Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/2e95e7-5644-46f2-8fa3-398c045189eb/1/_YpUS40zpGteHXq74Q9ynMFl4nY.roa
File: _YpUS40zpGteHXq74Q9ynMFl4nY.roa (raw, json)
Hash identifier: P3fTNL/k24fqITpD33Sc0OsJ+c0YRnZGEUlCVpNvfsI=
Subject key identifier: FD:8A:54:4B:8D:33:A4:6B:5E:1D:7A:BB:E1:0F:72:9C:C1:65:E2:76
Certificate issuer: /CN=f541d46893aaa164fe2673990d07aa6c071003c0
Certificate serial: 0183B1878AFDF2D0437628ED73851F504C51
Authority key identifier: F5:41:D4:68:93:AA:A1:64:FE:26:73:99:0D:07:AA:6C:07:10:03:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9UHUaJOqoWT-JnOZDQeqbAcQA8A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/2e95e7-5644-46f2-8fa3-398c045189eb/1/_YpUS40zpGteHXq74Q9ynMFl4nY.roa
Signing time: Fri 07 Oct 2022 08:19:53 +0000
ROA not before: Fri 07 Oct 2022 08:19:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44084
IP address blocks: 217.115.16.0/20 maxlen: 24
45.67.124.0/22 maxlen: 24
2a09:6240::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:b1:87:8a:fd:f2:d0:43:76:28:ed:73:85:1f:50:4c:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f541d46893aaa164fe2673990d07aa6c071003c0
Validity
Not Before: Oct 7 08:19:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fd8a544b8d33a46b5e1d7abbe10f729cc165e276
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:30:76:af:89:e7:b9:da:76:ea:6c:6d:d7:3b:
4a:a0:52:3e:15:01:a0:1d:f7:34:6c:58:7c:3c:c0:
dc:1a:17:06:9d:45:80:41:8b:4a:79:03:7d:bb:d0:
3b:74:c6:4c:3f:31:7d:37:58:b6:34:87:43:0b:dd:
a3:ac:1e:ea:27:ce:91:d0:08:0e:5e:de:0d:f3:4d:
59:3d:f5:01:d1:28:cf:27:9c:4a:9f:f1:02:75:c8:
27:d7:ae:f0:5a:71:7f:51:0d:9d:b1:05:2a:43:d7:
2c:12:bb:1a:f8:cb:fc:88:d1:7c:17:34:5f:d0:60:
70:16:21:9e:90:cd:f7:c0:7c:c2:e2:49:8e:42:4b:
cb:a0:f6:39:bc:14:f4:b6:e6:94:25:5e:aa:9f:cb:
90:f6:6d:d1:ee:e7:f8:7f:5b:ed:40:6d:54:25:6b:
d2:d7:3d:8f:da:00:e4:88:18:c1:f4:b7:d6:c0:e4:
3c:4f:1c:1e:b1:a7:9a:29:46:e0:67:7d:99:09:e8:
a8:f5:de:f6:bd:32:87:a9:ff:13:fb:84:fe:5f:ba:
e8:71:16:fd:5e:a1:78:f5:63:ee:e4:f9:52:d5:b2:
33:62:d5:94:cd:18:ef:58:2f:4c:88:f4:be:d9:ee:
3b:05:2d:e7:18:6e:f8:ee:29:15:88:12:ea:91:8b:
fa:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:8A:54:4B:8D:33:A4:6B:5E:1D:7A:BB:E1:0F:72:9C:C1:65:E2:76
X509v3 Authority Key Identifier:
keyid:F5:41:D4:68:93:AA:A1:64:FE:26:73:99:0D:07:AA:6C:07:10:03:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9UHUaJOqoWT-JnOZDQeqbAcQA8A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/2e95e7-5644-46f2-8fa3-398c045189eb/1/_YpUS40zpGteHXq74Q9ynMFl4nY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/2e95e7-5644-46f2-8fa3-398c045189eb/1/9UHUaJOqoWT-JnOZDQeqbAcQA8A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.124.0/22
217.115.16.0/20
IPv6:
2a09:6240::/29
Signature Algorithm: sha256WithRSAEncryption
20:5c:b3:00:ba:f4:53:2e:07:57:6b:95:92:0f:65:94:28:22:
3d:3e:ff:29:a5:32:6b:ee:a0:92:e8:2c:5d:ec:be:ca:4f:4a:
ee:e4:f0:6e:28:fa:26:09:77:c3:88:ae:7a:82:c7:4f:e5:9f:
8a:d1:94:f9:42:11:7f:50:77:14:eb:ee:b1:d0:cb:99:e8:24:
08:c9:ca:fb:8e:88:c3:d4:e6:04:74:78:d9:ba:fe:f9:cf:df:
3a:2c:55:2d:90:04:60:15:1b:6b:68:38:4c:08:de:8d:c6:e0:
dc:b7:f9:48:9e:c7:1c:d2:a2:a7:5a:01:01:03:3e:99:ca:a5:
79:07:e4:cc:3f:7d:74:c3:68:fa:27:5a:20:49:ab:c4:bc:b2:
15:93:58:b1:3f:40:0d:ab:3f:fa:e3:20:ca:98:76:9f:d1:de:
d8:3a:69:6f:03:0f:16:fb:a6:1f:4b:00:68:57:fa:9d:d5:38:
b4:c2:d1:ee:f6:cb:06:fa:65:20:47:d7:a8:d5:92:30:3e:d8:
30:da:98:6a:b2:be:93:f2:a4:c9:e2:6b:a9:41:36:82:21:79:
3d:8e:0a:4c:04:c2:ec:6e:3e:ea:64:bc:75:30:cb:a9:11:a4:
21:3d:bb:cf:6e:3b:8d:9b:bb:51:59:b2:11:73:ab:77:63:9d:
7f:c8:5b:4d
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYOxh4r98tBDdijtc4UfUExRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1NDFkNDY4OTNhYWExNjRmZTI2NzM5OTBkMDdhYTZjMDcx
MDAzYzAwHhcNMjIxMDA3MDgxOTUzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDhhNTQ0YjhkMzNhNDZiNWUxZDdhYmJlMTBmNzI5Y2MxNjVlMjc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkzB2r4nnudp26mxt1ztKoFI+FQGg
Hfc0bFh8PMDcGhcGnUWAQYtKeQN9u9A7dMZMPzF9N1i2NIdDC92jrB7qJ86R0AgO
Xt4N801ZPfUB0SjPJ5xKn/ECdcgn167wWnF/UQ2dsQUqQ9csErsa+Mv8iNF8FzRf
0GBwFiGekM33wHzC4kmOQkvLoPY5vBT0tuaUJV6qn8uQ9m3R7uf4f1vtQG1UJWvS
1z2P2gDkiBjB9LfWwOQ8TxwesaeaKUbgZ32ZCeio9d72vTKHqf8T+4T+X7rocRb9
XqF49WPu5PlS1bIzYtWUzRjvWC9MiPS+2e47BS3nGG747ikViBLqkYv6rwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFP2KVEuNM6RrXh16u+EPcpzBZeJ2MB8GA1UdIwQY
MBaAFPVB1GiTqqFk/iZzmQ0HqmwHEAPAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVVIVWFKT3FvV1QtSm5PWkRRZXFiQWNRQThBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS8yZTk1ZTctNTY0NC00NmYyLThmYTMt
Mzk4YzA0NTE4OWViLzEvX1lwVVM0MHpwR3RlSFhxNzRROXluTUZsNG5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS8yZTk1ZTctNTY0NC00NmYyLThmYTMtMzk4YzA0NTE4OWVi
LzEvOVVIVWFKT3FvV1QtSm5PWkRRZXFiQWNRQThBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLUN8AwQE
2XMQMA0EAgACMAcDBQMqCWJAMA0GCSqGSIb3DQEBCwUAA4IBAQAgXLMAuvRTLgdX
a5WSD2WUKCI9Pv8ppTJr7qCS6Cxd7L7KT0ru5PBuKPomCXfDiK56gsdP5Z+K0ZT5
QhF/UHcU6+6x0MuZ6CQIycr7jojD1OYEdHjZuv75z986LFUtkARgFRtraDhMCN6N
xuDct/lInscc0qKnWgEBAz6ZyqV5B+TMP310w2j6J1ogSavEvLIVk1ixP0ANqz/6
4yDKmHaf0d7YOmlvAw8W+6YfSwBoV/qd1Ti0wtHu9ssG+mUgR9eo1ZIwPtgw2phq
sr6T8qTJ4mupQTaCIXk9jgpMBMLsbj7qZLx1MMupEaQhPbvPbjuNm7tRWbIRc6t3
Y51/yFtN
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:19 2023 by rpki-client on console-ams.rpki-client.org