Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/c4073a-923b-4ecf-9566-4d777cacd9a4/1/lV9UedGBZt7oMmtv379SFkx8VXs.roa
File: lV9UedGBZt7oMmtv379SFkx8VXs.roa (raw, json)
Hash identifier: 5QcKSlgZaUuIvqj09y+CofZLorwmEGTkxOZyn/UEQMg=
Subject key identifier: 95:5F:54:79:D1:81:66:DE:E8:32:6B:6F:DF:BF:52:16:4C:7C:55:7B
Certificate issuer: /CN=93a229e266b2558899f3547ee63d84ed6594768b
Certificate serial: 0182F3ECB35F92C350CFF726F25E2859A34B
Authority key identifier: 93:A2:29:E2:66:B2:55:88:99:F3:54:7E:E6:3D:84:ED:65:94:76:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k6Ip4mayVYiZ81R-5j2E7WWUdos.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/c4073a-923b-4ecf-9566-4d777cacd9a4/1/lV9UedGBZt7oMmtv379SFkx8VXs.roa
Signing time: Wed 31 Aug 2022 12:42:31 +0000
ROA not before: Wed 31 Aug 2022 12:42:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48357
IP address blocks: 45.88.202.0/24 maxlen: 24
2a0c:2c41:1000::/48 maxlen: 48
2a0c:2c40::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:f3:ec:b3:5f:92:c3:50:cf:f7:26:f2:5e:28:59:a3:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93a229e266b2558899f3547ee63d84ed6594768b
Validity
Not Before: Aug 31 12:42:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=955f5479d18166dee8326b6fdfbf52164c7c557b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:91:26:24:b1:72:d2:f3:9b:6b:ee:f8:eb:a5:
d1:1d:72:98:42:ff:bb:87:24:3f:7b:24:d7:dd:8c:
4d:1e:82:9e:ce:a5:6c:88:8b:91:f5:47:dc:b6:44:
1d:e3:5c:27:53:93:a7:ca:aa:10:f4:9f:59:fe:40:
07:88:0c:0a:d6:d1:12:0a:1f:b4:4e:2b:8b:c2:40:
d6:be:eb:e9:f9:6f:4f:22:df:20:ce:2b:19:16:b1:
80:2c:3d:c9:fa:e0:48:5c:ba:81:8b:e6:00:2a:99:
a2:55:8a:20:55:24:ab:dc:cf:cc:71:3f:21:0e:b5:
65:87:7f:d7:97:d1:5b:0f:8b:13:c2:30:d2:3c:c2:
0d:f2:d3:56:59:6b:c9:cc:a1:2e:d7:2b:30:8d:78:
6f:c0:2b:4e:95:8b:25:a6:ba:5a:a3:e7:dc:0a:14:
4d:70:46:85:74:3d:c6:5a:ba:e1:87:b9:f4:15:70:
dc:5e:cf:83:ab:ff:b0:e8:1f:f3:79:ae:5c:ee:53:
96:70:81:46:24:1d:7a:ec:9a:b8:c6:eb:b9:be:9c:
ab:fc:42:44:f6:09:7f:f8:9a:5f:72:45:0a:6d:03:
9b:cd:3a:38:8f:08:72:36:c2:5c:9e:c6:20:49:ea:
a0:58:b0:5e:06:46:18:aa:5d:1b:7c:23:59:26:1e:
25:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:5F:54:79:D1:81:66:DE:E8:32:6B:6F:DF:BF:52:16:4C:7C:55:7B
X509v3 Authority Key Identifier:
keyid:93:A2:29:E2:66:B2:55:88:99:F3:54:7E:E6:3D:84:ED:65:94:76:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k6Ip4mayVYiZ81R-5j2E7WWUdos.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/c4073a-923b-4ecf-9566-4d777cacd9a4/1/lV9UedGBZt7oMmtv379SFkx8VXs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/c4073a-923b-4ecf-9566-4d777cacd9a4/1/k6Ip4mayVYiZ81R-5j2E7WWUdos.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.202.0/24
IPv6:
2a0c:2c40::/32
2a0c:2c41:1000::/48
Signature Algorithm: sha256WithRSAEncryption
1e:a1:f2:b1:75:4c:44:d1:5f:2d:71:52:9f:b6:46:1e:8e:64:
30:4b:e1:ba:d7:80:8f:da:13:3a:05:01:1c:1e:d0:f7:cc:2d:
d0:e4:1f:00:ba:0f:b5:85:5b:74:7e:0c:93:c0:40:a4:16:5a:
01:e9:28:2f:b9:8e:e5:b4:52:da:50:45:4d:b8:c8:d9:43:70:
7d:19:6b:8e:e7:4d:4f:aa:9a:6d:cb:a9:fd:c6:89:37:c5:15:
2a:6d:2d:1d:a1:f4:d3:25:9f:26:8d:58:9b:71:44:7b:3e:f7:
01:eb:78:44:01:8b:cf:61:b2:3c:14:00:d5:89:1d:c0:47:2a:
83:48:43:8a:1e:da:95:f6:0d:b3:69:34:1f:c0:d2:43:d6:d1:
4c:aa:1d:ca:db:41:49:e5:03:65:fa:65:03:fe:9a:61:c8:09:
f9:54:c1:50:0a:b2:ef:b7:dc:34:6d:ff:55:84:33:a6:42:9f:
01:eb:19:63:a4:48:f4:bc:47:ce:7a:1c:18:9b:26:cc:1b:97:
2a:a7:cf:36:e1:52:68:73:f9:9e:23:09:d2:af:fc:f0:d0:3d:
db:1e:c9:fd:25:09:ef:fa:50:72:9f:9e:a3:22:9b:a6:ed:1d:
da:5f:ac:18:89:8f:62:0e:10:f0:63:6b:fc:2b:aa:a3:08:75:
a3:2a:0f:84
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYLz7LNfksNQz/cm8l4oWaNLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzYTIyOWUyNjZiMjU1ODg5OWYzNTQ3ZWU2M2Q4NGVkNjU5
NDc2OGIwHhcNMjIwODMxMTI0MjMxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTVmNTQ3OWQxODE2NmRlZTgzMjZiNmZkZmJmNTIxNjRjN2M1NTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmpEmJLFy0vOba+7466XRHXKYQv+7
hyQ/eyTX3YxNHoKezqVsiIuR9UfctkQd41wnU5OnyqoQ9J9Z/kAHiAwK1tESCh+0
TiuLwkDWvuvp+W9PIt8gzisZFrGALD3J+uBIXLqBi+YAKpmiVYogVSSr3M/McT8h
DrVlh3/Xl9FbD4sTwjDSPMIN8tNWWWvJzKEu1yswjXhvwCtOlYslprpao+fcChRN
cEaFdD3GWrrhh7n0FXDcXs+Dq/+w6B/zea5c7lOWcIFGJB167Jq4xuu5vpyr/EJE
9gl/+JpfckUKbQObzTo4jwhyNsJcnsYgSeqgWLBeBkYYql0bfCNZJh4l9QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJVfVHnRgWbe6DJrb9+/UhZMfFV7MB8GA1UdIwQY
MBaAFJOiKeJmslWImfNUfuY9hO1llHaLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazZJcDRtYXlWWWlaODFSLTVqMkU3V1dVZG9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC9jNDA3M2EtOTIzYi00ZWNmLTk1NjYt
NGQ3NzdjYWNkOWE0LzEvbFY5VWVkR0JadDdvTW10djM3OVNGa3g4VlhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC9jNDA3M2EtOTIzYi00ZWNmLTk1NjYtNGQ3NzdjYWNkOWE0
LzEvazZJcDRtYXlWWWlaODFSLTVqMkU3V1dVZG9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAMBAIAATAGAwQALVjKMBYE
AgACMBADBQAqDCxAAwcAKgwsQRAAMA0GCSqGSIb3DQEBCwUAA4IBAQAeofKxdUxE
0V8tcVKftkYejmQwS+G614CP2hM6BQEcHtD3zC3Q5B8Aug+1hVt0fgyTwECkFloB
6SgvuY7ltFLaUEVNuMjZQ3B9GWuO501Pqppty6n9xok3xRUqbS0dofTTJZ8mjVib
cUR7PvcB63hEAYvPYbI8FADViR3ARyqDSEOKHtqV9g2zaTQfwNJD1tFMqh3K20FJ
5QNl+mUD/pphyAn5VMFQCrLvt9w0bf9VhDOmQp8B6xljpEj0vEfOehwYmybMG5cq
p8824VJoc/meIwnSr/zw0D3bHsn9JQnv+lByn56jIpum7R3aX6wYiY9iDhDwY2v8
K6qjCHWjKg+E
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:21 2024 by rpki-client on console-fra.rpki-client.org