Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/mCzkwGnR598c2pA4lCYXPaNjrNo.roa
File: mCzkwGnR598c2pA4lCYXPaNjrNo.roa (raw, json)
Hash identifier: Hfvp7hRWZJruisGbEat3Qu+8Uh3I0OttYdwHu6y1Q2A=
Subject key identifier: 98:2C:E4:C0:69:D1:E7:DF:1C:DA:90:38:94:26:17:3D:A3:63:AC:DA
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 19BD222B
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/mCzkwGnR598c2pA4lCYXPaNjrNo.roa
Signing time: Fri 15 Apr 2022 12:36:41 +0000
ROA not before: Fri 15 Apr 2022 12:36:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 140107
IP address blocks: 45.81.236.0/22 maxlen: 32
45.82.204.0/23 maxlen: 32
45.12.234.0/23 maxlen: 32
45.135.220.0/22 maxlen: 32
45.94.164.0/22 maxlen: 24
185.182.63.0/24 maxlen: 24
45.12.162.0/24 maxlen: 32
193.16.8.0/24 maxlen: 24
79.143.50.0/24 maxlen: 24
185.240.236.0/22 maxlen: 24
45.128.28.0/22 maxlen: 24
84.39.190.0/24 maxlen: 32
45.81.10.0/23 maxlen: 32
94.199.100.0/24 maxlen: 24
45.135.100.0/22 maxlen: 24
45.14.47.0/24 maxlen: 32
185.172.144.0/24 maxlen: 24
45.15.36.0/23 maxlen: 32
185.253.249.0/24 maxlen: 24
194.49.113.0/24 maxlen: 24
45.83.252.0/23 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 431825451 (0x19bd222b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Apr 15 12:36:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=982ce4c069d1e7df1cda90389426173da363acda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:49:b2:ef:98:95:ee:09:f5:17:0b:dd:de:89:
ee:3d:ed:da:c4:f0:63:82:11:d6:80:f1:f5:bc:76:
11:e4:5d:df:5c:21:87:03:4f:41:a8:d9:80:eb:f7:
7c:f1:1f:fc:3c:df:6e:63:c5:e7:33:f8:c7:36:26:
23:5e:f7:39:bf:fe:b1:37:52:be:d6:cb:d4:c2:8b:
8d:b9:50:a4:2e:72:33:10:2b:10:3e:ff:1c:46:03:
37:1c:53:82:a9:ce:36:ce:ae:1a:5d:4c:47:c1:10:
67:64:96:af:51:4d:51:99:99:5e:86:db:cc:c9:81:
95:ab:0c:2a:0d:c1:2c:97:76:36:84:38:43:7a:aa:
ed:27:dd:33:d8:22:b5:22:a5:3f:65:58:06:9c:4a:
81:2a:0a:ce:ac:0a:2b:36:4f:6a:92:41:ee:8b:e1:
50:20:16:65:e9:0a:fc:7d:2d:63:f5:22:9f:b3:2c:
13:2f:d6:b6:da:7f:b6:d4:c5:3b:4d:31:64:15:1e:
7a:76:cd:1f:e7:62:0b:86:92:a5:08:12:76:f6:52:
48:46:1d:35:34:c9:25:a6:22:f8:89:4c:f7:43:1d:
64:c4:e2:d2:29:22:bf:28:a7:ba:f3:f4:a4:e0:da:
16:10:e9:ea:a8:dc:7e:58:1d:1e:f9:55:ad:43:fb:
cd:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:2C:E4:C0:69:D1:E7:DF:1C:DA:90:38:94:26:17:3D:A3:63:AC:DA
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/mCzkwGnR598c2pA4lCYXPaNjrNo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.162.0/24
45.12.234.0/23
45.14.47.0/24
45.15.36.0/23
45.81.10.0/23
45.81.236.0/22
45.82.204.0/23
45.83.252.0/23
45.94.164.0/22
45.128.28.0/22
45.135.100.0/22
45.135.220.0/22
79.143.50.0/24
84.39.190.0/24
94.199.100.0/24
185.172.144.0/24
185.182.63.0/24
185.240.236.0/22
185.253.249.0/24
193.16.8.0/24
194.49.113.0/24
Signature Algorithm: sha256WithRSAEncryption
ba:07:f8:29:2c:f5:b9:1b:dd:90:42:3c:f6:ba:7f:0e:d5:30:
30:d2:03:9c:71:80:f2:9b:d7:1c:69:22:45:cb:62:51:51:3a:
a8:a3:17:da:96:ac:c1:34:91:d3:26:4e:68:f0:60:c7:8b:d1:
69:d1:cb:0d:0c:94:53:48:32:11:78:0a:3b:a2:6e:51:a4:29:
6d:a9:f4:e3:b1:c4:6b:50:3c:86:75:69:42:72:6b:79:80:e6:
36:79:1f:d9:bf:76:b6:5a:2c:0d:16:fc:ea:bd:86:c7:cb:f7:
6e:29:9c:86:3a:c7:0d:c2:0d:ff:3b:e6:c2:85:03:11:22:a4:
b7:2c:b6:17:b2:cb:d5:15:32:a4:0b:1d:2e:f8:ed:93:aa:d4:
b5:bb:b8:eb:04:94:3e:ed:d7:d3:35:57:f9:11:a4:b7:4b:7f:
f1:48:fe:eb:af:e1:35:83:9b:02:74:b2:43:b9:2e:9b:9a:ba:
70:93:2b:2f:ad:54:fd:ad:93:43:eb:a3:f2:f4:41:c8:24:9c:
0b:27:2a:7e:0e:f6:1e:ba:76:9d:12:7d:b8:86:7e:4b:7b:0f:
16:db:e0:3f:2a:df:7d:85:c9:3e:32:85:37:62:69:8f:e3:3f:
14:69:7a:d1:37:73:ba:02:c8:15:3f:86:d3:47:b4:f6:f1:6d:
9a:67:ca:46
-----BEGIN CERTIFICATE-----
MIIFazCCBFOgAwIBAgIEGb0iKzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzhmZDFhOGFlNTk5NmMxZTU2OTJjMWE4YzQyYmZlOWMzYmE1NzQ1MB4XDTIyMDQx
NTEyMzY0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTgyY2U0YzA2OWQx
ZTdkZjFjZGE5MDM4OTQyNjE3M2RhMzYzYWNkYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMhJsu+Yle4J9RcL3d6J7j3t2sTwY4IR1oDx9bx2EeRd31wh
hwNPQajZgOv3fPEf/DzfbmPF5zP4xzYmI173Ob/+sTdSvtbL1MKLjblQpC5yMxAr
ED7/HEYDNxxTgqnONs6uGl1MR8EQZ2SWr1FNUZmZXobbzMmBlasMKg3BLJd2NoQ4
Q3qq7SfdM9gitSKlP2VYBpxKgSoKzqwKKzZPapJB7ovhUCAWZekK/H0tY/Uin7Ms
Ey/Wttp/ttTFO00xZBUeenbNH+diC4aSpQgSdvZSSEYdNTTJJaYi+IlM90MdZMTi
0ikivyinuvP0pODaFhDp6qjcflgdHvlVrUP7zcUCAwEAAaOCAoUwggKBMB0GA1Ud
DgQWBBSYLOTAadHn3xzakDiUJhc9o2Os2jAfBgNVHSMEGDAWgBRsj9GorlmWweVp
LBqMQr/pw7pXRTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JJX1JxSzVabHNIbGFTd2FqRUtfNmNPNlYwVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8x
L21Demt3R25SNTk4YzJwQTRsQ1lYUGFOanJOby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8xL2JJX1JxSzVabHNI
bGFTd2FqRUtfNmNPNlYwVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
mgYIKwYBBQUHAQcBAf8EgYowgYcwgYQEAgABMH4DBAAtDKIDBAEtDOoDBAAtDi8D
BAEtDyQDBAEtUQoDBAItUewDBAEtUswDBAEtU/wDBAItXqQDBAItgBwDBAIth2QD
BAIth9wDBABPjzIDBABUJ74DBABex2QDBAC5rJADBAC5tj8DBAK58OwDBAC5/fkD
BADBEAgDBADCMXEwDQYJKoZIhvcNAQELBQADggEBALoH+Cks9bkb3ZBCPPa6fw7V
MDDSA5xxgPKb1xxpIkXLYlFROqijF9qWrME0kdMmTmjwYMeL0WnRyw0MlFNIMhF4
CjuiblGkKW2p9OOxxGtQPIZ1aUJya3mA5jZ5H9m/drZaLA0W/Oq9hsfL924pnIY6
xw3CDf875sKFAxEipLcstheyy9UVMqQLHS747ZOq1LW7uOsElD7t19M1V/kRpLdL
f/FI/uuv4TWDmwJ0skO5LpuaunCTKy+tVP2tk0Pro/L0QcgknAsnKn4O9h66dp0S
fbiGfkt7Dxbb4D8q332FyT4yhTdiaY/jPxRpetE3c7oCyBU/htNHtPbxbZpnykY=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:09 2023 by rpki-client on console-ams.rpki-client.org