Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/QToJwlA3nJ_7BHDYsmK4Nb_raYs.roa
File: QToJwlA3nJ_7BHDYsmK4Nb_raYs.roa (raw, json)
Hash identifier: eazAGbsk107plG7EkJDrXB5VN+4atY3n6FWyBKx1fpc=
Subject key identifier: 41:3A:09:C2:50:37:9C:9F:FB:04:70:D8:B2:62:B8:35:BF:EB:69:8B
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 0733D737
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/QToJwlA3nJ_7BHDYsmK4Nb_raYs.roa
Signing time: Thu 16 Jun 2022 05:01:45 +0000
ROA not before: Thu 16 Jun 2022 05:01:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209371
IP address blocks: 93.152.206.0/24 maxlen: 24
93.152.208.0/24 maxlen: 24
93.152.216.0/24 maxlen: 24
45.141.234.0/24 maxlen: 24
45.141.235.0/24 maxlen: 24
78.159.156.0/24 maxlen: 24
93.152.222.0/24 maxlen: 24
93.152.230.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 120837943 (0x733d737)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Jun 16 05:01:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=413a09c250379c9ffb0470d8b262b835bfeb698b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:1a:90:0e:3e:ab:58:29:ce:59:59:7c:73:61:
51:e1:20:4e:26:86:4d:7f:f8:e4:01:5c:15:34:ec:
36:a3:c6:4f:a7:6e:b0:74:74:40:53:99:22:48:dc:
c3:0c:03:82:b4:b8:d7:3c:a0:ab:6a:2d:a0:c7:83:
bb:0f:01:ee:d2:9d:d5:41:21:93:54:f4:ca:10:6f:
db:8c:b7:9b:f9:6e:06:54:56:fc:3a:a5:57:9f:1f:
20:d3:ea:b0:94:70:c8:42:9a:6a:24:8c:de:83:b7:
bf:b9:7b:ef:5a:cf:c5:d8:dd:4f:c3:a0:a4:17:4c:
72:8f:8d:3c:6d:6b:08:85:db:12:c7:a9:77:5d:a8:
aa:e8:aa:b7:4d:db:78:25:b4:8a:8d:dc:d8:ad:37:
20:14:c1:5c:f1:fc:7b:05:d7:a7:3d:5e:df:96:a4:
80:76:a3:74:f4:f7:02:07:a8:c3:52:92:7a:12:4a:
86:c5:2e:12:f6:91:ca:e6:6f:a4:de:9b:03:23:89:
46:94:a2:73:98:f1:a2:39:48:f2:5f:a1:30:3e:af:
81:fc:ae:ab:5c:58:78:fe:d0:0e:04:e4:f9:07:40:
65:7c:1d:e1:55:1a:c8:16:2f:e9:3e:4f:ab:a4:61:
4d:9e:58:a0:e0:d5:73:08:a3:18:83:a7:25:33:9f:
1f:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:3A:09:C2:50:37:9C:9F:FB:04:70:D8:B2:62:B8:35:BF:EB:69:8B
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/QToJwlA3nJ_7BHDYsmK4Nb_raYs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.234.0/23
78.159.156.0/24
93.152.206.0/24
93.152.208.0/24
93.152.216.0/24
93.152.222.0/24
93.152.230.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:20:26:8e:7c:16:ad:1c:af:2a:06:db:99:f5:3d:da:a3:79:
4e:4d:1d:02:ad:f1:f0:c4:f0:dc:8a:08:6c:24:d5:3c:01:37:
b4:4c:35:c8:79:78:74:3f:b5:d0:1d:d7:f1:5e:3d:0f:9a:49:
bc:fb:02:36:32:b4:db:be:11:9d:e7:82:6b:d9:52:d1:41:39:
2d:15:67:48:1d:36:84:c0:02:ee:e8:88:ba:23:e4:96:7d:05:
fd:8f:c1:2e:33:a1:a4:70:80:b6:9f:44:1b:d5:7f:20:04:fd:
31:7d:a9:8e:7a:1d:48:d8:90:2d:0c:b3:4c:70:09:e2:25:b4:
59:5c:ea:0c:fb:07:4f:d2:c6:64:cf:53:18:50:fc:a1:fc:fa:
2d:2e:db:6e:e9:8b:1e:47:c1:f5:2b:6e:40:62:2a:8d:61:84:
d3:ec:a2:da:4e:28:a1:45:bb:98:4c:16:9c:b8:66:37:d4:a8:
1c:64:3a:17:f4:af:f4:f9:0e:1e:4d:19:73:26:0f:cb:73:37:
86:98:fa:5e:65:73:a2:23:0c:d1:38:39:f1:63:c4:a1:18:96:
04:1c:b3:99:5d:c7:e5:6f:57:f5:6f:6a:12:b2:48:84:19:39:
94:28:46:27:4f:e1:68:79:a5:19:77:cd:96:67:c0:0b:d7:69:
68:ae:b4:9f
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgIEBzPXNzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ZDFjYWE2OTM1OGY4Yzk4ZjdhNzE5ZjI1OTdkNWRhZGRiZDAwMThjMB4XDTIyMDYx
NjA1MDE0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDEzYTA5YzI1MDM3
OWM5ZmZiMDQ3MGQ4YjI2MmI4MzViZmViNjk4YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOUakA4+q1gpzllZfHNhUeEgTiaGTX/45AFcFTTsNqPGT6du
sHR0QFOZIkjcwwwDgrS41zygq2otoMeDuw8B7tKd1UEhk1T0yhBv24y3m/luBlRW
/DqlV58fINPqsJRwyEKaaiSM3oO3v7l771rPxdjdT8OgpBdMco+NPG1rCIXbEsep
d12oquiqt03beCW0io3c2K03IBTBXPH8ewXXpz1e35akgHajdPT3Ageow1KSehJK
hsUuEvaRyuZvpN6bAyOJRpSic5jxojlI8l+hMD6vgfyuq1xYeP7QDgTk+QdAZXwd
4VUayBYv6T5Pq6RhTZ5YoODVcwijGIOnJTOfH6cCAwEAAaOCAi0wggIpMB0GA1Ud
DgQWBBRBOgnCUDecn/sEcNiyYrg1v+tpizAfBgNVHSMEGDAWgBQtHKppNY+MmPen
GfJZfV2t29ABjDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0xSeXFhVFdQakpqM3B4bnlXWDFkcmR2UUFZdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGYvYTkzNjk5LTE4OGItNDcwYS05NmI3LTI5YjA4NWRkMjNhZC8x
L1FUb0p3bEEzbkpfN0JIRFlzbUs0TmJfcmFZcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGYv
YTkzNjk5LTE4OGItNDcwYS05NmI3LTI5YjA4NWRkMjNhZC8xL0xSeXFhVFdQakpq
M3B4bnlXWDFkcmR2UUFZdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBD
BggrBgEFBQcBBwEB/wQ0MDIwMAQCAAEwKgMEAS2N6gMEAE6fnAMEAF2YzgMEAF2Y
0AMEAF2Y2AMEAF2Y3gMEAF2Y5jANBgkqhkiG9w0BAQsFAAOCAQEAWyAmjnwWrRyv
KgbbmfU92qN5Tk0dAq3x8MTw3IoIbCTVPAE3tEw1yHl4dD+10B3X8V49D5pJvPsC
NjK0274RneeCa9lS0UE5LRVnSB02hMAC7uiIuiPkln0F/Y/BLjOhpHCAtp9EG9V/
IAT9MX2pjnodSNiQLQyzTHAJ4iW0WVzqDPsHT9LGZM9TGFD8ofz6LS7bbumLHkfB
9StuQGIqjWGE0+yi2k4ooUW7mEwWnLhmN9SoHGQ6F/Sv9PkOHk0ZcyYPy3M3hpj6
XmVzoiMM0Tg58WPEoRiWBByzmV3H5W9X9W9qErJIhBk5lChGJ0/haHmlGXfNlmfA
C9dpaK60nw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:58 2023 by rpki-client on console-ams.rpki-client.org