Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/7AUSBetMC4z8pDFIyqEfeCel5Ao.roa
File: 7AUSBetMC4z8pDFIyqEfeCel5Ao.roa (raw, json)
Hash identifier: Hzm9ZQjMPw01SCLFAKiwAoQkRYfSqvXLobde9L+3p6A=
Subject key identifier: EC:05:12:05:EB:4C:0B:8C:FC:A4:31:48:CA:A1:1F:78:27:A5:E4:0A
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 090238E0
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/7AUSBetMC4z8pDFIyqEfeCel5Ao.roa
Signing time: Tue 29 Mar 2022 09:02:57 +0000
ROA not before: Tue 29 Mar 2022 09:02:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3320
IP address blocks: 45.140.8.0/23 maxlen: 23
45.151.112.0/22 maxlen: 23
45.157.202.0/23 maxlen: 23
45.154.238.0/23 maxlen: 23
45.157.32.0/23 maxlen: 23
45.128.158.0/23 maxlen: 23
45.141.62.0/23 maxlen: 23
2a0b:3c40:10::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 151140576 (0x90238e0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Mar 29 09:02:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ec051205eb4c0b8cfca43148caa11f7827a5e40a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:4c:e5:e7:15:70:f2:34:56:a2:1c:69:14:ca:
2d:bc:9b:97:5e:2d:78:88:2e:5e:8b:92:db:fc:9a:
20:6e:00:75:cc:01:28:16:fa:6b:33:e7:36:74:0b:
0b:28:c1:7a:95:b0:87:62:4a:cb:f2:15:cb:ed:ed:
ff:e7:c6:86:d6:62:7f:92:63:71:54:c9:a3:53:aa:
2c:ee:27:19:ed:fd:77:58:1c:39:e6:72:cf:ed:ff:
af:0f:c4:0d:a1:37:bf:2f:4c:16:7c:a7:68:d1:c2:
9f:da:2f:eb:b7:22:a0:f9:5e:c5:d9:25:81:98:7f:
64:cc:d8:e5:1a:97:b9:30:67:cf:a6:c4:4b:d9:ec:
a5:dd:e0:7b:8a:0b:8d:65:72:30:7d:43:d6:96:6e:
ae:48:d6:f3:f8:9d:3a:56:d6:c6:1f:ec:7f:2b:de:
1f:bb:ad:82:2c:4b:c0:63:7a:7a:c7:a2:42:c6:d3:
5e:52:e0:6c:d6:fe:35:7b:f4:0c:9f:79:08:0c:cb:
17:b8:6e:3a:6d:8f:51:6d:60:93:d0:9d:97:11:4c:
1b:87:4d:3a:ef:04:79:28:86:9c:7b:14:82:9c:56:
94:01:2c:c7:eb:e3:54:fb:ce:70:54:73:5b:a3:c1:
a4:21:ea:36:d3:d8:97:cd:12:6c:f2:89:6a:d4:de:
07:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:05:12:05:EB:4C:0B:8C:FC:A4:31:48:CA:A1:1F:78:27:A5:E4:0A
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/7AUSBetMC4z8pDFIyqEfeCel5Ao.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.158.0/23
45.140.8.0/23
45.141.62.0/23
45.151.112.0/22
45.154.238.0/23
45.157.32.0/23
45.157.202.0/23
IPv6:
2a0b:3c40:10::/48
Signature Algorithm: sha256WithRSAEncryption
b4:af:10:2c:eb:20:82:8c:da:99:20:38:00:21:1a:76:db:4f:
e3:60:4f:c1:8e:5b:11:45:1e:54:81:79:e1:e8:a3:38:ab:3f:
a5:9a:a4:7d:b2:3d:ae:07:0b:2b:a9:92:bf:62:6c:19:da:22:
87:80:48:77:79:95:a3:4f:40:15:79:e4:7c:ba:41:38:ea:13:
3a:2b:2d:f8:bf:ef:66:30:10:78:ce:e2:a6:43:99:cb:51:21:
ad:b3:5d:88:9e:dc:9a:97:04:90:9b:44:d1:7a:08:08:d8:5d:
d3:ca:cf:af:8e:94:95:56:04:cd:6a:6e:c2:49:a2:4d:18:f5:
96:55:cf:e7:f6:4e:13:8d:d3:c2:da:41:1b:87:21:62:bb:9b:
5e:8d:f8:b7:1a:a2:b4:81:42:b5:89:1f:e2:bf:8f:7f:e3:69:
75:ec:9f:0f:e2:e3:3e:39:16:ac:54:6d:d6:9d:05:0f:ab:1a:
ac:6b:4d:8d:6a:57:3f:48:8b:6f:38:7c:72:23:8d:70:c2:d4:
23:41:29:04:dd:ac:df:ff:39:ed:8b:b0:9a:a6:99:94:b2:ed:
a8:b4:e8:e3:59:1b:4c:de:0b:21:52:92:67:d9:f5:f2:92:53:
bc:2d:8c:85:8c:d1:c3:bf:b0:15:f2:06:6f:01:f3:5f:00:b0:
ad:9a:12:05
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgIECQI44DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NTU3Y2NkNDNhZmU4MTZlNDk1MzIyOGJmMTRhNzVkYzI5MDE0YjhkMB4XDTIyMDMy
OTA5MDI1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWMwNTEyMDVlYjRj
MGI4Y2ZjYTQzMTQ4Y2FhMTFmNzgyN2E1ZTQwYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALpM5ecVcPI0VqIcaRTKLbybl14teIguXouS2/yaIG4AdcwB
KBb6azPnNnQLCyjBepWwh2JKy/IVy+3t/+fGhtZif5JjcVTJo1OqLO4nGe39d1gc
OeZyz+3/rw/EDaE3vy9MFnynaNHCn9ov67cioPlexdklgZh/ZMzY5RqXuTBnz6bE
S9nspd3ge4oLjWVyMH1D1pZurkjW8/idOlbWxh/sfyveH7utgixLwGN6eseiQsbT
XlLgbNb+NXv0DJ95CAzLF7huOm2PUW1gk9CdlxFMG4dNOu8EeSiGnHsUgpxWlAEs
x+vjVPvOcFRzW6PBpCHqNtPYl80SbPKJatTeB1cCAwEAAaOCAj4wggI6MB0GA1Ud
DgQWBBTsBRIF60wLjPykMUjKoR94J6XkCjAfBgNVHSMEGDAWgBS1V8zUOv6BbklT
IovxSnXcKQFLjTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RWZk0xRHItZ1c1SlV5S0w4VXAxM0NrQlM0MC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGIvMTkwODQzLTE4MDMtNDQ2Mi1hNzk1LTZiYzc1NTc4YjRjMy8x
LzdBVVNCZXRNQzR6OHBERkl5cUVmZUNlbDVBby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGIv
MTkwODQzLTE4MDMtNDQ2Mi1hNzk1LTZiYzc1NTc4YjRjMy8xL3RWZk0xRHItZ1c1
SlV5S0w4VXAxM0NrQlM0MC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBU
BggrBgEFBQcBBwEB/wRFMEMwMAQCAAEwKgMEAS2AngMEAS2MCAMEAS2NPgMEAi2X
cAMEAS2a7gMEAS2dIAMEAS2dyjAPBAIAAjAJAwcAKgs8QAAQMA0GCSqGSIb3DQEB
CwUAA4IBAQC0rxAs6yCCjNqZIDgAIRp220/jYE/BjlsRRR5UgXnh6KM4qz+lmqR9
sj2uBwsrqZK/YmwZ2iKHgEh3eZWjT0AVeeR8ukE46hM6Ky34v+9mMBB4zuKmQ5nL
USGts12IntyalwSQm0TReggI2F3Tys+vjpSVVgTNam7CSaJNGPWWVc/n9k4TjdPC
2kEbhyFiu5tejfi3GqK0gUK1iR/iv49/42l17J8P4uM+ORasVG3WnQUPqxqsa02N
alc/SItvOHxyI41wwtQjQSkE3azf/znti7CappmUsu2otOjjWRtM3gshUpJn2fXy
klO8LYyFjNHDv7AV8gZvAfNfALCtmhIF
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:25 2024 by rpki-client on console-fra.rpki-client.org