Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/ae3bac-3da2-4e49-bdab-13ef1c455cc4/1/AtoYBfmS2ivqGdmiI4UbD34Us8A.roa
File: AtoYBfmS2ivqGdmiI4UbD34Us8A.roa (raw, json)
Hash identifier: io5Dm1Z+V4l/y7QrQNiM4APcUTxinFqEbRFgGh7GYF8=
Subject key identifier: 02:DA:18:05:F9:92:DA:2B:EA:19:D9:A2:23:85:1B:0F:7E:14:B3:C0
Certificate issuer: /CN=92660b23fe3b8642d6bf475f8eb7fcad9d13c413
Certificate serial: 0187C68CB122232353D2E6DE02C22A235EE1
Authority key identifier: 92:66:0B:23:FE:3B:86:42:D6:BF:47:5F:8E:B7:FC:AD:9D:13:C4:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kmYLI_47hkLWv0dfjrf8rZ0TxBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/ae3bac-3da2-4e49-bdab-13ef1c455cc4/1/AtoYBfmS2ivqGdmiI4UbD34Us8A.roa
Signing time: Fri 28 Apr 2023 06:28:41 +0000
ROA not before: Fri 28 Apr 2023 06:28:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211768
IP address blocks: 45.83.160.0/22 maxlen: 24
185.86.188.0/22 maxlen: 24
193.148.188.0/24 maxlen: 24
185.124.192.0/22 maxlen: 24
193.19.128.0/22 maxlen: 24
2a06:b500::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:c6:8c:b1:22:23:23:53:d2:e6:de:02:c2:2a:23:5e:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92660b23fe3b8642d6bf475f8eb7fcad9d13c413
Validity
Not Before: Apr 28 06:28:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=02da1805f992da2bea19d9a223851b0f7e14b3c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:2f:3d:1f:99:e5:27:86:e7:74:6c:ce:8b:b7:
5a:eb:89:67:23:f9:1c:72:ac:b5:86:03:3e:f2:3b:
3a:7e:cc:49:69:5a:57:b8:f5:be:e1:f4:5f:c1:37:
3c:15:74:df:04:a9:29:b1:de:80:c6:bc:2a:2d:37:
aa:2f:0d:19:7d:bf:95:10:46:78:12:00:09:1e:5c:
4f:71:cc:51:11:ed:0b:0e:dc:ed:0d:8e:a1:84:fc:
2c:75:59:0d:eb:1b:10:48:8f:e2:a3:d9:a6:60:ff:
be:6a:2f:b1:25:ae:70:74:0b:02:b0:a1:e3:b7:68:
21:39:e1:7e:b6:6b:1e:4c:9c:ea:d5:12:da:ee:e1:
4a:30:58:23:b9:b3:08:58:8a:bc:fc:53:c3:b2:27:
42:9e:77:cd:e5:9f:cd:c6:7d:88:80:ed:89:f9:26:
29:a8:f0:8f:35:6d:f2:53:07:e4:fc:8e:2e:ea:5d:
bf:fc:9c:0a:83:12:a1:23:c3:1f:95:3e:ef:24:ff:
a3:d6:20:04:a6:ad:0a:d6:77:c0:fb:a9:62:17:c0:
a9:e7:4e:21:f1:2b:69:d2:ee:52:ae:32:77:c2:68:
18:8b:4c:cd:28:ef:6c:c1:f0:74:e7:4d:a2:00:6b:
ef:44:e4:93:96:77:9e:e2:74:67:ee:ab:38:ee:59:
74:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:DA:18:05:F9:92:DA:2B:EA:19:D9:A2:23:85:1B:0F:7E:14:B3:C0
X509v3 Authority Key Identifier:
keyid:92:66:0B:23:FE:3B:86:42:D6:BF:47:5F:8E:B7:FC:AD:9D:13:C4:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kmYLI_47hkLWv0dfjrf8rZ0TxBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/ae3bac-3da2-4e49-bdab-13ef1c455cc4/1/AtoYBfmS2ivqGdmiI4UbD34Us8A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/ae3bac-3da2-4e49-bdab-13ef1c455cc4/1/kmYLI_47hkLWv0dfjrf8rZ0TxBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.83.160.0/22
185.86.188.0/22
185.124.192.0/22
193.19.128.0/22
193.148.188.0/24
IPv6:
2a06:b500::/29
Signature Algorithm: sha256WithRSAEncryption
4c:6a:86:75:a9:df:5d:b7:64:51:71:c2:39:22:a9:13:9e:a2:
b4:3a:5c:0b:4f:aa:54:b0:0e:22:48:ee:ee:7b:ef:6a:19:08:
af:52:bc:68:81:d2:78:49:47:5f:84:a3:91:50:e0:02:8b:4a:
19:05:f1:84:ac:94:8a:a1:2f:fa:03:7b:ad:1c:3f:15:6e:00:
d5:0f:5a:7a:1f:39:e6:bc:8a:42:b3:c6:65:f1:85:da:67:37:
f0:96:a6:70:cd:4c:d4:ea:39:e2:7e:7b:cc:a1:b9:34:f7:b1:
28:a1:1b:fc:e7:9d:2e:c3:d9:e3:44:13:d6:1a:bf:3b:7e:78:
0e:79:9d:b3:50:e2:69:a6:1f:9e:44:76:ed:05:1e:3b:3e:85:
eb:c2:27:ee:eb:fe:31:97:ab:68:78:4e:89:e6:5f:7d:e6:e2:
cc:02:06:ab:3d:e2:b4:be:69:16:ab:e5:5e:69:cf:fc:98:eb:
44:a1:c0:68:93:64:5c:84:f3:ff:f1:09:82:7b:e5:18:3c:df:
6c:86:d9:2a:a3:a0:49:d9:ab:83:2f:bf:4c:48:11:48:bf:9b:
ca:14:89:44:92:ec:ed:55:c8:96:d6:4a:c8:16:16:ca:ec:5d:
37:90:a3:6a:a6:0a:46:6d:71:a6:80:36:f3:ec:8d:43:ef:f5:
3f:04:81:15
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYfGjLEiIyNT0ubeAsIqI17hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyNjYwYjIzZmUzYjg2NDJkNmJmNDc1ZjhlYjdmY2FkOWQx
M2M0MTMwHhcNMjMwNDI4MDYyODQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmRhMTgwNWY5OTJkYTJiZWExOWQ5YTIyMzg1MWIwZjdlMTRiM2MwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAky89H5nlJ4bndGzOi7da64lnI/kc
cqy1hgM+8js6fsxJaVpXuPW+4fRfwTc8FXTfBKkpsd6AxrwqLTeqLw0Zfb+VEEZ4
EgAJHlxPccxREe0LDtztDY6hhPwsdVkN6xsQSI/io9mmYP++ai+xJa5wdAsCsKHj
t2ghOeF+tmseTJzq1RLa7uFKMFgjubMIWIq8/FPDsidCnnfN5Z/Nxn2IgO2J+SYp
qPCPNW3yUwfk/I4u6l2//JwKgxKhI8MflT7vJP+j1iAEpq0K1nfA+6liF8Cp504h
8Stp0u5SrjJ3wmgYi0zNKO9swfB0502iAGvvROSTlnee4nRn7qs47ll08wIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFALaGAX5ktor6hnZoiOFGw9+FLPAMB8GA1UdIwQY
MBaAFJJmCyP+O4ZC1r9HX463/K2dE8QTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva21ZTElfNDdoa0xXdjBkZmpyZjhyWjBUeEJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9hZTNiYWMtM2RhMi00ZTQ5LWJkYWIt
MTNlZjFjNDU1Y2M0LzEvQXRvWUJmbVMyaXZxR2RtaUk0VWJEMzRVczhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9hZTNiYWMtM2RhMi00ZTQ5LWJkYWItMTNlZjFjNDU1Y2M0
LzEva21ZTElfNDdoa0xXdjBkZmpyZjhyWjBUeEJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCLVOgAwQC
uVa8AwQCuXzAAwQCwROAAwQAwZS8MA0EAgACMAcDBQMqBrUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBMaoZ1qd9dt2RRccI5IqkTnqK0OlwLT6pUsA4iSO7ue+9qGQivUrxo
gdJ4SUdfhKORUOACi0oZBfGErJSKoS/6A3utHD8VbgDVD1p6HznmvIpCs8Zl8YXa
ZzfwlqZwzUzU6jnifnvMobk097EooRv8550uw9njRBPWGr87fngOeZ2zUOJpph+e
RHbtBR47PoXrwifu6/4xl6toeE6J5l995uLMAgarPeK0vmkWq+Veac/8mOtEocBo
k2RchPP/8QmCe+UYPN9shtkqo6BJ2auDL79MSBFIv5vKFIlEkuztVciW1krIFhbK
7F03kKNqpgpGbXGmgDbz7I1D7/U/BIEV
-----END CERTIFICATE-----
Generated at Mon Apr 28 01:27:03 2025 by rpki-client