Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/e1cee6-dcff-4373-bd88-a3c539f0b6d2/1/RDitiB0FTFlzNqvXAUGxBC7kylg.roa
File: RDitiB0FTFlzNqvXAUGxBC7kylg.roa (raw, json)
Hash identifier: K7eeAw1ZTP70cViPZ8MUYBD0v9QzDWSI2qhbkGloKM0=
Subject key identifier: 44:38:AD:88:1D:05:4C:59:73:36:AB:D7:01:41:B1:04:2E:E4:CA:58
Certificate issuer: /CN=44a3b43f647e1e7714cd130764cbbc4814e7a148
Certificate serial: 0182D64B836BA4B38BF4E5DEE1E6A6BE6D93
Authority key identifier: 44:A3:B4:3F:64:7E:1E:77:14:CD:13:07:64:CB:BC:48:14:E7:A1:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RKO0P2R-HncUzRMHZMu8SBTnoUg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/e1cee6-dcff-4373-bd88-a3c539f0b6d2/1/RDitiB0FTFlzNqvXAUGxBC7kylg.roa
Signing time: Thu 25 Aug 2022 18:37:29 +0000
ROA not before: Thu 25 Aug 2022 18:37:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 14127
IP address blocks: 185.45.0.0/23 maxlen: 23
185.45.2.0/23 maxlen: 24
193.246.192.0/24 maxlen: 24
193.246.193.0/24 maxlen: 24
193.246.196.0/24 maxlen: 24
193.246.195.0/24 maxlen: 24
193.246.194.0/24 maxlen: 24
193.246.197.0/24 maxlen: 24
89.106.176.0/22 maxlen: 24
89.106.180.0/23 maxlen: 23
89.106.182.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:d6:4b:83:6b:a4:b3:8b:f4:e5:de:e1:e6:a6:be:6d:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44a3b43f647e1e7714cd130764cbbc4814e7a148
Validity
Not Before: Aug 25 18:37:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4438ad881d054c597336abd70141b1042ee4ca58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:0a:76:29:a4:ba:53:4a:2b:27:cb:50:fc:b1:
b8:d9:87:e9:cf:e9:6e:d0:79:51:3d:28:30:c6:9c:
c5:b5:f1:22:44:b0:e2:7d:89:23:ed:93:b7:2f:58:
be:8b:a4:45:75:5b:b1:8c:1c:43:6d:43:b5:6d:85:
b4:aa:f6:25:12:0e:05:7b:26:3a:4f:c7:89:21:23:
17:6a:f7:4d:fa:8d:46:c5:de:aa:4e:8e:f7:5c:2b:
8a:07:03:f5:77:e7:ba:54:42:bd:0f:bf:fc:6e:a9:
2f:1f:2e:b0:b7:e3:5b:90:22:94:98:71:d3:90:4b:
4c:d9:ac:0a:a3:c9:55:79:88:75:f7:31:32:52:03:
e0:40:a3:4c:cd:54:c0:2f:18:35:0f:16:23:3c:cf:
27:3b:f9:11:30:96:d4:01:6f:3d:73:6b:9a:dd:fd:
e4:4a:76:8e:b4:35:61:db:55:0f:8f:20:a3:ad:ed:
8f:e6:9a:a3:96:95:37:72:20:a9:e3:8b:d6:12:ef:
2a:ba:fb:a7:56:c7:1f:35:94:dd:ef:85:38:c5:67:
f7:52:eb:83:0b:e1:60:2a:24:d3:85:d0:0a:92:d5:
50:3e:1c:ab:c5:d6:b0:ef:4a:62:2b:7a:41:4e:07:
e4:45:6f:a5:4a:54:13:d1:c7:dd:e5:7a:04:a4:d7:
c0:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:38:AD:88:1D:05:4C:59:73:36:AB:D7:01:41:B1:04:2E:E4:CA:58
X509v3 Authority Key Identifier:
keyid:44:A3:B4:3F:64:7E:1E:77:14:CD:13:07:64:CB:BC:48:14:E7:A1:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RKO0P2R-HncUzRMHZMu8SBTnoUg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/e1cee6-dcff-4373-bd88-a3c539f0b6d2/1/RDitiB0FTFlzNqvXAUGxBC7kylg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/e1cee6-dcff-4373-bd88-a3c539f0b6d2/1/RKO0P2R-HncUzRMHZMu8SBTnoUg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.106.176.0/21
185.45.0.0/22
193.246.192.0-193.246.197.255
Signature Algorithm: sha256WithRSAEncryption
5b:f3:93:a6:3e:d7:ae:36:5a:6b:f1:c1:6b:c2:f2:d4:fb:2a:
ac:c1:5d:d2:3d:5e:d6:40:6d:f2:9a:0e:1d:d3:94:23:25:44:
53:c4:86:18:78:5e:12:40:86:ae:a1:bf:53:a2:f2:9f:5c:90:
b3:39:7e:df:0c:00:dc:b6:21:29:aa:1d:c8:3b:4b:1e:20:f2:
9c:3b:01:36:da:07:24:91:63:1d:ed:7e:4c:7a:4e:01:7f:33:
93:f2:6a:cb:23:bb:87:4c:f7:aa:8d:ca:92:24:c7:7e:9d:e5:
6c:33:8b:f4:71:ac:52:fc:93:46:a4:a9:14:93:49:0d:61:fb:
97:82:c4:8f:42:6f:3d:35:0c:0a:b2:a7:af:8a:d5:c5:97:1b:
2a:d7:78:3d:a7:a8:ce:b6:14:da:45:d6:f0:30:42:79:a9:7c:
f3:bf:16:ca:da:6e:68:f2:1c:42:1b:34:ec:ba:af:f8:78:bb:
2e:c7:9b:c4:b4:fa:81:e6:68:1c:12:e0:9e:62:04:22:d6:bf:
e9:fb:fc:bf:5a:1c:cf:6a:31:09:62:81:52:f5:cb:be:13:bc:
dd:a1:9a:39:04:9f:89:02:77:ca:e5:f9:a6:10:56:55:25:56:
2b:ae:9c:73:36:b4:57:e2:58:61:4b:b2:bf:7f:2e:3b:c3:09:
31:78:a3:5b
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYLWS4NrpLOL9OXe4eamvm2TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0YTNiNDNmNjQ3ZTFlNzcxNGNkMTMwNzY0Y2JiYzQ4MTRl
N2ExNDgwHhcNMjIwODI1MTgzNzI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDM4YWQ4ODFkMDU0YzU5NzMzNmFiZDcwMTQxYjEwNDJlZTRjYTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjQp2KaS6U0orJ8tQ/LG42Yfpz+lu
0HlRPSgwxpzFtfEiRLDifYkj7ZO3L1i+i6RFdVuxjBxDbUO1bYW0qvYlEg4FeyY6
T8eJISMXavdN+o1Gxd6qTo73XCuKBwP1d+e6VEK9D7/8bqkvHy6wt+NbkCKUmHHT
kEtM2awKo8lVeYh19zEyUgPgQKNMzVTALxg1DxYjPM8nO/kRMJbUAW89c2ua3f3k
SnaOtDVh21UPjyCjre2P5pqjlpU3ciCp44vWEu8quvunVscfNZTd74U4xWf3UuuD
C+FgKiTThdAKktVQPhyrxdaw70piK3pBTgfkRW+lSlQT0cfd5XoEpNfAAwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFEQ4rYgdBUxZczar1wFBsQQu5MpYMB8GA1UdIwQY
MBaAFESjtD9kfh53FM0TB2TLvEgU56FIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUktPMFAyUi1IbmNVelJNSFpNdThTQlRub1VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS9lMWNlZTYtZGNmZi00MzczLWJkODgt
YTNjNTM5ZjBiNmQyLzEvUkRpdGlCMEZURmx6TnF2WEFVR3hCQzdreWxnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS9lMWNlZTYtZGNmZi00MzczLWJkODgtYTNjNTM5ZjBiNmQy
LzEvUktPMFAyUi1IbmNVelJNSFpNdThTQlRub1VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQDWWqwAwQC
uS0AMAwDBAbB9sADBAHB9sQwDQYJKoZIhvcNAQELBQADggEBAFvzk6Y+1642Wmvx
wWvC8tT7KqzBXdI9XtZAbfKaDh3TlCMlRFPEhhh4XhJAhq6hv1Oi8p9ckLM5ft8M
ANy2ISmqHcg7Sx4g8pw7ATbaBySRYx3tfkx6TgF/M5Pyassju4dM96qNypIkx36d
5Wwzi/RxrFL8k0akqRSTSQ1h+5eCxI9Cbz01DAqyp6+K1cWXGyrXeD2nqM62FNpF
1vAwQnmpfPO/FsrabmjyHEIbNOy6r/h4uy7Hm8S0+oHmaBwS4J5iBCLWv+n7/L9a
HM9qMQligVL1y74TvN2hmjkEn4kCd8rl+aYQVlUlViuunHM2tFfiWGFLsr9/LjvD
CTF4o1s=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:19 2024 by rpki-client on console-fra.rpki-client.org