Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/U3lizKa7vtiFkiWuO_8tXx_IJWc.roa
File: U3lizKa7vtiFkiWuO_8tXx_IJWc.roa (raw, json)
Hash identifier: kMhRH0mN99w9agJOCYqth+NRYEI1MotV64N2ZSDnR50=
Subject key identifier: 53:79:62:CC:A6:BB:BE:D8:85:92:25:AE:3B:FF:2D:5F:1F:C8:25:67
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 06DF3002
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/U3lizKa7vtiFkiWuO_8tXx_IJWc.roa
Signing time: Fri 13 May 2022 12:34:41 +0000
ROA not before: Fri 13 May 2022 12:34:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209371
IP address blocks: 94.26.89.0/24 maxlen: 24
91.92.34.0/24 maxlen: 24
93.152.207.0/24 maxlen: 24
93.152.208.0/24 maxlen: 24
45.141.233.0/24 maxlen: 24
45.141.232.0/24 maxlen: 24
45.141.234.0/24 maxlen: 24
45.141.235.0/24 maxlen: 24
78.159.156.0/24 maxlen: 24
94.190.195.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 115290114 (0x6df3002)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: May 13 12:34:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=537962cca6bbbed8859225ae3bff2d5f1fc82567
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:bf:f8:f4:06:49:76:ec:f2:45:07:9e:44:ca:
72:23:49:9b:2c:19:7d:f8:cd:80:ad:5c:b0:ec:38:
66:e1:f8:59:4f:92:d5:50:79:c4:bf:38:6a:2d:26:
ea:7a:61:c9:ba:6e:69:d8:bb:96:d9:13:dd:d6:1d:
1f:1c:fc:4c:70:91:28:c1:1a:81:10:3e:c3:f3:cb:
f4:b6:82:2c:4c:24:bb:1d:6b:df:43:48:7d:c2:1e:
d4:0c:da:46:b4:48:ad:6f:c5:f9:81:9b:4c:3b:0f:
a1:38:05:01:ce:49:7d:5a:52:e4:4a:df:01:63:cc:
35:9c:96:8a:e6:6b:4b:39:1e:99:18:61:a1:86:1b:
dc:95:aa:5c:ee:ee:8e:d3:e0:9c:7f:a7:d1:87:36:
bb:c4:e2:ca:3a:aa:83:13:3c:48:1f:94:cd:2c:97:
22:df:77:71:ed:5a:81:44:51:91:00:80:04:f0:ba:
e6:78:b6:b7:21:18:87:48:df:ae:16:37:c7:66:4c:
65:13:95:4c:97:67:54:5b:a2:60:49:2d:53:83:ce:
87:b3:a1:d0:df:3d:47:d7:1a:34:70:da:17:33:fd:
f4:22:66:d0:c6:c0:32:5d:a9:3e:ae:c5:f1:43:9f:
8f:76:a0:12:83:56:5a:de:ad:a9:9d:90:9d:e3:a7:
fb:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:79:62:CC:A6:BB:BE:D8:85:92:25:AE:3B:FF:2D:5F:1F:C8:25:67
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/U3lizKa7vtiFkiWuO_8tXx_IJWc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.232.0/22
78.159.156.0/24
91.92.34.0/24
93.152.207.0-93.152.208.255
94.26.89.0/24
94.190.195.0/24
Signature Algorithm: sha256WithRSAEncryption
52:44:09:24:84:37:06:34:cd:f5:ca:9c:80:07:2c:13:58:c6:
1c:d2:fe:cb:b9:f6:42:52:de:6e:f2:ba:42:c3:06:a1:1b:2d:
50:46:bf:67:0a:c1:d2:d9:d9:f9:dd:d5:38:b4:de:3e:9d:fb:
e7:59:af:05:22:cf:df:1e:0f:3c:4f:05:01:87:80:88:cc:82:
01:f5:70:d5:5b:f9:e3:fa:34:a7:b2:af:14:65:47:f2:6e:04:
17:42:d6:b9:ca:42:12:1c:9f:62:b3:91:ed:fc:e0:01:d7:0b:
bd:50:eb:ee:5d:a9:77:ec:c0:8b:45:0b:4a:0b:78:08:52:b2:
45:4e:de:e3:78:1d:c2:38:8c:4d:c7:16:6c:cd:bc:d0:31:e2:
16:0d:ed:7e:58:bc:5a:70:b0:b6:e9:42:66:ef:29:8a:81:90:
f9:59:19:3d:6e:2e:14:31:94:9f:eb:8f:f8:63:7c:ce:60:66:
40:c1:be:59:bd:2a:99:df:da:d7:54:58:7b:4a:eb:fa:0f:6b:
cc:a2:0c:f0:2a:3e:68:cc:d6:0c:d6:84:e6:54:61:da:93:47:
20:94:3f:78:13:23:83:8f:14:7d:a1:c4:2b:32:bd:0e:df:9d:
e1:a3:19:42:d5:3b:a4:d9:27:07:e8:06:0b:fd:a6:fc:5c:4c:
b2:55:a4:e2
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgIEBt8wAjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ZDFjYWE2OTM1OGY4Yzk4ZjdhNzE5ZjI1OTdkNWRhZGRiZDAwMThjMB4XDTIyMDUx
MzEyMzQ0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTM3OTYyY2NhNmJi
YmVkODg1OTIyNWFlM2JmZjJkNWYxZmM4MjU2NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL2/+PQGSXbs8kUHnkTKciNJmywZffjNgK1csOw4ZuH4WU+S
1VB5xL84ai0m6nphybpuadi7ltkT3dYdHxz8THCRKMEagRA+w/PL9LaCLEwkux1r
30NIfcIe1AzaRrRIrW/F+YGbTDsPoTgFAc5JfVpS5ErfAWPMNZyWiuZrSzkemRhh
oYYb3JWqXO7ujtPgnH+n0Yc2u8TiyjqqgxM8SB+UzSyXIt93ce1agURRkQCABPC6
5ni2tyEYh0jfrhY3x2ZMZROVTJdnVFuiYEktU4POh7Oh0N89R9caNHDaFzP99CJm
0MbAMl2pPq7F8UOfj3agEoNWWt6tqZ2QneOn+7cCAwEAAaOCAi8wggIrMB0GA1Ud
DgQWBBRTeWLMpru+2IWSJa47/y1fH8glZzAfBgNVHSMEGDAWgBQtHKppNY+MmPen
GfJZfV2t29ABjDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0xSeXFhVFdQakpqM3B4bnlXWDFkcmR2UUFZdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGYvYTkzNjk5LTE4OGItNDcwYS05NmI3LTI5YjA4NWRkMjNhZC8x
L1UzbGl6S2E3dnRpRmtpV3VPXzh0WHhfSUpXYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGYv
YTkzNjk5LTE4OGItNDcwYS05NmI3LTI5YjA4NWRkMjNhZC8xL0xSeXFhVFdQakpq
M3B4bnlXWDFkcmR2UUFZdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBF
BggrBgEFBQcBBwEB/wQ2MDQwMgQCAAEwLAMEAi2N6AMEAE6fnAMEAFtcIjAMAwQA
XZjPAwQAXZjQAwQAXhpZAwQAXr7DMA0GCSqGSIb3DQEBCwUAA4IBAQBSRAkkhDcG
NM31ypyABywTWMYc0v7LufZCUt5u8rpCwwahGy1QRr9nCsHS2dn53dU4tN4+nfvn
Wa8FIs/fHg88TwUBh4CIzIIB9XDVW/nj+jSnsq8UZUfybgQXQta5ykISHJ9is5Ht
/OAB1wu9UOvuXal37MCLRQtKC3gIUrJFTt7jeB3COIxNxxZszbzQMeIWDe1+WLxa
cLC26UJm7ymKgZD5WRk9bi4UMZSf64/4Y3zOYGZAwb5ZvSqZ39rXVFh7Suv6D2vM
ogzwKj5ozNYM1oTmVGHak0cglD94EyODjxR9ocQrMr0O353hoxlC1Tuk2ScH6AYL
/ab8XEyyVaTi
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:58 2023 by rpki-client on console-ams.rpki-client.org