Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/604346-c97c-4097-8997-55c3d129ec28/1/jhDfSsh60OpZ6UGOWfOdTucCP9Q.roa
File: jhDfSsh60OpZ6UGOWfOdTucCP9Q.roa (raw, json)
Hash identifier: 6i9HFfxrPvgj7GfefFsbo0K15GORLWLomHwTiW/fmd0=
Subject key identifier: 8E:10:DF:4A:C8:7A:D0:EA:59:E9:41:8E:59:F3:9D:4E:E7:02:3F:D4
Certificate issuer: /CN=646579561eca5879a747025e5798487b19cd2a97
Certificate serial: 0184D2A7286C03A01644E0A02D09D492F367
Authority key identifier: 64:65:79:56:1E:CA:58:79:A7:47:02:5E:57:98:48:7B:19:CD:2A:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZGV5Vh7KWHmnRwJeV5hIexnNKpc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/604346-c97c-4097-8997-55c3d129ec28/1/jhDfSsh60OpZ6UGOWfOdTucCP9Q.roa
Signing time: Fri 02 Dec 2022 11:44:40 +0000
ROA not before: Fri 02 Dec 2022 11:44:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 14618
IP address blocks: 45.146.157.0/24 maxlen: 24
45.146.158.0/24 maxlen: 24
45.146.156.0/24 maxlen: 24
45.146.159.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:d2:a7:28:6c:03:a0:16:44:e0:a0:2d:09:d4:92:f3:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=646579561eca5879a747025e5798487b19cd2a97
Validity
Not Before: Dec 2 11:44:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8e10df4ac87ad0ea59e9418e59f39d4ee7023fd4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:50:5a:4b:46:8e:2a:6a:d6:4b:4b:11:2e:89:
be:32:ea:c4:0b:08:b2:eb:62:dc:85:ed:4b:c2:22:
0c:5c:a5:d1:4d:eb:43:5d:81:c9:49:b5:f0:7d:f1:
8f:20:09:e6:77:7c:75:86:b3:68:51:10:35:80:d1:
f7:0f:eb:72:be:d2:c9:18:5e:7d:fb:f9:ab:16:98:
47:a9:36:c4:90:df:42:45:b1:e0:92:fe:e0:39:a9:
79:3c:c3:76:a7:45:6b:1f:2e:c3:d4:d0:7a:4f:b1:
64:40:e7:49:f2:01:b9:46:4a:33:70:ed:81:f7:44:
a9:58:60:92:57:01:ee:c5:11:ae:98:47:84:18:91:
cf:78:39:64:d0:4c:48:e1:79:9c:ec:47:e1:e0:e1:
09:38:9b:3c:53:54:ee:25:cf:fd:f9:c6:62:60:02:
df:36:fc:a7:8c:a9:0a:b9:3f:75:4a:14:ec:cb:9e:
d1:c4:f4:58:59:71:95:fe:d0:a2:3a:9e:5d:21:80:
ca:98:49:34:f9:96:47:77:17:6f:06:a0:37:6c:12:
a8:a2:8c:bb:a8:28:27:e1:08:6b:7b:98:ab:f2:3d:
67:d2:87:38:71:6d:fe:61:f7:53:8b:11:a0:74:59:
3d:1a:d3:d5:84:54:17:24:28:5f:4b:03:25:5e:80:
82:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:10:DF:4A:C8:7A:D0:EA:59:E9:41:8E:59:F3:9D:4E:E7:02:3F:D4
X509v3 Authority Key Identifier:
keyid:64:65:79:56:1E:CA:58:79:A7:47:02:5E:57:98:48:7B:19:CD:2A:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZGV5Vh7KWHmnRwJeV5hIexnNKpc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/604346-c97c-4097-8997-55c3d129ec28/1/jhDfSsh60OpZ6UGOWfOdTucCP9Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/604346-c97c-4097-8997-55c3d129ec28/1/ZGV5Vh7KWHmnRwJeV5hIexnNKpc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.156.0/22
Signature Algorithm: sha256WithRSAEncryption
b7:d0:ed:0a:fe:10:52:07:bf:b1:cb:9a:4f:d1:c7:77:c6:f3:
7c:52:1e:5b:78:4a:79:34:f8:fa:2a:81:2e:b7:ee:2a:76:4e:
18:c2:8f:80:23:bb:4d:41:44:7e:00:57:60:1d:26:42:ec:17:
8b:28:a5:f3:99:2c:55:36:28:2e:81:80:b6:7e:a0:64:ea:c0:
e4:d9:02:19:ed:18:05:f7:f0:a1:31:64:c1:80:f4:b1:6f:75:
94:a2:ab:d2:37:03:43:72:a1:a3:15:de:52:83:fc:c8:3f:99:
0e:68:da:ab:cb:f1:95:a4:bf:73:6c:c2:1d:9a:11:de:d8:5b:
4b:3f:1a:1f:43:43:5d:e7:a5:87:e0:0c:f7:c6:04:18:4d:bc:
51:9c:1e:a7:47:00:67:a7:0b:12:ad:32:d6:dc:2b:2f:77:02:
08:b4:43:4d:4f:19:54:0f:b2:64:16:5b:66:12:e7:a1:36:79:
a3:7b:2d:f2:5b:cb:fa:19:89:6f:e5:d6:9c:0e:3b:da:f1:40:
35:8d:84:77:a2:f6:da:25:fd:0b:c3:06:6b:95:8d:b6:ab:ad:
99:0f:55:26:fc:11:aa:20:63:c4:5c:0c:c2:96:46:17:d2:ff:
81:41:19:f9:7b:ef:2e:c9:37:21:a9:14:61:4e:39:37:2e:09:
1c:b3:3f:a1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYTSpyhsA6AWROCgLQnUkvNnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0NjU3OTU2MWVjYTU4NzlhNzQ3MDI1ZTU3OTg0ODdiMTlj
ZDJhOTcwHhcNMjIxMjAyMTE0NDQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTEwZGY0YWM4N2FkMGVhNTllOTQxOGU1OWYzOWQ0ZWU3MDIzZmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsVBaS0aOKmrWS0sRLom+MurECwiy
62Lche1LwiIMXKXRTetDXYHJSbXwffGPIAnmd3x1hrNoURA1gNH3D+tyvtLJGF59
+/mrFphHqTbEkN9CRbHgkv7gOal5PMN2p0VrHy7D1NB6T7FkQOdJ8gG5RkozcO2B
90SpWGCSVwHuxRGumEeEGJHPeDlk0ExI4Xmc7Efh4OEJOJs8U1TuJc/9+cZiYALf
NvynjKkKuT91ShTsy57RxPRYWXGV/tCiOp5dIYDKmEk0+ZZHdxdvBqA3bBKoooy7
qCgn4Qhre5ir8j1n0oc4cW3+YfdTixGgdFk9GtPVhFQXJChfSwMlXoCCJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI4Q30rIetDqWelBjlnznU7nAj/UMB8GA1UdIwQY
MBaAFGRleVYeylh5p0cCXleYSHsZzSqXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkdWNVZoN0tXSG1uUndKZVY1aElleG5OS3BjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi82MDQzNDYtYzk3Yy00MDk3LTg5OTct
NTVjM2QxMjllYzI4LzEvamhEZlNzaDYwT3BaNlVHT1dmT2RUdWNDUDlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi82MDQzNDYtYzk3Yy00MDk3LTg5OTctNTVjM2QxMjllYzI4
LzEvWkdWNVZoN0tXSG1uUndKZVY1aElleG5OS3BjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZKcMA0G
CSqGSIb3DQEBCwUAA4IBAQC30O0K/hBSB7+xy5pP0cd3xvN8Uh5beEp5NPj6KoEu
t+4qdk4Ywo+AI7tNQUR+AFdgHSZC7BeLKKXzmSxVNigugYC2fqBk6sDk2QIZ7RgF
9/ChMWTBgPSxb3WUoqvSNwNDcqGjFd5Sg/zIP5kOaNqry/GVpL9zbMIdmhHe2FtL
PxofQ0Nd56WH4Az3xgQYTbxRnB6nRwBnpwsSrTLW3CsvdwIItENNTxlUD7JkFltm
EuehNnmjey3yW8v6GYlv5dacDjva8UA1jYR3ovbaJf0LwwZrlY22q62ZD1Um/BGq
IGPEXAzClkYX0v+BQRn5e+8uyTchqRRhTjk3Lgkcsz+h
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:16 2024 by rpki-client on console-ams.rpki-client.org