Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/de065d-30e2-43d5-b357-c0956a80132d/1/s20o83Hbnjl-Ozq1iwEa0Y_ocLI.roa
File: s20o83Hbnjl-Ozq1iwEa0Y_ocLI.roa (raw, json)
Hash identifier: BVTbdlyoBRc/o7+6aun3tY5LtEfSl/MRUZQCZkSv/0E=
Subject key identifier: B3:6D:28:F3:71:DB:9E:39:7E:3B:3A:B5:8B:01:1A:D1:8F:E8:70:B2
Certificate issuer: /CN=d45df98bec8276b82ba82d93760447ba44d1a19b
Certificate serial: 79E3BE
Authority key identifier: D4:5D:F9:8B:EC:82:76:B8:2B:A8:2D:93:76:04:47:BA:44:D1:A1:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1F35i-yCdrgrqC2TdgRHukTRoZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/de065d-30e2-43d5-b357-c0956a80132d/1/s20o83Hbnjl-Ozq1iwEa0Y_ocLI.roa
Signing time: Sun 30 Jan 2022 20:24:50 +0000
ROA not before: Sun 30 Jan 2022 20:24:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44061
IP address blocks: 79.175.208.0/20 maxlen: 20
109.74.96.0/20 maxlen: 20
79.175.224.0/20 maxlen: 20
79.175.240.0/21 maxlen: 21
79.175.248.0/21 maxlen: 21
45.139.93.0/24 maxlen: 24
45.139.95.0/24 maxlen: 24
45.139.92.0/24 maxlen: 24
45.139.94.0/24 maxlen: 24
79.175.192.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7988158 (0x79e3be)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d45df98bec8276b82ba82d93760447ba44d1a19b
Validity
Not Before: Jan 30 20:24:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b36d28f371db9e397e3b3ab58b011ad18fe870b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:59:40:22:3b:bc:87:63:25:dd:ff:f2:3b:11:
44:ca:80:15:6a:3c:1e:a7:95:94:03:e4:6c:7b:dc:
0c:61:2d:56:5f:ec:64:5a:2c:c5:72:1d:31:0c:ac:
a5:2e:f9:54:9f:fd:9d:c5:67:72:66:73:df:87:7e:
c1:2e:56:33:16:c2:bd:ea:46:3e:23:0f:ce:77:5e:
7f:de:77:5c:0e:b0:6b:90:e9:d8:c9:81:7f:9c:58:
64:be:ac:4a:eb:46:04:58:ee:55:80:28:78:e2:a1:
09:3d:b2:df:a3:55:ba:68:5f:0b:fb:ee:2e:91:99:
f4:b4:f0:77:e8:57:75:2d:a7:e9:d0:36:1a:bb:04:
29:78:c4:f5:a0:c1:42:f2:e6:3f:bc:45:ec:3d:9d:
4f:ca:c4:80:20:18:d6:a6:6c:7c:cf:ce:38:7f:c1:
35:5c:aa:09:97:e1:17:4a:98:c8:dd:d1:a9:3d:4a:
b1:fb:c1:4f:2a:d9:4e:3a:a9:f3:cd:00:c6:f2:f3:
98:fc:2d:65:f2:7e:04:32:1c:bc:a0:18:ec:1f:dd:
ed:da:fb:da:9d:9a:40:ef:cb:b7:3d:e5:c1:4b:f0:
cc:05:04:09:8d:11:d3:40:55:cb:dd:0b:dd:fb:32:
ad:63:cf:89:4d:e6:ef:33:22:57:e8:7f:16:19:07:
c6:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:6D:28:F3:71:DB:9E:39:7E:3B:3A:B5:8B:01:1A:D1:8F:E8:70:B2
X509v3 Authority Key Identifier:
keyid:D4:5D:F9:8B:EC:82:76:B8:2B:A8:2D:93:76:04:47:BA:44:D1:A1:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1F35i-yCdrgrqC2TdgRHukTRoZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/de065d-30e2-43d5-b357-c0956a80132d/1/s20o83Hbnjl-Ozq1iwEa0Y_ocLI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/de065d-30e2-43d5-b357-c0956a80132d/1/1F35i-yCdrgrqC2TdgRHukTRoZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.92.0/22
79.175.192.0/18
109.74.96.0/20
Signature Algorithm: sha256WithRSAEncryption
7e:24:e7:cd:60:9c:40:bb:10:62:b4:65:44:94:d8:71:6c:1b:
d2:ad:1f:ec:64:69:80:fc:03:10:13:2f:ef:6f:60:d8:ac:ef:
71:cd:01:a6:58:6c:c6:b3:35:25:4c:4d:e3:f8:cb:e4:3b:68:
3e:a4:9f:ed:fb:f8:95:f8:fa:a1:44:7d:31:bd:30:7c:bd:e5:
b4:d4:79:67:fb:df:7b:6b:a4:64:3f:5a:6c:61:19:49:8e:cd:
9e:b2:1a:01:0b:ef:8c:b6:ea:72:57:34:e1:c5:39:96:37:b5:
df:d9:dc:cb:67:1b:cf:b1:28:fe:2c:b4:ef:fe:bf:45:5b:64:
98:ea:c3:7e:0b:f4:09:b0:f6:70:e7:ba:ad:5d:d6:b3:00:58:
dd:f8:18:14:fa:cf:a5:f5:f8:83:c5:15:be:9a:21:8f:77:4f:
53:69:17:ad:42:01:a7:de:65:25:27:50:93:f8:4d:8a:fc:44:
d6:b9:64:4f:9f:45:76:de:85:23:26:de:fa:b3:40:d1:11:7f:
70:a9:53:cf:f8:c9:8d:d0:4f:56:e8:61:7b:83:29:47:6b:e7:
6d:39:af:c2:f1:b1:15:d6:6f:ea:54:f2:ed:62:b2:08:07:96:
a9:f6:aa:7d:cb:cb:45:10:06:61:a5:26:99:a3:89:90:84:44:
cf:24:fe:14
-----BEGIN CERTIFICATE-----
MIIE+jCCA+KgAwIBAgIDeeO+MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGQ0
NWRmOThiZWM4Mjc2YjgyYmE4MmQ5Mzc2MDQ0N2JhNDRkMWExOWIwHhcNMjIwMTMw
MjAyNDUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhiMzZkMjhmMzcxZGI5
ZTM5N2UzYjNhYjU4YjAxMWFkMThmZTg3MGIyMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAsFlAIju8h2Ml3f/yOxFEyoAVajwep5WUA+Rse9wMYS1WX+xk
WizFch0xDKylLvlUn/2dxWdyZnPfh37BLlYzFsK96kY+Iw/Od15/3ndcDrBrkOnY
yYF/nFhkvqxK60YEWO5VgCh44qEJPbLfo1W6aF8L++4ukZn0tPB36Fd1Lafp0DYa
uwQpeMT1oMFC8uY/vEXsPZ1PysSAIBjWpmx8z844f8E1XKoJl+EXSpjI3dGpPUqx
+8FPKtlOOqnzzQDG8vOY/C1l8n4EMhy8oBjsH93t2vvanZpA78u3PeXBS/DMBQQJ
jRHTQFXL3Qvd+zKtY8+JTebvMyJX6H8WGQfG7wIDAQABo4ICFTCCAhEwHQYDVR0O
BBYEFLNtKPNx2545fjs6tYsBGtGP6HCyMB8GA1UdIwQYMBaAFNRd+Yvsgna4K6gt
k3YER7pE0aGbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
MUYzNWkteUNkcmdycUMyVGRnUkh1a1RSb1pzLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9kYS9kZTA2NWQtMzBlMi00M2Q1LWIzNTctYzA5NTZhODAxMzJkLzEv
czIwbzgzSGJuamwtT3pxMWl3RWEwWV9vY0xJLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS9k
ZTA2NWQtMzBlMi00M2Q1LWIzNTctYzA5NTZhODAxMzJkLzEvMUYzNWkteUNkcmdy
cUMyVGRnUkh1a1RSb1pzLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCsG
CCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLYtcAwQGT6/AAwQEbUpgMA0GCSqG
SIb3DQEBCwUAA4IBAQB+JOfNYJxAuxBitGVElNhxbBvSrR/sZGmA/AMQEy/vb2DY
rO9xzQGmWGzGszUlTE3j+MvkO2g+pJ/t+/iV+PqhRH0xvTB8veW01Hln+997a6Rk
P1psYRlJjs2eshoBC++MtupyVzThxTmWN7Xf2dzLZxvPsSj+LLTv/r9FW2SY6sN+
C/QJsPZw57qtXdazAFjd+BgU+s+l9fiDxRW+miGPd09TaRetQgGn3mUlJ1CT+E2K
/ETWuWRPn0V23oUjJt76s0DREX9wqVPP+MmN0E9W6GF7gylHa+dtOa/C8bEV1m/q
VPLtYrIIB5ap9qp9y8tFEAZhpSaZo4mQhETPJP4U
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:06 2024 by rpki-client on console-fra.rpki-client.org