Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/ruYp3EyudW1a-YIzwr86iHNdnXo.roa
File: ruYp3EyudW1a-YIzwr86iHNdnXo.roa (raw, json)
Hash identifier: 8ufquDDO5/Ol6dIvKp4/Ftqid1yIFGnmNSx7R/FQGYg=
Subject key identifier: AE:E6:29:DC:4C:AE:75:6D:5A:F9:82:33:C2:BF:3A:88:73:5D:9D:7A
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 19B6E7CC
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/ruYp3EyudW1a-YIzwr86iHNdnXo.roa
Signing time: Wed 13 Apr 2022 22:43:58 +0000
ROA not before: Wed 13 Apr 2022 22:43:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 132422
IP address blocks: 45.158.35.0/24 maxlen: 32
45.148.128.0/22 maxlen: 24
194.145.142.0/24 maxlen: 24
194.145.143.0/24 maxlen: 24
128.0.117.0/24 maxlen: 24
128.0.119.0/24 maxlen: 24
194.145.197.0/24 maxlen: 24
194.145.196.0/24 maxlen: 24
45.134.1.0/24 maxlen: 32
194.49.109.0/24 maxlen: 24
194.49.112.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 431417292 (0x19b6e7cc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Apr 13 22:43:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=aee629dc4cae756d5af98233c2bf3a88735d9d7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:ed:cb:98:05:89:be:a5:e2:e3:91:88:68:aa:
f9:95:5a:15:5d:59:7f:a6:2e:31:26:1a:ff:ea:e4:
7a:b1:78:87:26:cf:91:e1:39:d7:be:b6:cd:dc:a2:
94:2e:40:cd:d8:ba:99:fd:32:6c:ea:e2:a7:ca:1f:
a3:4f:2b:31:64:a3:2d:03:9a:3c:06:4e:12:6a:e0:
47:0b:b8:d3:c5:79:72:f2:85:87:41:9c:34:2b:74:
bc:5a:c4:c6:7f:a2:6c:48:54:85:e6:61:f1:ad:90:
94:0b:98:8f:a7:1c:77:e4:39:b0:99:12:7e:57:48:
4d:9d:96:65:ad:5f:04:b1:ff:db:42:4f:3e:dd:84:
fc:6b:3a:29:f6:fd:d1:bc:b6:76:58:4b:2f:7a:4f:
f4:35:a3:7a:61:9f:74:59:fa:ce:17:d4:a0:52:fe:
8d:0b:61:ea:63:62:d5:0d:2c:d0:20:d2:c7:b5:f5:
86:b4:41:8b:21:a8:bd:bf:ad:2b:16:74:6b:1e:87:
e3:e7:7c:18:79:3b:8a:c7:79:94:40:04:07:91:f1:
91:a3:6e:f8:c3:6c:da:06:f0:59:7b:55:d6:b4:88:
40:b1:7c:ee:c8:19:01:92:4d:9d:65:10:32:c9:2a:
39:8e:6a:81:52:bd:1c:81:a2:b6:54:d3:ca:7e:27:
28:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:E6:29:DC:4C:AE:75:6D:5A:F9:82:33:C2:BF:3A:88:73:5D:9D:7A
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/ruYp3EyudW1a-YIzwr86iHNdnXo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.134.1.0/24
45.148.128.0/22
45.158.35.0/24
128.0.117.0/24
128.0.119.0/24
194.49.109.0/24
194.49.112.0/24
194.145.142.0/23
194.145.196.0/23
Signature Algorithm: sha256WithRSAEncryption
30:3b:e8:54:05:6c:da:a0:c3:ce:63:c4:be:03:f2:da:71:a9:
56:f8:20:1b:e5:2a:21:d3:da:7b:fd:11:7b:8a:a5:38:01:e0:
f4:be:c0:b6:b7:9d:11:e0:8f:bf:16:b7:f4:2f:e9:c8:23:e3:
fa:45:93:07:86:71:9a:e2:85:c5:84:44:14:73:cd:c0:ea:15:
8e:3b:b8:97:14:58:d6:c1:76:6f:d6:81:1d:2b:34:f5:35:28:
6c:63:26:00:0f:16:64:35:93:86:7b:92:57:5c:74:12:76:b6:
25:df:71:87:1a:16:39:c9:93:33:1e:33:42:0e:9b:2b:df:6f:
c1:e2:f3:00:e2:6c:ff:68:76:f2:bd:50:47:67:a6:32:a1:71:
43:69:5e:41:54:55:a3:e9:e8:5a:60:f8:0a:6a:6f:44:f0:e5:
55:70:a1:04:2a:24:38:65:a3:e8:c5:08:7b:a5:4c:ae:61:8f:
cb:52:0e:fe:42:e5:41:e9:f5:dc:22:ff:39:14:b6:97:63:80:
96:1e:f0:ee:4f:aa:56:97:e9:f6:2d:48:ec:64:a1:7a:b0:12:
0c:ea:36:1b:b1:07:d5:15:22:c5:af:65:d6:8a:2f:b1:d7:b7:
69:cc:57:56:fe:f4:7c:99:59:4d:e7:02:be:8c:62:31:2a:14:
1b:05:be:72
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgIEGbbnzDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzhmZDFhOGFlNTk5NmMxZTU2OTJjMWE4YzQyYmZlOWMzYmE1NzQ1MB4XDTIyMDQx
MzIyNDM1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWVlNjI5ZGM0Y2Fl
NzU2ZDVhZjk4MjMzYzJiZjNhODg3MzVkOWQ3YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJTty5gFib6l4uORiGiq+ZVaFV1Zf6YuMSYa/+rkerF4hybP
keE51762zdyilC5Azdi6mf0ybOrip8ofo08rMWSjLQOaPAZOEmrgRwu408V5cvKF
h0GcNCt0vFrExn+ibEhUheZh8a2QlAuYj6ccd+Q5sJkSfldITZ2WZa1fBLH/20JP
Pt2E/Gs6Kfb90by2dlhLL3pP9DWjemGfdFn6zhfUoFL+jQth6mNi1Q0s0CDSx7X1
hrRBiyGovb+tKxZ0ax6H4+d8GHk7isd5lEAEB5HxkaNu+MNs2gbwWXtV1rSIQLF8
7sgZAZJNnWUQMskqOY5qgVK9HIGitlTTyn4nKPECAwEAAaOCAjkwggI1MB0GA1Ud
DgQWBBSu5incTK51bVr5gjPCvzqIc12dejAfBgNVHSMEGDAWgBRsj9GorlmWweVp
LBqMQr/pw7pXRTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JJX1JxSzVabHNIbGFTd2FqRUtfNmNPNlYwVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8x
L3J1WXAzRXl1ZFcxYS1ZSXp3cjg2aUhOZG5Yby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8xL2JJX1JxSzVabHNI
bGFTd2FqRUtfNmNPNlYwVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBP
BggrBgEFBQcBBwEB/wRAMD4wPAQCAAEwNgMEAC2GAQMEAi2UgAMEAC2eIwMEAIAA
dQMEAIAAdwMEAMIxbQMEAMIxcAMEAcKRjgMEAcKRxDANBgkqhkiG9w0BAQsFAAOC
AQEAMDvoVAVs2qDDzmPEvgPy2nGpVvggG+UqIdPae/0Re4qlOAHg9L7AtredEeCP
vxa39C/pyCPj+kWTB4ZxmuKFxYREFHPNwOoVjju4lxRY1sF2b9aBHSs09TUobGMm
AA8WZDWThnuSV1x0Ena2Jd9xhxoWOcmTMx4zQg6bK99vweLzAOJs/2h28r1QR2em
MqFxQ2leQVRVo+noWmD4CmpvRPDlVXChBCokOGWj6MUIe6VMrmGPy1IO/kLlQen1
3CL/ORS2l2OAlh7w7k+qVpfp9i1I7GSherASDOo2G7EH1RUixa9l1oovsde3acxX
Vv70fJlZTecCvoxiMSoUGwW+cg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:46 2024 by rpki-client on console-fra.rpki-client.org