Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/4de889-dc9d-41e5-b3aa-0d7b551f828c/1/4DUMn9ES2YwixqAoJlwXMXwY2_Q.roa
File: 4DUMn9ES2YwixqAoJlwXMXwY2_Q.roa (raw, json)
Hash identifier: x0KPxdXpMBBGZFl8YttqY1HR9XpoxAMB3gbkgFh0agc=
Subject key identifier: E0:35:0C:9F:D1:12:D9:8C:22:C6:A0:28:26:5C:17:31:7C:18:DB:F4
Certificate issuer: /CN=5b2dd9fe628b6bc10141de0241766a1b7a63193f
Certificate serial: 06C497F4
Authority key identifier: 5B:2D:D9:FE:62:8B:6B:C1:01:41:DE:02:41:76:6A:1B:7A:63:19:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wy3Z_mKLa8EBQd4CQXZqG3pjGT8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/4de889-dc9d-41e5-b3aa-0d7b551f828c/1/4DUMn9ES2YwixqAoJlwXMXwY2_Q.roa
Signing time: Wed 01 Jun 2022 12:48:46 +0000
ROA not before: Wed 01 Jun 2022 12:48:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 395886
IP address blocks: 45.81.128.0/24 maxlen: 24
45.135.116.0/23 maxlen: 24
45.91.83.0/24 maxlen: 24
45.91.82.0/24 maxlen: 24
45.91.81.0/24 maxlen: 24
45.91.80.0/24 maxlen: 24
45.155.222.0/23 maxlen: 24
45.140.88.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 113547252 (0x6c497f4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b2dd9fe628b6bc10141de0241766a1b7a63193f
Validity
Not Before: Jun 1 12:48:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e0350c9fd112d98c22c6a028265c17317c18dbf4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:e2:03:49:8b:a5:29:27:37:32:47:54:fe:78:
2a:77:b3:b2:e6:09:6a:10:44:df:c7:69:8c:9f:f1:
87:94:e0:72:22:46:05:b0:ec:2a:ec:72:d5:5b:48:
4c:fa:39:13:0c:3d:66:c0:bc:72:d4:46:28:bb:da:
bc:eb:e9:f5:b8:50:c5:44:6f:9d:90:cd:c5:bc:a1:
8b:87:26:5c:b3:30:31:4e:e1:4e:23:53:86:25:3e:
44:a8:90:7c:d6:54:64:bd:87:d1:db:3d:79:36:6a:
0c:17:1b:bb:c9:55:66:b9:08:22:59:7a:40:74:49:
42:bc:c6:22:a3:31:c1:21:d5:bb:ce:53:99:c3:82:
8a:e5:5a:36:06:fd:7a:3e:8a:ce:af:19:8b:b2:c0:
db:4f:99:ac:ec:30:ea:06:d7:d8:81:32:d8:83:58:
bd:e9:fb:7a:0a:c5:4b:93:5b:d9:87:06:d1:f5:06:
01:89:8c:ca:8a:72:4c:5c:bd:8c:ef:cc:ca:9a:54:
dd:72:92:fd:f8:64:03:5e:46:47:cf:bc:fd:c4:f5:
dd:77:cf:d3:60:38:53:3e:fa:a0:7b:f4:a8:a6:61:
3b:48:1f:1b:8e:46:e4:20:e1:c9:ef:69:e3:1f:9a:
10:8c:f3:cd:5c:03:e6:98:21:dd:71:2f:57:37:44:
3b:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:35:0C:9F:D1:12:D9:8C:22:C6:A0:28:26:5C:17:31:7C:18:DB:F4
X509v3 Authority Key Identifier:
keyid:5B:2D:D9:FE:62:8B:6B:C1:01:41:DE:02:41:76:6A:1B:7A:63:19:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wy3Z_mKLa8EBQd4CQXZqG3pjGT8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/4de889-dc9d-41e5-b3aa-0d7b551f828c/1/4DUMn9ES2YwixqAoJlwXMXwY2_Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/4de889-dc9d-41e5-b3aa-0d7b551f828c/1/Wy3Z_mKLa8EBQd4CQXZqG3pjGT8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.128.0/24
45.91.80.0/22
45.135.116.0/23
45.140.88.0/23
45.155.222.0/23
Signature Algorithm: sha256WithRSAEncryption
59:82:f9:c8:34:8f:e7:a2:ce:bf:34:8f:27:2c:be:e4:08:2f:
7d:c2:c5:a6:be:f4:a5:a2:ea:6d:38:cb:b5:32:cd:5e:dc:2b:
56:be:34:1e:ef:33:57:ee:8d:1c:68:6e:58:05:fb:80:56:8c:
fb:1f:f7:36:be:f4:7a:bc:63:5f:b9:ac:4e:61:e7:32:b0:8e:
5f:77:a9:8a:d9:9f:9c:c1:2f:99:93:26:68:a8:26:52:79:e9:
01:6e:0f:5a:b3:6f:56:63:f0:10:14:b5:b4:f9:00:08:56:b0:
55:43:81:0f:6e:e2:06:a8:4c:f1:1f:2d:bf:8b:72:26:52:6c:
25:e8:ad:9a:c4:be:d5:ef:df:75:14:3c:85:89:1c:2b:dc:3a:
d1:04:9b:ce:21:8e:7e:80:0e:f4:5a:f5:1b:bb:51:a5:59:65:
1c:42:87:35:ab:31:5f:47:3b:0f:81:8f:03:2c:d4:d1:01:ac:
44:bf:55:43:7a:0d:cc:60:ff:4f:5a:65:ef:22:2b:bb:69:73:
9c:13:af:79:56:73:f4:21:9b:f5:e2:a4:75:64:f1:9a:87:ec:
0c:3a:fc:7e:05:3e:56:1a:52:77:b8:31:56:63:d7:05:e6:91:
c0:5a:64:3b:ac:2a:09:c9:a5:87:3b:c0:cd:1c:47:c4:15:fc:
6d:e4:d0:3c
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIEBsSX9DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
YjJkZDlmZTYyOGI2YmMxMDE0MWRlMDI0MTc2NmExYjdhNjMxOTNmMB4XDTIyMDYw
MTEyNDg0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTAzNTBjOWZkMTEy
ZDk4YzIyYzZhMDI4MjY1YzE3MzE3YzE4ZGJmNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANXiA0mLpSknNzJHVP54KnezsuYJahBE38dpjJ/xh5TgciJG
BbDsKuxy1VtITPo5Eww9ZsC8ctRGKLvavOvp9bhQxURvnZDNxbyhi4cmXLMwMU7h
TiNThiU+RKiQfNZUZL2H0ds9eTZqDBcbu8lVZrkIIll6QHRJQrzGIqMxwSHVu85T
mcOCiuVaNgb9ej6Kzq8Zi7LA20+ZrOww6gbX2IEy2INYven7egrFS5Nb2YcG0fUG
AYmMyopyTFy9jO/MyppU3XKS/fhkA15GR8+8/cT13XfP02A4Uz76oHv0qKZhO0gf
G45G5CDhye9p4x+aEIzzzVwD5pgh3XEvVzdEO7MCAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBTgNQyf0RLZjCLGoCgmXBcxfBjb9DAfBgNVHSMEGDAWgBRbLdn+YotrwQFB
3gJBdmobemMZPzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1d5M1pfbUtMYThFQlFkNENRWFpxRzNwakdUOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGYvNGRlODg5LWRjOWQtNDFlNS1iM2FhLTBkN2I1NTFmODI4Yy8x
LzREVU1uOUVTMll3aXhxQW9KbHdYTVh3WTJfUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGYv
NGRlODg5LWRjOWQtNDFlNS1iM2FhLTBkN2I1NTFmODI4Yy8xL1d5M1pfbUtMYThF
QlFkNENRWFpxRzNwakdUOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAC1RgAMEAi1bUAMEAS2HdAMEAS2M
WAMEAS2b3jANBgkqhkiG9w0BAQsFAAOCAQEAWYL5yDSP56LOvzSPJyy+5AgvfcLF
pr70paLqbTjLtTLNXtwrVr40Hu8zV+6NHGhuWAX7gFaM+x/3Nr70erxjX7msTmHn
MrCOX3epitmfnMEvmZMmaKgmUnnpAW4PWrNvVmPwEBS1tPkACFawVUOBD27iBqhM
8R8tv4tyJlJsJeitmsS+1e/fdRQ8hYkcK9w60QSbziGOfoAO9Fr1G7tRpVllHEKH
NasxX0c7D4GPAyzU0QGsRL9VQ3oNzGD/T1pl7yIru2lznBOveVZz9CGb9eKkdWTx
mofsDDr8fgU+VhpSd7gxVmPXBeaRwFpkO6wqCcmlhzvAzRxHxBX8beTQPA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:06 2023 by rpki-client on console-fra.rpki-client.org