Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/DzsA3ndrIXQAB9kc_kzj_1X2E28.roa
File: DzsA3ndrIXQAB9kc_kzj_1X2E28.roa (raw, json)
Hash identifier: dlgNSlt4xjuZySn0cqscF1+n/eeS4TZ1AG6CpB5CBmg=
Subject key identifier: 0F:3B:00:DE:77:6B:21:74:00:07:D9:1C:FE:4C:E3:FF:55:F6:13:6F
Certificate issuer: /CN=e754c347d68d15493de71bb962f0a567e134d603
Certificate serial: 0183AA1394502F9B24A648158FEB4DBA9B02
Authority key identifier: E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/DzsA3ndrIXQAB9kc_kzj_1X2E28.roa
Signing time: Wed 05 Oct 2022 21:35:53 +0000
ROA not before: Wed 05 Oct 2022 21:35:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42831
IP address blocks: 45.43.64.0/23 maxlen: 24
45.43.86.0/24 maxlen: 24
107.181.128.0/22 maxlen: 24
107.181.152.0/24 maxlen: 24
107.181.154.0/24 maxlen: 24
107.181.153.0/24 maxlen: 24
198.105.109.0/24 maxlen: 24
198.105.108.0/24 maxlen: 24
198.105.111.0/24 maxlen: 24
89.33.6.0/23 maxlen: 24
2a05:9f40:1f::/48 maxlen: 48
2a05:9f44:2a05::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:aa:13:94:50:2f:9b:24:a6:48:15:8f:eb:4d:ba:9b:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e754c347d68d15493de71bb962f0a567e134d603
Validity
Not Before: Oct 5 21:35:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0f3b00de776b21740007d91cfe4ce3ff55f6136f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:a4:3b:a0:39:91:7c:7a:55:b1:bc:03:05:64:
e2:e9:62:e0:5e:ab:57:5d:4f:d2:6e:9f:02:98:41:
2c:e0:ae:2a:ad:9c:cc:df:f9:aa:da:1a:c5:29:c9:
f1:db:08:bf:41:be:43:c5:d5:82:3d:a2:51:95:5a:
ff:e9:96:e0:3b:be:0f:01:0e:8f:b3:1e:6a:cc:a5:
8d:60:0c:be:e0:13:8c:9d:ea:d3:f8:15:1e:26:75:
55:d2:5c:49:3f:f3:c2:57:f5:ce:58:3a:35:f8:92:
8d:cb:79:d7:bf:8c:17:cf:9b:17:5a:0d:c9:a7:6a:
56:d7:6d:1b:92:15:28:4d:19:8a:cc:69:5f:f6:49:
44:e0:dd:60:e0:97:5f:bb:4e:57:d9:dc:14:ad:5a:
95:f2:08:40:e0:01:c8:ce:6b:b9:9e:1e:78:63:0b:
6b:b5:31:94:42:16:db:5e:22:92:7d:80:f6:de:4e:
f8:93:4a:ee:af:68:fe:03:9d:ad:37:2a:3d:85:e9:
b3:ec:f4:c1:64:2e:ca:6b:74:3a:94:82:33:dd:8d:
d9:0d:44:56:cb:8a:f1:f2:52:45:2b:df:8a:cf:c5:
b9:47:6e:3e:92:a9:c4:59:fc:b8:30:57:06:d8:21:
33:61:ba:ec:c7:c8:a5:b1:d0:25:7a:cf:04:98:ac:
8a:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:3B:00:DE:77:6B:21:74:00:07:D9:1C:FE:4C:E3:FF:55:F6:13:6F
X509v3 Authority Key Identifier:
keyid:E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/DzsA3ndrIXQAB9kc_kzj_1X2E28.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/51TDR9aNFUk95xu5YvClZ-E01gM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.64.0/23
45.43.86.0/24
89.33.6.0/23
107.181.128.0/22
107.181.152.0-107.181.154.255
198.105.108.0/23
198.105.111.0/24
IPv6:
2a05:9f40:1f::/48
2a05:9f44:2a05::/48
Signature Algorithm: sha256WithRSAEncryption
5d:99:70:f7:7e:02:38:73:64:42:f3:fd:c5:9e:4e:68:48:a3:
2b:0c:da:e5:cb:76:4b:72:59:2e:7d:32:7d:88:5e:25:0b:a9:
ef:ab:1e:df:e8:65:76:27:32:cb:1e:cd:63:0f:4f:5f:95:72:
5c:73:97:d8:3d:c6:f7:24:3d:07:c5:d9:8b:3b:d3:aa:b8:66:
70:f3:d0:78:3d:45:53:69:d4:6b:8a:60:37:e3:ef:e8:27:a1:
68:8f:83:ca:d2:31:32:21:9d:38:38:91:43:a2:03:6d:26:38:
57:9c:cb:e5:02:01:47:f7:fd:78:1d:31:ee:94:d3:cd:c5:9d:
32:71:a0:98:78:f8:ec:64:13:f6:91:19:2d:59:6b:08:c6:3a:
d7:2b:ca:15:0b:57:d3:00:80:ff:de:da:cc:2a:14:cc:fe:2c:
af:97:1f:77:7d:5b:0d:5b:03:ae:bf:c0:c3:bd:73:1f:b1:da:
05:2c:73:ef:3a:ee:35:9a:80:38:32:b0:91:49:d7:40:19:8b:
81:50:4f:5b:1e:72:08:a4:85:71:dc:0d:e2:57:7d:b0:3c:a8:
14:0b:70:b0:9e:43:55:c8:15:43:8e:8d:35:cb:a0:2c:50:5c:
65:ba:d4:f6:0c:ac:16:90:37:61:51:2b:c0:8c:db:92:ec:49:
c2:76:78:f1
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAYOqE5RQL5skpkgVj+tNupsCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NTRjMzQ3ZDY4ZDE1NDkzZGU3MWJiOTYyZjBhNTY3ZTEz
NGQ2MDMwHhcNMjIxMDA1MjEzNTUzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjNiMDBkZTc3NmIyMTc0MDAwN2Q5MWNmZTRjZTNmZjU1ZjYxMzZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh6Q7oDmRfHpVsbwDBWTi6WLgXqtX
XU/Sbp8CmEEs4K4qrZzM3/mq2hrFKcnx2wi/Qb5DxdWCPaJRlVr/6ZbgO74PAQ6P
sx5qzKWNYAy+4BOMnerT+BUeJnVV0lxJP/PCV/XOWDo1+JKNy3nXv4wXz5sXWg3J
p2pW120bkhUoTRmKzGlf9klE4N1g4Jdfu05X2dwUrVqV8ghA4AHIzmu5nh54Ywtr
tTGUQhbbXiKSfYD23k74k0rur2j+A52tNyo9hemz7PTBZC7Ka3Q6lIIz3Y3ZDURW
y4rx8lJFK9+Kz8W5R24+kqnEWfy4MFcG2CEzYbrsx8ilsdAles8EmKyKzwIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFA87AN53ayF0AAfZHP5M4/9V9hNvMB8GA1UdIwQY
MBaAFOdUw0fWjRVJPecbuWLwpWfhNNYDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2It
MzdiNjJkMjIzOTI0LzEvRHpzQTNuZHJJWFFBQjlrY19rempfMVgyRTI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2ItMzdiNjJkMjIzOTI0
LzEvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDA4BAIAATAyAwQBLStAAwQA
LStWAwQBWSEGAwQCa7WAMAwDBANrtZgDBABrtZoDBAHGaWwDBADGaW8wGAQCAAIw
EgMHACoFn0AAHwMHACoFn0QqBTANBgkqhkiG9w0BAQsFAAOCAQEAXZlw934COHNk
QvP9xZ5OaEijKwza5ct2S3JZLn0yfYheJQup76se3+hldicyyx7NYw9PX5VyXHOX
2D3G9yQ9B8XZizvTqrhmcPPQeD1FU2nUa4pgN+Pv6CehaI+DytIxMiGdODiRQ6ID
bSY4V5zL5QIBR/f9eB0x7pTTzcWdMnGgmHj47GQT9pEZLVlrCMY61yvKFQtX0wCA
/97azCoUzP4sr5cfd31bDVsDrr/Aw71zH7HaBSxz7zruNZqAODKwkUnXQBmLgVBP
Wx5yCKSFcdwN4ld9sDyoFAtwsJ5DVcgVQ46NNcugLFBcZbrU9gysFpA3YVErwIzb
kuxJwnZ48Q==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:20 2023 by rpki-client on console-fra.rpki-client.org