Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/hL5SWVpTmvrZDRfwsMF9oTwBBvk.roa
File: hL5SWVpTmvrZDRfwsMF9oTwBBvk.roa (raw, json)
Hash identifier: kJQrdn4pP0hQ1ba4A5p6dCF0ugny7Su4bTe8FrVmYog=
Subject key identifier: 84:BE:52:59:5A:53:9A:FA:D9:0D:17:F0:B0:C1:7D:A1:3C:01:06:F9
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 1968246F
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/hL5SWVpTmvrZDRfwsMF9oTwBBvk.roa
Signing time: Sat 02 Apr 2022 22:29:56 +0000
ROA not before: Sat 02 Apr 2022 22:29:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 26636
IP address blocks: 45.12.232.0/24 maxlen: 32
45.82.206.0/23 maxlen: 32
92.119.150.0/23 maxlen: 32
91.188.203.0/24 maxlen: 32
193.187.155.0/24 maxlen: 24
193.187.154.0/24 maxlen: 24
193.187.153.0/24 maxlen: 24
45.14.46.0/24 maxlen: 32
2.59.174.0/23 maxlen: 32
45.10.2.0/24 maxlen: 32
213.232.104.0/24 maxlen: 24
193.160.212.0/24 maxlen: 24
5.181.148.0/23 maxlen: 32
185.226.75.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 426255471 (0x1968246f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Apr 2 22:29:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=84be52595a539afad90d17f0b0c17da13c0106f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:85:23:73:c5:d8:b9:7a:0e:69:f2:7b:54:71:
5d:f8:ba:11:bc:d6:f6:a2:69:20:96:82:a2:ec:94:
80:6c:f4:e1:e4:46:ad:cc:0b:2a:c3:c4:e1:ec:f7:
91:1a:cf:f2:f0:5c:a8:b5:dd:69:27:1c:92:de:65:
3c:ff:4c:b5:d3:b9:d7:05:5e:ff:36:21:b3:9f:dd:
0d:dd:64:1a:1b:b5:6a:fb:ef:3e:91:1d:56:ce:ec:
f8:be:fc:88:56:a7:ee:36:57:94:c1:7e:62:a9:da:
d2:9b:27:1a:d1:bb:6a:fc:2f:af:c1:36:d6:98:70:
f7:a8:66:ba:2b:e2:29:fe:d1:d9:8a:da:bb:b3:a4:
1a:1d:08:7d:08:b8:99:2f:66:0c:82:ad:27:30:38:
0a:0d:33:d4:0e:28:c6:4e:44:4d:8f:bb:13:33:5f:
07:02:54:a0:18:72:49:50:1b:79:76:46:ca:ca:de:
c5:1b:15:7f:d8:e5:15:14:bb:78:f9:5a:11:c9:7a:
92:c1:0c:fe:63:2e:b3:c0:d7:38:75:60:a2:03:e9:
46:ed:62:52:ea:27:6b:ba:3f:16:79:76:61:c4:8c:
f4:3b:2d:fe:7d:33:25:93:a2:0b:7e:e1:71:e6:c5:
d7:03:8d:e7:87:7f:a1:a5:42:f8:72:2a:34:1b:6a:
71:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:BE:52:59:5A:53:9A:FA:D9:0D:17:F0:B0:C1:7D:A1:3C:01:06:F9
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/hL5SWVpTmvrZDRfwsMF9oTwBBvk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.174.0/23
5.181.148.0/23
45.10.2.0/24
45.12.232.0/24
45.14.46.0/24
45.82.206.0/23
91.188.203.0/24
92.119.150.0/23
185.226.75.0/24
193.160.212.0/24
193.187.153.0-193.187.155.255
213.232.104.0/24
Signature Algorithm: sha256WithRSAEncryption
24:2e:ff:ed:b3:ab:d9:86:cf:ae:7d:62:19:82:cc:ce:d7:76:
89:75:55:fa:f8:19:e0:25:69:6a:82:d1:42:a5:10:30:16:70:
26:62:73:31:48:e8:0e:05:cd:18:da:be:c3:00:11:35:09:e8:
28:fd:91:1b:44:a1:a5:56:a4:29:a7:f7:0b:ca:fd:73:20:ac:
f0:c8:82:34:4c:d9:98:24:67:9b:d5:7e:fe:86:e3:4d:b1:84:
9c:f8:94:7f:b5:db:a9:91:8c:ad:19:73:dd:5f:2a:eb:7b:87:
eb:97:ae:e9:80:fc:4d:b4:da:b0:ea:a4:a6:fe:02:b1:a2:fa:
84:dc:89:45:08:0f:bf:1c:7f:65:b1:9e:39:fb:25:0e:65:3f:
c3:11:08:3c:de:b7:bf:b6:1c:ec:ca:95:a1:5c:9c:5a:fa:dc:
1a:fd:ce:6c:6a:b0:1d:d6:f6:8f:c3:0b:ae:1c:10:cf:70:ef:
f0:b5:8d:c2:a9:1b:2b:d6:b8:03:7d:c9:3d:dc:c5:bf:92:fd:
de:0f:da:d3:a4:0c:22:0d:db:ea:2a:83:d8:b8:8e:a5:0b:86:
fa:ad:9f:c7:f5:15:2d:7f:66:3a:c8:eb:73:46:cd:ec:2e:5e:
e7:a2:13:45:57:63:46:1e:c1:bf:00:26:16:4c:fc:63:49:8a:
13:6d:3b:ba
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgIEGWgkbzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzhmZDFhOGFlNTk5NmMxZTU2OTJjMWE4YzQyYmZlOWMzYmE1NzQ1MB4XDTIyMDQw
MjIyMjk1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODRiZTUyNTk1YTUz
OWFmYWQ5MGQxN2YwYjBjMTdkYTEzYzAxMDZmOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKmFI3PF2Ll6Dmnye1RxXfi6EbzW9qJpIJaCouyUgGz04eRG
rcwLKsPE4ez3kRrP8vBcqLXdaScckt5lPP9MtdO51wVe/zYhs5/dDd1kGhu1avvv
PpEdVs7s+L78iFan7jZXlMF+Yqna0psnGtG7avwvr8E21phw96hmuiviKf7R2Yra
u7OkGh0IfQi4mS9mDIKtJzA4Cg0z1A4oxk5ETY+7EzNfBwJUoBhySVAbeXZGysre
xRsVf9jlFRS7ePlaEcl6ksEM/mMus8DXOHVgogPpRu1iUuona7o/Fnl2YcSM9Dst
/n0zJZOiC37hcebF1wON54d/oaVC+HIqNBtqcZUCAwEAAaOCAlMwggJPMB0GA1Ud
DgQWBBSEvlJZWlOa+tkNF/CwwX2hPAEG+TAfBgNVHSMEGDAWgBRsj9GorlmWweVp
LBqMQr/pw7pXRTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JJX1JxSzVabHNIbGFTd2FqRUtfNmNPNlYwVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8x
L2hMNVNXVnBUbXZyWkRSZndzTUY5b1R3QkJ2ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8xL2JJX1JxSzVabHNI
bGFTd2FqRUtfNmNPNlYwVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBp
BggrBgEFBQcBBwEB/wRaMFgwVgQCAAEwUAMEAQI7rgMEAQW1lAMEAC0KAgMEAC0M
6AMEAC0OLgMEAS1SzgMEAFu8ywMEAVx3lgMEALniSwMEAMGg1DAMAwQAwbuZAwQC
wbuYAwQA1ehoMA0GCSqGSIb3DQEBCwUAA4IBAQAkLv/ts6vZhs+ufWIZgszO13aJ
dVX6+BngJWlqgtFCpRAwFnAmYnMxSOgOBc0Y2r7DABE1Cego/ZEbRKGlVqQpp/cL
yv1zIKzwyII0TNmYJGeb1X7+huNNsYSc+JR/tdupkYytGXPdXyrre4frl67pgPxN
tNqw6qSm/gKxovqE3IlFCA+/HH9lsZ45+yUOZT/DEQg83re/thzsypWhXJxa+twa
/c5sarAd1vaPwwuuHBDPcO/wtY3CqRsr1rgDfck93MW/kv3eD9rTpAwiDdvqKoPY
uI6lC4b6rZ/H9RUtf2Y6yOtzRs3sLl7nohNFV2NGHsG/ACYWTPxjSYoTbTu6
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:09 2023 by rpki-client on console-ams.rpki-client.org