:9a:d0:c9:be:67:67:7f:e3:b8:54:07:25:00:dc:
fb:8c:8b:a9:3c:fe:d4:58:21:86:5f:58:79:71:c6:08:79:27:
69:b0:e1:fb
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgIEGdfgxzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzhmZDFhOGFlNTk5NmMxZTU2OTJjMWE4YzQyYmZlOWMzYmE1NzQ1MB4XDTIyMDQy
NDA5MTY0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjM3NDcwYTNhMzIz
YmQyMDljMTY4NDJiYmQyNWZhMjRmZmM0OTFlYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJeDZi1ixIQixHmL0+7uUNzCHHN0DyvnPc+TJcPx0YtBu+4L
K5e0+1qjvypuaLmRM1tl0V0Fwrm76qo165RvLFZLDHSwrezko/EVw1F98QxJN2ac
zUgaYnG9ZX8476MVMVOjE/wj+M6wXmO3NQHKw6ZRnsNOi6lQdwNDkKNx325MCXIF
hJK3QtrhDcS3mHVNpWaG6UoT6hqSfY4Xw8zH+jA5aHFdloqEIR1ycDIiuOlTzis3
S/cz0QGdM/6BVaTF1yX8NlOi5CEnF8jOhn7SBT9i8L0PgMwe/nsp8EQTLqH5y9om
Tl60pm2wAmKCJZlSAOZgLaBF/+6AvY8Gh0aF318CAwEAAaOCAjMwggIvMB0GA1Ud
DgQWBBQjdHCjoyO9IJwWhCu9Jfok/8SR6jAfBgNVHSMEGDAWgBRsj9GorlmWweVp
LBqMQr/pw7pXRTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JJX1JxSzVabHNIbGFTd2FqRUtfNmNPNlYwVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8x
L0kzUndvNk1qdlNDY0ZvUXJ2U1g2SlBfRWtlby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8xL2JJX1JxSzVabHNI
bGFTd2FqRUtfNmNPNlYwVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBJ
BggrBgEFBQcBBwEB/wQ6MDgwNgQCAAEwMAMEAC2GAQMEAC2eIwMEAIAAdQMEAIAA
dwMEAMIxbQMEAMIxcAMEAcKRjgMEAcKRxDANBgkqhkiG9w0BAQsFAAOCAQEAM6Sl
hMC91dh5ERJplVLrw5+ahLVAHnK76IXOBsiwPda2mie6qEgRcoIG7bSIzxAyuK13
V+jK4YDPol+CmUUQt8HIwvkKZkiY630FLdVVnfQrEjpkvKvI411PkvsNSeex2Y+z
UN9EeTjEsNCPMm8i0rhXshON4prw4Y385WqfMQEMhAZUSYX/RhOI/VnOdANRDXv8
s08vrvu971H57Oh+zjYPSr0N45Xm49f/tKtFqCchK9l4QcBpI0CaxIxB6iF73q3b
Y6IhUZGD6U6aF0LHDRZDC0tv3jcn1+yhoprQyb5nZ3/juFQHJQDc+4yLqTz+1Fgh
hl9YeXHGCHknabDh+w==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:17 2023 by rpki-client on console-fra.rpki-client.org