Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/cJhFcFFKs70LSj5puAMGUKNiUKQ.roa
File: cJhFcFFKs70LSj5puAMGUKNiUKQ.roa (raw, json)
Hash identifier: T3+w1NrQHgQDUMDP7lx1KlZt5hP6OVnl5GP0gWhawHI=
Subject key identifier: 70:98:45:70:51:4A:B3:BD:0B:4A:3E:69:B8:03:06:50:A3:62:50:A4
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 199CD628
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/cJhFcFFKs70LSj5puAMGUKNiUKQ.roa
Signing time: Sun 10 Apr 2022 22:15:00 +0000
ROA not before: Sun 10 Apr 2022 22:15:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 5.183.204.0/23 maxlen: 32
193.187.153.0/24 maxlen: 32
45.82.206.0/23 maxlen: 32
45.12.232.0/24 maxlen: 32
2.59.174.0/23 maxlen: 32
213.232.104.0/24 maxlen: 32
45.15.38.0/23 maxlen: 32
92.119.150.0/23 maxlen: 32
45.67.16.0/23 maxlen: 32
91.188.203.0/24 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 429708840 (0x199cd628)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Apr 10 22:15:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=70984570514ab3bd0b4a3e69b8030650a36250a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:b5:2e:ba:a8:75:fb:41:7d:61:34:b2:a5:e0:
d6:7c:0f:33:9b:73:fa:7f:5d:6e:5e:db:53:ed:c0:
14:b5:4e:42:07:17:3f:a0:7e:18:fc:da:01:b5:31:
60:eb:43:4b:d3:f8:b6:05:c5:03:84:d4:f1:ea:1e:
7e:e9:01:ca:f3:ab:eb:c9:15:f2:5b:8c:f3:5c:6a:
52:ff:70:d8:82:32:57:30:e4:53:bc:c4:3d:e9:bd:
59:18:85:09:3d:a2:84:7a:ff:f8:54:91:64:31:e5:
3a:16:0b:a9:7b:9b:f3:df:3c:10:1f:f7:ea:d6:4d:
82:48:de:85:80:55:fd:f2:ca:bb:14:85:85:0b:30:
43:6e:2c:38:dc:1a:db:9e:65:1d:cc:90:83:b8:bc:
8e:89:18:fe:94:1c:cf:dd:32:13:ba:07:70:ed:e3:
30:5a:08:45:2e:a3:0a:c1:4b:c8:e3:6a:47:98:54:
47:e5:e3:e0:f0:f9:e4:fb:c4:db:c6:e7:92:3f:7a:
28:36:7e:0d:1e:47:7f:e4:47:a3:26:10:22:85:1b:
26:9e:a4:31:eb:97:74:2f:45:50:13:7a:e7:02:5a:
2d:40:8c:d6:0f:22:ce:b9:72:f5:47:5a:d7:9e:78:
78:03:35:2e:81:b4:0e:5f:7d:51:53:98:e9:72:d8:
5e:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:98:45:70:51:4A:B3:BD:0B:4A:3E:69:B8:03:06:50:A3:62:50:A4
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/cJhFcFFKs70LSj5puAMGUKNiUKQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.174.0/23
5.183.204.0/23
45.12.232.0/24
45.15.38.0/23
45.67.16.0/23
45.82.206.0/23
91.188.203.0/24
92.119.150.0/23
193.187.153.0/24
213.232.104.0/24
Signature Algorithm: sha256WithRSAEncryption
cc:63:3a:db:11:ae:5f:c1:8b:4b:c4:7e:e2:34:70:e0:21:18:
10:f4:27:ab:d6:95:e4:43:b4:34:4b:33:6a:da:3b:17:e5:6a:
0b:fa:0a:2d:81:f8:32:2b:c4:c2:3a:30:c2:9a:a3:10:c3:35:
86:9c:4e:21:f3:aa:62:96:a4:4e:18:06:3c:d9:d7:39:32:16:
87:f7:6e:18:15:99:00:70:cb:54:6a:14:2e:ab:7f:d5:d8:39:
97:88:c7:2b:ce:ad:38:ea:82:0e:a3:fd:74:82:ce:6f:6f:42:
6b:cd:2d:d8:63:ef:03:b7:18:a6:80:70:a2:9c:c6:c3:39:04:
8d:e9:09:e1:a3:fc:40:2c:ff:4b:3e:ef:3f:30:f4:d5:60:2d:
b6:fc:c6:46:89:23:40:06:e6:76:e8:27:af:bd:ab:6c:0a:51:
36:95:93:52:e4:c8:43:d0:ec:22:b4:85:44:8e:bd:df:5a:00:
fe:47:0b:db:f3:34:5c:4d:a2:89:58:a4:09:0b:14:95:19:a2:
ec:77:61:83:9a:6f:36:a8:9d:4c:0a:71:01:04:71:c8:8f:bd:
1a:7f:d0:60:3e:88:fe:e0:9d:6d:da:16:61:e0:61:50:47:37:
92:3a:89:11:82:2e:7b:b4:07:7c:d7:ae:5a:15:3f:58:79:9f:
91:af:f7:92
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgIEGZzWKDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzhmZDFhOGFlNTk5NmMxZTU2OTJjMWE4YzQyYmZlOWMzYmE1NzQ1MB4XDTIyMDQx
MDIyMTUwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzA5ODQ1NzA1MTRh
YjNiZDBiNGEzZTY5YjgwMzA2NTBhMzYyNTBhNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKW1LrqodftBfWE0sqXg1nwPM5tz+n9dbl7bU+3AFLVOQgcX
P6B+GPzaAbUxYOtDS9P4tgXFA4TU8eoefukByvOr68kV8luM81xqUv9w2IIyVzDk
U7zEPem9WRiFCT2ihHr/+FSRZDHlOhYLqXub8988EB/36tZNgkjehYBV/fLKuxSF
hQswQ24sONwa255lHcyQg7i8jokY/pQcz90yE7oHcO3jMFoIRS6jCsFLyONqR5hU
R+Xj4PD55PvE28bnkj96KDZ+DR5Hf+RHoyYQIoUbJp6kMeuXdC9FUBN65wJaLUCM
1g8izrly9Uda1554eAM1LoG0Dl99UVOY6XLYXi0CAwEAAaOCAj8wggI7MB0GA1Ud
DgQWBBRwmEVwUUqzvQtKPmm4AwZQo2JQpDAfBgNVHSMEGDAWgBRsj9GorlmWweVp
LBqMQr/pw7pXRTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JJX1JxSzVabHNIbGFTd2FqRUtfNmNPNlYwVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8x
L2NKaEZjRkZLczcwTFNqNXB1QU1HVUtOaVVLUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8xL2JJX1JxSzVabHNI
bGFTd2FqRUtfNmNPNlYwVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBV
BggrBgEFBQcBBwEB/wRGMEQwQgQCAAEwPAMEAQI7rgMEAQW3zAMEAC0M6AMEAS0P
JgMEAS1DEAMEAS1SzgMEAFu8ywMEAVx3lgMEAMG7mQMEANXoaDANBgkqhkiG9w0B
AQsFAAOCAQEAzGM62xGuX8GLS8R+4jRw4CEYEPQnq9aV5EO0NEszato7F+VqC/oK
LYH4MivEwjowwpqjEMM1hpxOIfOqYpakThgGPNnXOTIWh/duGBWZAHDLVGoULqt/
1dg5l4jHK86tOOqCDqP9dILOb29Ca80t2GPvA7cYpoBwopzGwzkEjekJ4aP8QCz/
Sz7vPzD01WAttvzGRokjQAbmdugnr72rbApRNpWTUuTIQ9DsIrSFRI6931oA/kcL
2/M0XE2iiVikCQsUlRmi7Hdhg5pvNqidTApxAQRxyI+9Gn/QYD6I/uCdbdoWYeBh
UEc3kjqJEYIue7QHfNeuWhU/WHmfka/3kg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:09 2023 by rpki-client on console-ams.rpki-client.org