Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/hc9h1YOcrSkUhP_G50vg1qDLyCg.roa
File: hc9h1YOcrSkUhP_G50vg1qDLyCg.roa (raw, json)
Hash identifier: JP4dNJ/uXeYGtv7543zjTMaCEnhl5x0QL6UVTJaQPr0=
Subject key identifier: 85:CF:61:D5:83:9C:AD:29:14:84:FF:C6:E7:4B:E0:D6:A0:CB:C8:28
Certificate issuer: /CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Certificate serial: 03C24C79
Authority key identifier: 81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/hc9h1YOcrSkUhP_G50vg1qDLyCg.roa
Signing time: Mon 14 Mar 2022 16:04:12 +0000
ROA not before: Mon 14 Mar 2022 16:04:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 83.147.44.0/22 maxlen: 24
83.147.40.0/22 maxlen: 24
83.147.48.0/22 maxlen: 24
83.147.60.0/23 maxlen: 24
83.147.62.0/24 maxlen: 24
45.156.56.0/22 maxlen: 24
83.147.4.0/22 maxlen: 24
83.147.8.0/21 maxlen: 24
83.147.16.0/20 maxlen: 24
83.147.32.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63065209 (0x3c24c79)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Validity
Not Before: Mar 14 16:04:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=85cf61d5839cad291484ffc6e74be0d6a0cbc828
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:96:39:4b:fb:30:f5:ae:be:e5:a0:9f:d2:1c:
46:db:c4:ea:c2:e7:90:0f:46:41:30:ff:57:8a:c9:
6a:1c:f9:f3:bc:a8:f2:88:e7:93:0c:0d:0b:44:fa:
65:47:7f:55:9f:f9:e8:42:2f:e4:33:5b:da:13:60:
be:bc:ec:ce:15:9b:5b:39:4c:86:d9:85:d1:0f:b8:
3c:6b:b0:c1:45:a1:76:e5:1f:05:7b:69:6f:06:27:
3b:a2:95:fe:49:63:71:de:02:9d:42:d2:cd:a3:4f:
4b:76:0f:04:2f:7a:ee:67:97:2d:6b:aa:ca:56:18:
89:d1:1d:db:29:3b:f5:3a:38:ce:6c:ef:3e:e6:65:
1b:37:f8:41:d9:b7:51:46:fc:75:5a:3d:9c:b5:04:
81:1b:12:1a:af:bb:cb:9b:80:e1:3a:76:77:17:01:
2b:69:53:24:8d:d3:f9:79:bd:78:8f:f2:ee:47:00:
19:fc:cc:d3:5a:41:7f:17:68:82:db:b4:b4:59:81:
1c:5c:8b:56:2a:20:ad:c4:32:f4:b5:4e:dc:c8:f7:
da:bf:5e:6c:71:15:6a:d3:00:8e:43:21:0d:29:99:
12:55:87:a4:5b:2a:a6:9f:9e:d4:5b:49:ee:ae:b3:
b4:46:11:cb:bb:2a:2c:57:ce:71:76:78:81:fa:67:
d0:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:CF:61:D5:83:9C:AD:29:14:84:FF:C6:E7:4B:E0:D6:A0:CB:C8:28
X509v3 Authority Key Identifier:
keyid:81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/hc9h1YOcrSkUhP_G50vg1qDLyCg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/gZP_6ds3YmsT-F18xFeq1cHzDJ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.56.0/22
83.147.4.0-83.147.35.255
83.147.40.0-83.147.51.255
83.147.60.0-83.147.62.255
Signature Algorithm: sha256WithRSAEncryption
95:e0:9c:8f:e9:fd:c8:d5:c5:e5:b4:6a:4b:84:ea:a7:19:ac:
03:e4:f6:0e:a6:53:59:e9:e5:66:ac:f3:d6:dd:6f:e9:1e:31:
e0:00:4c:c4:92:9c:42:89:83:08:4a:19:f1:5f:53:4e:04:47:
a6:d4:2f:8e:31:73:e8:c1:e8:d6:8b:f3:49:7c:ab:02:ec:9f:
be:84:59:ba:aa:64:5c:55:11:9e:e7:64:34:6d:f6:e3:f5:b1:
72:50:d9:17:53:dc:d4:ca:3e:11:5c:29:ba:d4:d6:9d:d1:6f:
da:8c:f8:9a:36:11:d8:95:ab:2d:77:35:67:6a:4a:f0:f9:42:
c7:24:0c:58:5a:d3:5e:47:17:f9:c1:fd:30:15:14:f7:31:48:
2f:27:1c:30:44:9a:9f:e6:ca:57:d6:d1:9a:ed:09:b7:6a:3d:
0e:ae:59:56:3c:9e:15:db:a4:6c:30:48:76:18:bd:e0:cb:b5:
26:f3:ee:b2:fc:51:22:23:ec:44:d4:77:58:86:90:d0:0c:a3:
ea:52:c5:b2:58:ce:25:77:37:4c:fc:3c:73:e8:ad:20:e5:3e:
9d:36:47:ad:62:08:63:94:63:3a:15:27:4b:70:36:0f:9d:93:
dc:15:db:ad:21:df:27:4b:39:7f:9a:10:79:97:a0:cc:a0:a9:
9e:84:b2:45
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgIEA8JMeTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MTkzZmZlOWRiMzc2MjZiMTNmODVkN2NjNDU3YWFkNWMxZjMwYzlmMB4XDTIyMDMx
NDE2MDQxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODVjZjYxZDU4Mzlj
YWQyOTE0ODRmZmM2ZTc0YmUwZDZhMGNiYzgyODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANeWOUv7MPWuvuWgn9IcRtvE6sLnkA9GQTD/V4rJahz587yo
8ojnkwwNC0T6ZUd/VZ/56EIv5DNb2hNgvrzszhWbWzlMhtmF0Q+4PGuwwUWhduUf
BXtpbwYnO6KV/kljcd4CnULSzaNPS3YPBC967meXLWuqylYYidEd2yk79To4zmzv
PuZlGzf4Qdm3UUb8dVo9nLUEgRsSGq+7y5uA4Tp2dxcBK2lTJI3T+Xm9eI/y7kcA
GfzM01pBfxdogtu0tFmBHFyLViogrcQy9LVO3Mj32r9ebHEVatMAjkMhDSmZElWH
pFsqpp+e1FtJ7q6ztEYRy7sqLFfOcXZ4gfpn0LkCAwEAAaOCAjMwggIvMB0GA1Ud
DgQWBBSFz2HVg5ytKRSE/8bnS+DWoMvIKDAfBgNVHSMEGDAWgBSBk//p2zdiaxP4
XXzEV6rVwfMMnzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2daUF82ZHMzWW1zVC1GMTh4RmVxMWNIekRKOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTcvNzZiYzFlLWI2ZjQtNDA4YS1iYjg5LTA4ZDEyNzBjMmU3MS8x
L2hjOWgxWU9jclNrVWhQX0c1MHZnMXFETHlDZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTcv
NzZiYzFlLWI2ZjQtNDA4YS1iYjg5LTA4ZDEyNzBjMmU3MS8xL2daUF82ZHMzWW1z
VC1GMTh4RmVxMWNIekRKOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBJ
BggrBgEFBQcBBwEB/wQ6MDgwNgQCAAEwMAMEAi2cODAMAwQCU5MEAwQCU5MgMAwD
BANTkygDBAJTkzAwDAMEAlOTPAMEAFOTPjANBgkqhkiG9w0BAQsFAAOCAQEAleCc
j+n9yNXF5bRqS4TqpxmsA+T2DqZTWenlZqzz1t1v6R4x4ABMxJKcQomDCEoZ8V9T
TgRHptQvjjFz6MHo1ovzSXyrAuyfvoRZuqpkXFURnudkNG324/WxclDZF1Pc1Mo+
EVwputTWndFv2oz4mjYR2JWrLXc1Z2pK8PlCxyQMWFrTXkcX+cH9MBUU9zFILycc
MESan+bKV9bRmu0Jt2o9Dq5ZVjyeFdukbDBIdhi94Mu1JvPusvxRIiPsRNR3WIaQ
0Ayj6lLFsljOJXc3TPw8c+itIOU+nTZHrWIIY5RjOhUnS3A2D52T3BXbrSHfJ0s5
f5oQeZegzKCpnoSyRQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:50 2024 by rpki-client on console-fra.rpki-client.org