Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/3t2MZbj_us9iONF_4jyoWgjeS7Y.roa
File: 3t2MZbj_us9iONF_4jyoWgjeS7Y.roa (raw, json)
Hash identifier: 2CQhX5UPSav3L6e6b3mAVSw2gVwHRUTFIUVmeoW+wG8=
Subject key identifier: DE:DD:8C:65:B8:FF:BA:CF:62:38:D1:7F:E2:3C:A8:5A:08:DE:4B:B6
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 018361429A9F41E38A9E76B7971B5E4B19D9
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/3t2MZbj_us9iONF_4jyoWgjeS7Y.roa
Signing time: Wed 21 Sep 2022 18:14:58 +0000
ROA not before: Wed 21 Sep 2022 18:14:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212477
IP address blocks: 45.140.140.0/22 maxlen: 24
45.140.188.0/22 maxlen: 24
45.137.204.0/23 maxlen: 24
45.137.206.0/23 maxlen: 24
45.140.212.0/23 maxlen: 24
2a07:e345:100::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:61:42:9a:9f:41:e3:8a:9e:76:b7:97:1b:5e:4b:19:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Sep 21 18:14:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dedd8c65b8ffbacf6238d17fe23ca85a08de4bb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:f3:75:0d:22:6a:dc:54:b5:d2:43:3e:4a:55:
d7:5c:ce:9c:63:30:9b:07:d0:7c:54:c9:fb:13:a3:
be:f7:f4:96:f1:33:e9:91:5e:61:36:3b:91:2b:5f:
13:ac:66:bb:b0:f6:d9:22:0e:92:51:aa:7d:a6:7e:
6c:da:93:9f:82:c1:93:b3:32:8d:91:83:22:22:53:
e0:ea:70:14:06:04:7b:2c:2a:d5:87:41:a2:1b:96:
8a:27:b4:5a:2d:aa:27:f1:89:49:fa:15:e6:bb:3b:
10:96:32:ea:d4:16:c7:44:40:6f:57:93:88:3b:7f:
ea:19:c9:48:59:88:a2:0b:9a:91:dd:74:1d:d6:ba:
94:a1:aa:47:95:0c:17:a4:fa:a9:de:b5:f9:7a:06:
8c:9c:c2:9c:6f:99:8b:a4:62:5e:a9:ff:f9:cc:97:
60:d2:4b:43:2a:36:8e:3b:31:58:12:57:fc:da:6e:
8d:a1:4f:b7:52:bc:7f:6c:c1:09:79:6d:10:23:df:
63:87:fb:6d:da:06:2d:e7:a9:be:f1:d4:b5:b4:5f:
20:da:9e:7b:e6:58:ac:4c:70:f1:52:4c:4c:af:5c:
6c:b0:c0:48:1a:7f:53:97:99:ce:cf:83:c8:b5:47:
fa:d1:07:62:97:fa:da:46:ba:6a:f6:47:16:9a:8b:
64:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:DD:8C:65:B8:FF:BA:CF:62:38:D1:7F:E2:3C:A8:5A:08:DE:4B:B6
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/3t2MZbj_us9iONF_4jyoWgjeS7Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.204.0/22
45.140.140.0/22
45.140.188.0/22
45.140.212.0/23
IPv6:
2a07:e345:100::/40
Signature Algorithm: sha256WithRSAEncryption
16:49:90:37:99:fe:a6:63:c2:13:9b:bf:15:f8:7d:43:85:93:
fd:5c:3f:9f:27:c6:81:79:f7:af:05:75:f0:35:3e:ee:b8:b7:
0f:b1:64:22:81:3a:a1:24:7d:c7:52:74:5d:a1:0d:ce:92:3c:
b0:92:5b:79:fe:99:6d:47:af:e3:79:c3:02:a6:6c:f2:d1:0d:
77:23:7b:22:8d:93:88:d9:5c:36:0b:89:a1:35:09:c8:19:b3:
d1:e7:d2:4f:35:51:09:3d:e3:4c:98:c5:b0:f9:1c:b2:c3:8e:
1e:95:14:1a:f6:0f:4f:49:b0:b9:d5:22:01:17:bb:93:52:3b:
5b:fc:26:ee:ea:41:92:29:06:6e:63:9b:96:da:0f:2f:48:58:
11:b1:1e:be:8f:35:4f:1d:60:90:c0:1a:b7:1f:18:4d:6d:fd:
2a:b6:2c:de:56:36:02:f0:53:13:e3:6a:e9:9e:67:53:c3:75:
d6:0d:c9:07:0f:97:f1:41:4a:b2:f6:02:ec:12:74:f0:d2:19:
db:eb:0d:2e:8f:d9:98:ba:82:28:35:ab:09:a4:88:c0:9c:16:
5e:43:ab:40:3a:f0:a7:84:6b:ab:dc:79:76:29:81:3e:7e:89:
85:6f:c2:27:71:50:03:9c:a5:04:d3:c0:5a:72:00:53:2a:63:
71:56:84:27
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYNhQpqfQeOKnna3lxteSxnZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjIwOTIxMTgxNDU4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWRkOGM2NWI4ZmZiYWNmNjIzOGQxN2ZlMjNjYTg1YTA4ZGU0YmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr/N1DSJq3FS10kM+SlXXXM6cYzCb
B9B8VMn7E6O+9/SW8TPpkV5hNjuRK18TrGa7sPbZIg6SUap9pn5s2pOfgsGTszKN
kYMiIlPg6nAUBgR7LCrVh0GiG5aKJ7RaLaon8YlJ+hXmuzsQljLq1BbHREBvV5OI
O3/qGclIWYiiC5qR3XQd1rqUoapHlQwXpPqp3rX5egaMnMKcb5mLpGJeqf/5zJdg
0ktDKjaOOzFYElf82m6NoU+3Urx/bMEJeW0QI99jh/tt2gYt56m+8dS1tF8g2p57
5lisTHDxUkxMr1xssMBIGn9Tl5nOz4PItUf60Qdil/raRrpq9kcWmotkNQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFN7djGW4/7rPYjjRf+I8qFoI3ku2MB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvM3QyTVpial91czlpT05GXzRqeW9XZ2plUzdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAeBAIAATAYAwQCLYnMAwQC
LYyMAwQCLYy8AwQBLYzUMA4EAgACMAgDBgAqB+NFATANBgkqhkiG9w0BAQsFAAOC
AQEAFkmQN5n+pmPCE5u/Ffh9Q4WT/Vw/nyfGgXn3rwV18DU+7ri3D7FkIoE6oSR9
x1J0XaENzpI8sJJbef6ZbUev43nDAqZs8tENdyN7Io2TiNlcNguJoTUJyBmz0efS
TzVRCT3jTJjFsPkcssOOHpUUGvYPT0mwudUiARe7k1I7W/wm7upBkikGbmObltoP
L0hYEbEevo81Tx1gkMAatx8YTW39KrYs3lY2AvBTE+Nq6Z5nU8N11g3JBw+X8UFK
svYC7BJ08NIZ2+sNLo/ZmLqCKDWrCaSIwJwWXkOrQDrwp4Rrq9x5dimBPn6JhW/C
J3FQA5ylBNPAWnIAUypjcVaEJw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:24 2023 by rpki-client on console-ams.rpki-client.org