Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/baPkZQ8uvia5n4WaSzIW1EIBTHM.roa
File: baPkZQ8uvia5n4WaSzIW1EIBTHM.roa (raw, json)
Hash identifier: AE3+LzG96XtfvO8htBRIp9YK1+k23TdV97npqM9lFxI=
Subject key identifier: 6D:A3:E4:65:0F:2E:BE:26:B9:9F:85:9A:4B:32:16:D4:42:01:4C:73
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 01831D061E0DDA8B46A6D188E89446C4A4DC
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/baPkZQ8uvia5n4WaSzIW1EIBTHM.roa
Signing time: Thu 08 Sep 2022 12:14:43 +0000
ROA not before: Thu 08 Sep 2022 12:14:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 398127
IP address blocks: 45.133.74.0/24 maxlen: 24
45.133.73.0/24 maxlen: 24
152.89.255.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:1d:06:1e:0d:da:8b:46:a6:d1:88:e8:94:46:c4:a4:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: Sep 8 12:14:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6da3e4650f2ebe26b99f859a4b3216d442014c73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:4c:a7:bc:cb:43:d5:ac:4e:0f:05:93:9b:c2:
cf:32:23:15:0a:0d:2f:db:cd:6e:20:02:e4:ef:fc:
7f:0e:ac:bd:c9:53:66:37:5f:3c:5f:5b:03:ab:5f:
87:41:1d:b1:6d:45:2e:79:d7:3b:46:b9:fe:5c:ea:
98:66:a0:ec:4b:52:31:5a:17:2b:0c:8e:d2:3f:a6:
4b:48:45:88:8f:2e:80:87:26:26:6e:7a:09:84:1f:
2d:af:13:07:36:16:37:8c:12:eb:fc:c2:a4:8d:dd:
69:cd:91:0d:77:bf:4d:c7:f2:34:42:c6:ed:27:84:
b1:4e:d5:ef:e9:51:1b:27:67:ce:5d:aa:74:ba:47:
38:7c:19:44:40:f7:eb:fc:9e:90:22:d5:d6:65:f6:
06:4c:c0:78:2b:fb:5f:b7:d5:0f:7a:98:d5:b8:44:
d0:7a:10:fe:28:86:5d:76:cc:c1:27:29:14:82:bc:
3c:d5:36:4f:7a:2c:16:da:1d:bf:41:0a:38:04:43:
2e:d9:d6:b1:70:09:e9:b9:e7:da:b3:a5:b6:81:f8:
af:93:2b:8c:7f:cf:28:de:9e:13:a2:94:7c:87:23:
6f:b8:9a:61:86:aa:0b:a6:c5:d7:e1:6c:34:ce:ef:
ef:e4:21:00:3b:21:ec:42:f5:4b:eb:ba:fe:dd:23:
7d:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:A3:E4:65:0F:2E:BE:26:B9:9F:85:9A:4B:32:16:D4:42:01:4C:73
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/baPkZQ8uvia5n4WaSzIW1EIBTHM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.133.73.0-45.133.74.255
152.89.255.0/24
Signature Algorithm: sha256WithRSAEncryption
01:8b:24:ce:99:14:bf:bd:e6:f9:9d:bc:a7:07:c5:a2:e8:47:
f7:bc:5b:99:d7:84:5a:aa:73:3f:ea:eb:2b:a7:29:6b:0e:f9:
6e:96:71:a7:09:f2:4a:8f:6e:90:ac:ce:7e:60:f0:8d:1f:03:
e3:1c:27:c2:fd:d4:d4:78:d6:c1:09:12:0c:67:47:6d:60:13:
62:cb:ae:6f:80:9e:b5:a5:72:66:f6:13:d6:b3:1d:2e:48:66:
e4:53:56:c8:0c:56:8c:47:64:e2:40:8a:8a:48:11:c6:65:52:
2c:3b:9e:a4:0a:57:a2:05:9f:9c:7e:a6:d3:f1:a9:9a:ab:fd:
64:47:8e:f9:c6:f3:d8:aa:42:bb:e2:ea:4e:21:c6:d9:ef:9e:
b7:5b:d1:7e:ab:68:85:9b:6f:79:f6:c5:d5:63:20:ea:f5:e4:
d4:63:e0:94:56:21:2f:b2:c4:f7:73:54:bb:33:cb:d0:55:d7:
16:e9:1a:f4:23:22:89:2f:71:ab:26:b8:3a:ec:eb:d7:fb:bd:
0b:fe:16:68:3f:fc:87:50:3d:45:dd:ca:84:63:1b:0f:d5:85:
08:b3:96:81:fd:55:b2:b9:32:12:04:40:1a:9d:e5:82:56:58:
41:ee:8a:70:08:9e:9d:fe:39:4e:6f:33:e1:68:aa:19:c0:40:
40:06:2e:a5
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYMdBh4N2otGptGI6JRGxKTcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjIwOTA4MTIxNDQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGEzZTQ2NTBmMmViZTI2Yjk5Zjg1OWE0YjMyMTZkNDQyMDE0YzczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlkynvMtD1axODwWTm8LPMiMVCg0v
281uIALk7/x/Dqy9yVNmN188X1sDq1+HQR2xbUUuedc7Rrn+XOqYZqDsS1IxWhcr
DI7SP6ZLSEWIjy6AhyYmbnoJhB8trxMHNhY3jBLr/MKkjd1pzZENd79Nx/I0Qsbt
J4SxTtXv6VEbJ2fOXap0ukc4fBlEQPfr/J6QItXWZfYGTMB4K/tft9UPepjVuETQ
ehD+KIZddszBJykUgrw81TZPeiwW2h2/QQo4BEMu2daxcAnpuefas6W2gfivkyuM
f88o3p4TopR8hyNvuJphhqoLpsXX4Ww0zu/v5CEAOyHsQvVL67r+3SN9FwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFG2j5GUPLr4muZ+FmksyFtRCAUxzMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvYmFQa1pROHV2aWE1bjRXYVN6SVcxRUlCVEhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAAthUkD
BAAthUoDBACYWf8wDQYJKoZIhvcNAQELBQADggEBAAGLJM6ZFL+95vmdvKcHxaLo
R/e8W5nXhFqqcz/q6yunKWsO+W6WcacJ8kqPbpCszn5g8I0fA+McJ8L91NR41sEJ
EgxnR21gE2LLrm+AnrWlcmb2E9azHS5IZuRTVsgMVoxHZOJAiopIEcZlUiw7nqQK
V6IFn5x+ptPxqZqr/WRHjvnG89iqQrvi6k4hxtnvnrdb0X6raIWbb3n2xdVjIOr1
5NRj4JRWIS+yxPdzVLszy9BV1xbpGvQjIokvcasmuDrs69f7vQv+Fmg//IdQPUXd
yoRjGw/VhQizloH9VbK5MhIEQBqd5YJWWEHuinAInp3+OU5vM+FoqhnAQEAGLqU=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:19 2023 by rpki-client on console-ams.rpki-client.org