Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/4de889-dc9d-41e5-b3aa-0d7b551f828c/1/0-tnq5IY_YTM4gLO1KTYNOiM02U.roa
File: 0-tnq5IY_YTM4gLO1KTYNOiM02U.roa (raw, json)
Hash identifier: HwzphwLYpex0LRP18l4jCJWTE2Ca7WDYCiWqHwkr/yk=
Subject key identifier: D3:EB:67:AB:92:18:FD:84:CC:E2:02:CE:D4:A4:D8:34:E8:8C:D3:65
Certificate issuer: /CN=5b2dd9fe628b6bc10141de0241766a1b7a63193f
Certificate serial: 0550B3A6
Authority key identifier: 5B:2D:D9:FE:62:8B:6B:C1:01:41:DE:02:41:76:6A:1B:7A:63:19:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wy3Z_mKLa8EBQd4CQXZqG3pjGT8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/4de889-dc9d-41e5-b3aa-0d7b551f828c/1/0-tnq5IY_YTM4gLO1KTYNOiM02U.roa
Signing time: Sat 01 Jan 2022 06:56:02 +0000
ROA not before: Sat 01 Jan 2022 06:56:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6134
IP address blocks: 45.135.118.0/24 maxlen: 24
45.135.119.0/24 maxlen: 24
45.133.238.0/24 maxlen: 24
45.133.239.0/24 maxlen: 24
45.140.90.0/24 maxlen: 24
45.140.91.0/24 maxlen: 24
185.106.177.0/24 maxlen: 24
2a06:5040:3::/48 maxlen: 48
2a06:5040:20::/45 maxlen: 45
2a06:5040:30::/45 maxlen: 48
2a06:5040:5040::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 89174950 (0x550b3a6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b2dd9fe628b6bc10141de0241766a1b7a63193f
Validity
Not Before: Jan 1 06:56:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d3eb67ab9218fd84cce202ced4a4d834e88cd365
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:48:92:1a:ea:ed:39:43:b0:1a:6c:d0:83:27:
9d:90:fe:24:77:91:d3:a6:b9:77:40:e4:1c:6c:2f:
8c:ab:ec:5b:ed:51:09:59:b8:03:16:7c:7d:24:87:
8a:72:26:75:a3:cd:f3:55:44:7f:bf:dd:0d:05:f9:
76:1e:3f:8d:8d:4b:91:4e:b1:ff:3a:66:7a:bc:63:
da:c9:60:e7:39:f5:ab:34:54:e8:03:f6:5b:db:fb:
29:a3:ca:19:ec:48:d4:c8:9b:74:63:06:30:7c:31:
92:83:d2:df:d3:13:34:7c:8c:0f:8f:36:06:3d:4a:
91:29:7a:57:c5:8c:93:95:bd:c3:ee:49:10:8f:46:
cd:df:fd:b1:8d:6d:85:9b:fb:c7:79:5a:d3:c3:ef:
0a:5a:bb:90:ca:71:7c:c7:ff:32:74:8c:07:71:94:
58:61:4f:e2:9c:ed:79:a2:0e:d9:54:32:71:58:28:
64:53:20:75:d6:87:bd:68:24:c8:70:c5:00:f8:5e:
51:95:66:f9:ee:b1:59:82:9a:9a:2d:f7:59:43:5d:
f6:c4:96:9e:ae:7d:9f:82:8f:fe:71:7e:ca:26:e3:
3b:e7:a8:82:71:5a:0e:de:1b:ac:6c:19:75:ed:23:
32:70:72:91:f8:10:0a:2e:c7:3b:7d:7a:9d:7a:08:
53:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:EB:67:AB:92:18:FD:84:CC:E2:02:CE:D4:A4:D8:34:E8:8C:D3:65
X509v3 Authority Key Identifier:
keyid:5B:2D:D9:FE:62:8B:6B:C1:01:41:DE:02:41:76:6A:1B:7A:63:19:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wy3Z_mKLa8EBQd4CQXZqG3pjGT8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/4de889-dc9d-41e5-b3aa-0d7b551f828c/1/0-tnq5IY_YTM4gLO1KTYNOiM02U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/4de889-dc9d-41e5-b3aa-0d7b551f828c/1/Wy3Z_mKLa8EBQd4CQXZqG3pjGT8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.133.238.0/23
45.135.118.0/23
45.140.90.0/23
185.106.177.0/24
IPv6:
2a06:5040:3::/48
2a06:5040:20::/45
2a06:5040:30::/45
2a06:5040:5040::/48
Signature Algorithm: sha256WithRSAEncryption
05:94:ef:10:77:8b:3c:6d:28:0c:6f:df:dd:ec:4b:3d:1a:61:
5c:29:36:7b:bb:fd:ef:e4:76:77:c9:2e:77:be:c5:e4:6a:80:
56:e4:9f:7a:e9:e3:7a:7a:ed:c1:88:5f:cc:de:48:d1:ec:83:
ad:89:f0:5a:79:e1:1f:64:3f:66:c1:49:82:b1:a0:dc:8c:db:
28:c5:5d:b5:5c:11:66:f2:4c:33:fe:27:de:4c:84:76:37:bd:
bd:76:2a:4d:86:5d:c8:2c:12:dd:3c:30:50:35:40:31:b4:06:
d7:19:ee:e9:e1:d8:4f:0b:30:64:3a:35:bf:2f:87:21:70:e6:
95:21:ba:36:52:c8:f5:f5:59:fe:b7:09:ec:a1:29:74:85:ad:
b7:74:c0:59:2e:b9:13:89:59:90:83:d2:93:0b:30:fb:9c:07:
6b:94:69:90:50:88:e7:95:9e:8c:a3:01:c0:d6:58:4f:49:b8:
9e:1d:21:73:87:29:de:bd:20:22:46:06:20:3f:c6:86:11:cd:
02:00:94:c7:d4:d8:bf:50:33:c0:b8:eb:56:47:6f:20:4c:a3:
76:ef:97:e9:32:ca:21:e0:35:f7:e1:e4:bb:cf:5f:cb:9f:22:
6d:d6:bb:62:1c:65:f9:80:f4:13:f5:74:53:34:b6:8f:ca:55:
c5:71:3a:50
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIEBVCzpjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
YjJkZDlmZTYyOGI2YmMxMDE0MWRlMDI0MTc2NmExYjdhNjMxOTNmMB4XDTIyMDEw
MTA2NTYwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDNlYjY3YWI5MjE4
ZmQ4NGNjZTIwMmNlZDRhNGQ4MzRlODhjZDM2NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAONIkhrq7TlDsBps0IMnnZD+JHeR06a5d0DkHGwvjKvsW+1R
CVm4AxZ8fSSHinImdaPN81VEf7/dDQX5dh4/jY1LkU6x/zpmerxj2slg5zn1qzRU
6AP2W9v7KaPKGexI1MibdGMGMHwxkoPS39MTNHyMD482Bj1KkSl6V8WMk5W9w+5J
EI9Gzd/9sY1thZv7x3la08PvClq7kMpxfMf/MnSMB3GUWGFP4pzteaIO2VQycVgo
ZFMgddaHvWgkyHDFAPheUZVm+e6xWYKami33WUNd9sSWnq59n4KP/nF+yibjO+eo
gnFaDt4brGwZde0jMnBykfgQCi7HO316nXoIU7ECAwEAAaOCAkcwggJDMB0GA1Ud
DgQWBBTT62erkhj9hMziAs7UpNg06IzTZTAfBgNVHSMEGDAWgBRbLdn+YotrwQFB
3gJBdmobemMZPzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1d5M1pfbUtMYThFQlFkNENRWFpxRzNwakdUOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGYvNGRlODg5LWRjOWQtNDFlNS1iM2FhLTBkN2I1NTFmODI4Yy8x
LzAtdG5xNUlZX1lUTTRnTE8xS1RZTk9pTTAyVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGYv
NGRlODg5LWRjOWQtNDFlNS1iM2FhLTBkN2I1NTFmODI4Yy8xL1d5M1pfbUtMYThF
QlFkNENRWFpxRzNwakdUOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBd
BggrBgEFBQcBBwEB/wROMEwwHgQCAAEwGAMEAS2F7gMEAS2HdgMEAS2MWgMEALlq
sTAqBAIAAjAkAwcAKgZQQAADAwcDKgZQQAAgAwcDKgZQQAAwAwcAKgZQQFBAMA0G
CSqGSIb3DQEBCwUAA4IBAQAFlO8Qd4s8bSgMb9/d7Es9GmFcKTZ7u/3v5HZ3yS53
vsXkaoBW5J966eN6eu3BiF/M3kjR7IOtifBaeeEfZD9mwUmCsaDcjNsoxV21XBFm
8kwz/ifeTIR2N729dipNhl3ILBLdPDBQNUAxtAbXGe7p4dhPCzBkOjW/L4chcOaV
Ibo2Usj19Vn+twnsoSl0ha23dMBZLrkTiVmQg9KTCzD7nAdrlGmQUIjnlZ6MowHA
1lhPSbieHSFzhynevSAiRgYgP8aGEc0CAJTH1Ni/UDPAuOtWR28gTKN275fpMsoh
4DX34eS7z1/LnyJt1rtiHGX5gPQT9XRTNLaPylXFcTpQ
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:06 2023 by rpki-client on console-fra.rpki-client.org