Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/t_grCZFdWqboHO3szBhjBCwisA0.roa
File: t_grCZFdWqboHO3szBhjBCwisA0.roa (raw, json)
Hash identifier: /dj5PX4nQwfSHfdu9YF453XwQrPQbx6eBG1QNUBr7nE=
Subject key identifier: B7:F8:2B:09:91:5D:5A:A6:E8:1C:ED:EC:CC:18:63:04:2C:22:B0:0D
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 18FA0D8D
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/t_grCZFdWqboHO3szBhjBCwisA0.roa
Signing time: Wed 02 Mar 2022 23:27:00 +0000
ROA not before: Wed 02 Mar 2022 23:27:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 52423
IP address blocks: 45.85.85.0/24 maxlen: 24
45.85.86.0/24 maxlen: 24
77.243.92.0/24 maxlen: 32
185.190.80.0/24 maxlen: 32
77.243.94.0/24 maxlen: 32
185.184.141.0/24 maxlen: 24
185.184.143.0/24 maxlen: 24
185.184.142.0/24 maxlen: 24
91.188.200.0/24 maxlen: 32
185.185.248.0/24 maxlen: 24
2.59.172.0/23 maxlen: 32
185.185.249.0/24 maxlen: 24
45.130.72.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 419040653 (0x18fa0d8d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Mar 2 23:27:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b7f82b09915d5aa6e81cedeccc1863042c22b00d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:9e:e6:f6:95:95:1f:dc:ab:61:dd:01:65:07:
d8:26:43:cf:40:75:09:6b:03:2d:02:ae:ff:55:24:
0b:a3:54:2e:7e:cb:ae:9f:a0:fd:23:9e:39:d1:97:
93:45:43:83:f7:35:b2:d3:95:57:e1:c6:97:7b:77:
a3:9b:48:a1:21:97:ec:54:2a:7e:ec:f7:cb:8c:a6:
c4:e2:5c:af:34:c9:d2:65:1b:8c:7b:7f:f4:1d:33:
95:e0:d5:8e:39:a9:a3:5e:ad:13:c6:d3:40:02:41:
25:2a:aa:50:c6:05:fb:4a:23:b8:04:6b:3b:b2:78:
1e:79:2f:1c:d7:29:6f:30:35:84:6a:75:25:5b:32:
8b:72:a2:5f:69:02:6f:a8:b3:a8:fe:76:08:86:c7:
ea:cd:74:6e:27:e3:68:b1:7a:cc:87:8f:4a:8f:03:
e4:d6:68:4f:32:05:27:3d:12:0d:fb:4f:db:bd:70:
0a:e8:18:18:de:88:b5:26:fc:c4:32:11:29:41:c2:
79:58:36:84:12:68:40:32:bd:9b:f1:9c:57:3d:fd:
73:6f:54:f7:36:4b:81:85:be:aa:1a:81:19:9a:33:
9d:f2:15:f0:66:c2:fa:68:cd:7e:eb:f2:90:bf:fe:
a5:23:1e:e0:38:8e:44:6a:84:9e:df:0b:3d:92:65:
26:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:F8:2B:09:91:5D:5A:A6:E8:1C:ED:EC:CC:18:63:04:2C:22:B0:0D
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/t_grCZFdWqboHO3szBhjBCwisA0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.172.0/23
45.85.85.0-45.85.86.255
45.130.72.0/23
77.243.92.0/24
77.243.94.0/24
91.188.200.0/24
185.184.141.0-185.184.143.255
185.185.248.0/23
185.190.80.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:2a:6c:26:32:79:be:af:0e:5e:6b:a1:f2:c8:20:14:17:52:
ac:94:9e:6d:c7:7e:60:f8:c3:5f:88:ef:0d:30:e0:5f:f3:f9:
cb:5c:8d:5e:01:42:71:0c:14:96:34:46:d0:e9:63:58:45:9e:
8c:51:ea:c8:ef:e8:05:a3:33:56:23:8b:13:e6:69:d4:57:c0:
9d:46:e0:12:41:66:79:3d:94:4f:c9:ba:8a:fe:70:a1:2b:d6:
a5:10:94:b5:38:cc:09:7d:ec:82:11:36:49:8e:ca:0c:a2:d8:
0a:a2:61:af:c4:6d:22:d7:8c:4b:48:7a:37:22:09:6d:2d:5a:
08:68:f2:b5:f4:60:42:46:a4:fb:e1:b9:de:a3:1f:0a:27:0d:
f0:dd:09:90:20:3c:a4:ab:c2:05:b0:a7:35:2b:78:b3:bd:79:
58:eb:29:7a:ce:10:73:7d:51:51:8a:9c:62:c4:7f:1e:65:e4:
58:03:b3:78:24:48:09:a6:ea:ae:d9:e7:31:a4:3e:14:12:cd:
55:1e:2c:a0:52:a8:06:4c:82:0d:c1:c0:c2:48:56:6c:ce:cd:
ab:ae:ca:ed:d0:b8:97:e1:97:6f:9b:54:47:06:d5:14:a2:06:
5a:3d:fa:7a:c9:75:ba:62:c0:31:b4:3d:6d:70:64:57:39:b8:
9a:c2:1f:6c
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIEGPoNjTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzhmZDFhOGFlNTk5NmMxZTU2OTJjMWE4YzQyYmZlOWMzYmE1NzQ1MB4XDTIyMDMw
MjIzMjcwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjdmODJiMDk5MTVk
NWFhNmU4MWNlZGVjY2MxODYzMDQyYzIyYjAwZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJye5vaVlR/cq2HdAWUH2CZDz0B1CWsDLQKu/1UkC6NULn7L
rp+g/SOeOdGXk0VDg/c1stOVV+HGl3t3o5tIoSGX7FQqfuz3y4ymxOJcrzTJ0mUb
jHt/9B0zleDVjjmpo16tE8bTQAJBJSqqUMYF+0ojuARrO7J4HnkvHNcpbzA1hGp1
JVsyi3KiX2kCb6izqP52CIbH6s10bifjaLF6zIePSo8D5NZoTzIFJz0SDftP271w
CugYGN6ItSb8xDIRKUHCeVg2hBJoQDK9m/GcVz39c29U9zZLgYW+qhqBGZoznfIV
8GbC+mjNfuvykL/+pSMe4DiORGqEnt8LPZJlJm0CAwEAAaOCAkkwggJFMB0GA1Ud
DgQWBBS3+CsJkV1apugc7ezMGGMELCKwDTAfBgNVHSMEGDAWgBRsj9GorlmWweVp
LBqMQr/pw7pXRTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JJX1JxSzVabHNIbGFTd2FqRUtfNmNPNlYwVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8x
L3RfZ3JDWkZkV3Fib0hPM3N6QmhqQkN3aXNBMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8xL2JJX1JxSzVabHNI
bGFTd2FqRUtfNmNPNlYwVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBf
BggrBgEFBQcBBwEB/wRQME4wTAQCAAEwRgMEAQI7rDAMAwQALVVVAwQALVVWAwQB
LYJIAwQATfNcAwQATfNeAwQAW7zIMAwDBAC5uI0DBAS5uIADBAG5ufgDBAC5vlAw
DQYJKoZIhvcNAQELBQADggEBALQqbCYyeb6vDl5rofLIIBQXUqyUnm3HfmD4w1+I
7w0w4F/z+ctcjV4BQnEMFJY0RtDpY1hFnoxR6sjv6AWjM1YjixPmadRXwJ1G4BJB
Znk9lE/Juor+cKEr1qUQlLU4zAl97IIRNkmOygyi2AqiYa/EbSLXjEtIejciCW0t
Wgho8rX0YEJGpPvhud6jHwonDfDdCZAgPKSrwgWwpzUreLO9eVjrKXrOEHN9UVGK
nGLEfx5l5FgDs3gkSAmm6q7Z5zGkPhQSzVUeLKBSqAZMgg3BwMJIVmzOzauuyu3Q
uJfhl2+bVEcG1RSiBlo9+nrJdbpiwDG0PW1wZFc5uJrCH2w=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:18 2023 by rpki-client on console-fra.rpki-client.org