Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/877e40-6ca1-4a2b-89a5-8abf5ee6c4ad/1/936CGMN1RqbfrMyi4JzmEx3xJGg.roa
File: 936CGMN1RqbfrMyi4JzmEx3xJGg.roa (raw, json)
Hash identifier: 3MeJjFALPN3bEhmoGIg08sjDBRv+rbFhW5laHzVvUvE=
Subject key identifier: F7:7E:82:18:C3:75:46:A6:DF:AC:CC:A2:E0:9C:E6:13:1D:F1:24:68
Certificate issuer: /CN=cac21641bdbcfac24c54b6a4859483c5e41640b6
Certificate serial: 09C81280
Authority key identifier: CA:C2:16:41:BD:BC:FA:C2:4C:54:B6:A4:85:94:83:C5:E4:16:40:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ysIWQb28-sJMVLakhZSDxeQWQLY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/877e40-6ca1-4a2b-89a5-8abf5ee6c4ad/1/936CGMN1RqbfrMyi4JzmEx3xJGg.roa
Signing time: Sat 01 Jan 2022 09:03:15 +0000
ROA not before: Sat 01 Jan 2022 09:03:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203101
IP address blocks: 185.98.100.0/22 maxlen: 22
45.56.224.0/22 maxlen: 22
45.56.224.0/21 maxlen: 22
45.56.233.0/24 maxlen: 24
45.56.232.0/24 maxlen: 24
45.56.228.0/22 maxlen: 22
45.56.236.0/22 maxlen: 23
45.56.234.0/23 maxlen: 23
45.56.240.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 164106880 (0x9c81280)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cac21641bdbcfac24c54b6a4859483c5e41640b6
Validity
Not Before: Jan 1 09:03:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f77e8218c37546a6dfaccca2e09ce6131df12468
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:2a:8a:cc:1d:c3:d8:3a:c9:9f:2e:0c:22:8a:
7a:12:95:76:d3:9f:6a:3d:c8:62:90:33:a7:04:b4:
63:d6:8e:c2:36:ad:dc:78:db:ca:c4:2a:19:f7:0e:
48:0e:c0:c5:63:6b:79:83:dd:21:51:db:3b:c8:cf:
67:ca:8b:68:7f:68:cb:99:ff:8b:40:99:48:1b:1b:
8a:0c:96:3d:c9:25:fe:38:f5:34:ac:19:89:40:9b:
54:1f:50:f2:26:cb:e1:ec:a6:45:f5:03:11:26:2e:
6b:02:aa:9e:d4:b0:7f:0a:b0:7c:2b:9a:0f:52:1a:
f6:a5:72:19:e7:5d:ac:c5:e5:0b:40:56:de:d4:e5:
47:49:3b:be:54:88:fc:30:49:47:a9:ba:f1:f1:de:
90:2f:dd:c8:70:5f:be:41:e2:2f:8a:f8:6f:e5:86:
4b:21:2a:09:9e:e8:57:8f:e7:e5:0a:bf:e3:eb:68:
02:79:0e:ef:21:7f:dd:6a:6e:1c:63:db:d2:e1:14:
90:3d:1d:4c:71:e8:89:a1:60:31:f0:75:1c:b2:4e:
0d:be:2f:2b:7d:d0:21:27:8e:19:8a:a1:67:86:ff:
2e:ca:1d:a7:8d:24:aa:bf:89:48:b9:9d:1d:37:75:
00:d0:36:1d:07:ea:a3:23:46:e4:f1:48:93:e0:94:
ce:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:7E:82:18:C3:75:46:A6:DF:AC:CC:A2:E0:9C:E6:13:1D:F1:24:68
X509v3 Authority Key Identifier:
keyid:CA:C2:16:41:BD:BC:FA:C2:4C:54:B6:A4:85:94:83:C5:E4:16:40:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ysIWQb28-sJMVLakhZSDxeQWQLY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/877e40-6ca1-4a2b-89a5-8abf5ee6c4ad/1/936CGMN1RqbfrMyi4JzmEx3xJGg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/877e40-6ca1-4a2b-89a5-8abf5ee6c4ad/1/ysIWQb28-sJMVLakhZSDxeQWQLY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.56.224.0/19
185.98.100.0/22
Signature Algorithm: sha256WithRSAEncryption
51:18:4d:b9:91:38:f9:aa:f4:e0:ae:df:55:d2:33:ad:2d:fd:
d9:6a:2c:00:1b:40:78:4d:c4:2b:db:1f:d5:f9:f9:70:04:d1:
3f:dd:58:82:d7:6e:c5:33:59:f7:fe:03:f3:4b:b0:90:8a:37:
8b:01:82:cb:8c:f5:15:2e:9d:79:7f:85:71:9f:af:23:3c:91:
e8:a5:7f:ad:9a:ce:42:fb:8c:65:d0:8f:23:d7:d3:10:0e:99:
f6:17:0e:a2:d5:8e:28:5f:80:e0:07:19:9b:c9:d6:35:fa:44:
5a:f6:50:b8:33:d2:db:e8:48:79:9c:98:2c:26:9d:ae:2c:84:
f4:b5:df:a7:15:38:9e:f5:6a:0b:20:6f:e1:be:c1:be:cd:a9:
e6:dc:e9:f1:dc:04:99:6f:f9:d5:ea:f5:88:4a:af:0c:55:91:
75:16:c7:7f:9f:13:a7:43:b9:d8:f3:1d:3c:fd:29:62:85:0d:
23:f4:c0:91:0f:4a:3c:e9:68:bf:11:c1:a0:71:67:ab:b8:9a:
96:fb:34:45:a4:41:c9:ed:60:e4:97:d1:8c:77:b4:4f:7c:38:
5e:67:d8:08:e8:a5:c4:00:30:22:68:02:22:c7:fe:21:63:c6:
0c:0f:8d:1e:68:f7:d9:9c:2e:f1:c7:7a:5c:f4:16:98:91:44:
6c:80:52:b1
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIECcgSgDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
YWMyMTY0MWJkYmNmYWMyNGM1NGI2YTQ4NTk0ODNjNWU0MTY0MGI2MB4XDTIyMDEw
MTA5MDMxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjc3ZTgyMThjMzc1
NDZhNmRmYWNjY2EyZTA5Y2U2MTMxZGYxMjQ2ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALwqiswdw9g6yZ8uDCKKehKVdtOfaj3IYpAzpwS0Y9aOwjat
3HjbysQqGfcOSA7AxWNreYPdIVHbO8jPZ8qLaH9oy5n/i0CZSBsbigyWPckl/jj1
NKwZiUCbVB9Q8ibL4eymRfUDESYuawKqntSwfwqwfCuaD1Ia9qVyGeddrMXlC0BW
3tTlR0k7vlSI/DBJR6m68fHekC/dyHBfvkHiL4r4b+WGSyEqCZ7oV4/n5Qq/4+to
AnkO7yF/3WpuHGPb0uEUkD0dTHHoiaFgMfB1HLJODb4vK33QISeOGYqhZ4b/Lsod
p40kqr+JSLmdHTd1ANA2HQfqoyNG5PFIk+CUzgECAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBT3foIYw3VGpt+szKLgnOYTHfEkaDAfBgNVHSMEGDAWgBTKwhZBvbz6wkxU
tqSFlIPF5BZAtjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3lzSVdRYjI4LXNKTVZMYWtoWlNEeGVRV1FMWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWIvODc3ZTQwLTZjYTEtNGEyYi04OWE1LThhYmY1ZWU2YzRhZC8x
LzkzNkNHTU4xUnFiZnJNeWk0SnptRXgzeEpHZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWIv
ODc3ZTQwLTZjYTEtNGEyYi04OWE1LThhYmY1ZWU2YzRhZC8xL3lzSVdRYjI4LXNK
TVZMYWtoWlNEeGVRV1FMWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEBS044AMEArliZDANBgkqhkiG9w0B
AQsFAAOCAQEAURhNuZE4+ar04K7fVdIzrS392WosABtAeE3EK9sf1fn5cATRP91Y
gtduxTNZ9/4D80uwkIo3iwGCy4z1FS6deX+FcZ+vIzyR6KV/rZrOQvuMZdCPI9fT
EA6Z9hcOotWOKF+A4AcZm8nWNfpEWvZQuDPS2+hIeZyYLCadriyE9LXfpxU4nvVq
CyBv4b7Bvs2p5tzp8dwEmW/51er1iEqvDFWRdRbHf58Tp0O52PMdPP0pYoUNI/TA
kQ9KPOlovxHBoHFnq7ialvs0RaRBye1g5JfRjHe0T3w4XmfYCOilxAAwImgCIsf+
IWPGDA+NHmj32Zwu8cd6XPQWmJFEbIBSsQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:47 2023 by rpki-client on console-ams.rpki-client.org