Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/143d29-cf72-4d01-918c-16afc4dffdd4/1/LI7PvGehl7IKmRmhkwOVWgCUeuo.roa
File: LI7PvGehl7IKmRmhkwOVWgCUeuo.roa (raw, json)
Hash identifier: Yhyu8hOwrkNfCOIxte7198qFkx53bqR8Di+taJii2NY=
Subject key identifier: 2C:8E:CF:BC:67:A1:97:B2:0A:99:19:A1:93:03:95:5A:00:94:7A:EA
Certificate issuer: /CN=3a00807698f0b097d69ab3926917d1dcc838a624
Certificate serial: 0539C7B7
Authority key identifier: 3A:00:80:76:98:F0:B0:97:D6:9A:B3:92:69:17:D1:DC:C8:38:A6:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OgCAdpjwsJfWmrOSaRfR3Mg4piQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/143d29-cf72-4d01-918c-16afc4dffdd4/1/LI7PvGehl7IKmRmhkwOVWgCUeuo.roa
Signing time: Sat 01 Jan 2022 11:58:02 +0000
ROA not before: Sat 01 Jan 2022 11:58:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 328543
IP address blocks: 45.81.33.0/24 maxlen: 24
45.81.34.0/23 maxlen: 24
45.150.236.0/22 maxlen: 24
2a0e:4c80::/29 maxlen: 29
2a0f:9a00::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 87672759 (0x539c7b7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a00807698f0b097d69ab3926917d1dcc838a624
Validity
Not Before: Jan 1 11:58:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2c8ecfbc67a197b20a9919a19303955a00947aea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:3c:69:bc:23:f9:c0:77:91:56:43:e0:ac:9a:
b8:eb:58:5d:ea:6e:6f:de:40:48:91:ec:97:88:a8:
1a:54:74:bc:84:1c:e5:e9:b0:8e:ca:d8:21:58:d8:
f4:d3:f5:eb:d3:a9:5f:be:b8:d2:ff:81:0d:4c:8c:
82:c1:ed:92:7b:2d:d2:6f:7c:d3:5c:5c:4e:40:ce:
c5:32:36:92:69:01:4d:b4:2a:51:09:d8:d4:16:2f:
3a:1d:04:1a:f4:f1:1d:67:73:dd:d2:10:d4:34:13:
04:3b:4d:96:c6:7d:9b:00:fd:38:9b:bc:31:23:2c:
2d:47:9e:ab:e0:7c:41:1d:ed:fe:a8:c7:82:4a:33:
52:0f:70:ee:33:8c:89:9a:ab:52:77:62:cc:7c:47:
63:07:fc:56:27:81:d4:7b:b0:c7:b1:30:62:2e:27:
f2:43:6b:1d:f4:bd:e7:55:7b:26:74:48:a2:66:92:
81:90:2e:c2:6d:66:a6:b7:86:96:70:d6:2f:39:57:
cc:c4:8a:6a:58:b8:6d:be:3c:b8:b9:bd:4a:93:4d:
f7:1b:0a:87:91:8e:6a:94:f8:7c:7a:bc:a7:40:44:
51:0b:79:ba:f9:19:af:8c:97:17:03:bc:e5:53:89:
0d:67:3f:6c:30:1f:b1:ab:e8:f7:cd:0f:84:b4:6a:
f4:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:8E:CF:BC:67:A1:97:B2:0A:99:19:A1:93:03:95:5A:00:94:7A:EA
X509v3 Authority Key Identifier:
keyid:3A:00:80:76:98:F0:B0:97:D6:9A:B3:92:69:17:D1:DC:C8:38:A6:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OgCAdpjwsJfWmrOSaRfR3Mg4piQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/143d29-cf72-4d01-918c-16afc4dffdd4/1/LI7PvGehl7IKmRmhkwOVWgCUeuo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/143d29-cf72-4d01-918c-16afc4dffdd4/1/OgCAdpjwsJfWmrOSaRfR3Mg4piQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.33.0-45.81.35.255
45.150.236.0/22
IPv6:
2a0e:4c80::/29
2a0f:9a00::/29
Signature Algorithm: sha256WithRSAEncryption
06:e0:bc:93:4d:cf:43:a1:9e:a6:0b:b3:01:c1:3d:7d:22:eb:
ee:1e:1f:0a:ef:ed:5d:23:b2:6c:33:26:94:d4:79:f1:07:f8:
f6:b3:12:3a:39:f0:62:b9:6f:97:82:4c:39:a5:ef:cd:ce:b3:
c4:1e:18:33:6e:d9:8b:1e:3c:8e:73:a9:f3:ba:e5:a2:4d:63:
ad:f8:59:84:9c:4c:36:d8:08:48:00:06:7c:69:44:6b:15:d6:
ed:b3:0d:50:e5:53:64:d1:89:c2:9c:7c:24:72:87:04:c9:6c:
4d:89:42:d2:b7:3b:ea:bb:c8:ae:ff:b5:02:89:fe:5c:42:dc:
3c:5a:cd:23:d6:fe:45:51:e1:c8:90:c5:bd:a9:ba:b9:93:14:
fa:1f:44:7d:ce:d1:bf:88:61:f5:0a:be:98:7e:93:a5:ea:69:
89:74:2f:4a:0e:75:d6:d2:f6:d9:4e:4d:5f:8b:2d:96:41:c6:
ff:d0:a8:c7:96:55:bf:ad:6b:46:0d:a7:cb:79:fd:c9:3f:a7:
45:35:7e:ec:ee:da:87:4f:2f:55:4c:c8:8b:a9:70:3e:84:b4:
c2:ce:9b:22:b8:d9:19:50:98:9b:8a:c5:80:59:90:c1:08:c5:
0c:e2:45:f1:31:ab:c2:54:45:08:fa:d5:c6:0d:88:87:f1:b3:
c6:42:2d:b6
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgIEBTnHtzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YTAwODA3Njk4ZjBiMDk3ZDY5YWIzOTI2OTE3ZDFkY2M4MzhhNjI0MB4XDTIyMDEw
MTExNTgwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmM4ZWNmYmM2N2Ex
OTdiMjBhOTkxOWExOTMwMzk1NWEwMDk0N2FlYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALA8abwj+cB3kVZD4KyauOtYXepub95ASJHsl4ioGlR0vIQc
5emwjsrYIVjY9NP169OpX7640v+BDUyMgsHtknst0m9801xcTkDOxTI2kmkBTbQq
UQnY1BYvOh0EGvTxHWdz3dIQ1DQTBDtNlsZ9mwD9OJu8MSMsLUeeq+B8QR3t/qjH
gkozUg9w7jOMiZqrUndizHxHYwf8VieB1Huwx7EwYi4n8kNrHfS951V7JnRIomaS
gZAuwm1mpreGlnDWLzlXzMSKali4bb48uLm9SpNN9xsKh5GOapT4fHq8p0BEUQt5
uvkZr4yXFwO85VOJDWc/bDAfsavo980PhLRq9EUCAwEAAaOCAi0wggIpMB0GA1Ud
DgQWBBQsjs+8Z6GXsgqZGaGTA5VaAJR66jAfBgNVHSMEGDAWgBQ6AIB2mPCwl9aa
s5JpF9HcyDimJDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L09nQ0FkcGp3c0pmV21yT1NhUmZSM01nNHBpUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmEvMTQzZDI5LWNmNzItNGQwMS05MThjLTE2YWZjNGRmZmRkNC8x
L0xJN1B2R2VobDdJS21SbWhrd09WV2dDVWV1by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmEv
MTQzZDI5LWNmNzItNGQwMS05MThjLTE2YWZjNGRmZmRkNC8xL09nQ0FkcGp3c0pm
V21yT1NhUmZSM01nNHBpUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBD
BggrBgEFBQcBBwEB/wQ0MDIwGgQCAAEwFDAMAwQALVEhAwQCLVEgAwQCLZbsMBQE
AgACMA4DBQMqDkyAAwUDKg+aADANBgkqhkiG9w0BAQsFAAOCAQEABuC8k03PQ6Ge
pguzAcE9fSLr7h4fCu/tXSOybDMmlNR58Qf49rMSOjnwYrlvl4JMOaXvzc6zxB4Y
M27Zix48jnOp87rlok1jrfhZhJxMNtgISAAGfGlEaxXW7bMNUOVTZNGJwpx8JHKH
BMlsTYlC0rc76rvIrv+1Aon+XELcPFrNI9b+RVHhyJDFvam6uZMU+h9Efc7Rv4hh
9Qq+mH6TpeppiXQvSg511tL22U5NX4stlkHG/9Cox5ZVv61rRg2ny3n9yT+nRTV+
7O7ah08vVUzIi6lwPoS0ws6bIrjZGVCYm4rFgFmQwQjFDOJF8TGrwlRFCPrVxg2I
h/GzxkIttg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:26 2024 by rpki-client on console-fra.rpki-client.org