Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/_giB_udYgKZXRFENLNUxkEkdWQM.roa
File: _giB_udYgKZXRFENLNUxkEkdWQM.roa (raw, json)
Hash identifier: L02114ZXULN08tvlI0Dxz2fVXOkiYR6VI+AmLvfI+Gs=
Subject key identifier: FE:08:81:FE:E7:58:80:A6:57:44:51:0D:2C:D5:31:90:49:1D:59:03
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 018456D3974EED6E958B687240EEB276A1F7
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/_giB_udYgKZXRFENLNUxkEkdWQM.roa
Signing time: Tue 08 Nov 2022 10:40:18 +0000
ROA not before: Tue 08 Nov 2022 10:40:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60945
IP address blocks: 185.133.73.0/24 maxlen: 24
45.85.194.0/24 maxlen: 24
185.137.181.0/24 maxlen: 32
2a06:7a03::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:56:d3:97:4e:ed:6e:95:8b:68:72:40:ee:b2:76:a1:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Nov 8 10:40:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fe0881fee75880a65744510d2cd53190491d5903
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:84:47:bd:2b:26:40:15:19:95:21:bd:0e:90:
20:3b:73:4e:80:0f:23:98:81:7e:c5:83:51:e0:18:
5a:10:d6:94:4d:8a:58:e0:22:a4:9d:5f:69:65:53:
12:6a:28:c2:ba:f5:d8:63:b1:8e:a7:aa:ea:48:84:
8c:ec:ae:c5:2e:85:78:91:60:3d:26:28:cc:b6:13:
0d:1c:83:5e:5e:26:00:18:be:ce:c9:8c:58:1a:49:
b5:bb:41:c8:2a:d6:79:c2:5d:fd:27:1d:c5:89:a4:
58:73:f0:b6:4b:ae:10:36:7f:04:af:21:3c:2d:bf:
2f:7b:de:3c:d1:8d:e6:ba:98:d0:ef:a3:08:e2:46:
49:c5:4c:16:90:07:71:9a:60:b0:38:d4:d6:36:5c:
b5:c0:5d:7e:e3:87:f1:74:56:ff:04:5b:dc:e4:91:
01:8a:e3:e0:b4:d7:1e:10:3c:45:9e:a5:ce:ed:02:
3e:5a:2f:1b:08:94:51:87:a7:1f:2f:e5:9f:8c:60:
fe:51:61:47:3e:d9:fb:b2:0d:59:f4:de:00:7b:76:
88:bb:bf:56:30:2c:47:9b:fe:1b:61:fd:7b:2f:48:
cb:c7:0c:56:ba:05:35:3e:23:77:7e:9d:c4:6b:58:
6e:68:97:dc:1c:a4:c2:5f:9c:9e:12:f7:d0:64:3a:
a5:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:08:81:FE:E7:58:80:A6:57:44:51:0D:2C:D5:31:90:49:1D:59:03
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/_giB_udYgKZXRFENLNUxkEkdWQM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.194.0/24
185.133.73.0/24
185.137.181.0/24
IPv6:
2a06:7a03::/48
Signature Algorithm: sha256WithRSAEncryption
0c:79:01:93:9a:bb:af:6a:96:73:c2:68:d1:0c:50:66:ab:7f:
cd:bf:ce:2f:ff:2a:b7:f6:12:c0:f2:56:58:4d:8b:73:30:f5:
69:33:0f:90:c9:86:96:81:cb:b6:f5:77:a1:39:d4:28:2f:eb:
57:19:07:76:12:ae:e6:7e:f9:49:d4:4c:f9:bb:d2:b7:39:c5:
f4:3b:ab:2c:1d:8e:ca:0e:83:4e:8a:ce:1c:d7:35:14:d3:93:
13:83:69:f1:03:44:c4:07:30:76:7b:db:38:28:f4:ee:56:6b:
74:81:01:40:cd:5c:70:06:20:d7:ef:da:df:78:ee:06:08:23:
fa:d3:dd:68:8d:50:22:13:f4:86:5a:76:96:10:86:8d:e1:40:
ec:af:1e:29:97:11:a1:66:35:41:24:b6:95:ce:0e:a3:ba:ed:
35:8b:91:d8:75:1b:bf:58:2c:cb:d1:d5:71:e0:a4:7c:6c:90:
16:aa:80:f0:59:ef:45:d3:26:37:92:53:f4:0a:c9:70:f5:a4:
97:c2:97:07:fd:1c:42:84:85:68:c1:82:aa:c0:c4:21:d2:40:
84:ca:53:3e:ba:0c:80:2b:c4:2b:52:74:d8:9e:18:e8:94:6f:
fd:f8:25:f1:78:a1:35:e2:f6:fe:18:0c:48:79:0b:93:b2:8d:
d8:7c:b4:00
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYRW05dO7W6Vi2hyQO6ydqH3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjIxMTA4MTA0MDE4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTA4ODFmZWU3NTg4MGE2NTc0NDUxMGQyY2Q1MzE5MDQ5MWQ1OTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxIRHvSsmQBUZlSG9DpAgO3NOgA8j
mIF+xYNR4BhaENaUTYpY4CKknV9pZVMSaijCuvXYY7GOp6rqSISM7K7FLoV4kWA9
JijMthMNHINeXiYAGL7OyYxYGkm1u0HIKtZ5wl39Jx3FiaRYc/C2S64QNn8EryE8
Lb8ve9480Y3mupjQ76MI4kZJxUwWkAdxmmCwONTWNly1wF1+44fxdFb/BFvc5JEB
iuPgtNceEDxFnqXO7QI+Wi8bCJRRh6cfL+WfjGD+UWFHPtn7sg1Z9N4Ae3aIu79W
MCxHm/4bYf17L0jLxwxWugU1PiN3fp3Ea1huaJfcHKTCX5yeEvfQZDqlXQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFP4Igf7nWICmV0RRDSzVMZBJHVkDMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvX2dpQl91ZFlnS1pYUkZFTkxOVXhrRWtkV1FNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQALVXCAwQA
uYVJAwQAuYm1MA8EAgACMAkDBwAqBnoDAAAwDQYJKoZIhvcNAQELBQADggEBAAx5
AZOau69qlnPCaNEMUGarf82/zi//Krf2EsDyVlhNi3Mw9WkzD5DJhpaBy7b1d6E5
1Cgv61cZB3YSruZ++UnUTPm70rc5xfQ7qywdjsoOg06KzhzXNRTTkxODafEDRMQH
MHZ72zgo9O5Wa3SBAUDNXHAGINfv2t947gYII/rT3WiNUCIT9IZadpYQho3hQOyv
HimXEaFmNUEktpXODqO67TWLkdh1G79YLMvR1XHgpHxskBaqgPBZ70XTJjeSU/QK
yXD1pJfClwf9HEKEhWjBgqrAxCHSQITKUz66DIArxCtSdNieGOiUb/34JfF4oTXi
9v4YDEh5C5Oyjdh8tAA=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:18 2023 by rpki-client on console-fra.rpki-client.org