Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/9e4f21-f9e6-4942-9601-adf43f04ec9c/1/I__Mdz-ZbZsiTl2x9LP0Dwelzfw.roa
File: I__Mdz-ZbZsiTl2x9LP0Dwelzfw.roa (raw, json)
Hash identifier: VRHZQvw9GDzJKMGXt7o3V0j/jj7oiNFtFYlh2UoEuCc=
Subject key identifier: 23:FF:CC:77:3F:99:6D:9B:22:4E:5D:B1:F4:B3:F4:0F:07:A5:CD:FC
Certificate issuer: /CN=694a2ed9a412747fcd644749de57d9ff780393aa
Certificate serial: 0835EC96
Authority key identifier: 69:4A:2E:D9:A4:12:74:7F:CD:64:47:49:DE:57:D9:FF:78:03:93:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aUou2aQSdH_NZEdJ3lfZ_3gDk6o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/9e4f21-f9e6-4942-9601-adf43f04ec9c/1/I__Mdz-ZbZsiTl2x9LP0Dwelzfw.roa
Signing time: Sat 01 Jan 2022 06:05:12 +0000
ROA not before: Sat 01 Jan 2022 06:05:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62336
IP address blocks: 45.148.112.0/22 maxlen: 22
45.130.92.0/22 maxlen: 22
45.81.44.0/22 maxlen: 22
45.93.104.0/22 maxlen: 22
91.212.40.0/23 maxlen: 23
194.99.82.0/24 maxlen: 24
194.99.85.0/24 maxlen: 24
194.99.91.0/24 maxlen: 24
91.212.54.0/23 maxlen: 23
45.138.40.0/22 maxlen: 22
194.99.110.0/24 maxlen: 24
45.89.92.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 137751702 (0x835ec96)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=694a2ed9a412747fcd644749de57d9ff780393aa
Validity
Not Before: Jan 1 06:05:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=23ffcc773f996d9b224e5db1f4b3f40f07a5cdfc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:87:c6:60:ef:73:9a:c7:1d:bc:66:62:31:cc:
12:6f:ae:44:62:da:4f:fd:7d:ca:0e:41:73:47:a1:
5f:c5:ac:69:a3:52:41:93:71:61:7e:1e:7f:01:bb:
df:41:f8:73:df:0b:5c:bb:83:83:31:04:25:2d:78:
63:f4:12:eb:e3:d0:f5:77:31:b3:61:a7:0b:4d:0e:
df:e4:f1:25:a1:23:e4:40:4e:08:3e:49:3d:51:f2:
41:57:43:84:34:d9:35:d6:c1:26:4f:95:f6:ba:5b:
cb:f6:d7:85:59:56:2c:32:2c:e8:20:2b:4c:8e:20:
55:cf:87:9b:2d:8d:91:84:b4:fc:7f:e3:5f:c5:10:
63:a2:4a:a0:80:5f:ad:a3:b0:ed:7a:b7:ce:91:24:
f9:1b:6a:02:5e:9c:21:d8:70:92:98:02:f0:8a:11:
14:15:6b:18:17:b7:8b:3b:ba:00:b5:e9:db:9e:d9:
f3:5d:d5:3e:30:0e:1a:45:a6:f9:72:5f:2b:e1:d9:
cd:53:f6:35:ec:f0:8e:9b:96:48:e9:c0:ae:a0:4d:
7b:6c:da:a7:f3:9d:01:c3:5f:da:a7:89:e8:66:45:
1a:bc:0b:24:90:34:28:36:32:87:d1:2d:f0:c2:9a:
fa:81:76:f9:fe:9b:83:bc:35:7d:7d:8f:0a:60:50:
8e:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:FF:CC:77:3F:99:6D:9B:22:4E:5D:B1:F4:B3:F4:0F:07:A5:CD:FC
X509v3 Authority Key Identifier:
keyid:69:4A:2E:D9:A4:12:74:7F:CD:64:47:49:DE:57:D9:FF:78:03:93:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aUou2aQSdH_NZEdJ3lfZ_3gDk6o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/9e4f21-f9e6-4942-9601-adf43f04ec9c/1/I__Mdz-ZbZsiTl2x9LP0Dwelzfw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/9e4f21-f9e6-4942-9601-adf43f04ec9c/1/aUou2aQSdH_NZEdJ3lfZ_3gDk6o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.44.0/22
45.89.92.0/22
45.93.104.0/22
45.130.92.0/22
45.138.40.0/22
45.148.112.0/22
91.212.40.0/23
91.212.54.0/23
194.99.82.0/24
194.99.85.0/24
194.99.91.0/24
194.99.110.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:82:c4:71:b1:8c:ff:e9:54:4c:4c:4e:68:f7:0f:e5:c1:d6:
8d:30:7c:98:91:dd:51:6d:a6:42:76:f5:df:ff:00:da:61:3c:
fb:58:a1:75:eb:68:dc:f1:af:57:0f:a7:e1:8c:32:cf:72:7c:
62:b8:a6:ac:60:56:21:75:3b:c9:1c:99:4e:8e:d2:cd:d8:94:
bc:bf:42:e2:df:82:6b:30:0e:b1:f4:43:89:63:d1:d0:e0:13:
08:47:7e:5a:b0:0a:40:91:6e:10:1e:f3:d4:85:7b:da:7a:c6:
3f:61:29:cb:0d:47:b8:32:af:f1:82:3c:a8:e5:8a:c6:66:6b:
80:ad:a9:7f:0b:11:a7:97:45:99:97:03:ba:89:7e:11:71:52:
f4:82:ba:bb:b4:98:99:3b:9a:43:f5:53:d1:79:dd:08:c1:10:
2f:57:b9:18:dc:32:9e:c0:7f:11:76:3e:45:a9:6c:ce:8d:1b:
89:ee:0f:53:79:6d:8a:0f:62:9c:28:13:89:3f:1e:b8:1b:e8:
14:a4:ec:ed:32:a0:74:28:e6:f9:30:f1:61:74:03:e2:c6:63:
f4:0a:01:e4:38:7a:0e:31:27:5b:2b:1b:3b:af:d8:2b:9a:3f:
bd:8a:c3:91:8b:36:2b:69:97:c9:21:34:af:93:b0:33:83:5f:
0c:5b:c2:ee
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIECDXsljANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
OTRhMmVkOWE0MTI3NDdmY2Q2NDQ3NDlkZTU3ZDlmZjc4MDM5M2FhMB4XDTIyMDEw
MTA2MDUxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjNmZmNjNzczZjk5
NmQ5YjIyNGU1ZGIxZjRiM2Y0MGYwN2E1Y2RmYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJqHxmDvc5rHHbxmYjHMEm+uRGLaT/19yg5Bc0ehX8WsaaNS
QZNxYX4efwG730H4c98LXLuDgzEEJS14Y/QS6+PQ9Xcxs2GnC00O3+TxJaEj5EBO
CD5JPVHyQVdDhDTZNdbBJk+V9rpby/bXhVlWLDIs6CArTI4gVc+Hmy2NkYS0/H/j
X8UQY6JKoIBfraOw7Xq3zpEk+RtqAl6cIdhwkpgC8IoRFBVrGBe3izu6ALXp257Z
813VPjAOGkWm+XJfK+HZzVP2NezwjpuWSOnArqBNe2zap/OdAcNf2qeJ6GZFGrwL
JJA0KDYyh9Et8MKa+oF2+f6bg7w1fX2PCmBQjucCAwEAAaOCAkswggJHMB0GA1Ud
DgQWBBQj/8x3P5ltmyJOXbH0s/QPB6XN/DAfBgNVHSMEGDAWgBRpSi7ZpBJ0f81k
R0neV9n/eAOTqjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2FVb3UyYVFTZEhfTlpFZEozbGZaXzNnRGs2by5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGUvOWU0ZjIxLWY5ZTYtNDk0Mi05NjAxLWFkZjQzZjA0ZWM5Yy8x
L0lfX01kei1aYlpzaVRsMng5TFAwRHdlbHpmdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGUv
OWU0ZjIxLWY5ZTYtNDk0Mi05NjAxLWFkZjQzZjA0ZWM5Yy8xL2FVb3UyYVFTZEhf
TlpFZEozbGZaXzNnRGs2by5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBh
BggrBgEFBQcBBwEB/wRSMFAwTgQCAAEwSAMEAi1RLAMEAi1ZXAMEAi1daAMEAi2C
XAMEAi2KKAMEAi2UcAMEAVvUKAMEAVvUNgMEAMJjUgMEAMJjVQMEAMJjWwMEAMJj
bjANBgkqhkiG9w0BAQsFAAOCAQEArILEcbGM/+lUTExOaPcP5cHWjTB8mJHdUW2m
Qnb13/8A2mE8+1ihdeto3PGvVw+n4Ywyz3J8YrimrGBWIXU7yRyZTo7SzdiUvL9C
4t+CazAOsfRDiWPR0OATCEd+WrAKQJFuEB7z1IV72nrGP2Epyw1HuDKv8YI8qOWK
xmZrgK2pfwsRp5dFmZcDuol+EXFS9IK6u7SYmTuaQ/VT0XndCMEQL1e5GNwynsB/
EXY+Ralszo0bie4PU3ltig9inCgTiT8euBvoFKTs7TKgdCjm+TDxYXQD4sZj9AoB
5Dh6DjEnWysbO6/YK5o/vYrDkYs2K2mXySE0r5OwM4NfDFvC7g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:07 2024 by rpki-client on console-ams.rpki-client.org