Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/RU0fLJqwi28kcHC_G07ZSAlqSXk.roa
File: RU0fLJqwi28kcHC_G07ZSAlqSXk.roa (raw, json)
Hash identifier: jPH92OctE62s3HPaMa040/OdikJy0eyuFhL+/8SbhOI=
Subject key identifier: 45:4D:1F:2C:9A:B0:8B:6F:24:70:70:BF:1B:4E:D9:48:09:6A:49:79
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 0182024C97574AD04F0048BD5593A8F66B49
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/RU0fLJqwi28kcHC_G07ZSAlqSXk.roa
Signing time: Fri 15 Jul 2022 14:39:10 +0000
ROA not before: Fri 15 Jul 2022 14:39:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213250
IP address blocks: 45.89.124.0/23 maxlen: 23
45.89.126.0/23 maxlen: 23
212.87.212.0/23 maxlen: 23
45.13.224.0/23 maxlen: 23
5.182.206.0/23 maxlen: 23
5.182.204.0/23 maxlen: 23
45.131.66.0/23 maxlen: 23
194.15.36.0/24 maxlen: 24
2.56.245.0/24 maxlen: 24
5.252.103.0/24 maxlen: 24
5.252.100.0/22 maxlen: 22
5.252.100.0/24 maxlen: 24
5.252.101.0/24 maxlen: 24
5.252.102.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:02:4c:97:57:4a:d0:4f:00:48:bd:55:93:a8:f6:6b:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: Jul 15 14:39:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=454d1f2c9ab08b6f247070bf1b4ed948096a4979
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:c9:83:90:6f:93:4e:da:c6:b7:9e:50:c4:1b:
30:ed:23:bb:16:ed:ac:71:98:9d:68:37:e0:4a:c7:
46:83:69:dc:39:0b:8b:19:a6:86:4b:78:7e:05:d8:
1d:93:b8:ef:a3:c9:8c:7e:32:e4:e1:60:db:9a:63:
cb:48:56:e4:19:f7:64:20:a7:e0:a6:f1:bb:de:8c:
78:28:59:ea:c6:dd:db:6a:b5:32:86:c0:0c:d2:c2:
7b:cd:5f:d7:35:a8:d6:74:b1:48:f0:a9:d8:84:de:
1a:84:dc:4a:f6:fa:76:d4:c5:7e:10:0f:db:5d:da:
16:f5:29:b4:76:79:43:98:d2:94:c0:ca:3a:60:82:
f6:3f:ea:ac:c5:c4:78:4c:34:59:30:c1:ed:bd:3f:
26:e3:16:c3:3b:a2:c2:01:fc:99:39:ba:49:1a:64:
93:00:93:bd:59:61:89:d9:5a:cc:df:60:71:0a:b2:
fa:c7:a4:0e:90:a1:04:6c:03:96:72:13:b3:32:8d:
2a:85:f6:aa:0b:08:bd:cf:e5:c1:0a:b2:ed:7d:e2:
a6:63:4f:6c:14:de:bb:e1:ec:7a:23:ec:81:ff:ba:
97:01:2a:9e:84:88:e7:f1:8b:81:a4:15:09:20:6b:
b0:a6:75:c3:5c:5d:6e:1e:d9:3e:84:a2:0b:2b:8f:
6d:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:4D:1F:2C:9A:B0:8B:6F:24:70:70:BF:1B:4E:D9:48:09:6A:49:79
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/RU0fLJqwi28kcHC_G07ZSAlqSXk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.245.0/24
5.182.204.0/22
5.252.100.0/22
45.13.224.0/23
45.89.124.0/22
45.131.66.0/23
194.15.36.0/24
212.87.212.0/23
Signature Algorithm: sha256WithRSAEncryption
6b:05:21:33:68:d5:9f:c5:51:d3:74:98:1a:d8:64:81:d5:a9:
a0:b0:d0:72:29:4f:5e:ae:ca:6b:41:5b:48:a1:49:c9:8b:ee:
73:59:33:ed:e3:a9:18:84:7e:29:aa:72:6d:8f:7e:ac:7d:e4:
1b:1d:38:c1:5b:fd:e4:96:82:ce:a1:81:5c:83:90:a5:cb:c7:
4e:72:d4:3a:29:ca:58:b0:d1:52:bb:71:00:e4:ab:0d:3d:b0:
7e:4e:bf:65:01:7a:d3:01:41:89:2b:30:67:44:31:ff:07:4f:
77:63:b6:d4:ac:c3:93:56:fb:2c:1a:5b:be:c6:28:95:8e:a6:
be:5b:20:e4:7f:ac:b8:3d:85:6f:2b:90:fc:1f:2b:ed:7f:f7:
21:ee:6f:e1:cb:2c:6a:b9:40:06:fc:62:07:84:27:29:01:43:
d9:b5:17:f3:6e:f7:7f:d6:5b:32:87:37:c5:87:bd:8d:f2:28:
22:9c:88:9b:19:bd:22:13:64:97:f0:68:57:3a:ca:09:b0:fb:
35:61:2b:2f:e4:d2:e2:5c:70:fd:96:2b:3d:a4:b0:81:97:d6:
39:52:e8:4c:ad:12:63:cd:fd:6c:e6:73:43:1b:8a:d5:1f:6d:
f2:b9:76:20:a1:aa:b4:d8:b3:d4:43:6a:90:ea:5b:0a:eb:22:
7e:78:55:19
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYICTJdXStBPAEi9VZOo9mtJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjIwNzE1MTQzOTEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTRkMWYyYzlhYjA4YjZmMjQ3MDcwYmYxYjRlZDk0ODA5NmE0OTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAocmDkG+TTtrGt55QxBsw7SO7Fu2s
cZidaDfgSsdGg2ncOQuLGaaGS3h+Bdgdk7jvo8mMfjLk4WDbmmPLSFbkGfdkIKfg
pvG73ox4KFnqxt3barUyhsAM0sJ7zV/XNajWdLFI8KnYhN4ahNxK9vp21MV+EA/b
XdoW9Sm0dnlDmNKUwMo6YIL2P+qsxcR4TDRZMMHtvT8m4xbDO6LCAfyZObpJGmST
AJO9WWGJ2VrM32BxCrL6x6QOkKEEbAOWchOzMo0qhfaqCwi9z+XBCrLtfeKmY09s
FN674ex6I+yB/7qXASqehIjn8YuBpBUJIGuwpnXDXF1uHtk+hKILK49tGwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFEVNHyyasItvJHBwvxtO2UgJakl5MB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvUlUwZkxKcXdpMjhrY0hDX0cwN1pTQWxxU1hrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAAjj1AwQC
BbbMAwQCBfxkAwQBLQ3gAwQCLVl8AwQBLYNCAwQAwg8kAwQB1FfUMA0GCSqGSIb3
DQEBCwUAA4IBAQBrBSEzaNWfxVHTdJga2GSB1amgsNByKU9ersprQVtIoUnJi+5z
WTPt46kYhH4pqnJtj36sfeQbHTjBW/3kloLOoYFcg5Cly8dOctQ6KcpYsNFSu3EA
5KsNPbB+Tr9lAXrTAUGJKzBnRDH/B093Y7bUrMOTVvssGlu+xiiVjqa+WyDkf6y4
PYVvK5D8Hyvtf/ch7m/hyyxquUAG/GIHhCcpAUPZtRfzbvd/1lsyhzfFh72N8igi
nIibGb0iE2SX8GhXOsoJsPs1YSsv5NLiXHD9lis9pLCBl9Y5UuhMrRJjzf1s5nND
G4rVH23yuXYgoaq02LPUQ2qQ6lsK6yJ+eFUZ
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:19 2023 by rpki-client on console-ams.rpki-client.org