Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/aAlUADaSL8h3-HXHkJJBXjKWKA0.roa
File: aAlUADaSL8h3-HXHkJJBXjKWKA0.roa (raw, json)
Hash identifier: eFYM4En2+fqZv8upZutzTfRnI915M2ZAg0g5MvNxbB0=
Subject key identifier: 68:09:54:00:36:92:2F:C8:77:F8:75:C7:90:92:41:5E:32:96:28:0D
Certificate issuer: /CN=dcef58d4cfa35543f8488a2756e6924e647b4589
Certificate serial: 05A66D90
Authority key identifier: DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/aAlUADaSL8h3-HXHkJJBXjKWKA0.roa
Signing time: Sat 01 Jan 2022 07:04:07 +0000
ROA not before: Sat 01 Jan 2022 07:04:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206382
IP address blocks: 45.88.172.0/23 maxlen: 23
45.88.174.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 94793104 (0x5a66d90)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dcef58d4cfa35543f8488a2756e6924e647b4589
Validity
Not Before: Jan 1 07:04:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6809540036922fc877f875c79092415e3296280d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:5c:b9:30:c9:da:8a:a8:f2:6e:29:1c:e5:76:
cc:de:fb:a8:97:72:e1:bc:e2:13:ed:3f:da:07:76:
b0:ca:70:09:c6:57:8e:7c:eb:ce:44:cc:61:1c:90:
72:36:c9:f9:af:02:c3:38:ca:1b:3d:e5:fe:d3:88:
d0:f4:b6:60:cb:8b:10:f0:e7:7d:9e:1b:0b:05:5a:
b4:fe:26:cc:de:27:79:f5:f6:79:c2:c5:97:52:75:
a4:8e:3a:1e:35:29:54:97:4c:58:80:cc:53:83:68:
d9:65:a1:94:d3:6f:36:8e:4a:05:06:97:5c:64:9a:
25:9f:69:11:7f:e9:ca:4d:11:6d:98:b4:52:32:84:
fe:46:17:42:d7:1f:75:d7:d0:d7:9a:21:cc:07:ef:
6d:a2:8a:e8:9c:8d:21:ac:e9:1b:cd:d6:02:a0:c9:
4f:73:62:40:5f:4d:37:66:07:29:1d:7e:ce:11:79:
08:78:d7:14:b9:47:cf:46:96:42:8d:8d:19:de:d2:
d3:8a:92:0c:d7:07:04:a8:e1:fe:3e:b2:3c:19:a0:
73:93:75:ba:6e:86:4c:af:65:95:a2:a6:de:3f:81:
4b:d8:62:6b:9b:de:bc:f8:56:8b:a8:75:71:fa:5a:
8d:af:0f:5f:9d:3a:c3:c0:8e:14:42:9e:64:ec:93:
7a:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:09:54:00:36:92:2F:C8:77:F8:75:C7:90:92:41:5E:32:96:28:0D
X509v3 Authority Key Identifier:
keyid:DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/aAlUADaSL8h3-HXHkJJBXjKWKA0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/3O9Y1M-jVUP4SIonVuaSTmR7RYk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.172.0/22
Signature Algorithm: sha256WithRSAEncryption
65:b2:0d:09:e8:c9:28:a1:a7:52:9b:6e:3f:d6:99:6c:85:83:
30:59:6e:27:ef:9c:72:37:4f:e0:43:87:89:9a:93:35:fa:34:
c6:51:1a:db:ca:73:a2:37:9c:6e:18:7e:cd:18:b6:b9:4a:7d:
6b:3b:d2:d4:b2:e3:60:23:49:03:72:ac:6b:24:7c:3a:df:3a:
b6:b9:0d:f8:b8:72:22:41:9f:66:8c:81:7f:c7:ed:0f:e2:c1:
75:75:9c:1f:de:18:55:50:8e:6c:24:83:04:58:49:21:81:85:
a0:f2:27:7d:01:bb:a0:83:af:09:0a:59:aa:83:f0:f6:19:7a:
82:c1:56:b3:1b:f9:52:4d:4d:b1:32:ec:48:a2:86:e7:3f:6f:
a7:a7:0d:5a:91:ab:9e:14:7f:fb:c6:38:81:38:65:24:bc:d6:
2d:d6:52:35:a0:dc:f4:00:b2:0f:84:31:7b:6c:b6:b9:2f:9d:
03:f0:b3:03:c8:a2:4b:f3:d7:56:a8:79:3e:5a:da:dd:3e:7b:
1f:d3:50:e7:6c:96:f1:79:3d:16:e7:97:9b:91:e0:86:e7:09:
a1:09:de:d7:2f:12:1a:ca:da:30:06:70:9e:64:00:96:1f:ff:
38:70:09:16:74:a0:fa:d3:6c:51:01:1b:d4:40:84:08:3d:ca:
29:bc:74:6c
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBaZtkDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
Y2VmNThkNGNmYTM1NTQzZjg0ODhhMjc1NmU2OTI0ZTY0N2I0NTg5MB4XDTIyMDEw
MTA3MDQwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjgwOTU0MDAzNjky
MmZjODc3Zjg3NWM3OTA5MjQxNWUzMjk2MjgwZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALNcuTDJ2oqo8m4pHOV2zN77qJdy4bziE+0/2gd2sMpwCcZX
jnzrzkTMYRyQcjbJ+a8CwzjKGz3l/tOI0PS2YMuLEPDnfZ4bCwVatP4mzN4nefX2
ecLFl1J1pI46HjUpVJdMWIDMU4No2WWhlNNvNo5KBQaXXGSaJZ9pEX/pyk0RbZi0
UjKE/kYXQtcfddfQ15ohzAfvbaKK6JyNIazpG83WAqDJT3NiQF9NN2YHKR1+zhF5
CHjXFLlHz0aWQo2NGd7S04qSDNcHBKjh/j6yPBmgc5N1um6GTK9llaKm3j+BS9hi
a5vevPhWi6h1cfpaja8PX506w8COFEKeZOyTeuMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRoCVQANpIvyHf4dceQkkFeMpYoDTAfBgNVHSMEGDAWgBTc71jUz6NVQ/hI
iidW5pJOZHtFiTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzNPOVkxTS1qVlVQNFNJb25WdWFTVG1SN1JZay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWEvZWE0NDU1LTc4MzYtNDRjNC1iMmEzLTJlY2UwNGUxODVjMi8x
L2FBbFVBRGFTTDhoMy1IWEhrSkpCWGpLV0tBMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWEv
ZWE0NDU1LTc4MzYtNDRjNC1iMmEzLTJlY2UwNGUxODVjMi8xLzNPOVkxTS1qVlVQ
NFNJb25WdWFTVG1SN1JZay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi1YrDANBgkqhkiG9w0BAQsFAAOC
AQEAZbINCejJKKGnUptuP9aZbIWDMFluJ++ccjdP4EOHiZqTNfo0xlEa28pzojec
bhh+zRi2uUp9azvS1LLjYCNJA3KsayR8Ot86trkN+LhyIkGfZoyBf8ftD+LBdXWc
H94YVVCObCSDBFhJIYGFoPInfQG7oIOvCQpZqoPw9hl6gsFWsxv5Uk1NsTLsSKKG
5z9vp6cNWpGrnhR/+8Y4gThlJLzWLdZSNaDc9ACyD4Qxe2y2uS+dA/CzA8iiS/PX
Vqh5Plra3T57H9NQ52yW8Xk9FueXm5HghucJoQne1y8SGsraMAZwnmQAlh//OHAJ
FnSg+tNsUQEb1ECECD3KKbx0bA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:14 2024 by rpki-client on console-fra.rpki-client.org