Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/cpv74uU2l1t7UiCSTfGbS8-hFlU.roa
File: cpv74uU2l1t7UiCSTfGbS8-hFlU.roa (raw, json)
Hash identifier: cyDy28Wuc8kP8BHb9IrYCsCARY1/O0K/OTs9zqHARb0=
Subject key identifier: 72:9B:FB:E2:E5:36:97:5B:7B:52:20:92:4D:F1:9B:4B:CF:A1:16:55
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 1968B9E6
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/cpv74uU2l1t7UiCSTfGbS8-hFlU.roa
Signing time: Sat 02 Apr 2022 22:29:57 +0000
ROA not before: Sat 02 Apr 2022 22:29:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 46261
IP address blocks: 5.183.204.0/23 maxlen: 32
45.12.232.0/24 maxlen: 32
45.82.206.0/23 maxlen: 32
45.15.38.0/23 maxlen: 32
92.119.151.0/24 maxlen: 32
193.187.153.0/24 maxlen: 32
193.187.154.0/23 maxlen: 32
45.14.46.0/24 maxlen: 32
45.138.210.0/23 maxlen: 24
45.10.2.0/24 maxlen: 32
193.160.212.0/24 maxlen: 32
213.232.104.0/24 maxlen: 32
5.181.148.0/23 maxlen: 32
45.67.16.0/23 maxlen: 32
185.226.75.0/24 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 426293734 (0x1968b9e6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Apr 2 22:29:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=729bfbe2e536975b7b5220924df19b4bcfa11655
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:28:cf:fd:a9:6f:98:35:cb:2f:de:d6:7a:76:
77:24:ae:fc:2d:70:49:ba:de:df:b5:5c:0c:26:fd:
1b:0d:78:21:ad:b1:81:f6:67:2c:17:97:e2:d2:05:
6a:7e:60:87:8d:56:c8:37:e2:d4:ec:0b:6f:a3:13:
69:66:53:fc:da:1c:af:9a:0c:ca:bc:46:e5:a0:5b:
4e:5a:43:ec:a2:82:d1:eb:5b:aa:53:17:11:20:36:
75:5c:19:ee:77:6e:43:32:0d:14:ab:5c:9d:f5:3f:
39:f0:35:2a:ed:05:b2:73:69:a8:10:f6:ae:0f:f9:
e1:a5:b9:88:93:19:e7:2c:a3:09:17:8e:bd:e5:21:
74:54:dc:9e:e1:70:4e:98:af:4c:eb:ec:56:4f:e2:
e8:01:3f:4b:73:e6:f0:27:cb:87:78:6c:e7:3d:bc:
3f:31:da:42:ea:bf:60:3b:f6:c5:aa:fa:5f:cd:1c:
0f:3c:21:22:8a:2f:a4:87:1c:2a:aa:32:50:3c:2c:
ab:d9:b5:83:f8:db:f6:fd:4f:f1:ec:b5:e1:77:c1:
b3:e7:34:65:c3:64:4f:32:23:1e:95:65:12:df:4a:
18:56:68:48:4a:eb:85:d2:c3:0c:13:37:c2:61:7c:
47:71:d2:bf:be:01:0c:57:ac:59:db:cd:58:32:44:
8f:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:9B:FB:E2:E5:36:97:5B:7B:52:20:92:4D:F1:9B:4B:CF:A1:16:55
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/cpv74uU2l1t7UiCSTfGbS8-hFlU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.148.0/23
5.183.204.0/23
45.10.2.0/24
45.12.232.0/24
45.14.46.0/24
45.15.38.0/23
45.67.16.0/23
45.82.206.0/23
45.138.210.0/23
92.119.151.0/24
185.226.75.0/24
193.160.212.0/24
193.187.153.0-193.187.155.255
213.232.104.0/24
Signature Algorithm: sha256WithRSAEncryption
cd:4c:24:f7:a3:86:d2:14:3e:f1:76:44:a2:37:ee:19:9b:e1:
5a:d2:65:a3:1d:0e:be:23:4d:31:97:cd:5f:c5:57:62:77:70:
23:c6:4b:b9:66:f4:cd:f9:36:5f:d6:c3:78:a6:09:6b:d8:b4:
50:a7:ef:bf:a9:4e:36:e2:a9:b2:f3:de:e9:83:cb:4b:58:dc:
5d:60:12:41:f1:ac:eb:64:67:70:fb:d5:7e:aa:aa:e6:7c:15:
b0:ec:c6:6c:9c:12:f1:24:e1:e5:8b:66:7d:c3:70:49:62:e0:
55:99:54:1d:1b:61:3e:f2:7e:54:60:ca:3a:07:cc:14:c0:1d:
09:52:a4:d0:02:3c:d9:4e:d7:11:7c:22:74:68:84:dd:ac:65:
b0:79:52:2f:e2:e4:d2:69:c6:07:4f:6f:e4:43:03:22:b0:29:
40:92:14:fc:f8:0b:80:9f:cd:83:da:c5:96:75:70:09:2b:f1:
31:7f:c1:92:08:3d:dd:52:03:3a:f1:9f:e2:1a:3b:7a:ab:9a:
46:f2:ad:76:98:8a:3b:89:fd:61:d8:12:ae:c7:70:ff:86:9e:
c9:51:f2:fe:a4:ef:55:6d:92:19:25:ac:1e:2c:c5:63:6b:80:
80:1c:05:bb:df:f1:a9:0b:34:92:0c:2e:61:e6:c2:13:4a:b8:
ed:cf:4b:b2
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgIEGWi55jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzhmZDFhOGFlNTk5NmMxZTU2OTJjMWE4YzQyYmZlOWMzYmE1NzQ1MB4XDTIyMDQw
MjIyMjk1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzI5YmZiZTJlNTM2
OTc1YjdiNTIyMDkyNGRmMTliNGJjZmExMTY1NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKsoz/2pb5g1yy/e1np2dySu/C1wSbre37VcDCb9Gw14Ia2x
gfZnLBeX4tIFan5gh41WyDfi1OwLb6MTaWZT/Nocr5oMyrxG5aBbTlpD7KKC0etb
qlMXESA2dVwZ7nduQzINFKtcnfU/OfA1Ku0FsnNpqBD2rg/54aW5iJMZ5yyjCReO
veUhdFTcnuFwTpivTOvsVk/i6AE/S3Pm8CfLh3hs5z28PzHaQuq/YDv2xar6X80c
DzwhIoovpIccKqoyUDwsq9m1g/jb9v1P8ey14XfBs+c0ZcNkTzIjHpVlEt9KGFZo
SErrhdLDDBM3wmF8R3HSv74BDFesWdvNWDJEj1kCAwEAAaOCAl8wggJbMB0GA1Ud
DgQWBBRym/vi5TaXW3tSIJJN8ZtLz6EWVTAfBgNVHSMEGDAWgBRsj9GorlmWweVp
LBqMQr/pw7pXRTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JJX1JxSzVabHNIbGFTd2FqRUtfNmNPNlYwVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8x
L2Nwdjc0dVUybDF0N1VpQ1NUZkdiUzgtaEZsVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8xL2JJX1JxSzVabHNI
bGFTd2FqRUtfNmNPNlYwVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB1
BggrBgEFBQcBBwEB/wRmMGQwYgQCAAEwXAMEAQW1lAMEAQW3zAMEAC0KAgMEAC0M
6AMEAC0OLgMEAS0PJgMEAS1DEAMEAS1SzgMEAS2K0gMEAFx3lwMEALniSwMEAMGg
1DAMAwQAwbuZAwQCwbuYAwQA1ehoMA0GCSqGSIb3DQEBCwUAA4IBAQDNTCT3o4bS
FD7xdkSiN+4Zm+Fa0mWjHQ6+I00xl81fxVdid3Ajxku5ZvTN+TZf1sN4pglr2LRQ
p++/qU424qmy897pg8tLWNxdYBJB8azrZGdw+9V+qqrmfBWw7MZsnBLxJOHli2Z9
w3BJYuBVmVQdG2E+8n5UYMo6B8wUwB0JUqTQAjzZTtcRfCJ0aITdrGWweVIv4uTS
acYHT2/kQwMisClAkhT8+AuAn82D2sWWdXAJK/Exf8GSCD3dUgM68Z/iGjt6q5pG
8q12mIo7if1h2BKux3D/hp7JUfL+pO9VbZIZJaweLMVja4CAHAW73/GpCzSSDC5h
5sITSrjtz0uy
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:33 2024 by rpki-client on console-ams.rpki-client.org