Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/1f3712-cf2c-486e-95b3-fcc336eed8d7/1/um1qb1PqC99vcQWnT6bwuQeuWJw.roa
File: um1qb1PqC99vcQWnT6bwuQeuWJw.roa (raw, json)
Hash identifier: vDrcrfYcuJGPvuvpa/EsHligJf//QFEwr5uS5L4RqWs=
Subject key identifier: BA:6D:6A:6F:53:EA:0B:DF:6F:71:05:A7:4F:A6:F0:B9:07:AE:58:9C
Certificate issuer: /CN=b2c0bdafadea78dce312f862ddf42b1bd4c4f645
Certificate serial: 029BFDAF
Authority key identifier: B2:C0:BD:AF:AD:EA:78:DC:E3:12:F8:62:DD:F4:2B:1B:D4:C4:F6:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ssC9r63qeNzjEvhi3fQrG9TE9kU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/1f3712-cf2c-486e-95b3-fcc336eed8d7/1/um1qb1PqC99vcQWnT6bwuQeuWJw.roa
Signing time: Sat 02 Jul 2022 20:23:25 +0000
ROA not before: Sat 02 Jul 2022 20:23:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212512
IP address blocks: 45.94.4.0/24 maxlen: 24
45.94.7.0/24 maxlen: 24
45.94.6.0/24 maxlen: 24
194.29.55.0/24 maxlen: 24
2a10:9f80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 43777455 (0x29bfdaf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2c0bdafadea78dce312f862ddf42b1bd4c4f645
Validity
Not Before: Jul 2 20:23:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ba6d6a6f53ea0bdf6f7105a74fa6f0b907ae589c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:84:0a:e1:8e:ef:04:c2:b2:d5:fe:62:b4:a3:
11:f8:ff:55:7d:08:82:c5:8d:cc:84:7a:03:68:3f:
9a:5f:5e:5b:3b:e3:a9:f9:8e:5a:7e:d5:8d:7c:54:
6c:06:47:59:25:f2:ca:4b:79:4a:54:be:2c:84:da:
0a:f2:1d:89:5a:f1:db:b1:a1:0f:11:be:4f:94:05:
55:e1:15:d1:52:21:23:16:ca:ef:fb:1f:9d:0e:10:
36:95:a3:23:9a:6e:38:fa:9f:ef:3e:0e:da:c7:c5:
22:e3:9d:b4:65:4b:75:66:fc:28:cc:e2:19:5a:b7:
7b:a9:74:d2:10:8f:09:82:44:f1:65:08:36:56:f1:
5b:dd:af:77:a4:79:40:4b:4f:fa:ca:0e:61:7e:26:
38:9a:3b:49:e9:c3:da:f0:d5:7e:eb:67:18:4b:c0:
23:a6:65:49:f1:d0:e7:f1:a7:5a:fb:f4:a5:e3:05:
dd:f5:f0:1c:68:a3:05:8d:94:3d:c8:26:68:60:b1:
eb:34:2e:c1:2c:22:29:e7:2e:86:2a:07:62:82:de:
4f:78:45:02:71:3c:89:88:0b:51:43:69:2c:44:61:
cd:3c:98:39:18:c5:25:1e:80:bb:d7:ce:69:ab:b5:
24:86:32:e7:c9:b9:61:5a:71:66:e3:2e:82:52:b3:
28:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:6D:6A:6F:53:EA:0B:DF:6F:71:05:A7:4F:A6:F0:B9:07:AE:58:9C
X509v3 Authority Key Identifier:
keyid:B2:C0:BD:AF:AD:EA:78:DC:E3:12:F8:62:DD:F4:2B:1B:D4:C4:F6:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ssC9r63qeNzjEvhi3fQrG9TE9kU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/1f3712-cf2c-486e-95b3-fcc336eed8d7/1/um1qb1PqC99vcQWnT6bwuQeuWJw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/1f3712-cf2c-486e-95b3-fcc336eed8d7/1/ssC9r63qeNzjEvhi3fQrG9TE9kU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.4.0/24
45.94.6.0/23
194.29.55.0/24
IPv6:
2a10:9f80::/29
Signature Algorithm: sha256WithRSAEncryption
1d:40:c2:42:86:79:9c:54:6f:85:63:50:45:96:ad:04:22:f6:
ba:17:74:97:9c:b6:ef:40:df:b4:2c:1e:18:29:13:fd:cb:b6:
79:11:12:bf:93:e5:5e:88:96:1f:05:ad:64:7f:f0:98:74:54:
b4:64:6b:d0:bd:77:60:68:5a:6f:8f:34:d7:1f:bc:56:20:96:
18:6b:ae:1f:b0:70:55:4d:a1:80:0a:54:ff:1e:eb:4d:1a:c9:
68:64:72:03:e0:ea:2f:0f:ea:31:7d:a1:20:90:45:9a:f2:9e:
bb:88:3f:37:ff:ac:17:4d:65:ab:4c:bf:c8:f8:ff:38:f5:1f:
97:98:7c:35:29:dd:87:c5:ec:cd:58:a4:cb:d6:ed:5b:7e:c1:
0d:65:9f:b6:08:ef:61:0f:72:6e:fb:97:2c:9c:05:79:99:73:
07:03:03:e0:96:1a:47:8a:a0:b1:0c:c6:f3:b3:a2:11:8b:fd:
49:82:98:16:87:96:94:ad:98:63:d0:b9:5e:09:62:d1:62:32:
dc:23:c2:73:34:93:af:85:5b:dc:60:24:46:28:2c:4a:ae:a5:
02:9d:9a:c8:c7:40:4c:b7:46:c3:54:69:0b:2e:b9:83:51:99:
04:7a:61:f5:b9:f8:ca:31:53:fa:6b:6d:ed:6f:d2:87:57:43:
01:12:ca:84
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEApv9rzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MmMwYmRhZmFkZWE3OGRjZTMxMmY4NjJkZGY0MmIxYmQ0YzRmNjQ1MB4XDTIyMDcw
MjIwMjMyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmE2ZDZhNmY1M2Vh
MGJkZjZmNzEwNWE3NGZhNmYwYjkwN2FlNTg5YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM6ECuGO7wTCstX+YrSjEfj/VX0IgsWNzIR6A2g/ml9eWzvj
qfmOWn7VjXxUbAZHWSXyykt5SlS+LITaCvIdiVrx27GhDxG+T5QFVeEV0VIhIxbK
7/sfnQ4QNpWjI5puOPqf7z4O2sfFIuOdtGVLdWb8KMziGVq3e6l00hCPCYJE8WUI
NlbxW92vd6R5QEtP+soOYX4mOJo7SenD2vDVfutnGEvAI6ZlSfHQ5/GnWvv0peMF
3fXwHGijBY2UPcgmaGCx6zQuwSwiKecuhioHYoLeT3hFAnE8iYgLUUNpLERhzTyY
ORjFJR6Au9fOaau1JIYy58m5YVpxZuMuglKzKHkCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBS6bWpvU+oL329xBadPpvC5B65YnDAfBgNVHSMEGDAWgBSywL2vrep43OMS
+GLd9Csb1MT2RTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NzQzlyNjNxZU56akV2aGkzZlFyRzlURTlrVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDgvMWYzNzEyLWNmMmMtNDg2ZS05NWIzLWZjYzMzNmVlZDhkNy8x
L3VtMXFiMVBxQzk5dmNRV25UNmJ3dVFldVdKdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDgv
MWYzNzEyLWNmMmMtNDg2ZS05NWIzLWZjYzMzNmVlZDhkNy8xL3NzQzlyNjNxZU56
akV2aGkzZlFyRzlURTlrVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEAC1eBAMEAS1eBgMEAMIdNzANBAIA
AjAHAwUDKhCfgDANBgkqhkiG9w0BAQsFAAOCAQEAHUDCQoZ5nFRvhWNQRZatBCL2
uhd0l5y270DftCweGCkT/cu2eRESv5PlXoiWHwWtZH/wmHRUtGRr0L13YGhab480
1x+8ViCWGGuuH7BwVU2hgApU/x7rTRrJaGRyA+DqLw/qMX2hIJBFmvKeu4g/N/+s
F01lq0y/yPj/OPUfl5h8NSndh8XszViky9btW37BDWWftgjvYQ9ybvuXLJwFeZlz
BwMD4JYaR4qgsQzG87OiEYv9SYKYFoeWlK2YY9C5Xgli0WIy3CPCczSTr4Vb3GAk
RigsSq6lAp2ayMdATLdGw1RpCy65g1GZBHph9bn4yjFT+mtt7W/Sh1dDARLKhA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:36 2024 by rpki-client on console-ams.rpki-client.org