Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/8c2ae9-0a77-49eb-ad3a-ea150e7638ce/1/RCt20fDofXurJL23K6WMPaWXai4.roa
File: RCt20fDofXurJL23K6WMPaWXai4.roa (raw, json)
Hash identifier: HsG3cD+sqVcriXWjV4D7PCPpt2MMgdlKtzmJoJ/UoOE=
Subject key identifier: 44:2B:76:D1:F0:E8:7D:7B:AB:24:BD:B7:2B:A5:8C:3D:A5:97:6A:2E
Certificate issuer: /CN=5799b327dd6cda1ad37bc1c224a454b02dea2afc
Certificate serial: 01839A2DFD2AE7251E50E345A008105035B4
Authority key identifier: 57:99:B3:27:DD:6C:DA:1A:D3:7B:C1:C2:24:A4:54:B0:2D:EA:2A:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V5mzJ91s2hrTe8HCJKRUsC3qKvw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/8c2ae9-0a77-49eb-ad3a-ea150e7638ce/1/RCt20fDofXurJL23K6WMPaWXai4.roa
Signing time: Sun 02 Oct 2022 19:30:48 +0000
ROA not before: Sun 02 Oct 2022 19:30:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 14593
IP address blocks: 145.224.64.0/21 maxlen: 24
145.224.64.0/18 maxlen: 24
145.224.72.0/21 maxlen: 24
145.224.80.0/21 maxlen: 24
145.224.88.0/22 maxlen: 24
188.92.248.0/21 maxlen: 24
145.224.94.0/23 maxlen: 24
145.224.96.0/21 maxlen: 24
145.224.92.0/23 maxlen: 24
188.95.144.0/23 maxlen: 24
216.128.0.0/19 maxlen: 24
169.155.224.0/19 maxlen: 24
217.65.136.0/22 maxlen: 24
217.65.136.0/21 maxlen: 24
91.102.180.0/22 maxlen: 24
145.224.108.0/22 maxlen: 24
145.224.124.0/22 maxlen: 24
2a0d:3340::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:9a:2d:fd:2a:e7:25:1e:50:e3:45:a0:08:10:50:35:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5799b327dd6cda1ad37bc1c224a454b02dea2afc
Validity
Not Before: Oct 2 19:30:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=442b76d1f0e87d7bab24bdb72ba58c3da5976a2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:bc:ff:83:7e:f3:60:10:36:a8:3e:b4:52:51:
36:e0:b6:7a:7b:c3:ae:88:5f:91:57:f5:a8:25:0f:
46:b3:78:f8:21:62:7f:91:9d:5e:63:25:36:fd:4d:
4e:19:ed:f9:43:b5:20:8b:78:75:c9:6a:bd:65:92:
44:fe:56:50:f7:c1:ae:a7:94:2a:18:d5:89:db:05:
2d:9d:6f:fc:25:fa:84:96:3d:74:86:01:9b:a9:a2:
a6:86:9d:9d:ab:4c:78:72:e0:ad:12:7a:fc:06:71:
57:4d:8c:85:34:7d:fd:92:4b:85:b6:b2:35:3e:b5:
ad:e9:fc:5a:87:f1:98:fd:78:1e:63:3e:48:f5:06:
81:63:e8:1c:0c:81:4d:fd:71:ed:1d:63:d4:4f:28:
d8:0b:dc:34:49:6a:60:98:b0:a2:20:c9:40:17:45:
81:f6:af:0b:5c:ef:49:2a:5d:6d:aa:4f:cd:f7:cb:
ad:40:79:48:64:cb:5f:1d:d4:65:fe:ec:83:ff:0b:
06:6c:c0:a0:39:bb:31:df:f7:b7:a8:bd:b0:e5:a3:
d8:71:e1:5f:2b:5e:a6:88:87:55:3e:b9:5b:ba:23:
d9:5c:1c:1e:4f:e4:9c:ea:3b:73:a2:8e:a5:e8:59:
62:d5:c9:99:d6:9a:21:8a:3c:c3:77:35:4d:d3:8f:
18:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:2B:76:D1:F0:E8:7D:7B:AB:24:BD:B7:2B:A5:8C:3D:A5:97:6A:2E
X509v3 Authority Key Identifier:
keyid:57:99:B3:27:DD:6C:DA:1A:D3:7B:C1:C2:24:A4:54:B0:2D:EA:2A:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V5mzJ91s2hrTe8HCJKRUsC3qKvw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/8c2ae9-0a77-49eb-ad3a-ea150e7638ce/1/RCt20fDofXurJL23K6WMPaWXai4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/8c2ae9-0a77-49eb-ad3a-ea150e7638ce/1/V5mzJ91s2hrTe8HCJKRUsC3qKvw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.102.180.0/22
145.224.64.0/18
169.155.224.0/19
188.92.248.0/21
188.95.144.0/23
216.128.0.0/19
217.65.136.0/21
IPv6:
2a0d:3340::/29
Signature Algorithm: sha256WithRSAEncryption
53:22:e9:24:16:ec:60:1c:93:11:55:b3:91:6a:92:a5:38:6d:
09:c6:75:81:e8:14:00:e9:ac:cd:0a:b7:04:63:2c:52:f9:37:
94:4d:72:67:e4:ad:5b:99:cc:41:28:5a:67:70:85:59:56:45:
90:6f:df:e4:fa:95:f4:51:d0:73:06:d4:d8:33:2a:ea:72:06:
6f:ec:c4:9e:f6:c8:ce:ba:da:b6:c9:36:45:34:9e:8b:b0:48:
c9:fa:00:6c:95:45:87:8e:7b:94:0d:96:14:cf:92:2c:75:19:
00:5f:b9:21:08:2a:40:9e:e6:bd:6e:b8:c4:98:45:3a:e2:97:
14:67:83:15:01:85:07:37:39:1c:24:1e:7b:17:73:1a:dd:7b:
a7:d9:e0:f3:a1:2b:0e:12:d5:b6:d1:6e:36:e4:c0:a4:68:65:
17:ea:e4:5f:6a:77:d6:58:6c:75:cf:76:3d:27:a5:63:e7:6f:
54:39:b3:e2:a4:a8:75:d1:ef:d5:ef:c6:74:16:ab:cb:e1:75:
bb:d4:cb:d5:a4:69:7a:10:1f:73:65:4b:7f:48:3c:5a:6a:49:
cc:dd:4b:17:b0:84:20:3d:3e:7c:d8:42:da:26:9b:d6:35:9e:
f0:9a:57:de:ee:65:4a:2a:c5:48:58:bb:38:cf:d0:08:3a:13:
b0:f7:19:98
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYOaLf0q5yUeUONFoAgQUDW0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3OTliMzI3ZGQ2Y2RhMWFkMzdiYzFjMjI0YTQ1NGIwMmRl
YTJhZmMwHhcNMjIxMDAyMTkzMDQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDJiNzZkMWYwZTg3ZDdiYWIyNGJkYjcyYmE1OGMzZGE1OTc2YTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsLz/g37zYBA2qD60UlE24LZ6e8Ou
iF+RV/WoJQ9Gs3j4IWJ/kZ1eYyU2/U1OGe35Q7Ugi3h1yWq9ZZJE/lZQ98Gup5Qq
GNWJ2wUtnW/8JfqElj10hgGbqaKmhp2dq0x4cuCtEnr8BnFXTYyFNH39kkuFtrI1
PrWt6fxah/GY/XgeYz5I9QaBY+gcDIFN/XHtHWPUTyjYC9w0SWpgmLCiIMlAF0WB
9q8LXO9JKl1tqk/N98utQHlIZMtfHdRl/uyD/wsGbMCgObsx3/e3qL2w5aPYceFf
K16miIdVPrlbuiPZXBweT+Sc6jtzoo6l6Fli1cmZ1pohijzDdzVN048YEwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFEQrdtHw6H17qyS9tyuljD2ll2ouMB8GA1UdIwQY
MBaAFFeZsyfdbNoa03vBwiSkVLAt6ir8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjVteko5MXMyaHJUZThIQ0pLUlVzQzNxS3Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC84YzJhZTktMGE3Ny00OWViLWFkM2Et
ZWExNTBlNzYzOGNlLzEvUkN0MjBmRG9mWHVySkwyM0s2V01QYVdYYWk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC84YzJhZTktMGE3Ny00OWViLWFkM2EtZWExNTBlNzYzOGNl
LzEvVjVteko5MXMyaHJUZThIQ0pLUlVzQzNxS3Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQCW2a0AwQG
keBAAwQFqZvgAwQDvFz4AwQBvF+QAwQF2IAAAwQD2UGIMA0EAgACMAcDBQMqDTNA
MA0GCSqGSIb3DQEBCwUAA4IBAQBTIukkFuxgHJMRVbORapKlOG0JxnWB6BQA6azN
CrcEYyxS+TeUTXJn5K1bmcxBKFpncIVZVkWQb9/k+pX0UdBzBtTYMyrqcgZv7MSe
9sjOutq2yTZFNJ6LsEjJ+gBslUWHjnuUDZYUz5IsdRkAX7khCCpAnua9brjEmEU6
4pcUZ4MVAYUHNzkcJB57F3Ma3Xun2eDzoSsOEtW20W425MCkaGUX6uRfanfWWGx1
z3Y9J6Vj529UObPipKh10e/V78Z0FqvL4XW71MvVpGl6EB9zZUt/SDxaaknM3UsX
sIQgPT582ELaJpvWNZ7wmlfe7mVKKsVIWLs4z9AIOhOw9xmY
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:18 2024 by rpki-client on console-ams.rpki-client.org