Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/jp4uaG1U-t51Ahvrk9vPsJfbK9E.roa
File: jp4uaG1U-t51Ahvrk9vPsJfbK9E.roa (raw, json)
Hash identifier: guGE3at+wEZPWbCI6aYEZ18LdjIJH7gHH20MlLC3+Mk=
Subject key identifier: 8E:9E:2E:68:6D:54:FA:DE:75:02:1B:EB:93:DB:CF:B0:97:DB:2B:D1
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 01845745829D5475278F0F97CD71B664E9BB
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/jp4uaG1U-t51Ahvrk9vPsJfbK9E.roa
Signing time: Tue 08 Nov 2022 12:44:43 +0000
ROA not before: Tue 08 Nov 2022 12:44:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3320
IP address blocks: 45.140.8.0/23 maxlen: 23
109.206.250.0/23 maxlen: 23
45.151.112.0/22 maxlen: 23
45.157.202.0/23 maxlen: 23
45.154.238.0/23 maxlen: 23
45.157.32.0/23 maxlen: 23
45.128.158.0/23 maxlen: 23
45.141.62.0/23 maxlen: 23
2a0c:9e02::/32 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:57:45:82:9d:54:75:27:8f:0f:97:cd:71:b6:64:e9:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Nov 8 12:44:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8e9e2e686d54fade75021beb93dbcfb097db2bd1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:b2:c3:68:be:da:1e:59:a3:66:97:8d:63:bd:
b0:72:27:95:10:4a:55:4d:c6:05:6b:ee:73:3b:e2:
c7:88:40:0a:53:bd:e0:96:59:9c:ba:b1:1d:15:10:
b6:c0:72:f7:7b:9f:e8:61:02:ef:17:8b:75:6b:b0:
a8:05:87:ec:00:a5:c6:e9:cd:1c:9d:77:18:80:1f:
84:9a:b7:07:d4:11:f4:1e:55:64:9d:83:28:f0:0b:
a8:c8:a3:76:ce:98:cd:56:e0:f9:03:5e:8b:95:f1:
9f:ff:aa:a8:c3:ee:1f:87:c5:6d:f3:b0:d4:2b:b6:
fe:4c:0a:5b:d5:27:7b:6c:b5:7b:c1:76:8c:80:3f:
bd:13:84:0d:ea:18:91:3c:e1:c7:f8:11:45:6c:85:
b8:b0:b2:ff:18:f6:6a:2d:6f:51:dd:ee:f7:19:c5:
37:01:63:84:28:b9:54:5c:8e:66:e0:43:3d:f6:9d:
91:f1:e9:e5:b4:48:b7:fd:c9:99:86:e6:87:92:e4:
70:1c:93:3e:08:77:6f:86:fb:7a:ee:24:45:6e:7c:
6d:59:0c:ce:01:79:f1:5b:a1:32:84:72:d5:47:12:
b4:93:6e:b2:40:86:c6:29:5e:de:c9:5e:17:31:47:
4a:ba:21:01:36:00:1c:c7:9d:e7:e5:22:e9:c6:56:
06:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:9E:2E:68:6D:54:FA:DE:75:02:1B:EB:93:DB:CF:B0:97:DB:2B:D1
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/jp4uaG1U-t51Ahvrk9vPsJfbK9E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.158.0/23
45.140.8.0/23
45.141.62.0/23
45.151.112.0/22
45.154.238.0/23
45.157.32.0/23
45.157.202.0/23
109.206.250.0/23
IPv6:
2a0c:9e02::/32
Signature Algorithm: sha256WithRSAEncryption
97:6d:82:6f:3c:c5:cb:b7:d0:4d:25:e1:45:64:a5:14:35:56:
46:22:a7:1b:50:0b:33:f1:89:d9:71:8b:0d:2c:d2:f3:0c:3e:
52:71:94:74:a8:18:f0:b1:9b:aa:5e:45:31:dd:88:dc:84:7d:
8d:3a:25:2a:fa:76:cb:4d:9f:01:1f:f1:07:24:72:67:26:d5:
5b:7a:0a:ed:35:43:6d:45:6a:04:e4:05:08:87:34:4e:c0:c3:
9d:b5:c3:c7:7c:18:54:c7:29:f3:57:b8:1a:b1:d9:f8:89:66:
79:c9:fc:b5:39:cb:6e:2c:43:95:5b:b0:20:d8:0a:f2:bd:fb:
55:74:a1:b0:8c:de:c1:c5:60:19:28:85:5b:27:10:34:b8:15:
6d:69:db:18:26:7e:16:ef:72:74:60:b9:7b:d0:60:6e:10:cf:
41:a5:c8:24:5a:30:c3:02:3b:ba:aa:f4:38:11:b2:a3:ca:88:
05:38:ca:c6:9f:1c:36:27:31:02:35:21:a5:0d:ce:8f:8e:b6:
9c:6e:8e:ce:86:ed:f6:53:4c:23:f3:b1:ff:08:ca:5f:25:f9:
dd:4a:2f:a8:f1:b0:8d:ce:42:39:9e:ea:6d:03:79:53:8e:c6:
86:06:a5:80:d2:3d:7d:f8:66:9b:60:2f:bc:d1:95:99:9f:71:
9d:3f:e0:11
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYRXRYKdVHUnjw+XzXG2ZOm7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjIxMTA4MTI0NDQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTllMmU2ODZkNTRmYWRlNzUwMjFiZWI5M2RiY2ZiMDk3ZGIyYmQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs7LDaL7aHlmjZpeNY72wcieVEEpV
TcYFa+5zO+LHiEAKU73gllmcurEdFRC2wHL3e5/oYQLvF4t1a7CoBYfsAKXG6c0c
nXcYgB+EmrcH1BH0HlVknYMo8AuoyKN2zpjNVuD5A16LlfGf/6qow+4fh8Vt87DU
K7b+TApb1Sd7bLV7wXaMgD+9E4QN6hiRPOHH+BFFbIW4sLL/GPZqLW9R3e73GcU3
AWOEKLlUXI5m4EM99p2R8enltEi3/cmZhuaHkuRwHJM+CHdvhvt67iRFbnxtWQzO
AXnxW6EyhHLVRxK0k26yQIbGKV7eyV4XMUdKuiEBNgAcx53n5SLpxlYGYwIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFI6eLmhtVPredQIb65Pbz7CX2yvRMB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvanA0dWFHMVUtdDUxQWh2cms5dlBzSmZiSzlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQBLYCeAwQB
LYwIAwQBLY0+AwQCLZdwAwQBLZruAwQBLZ0gAwQBLZ3KAwQBbc76MA0EAgACMAcD
BQAqDJ4CMA0GCSqGSIb3DQEBCwUAA4IBAQCXbYJvPMXLt9BNJeFFZKUUNVZGIqcb
UAsz8YnZcYsNLNLzDD5ScZR0qBjwsZuqXkUx3YjchH2NOiUq+nbLTZ8BH/EHJHJn
JtVbegrtNUNtRWoE5AUIhzROwMOdtcPHfBhUxynzV7gasdn4iWZ5yfy1OctuLEOV
W7Ag2AryvftVdKGwjN7BxWAZKIVbJxA0uBVtadsYJn4W73J0YLl70GBuEM9Bpcgk
WjDDAju6qvQ4EbKjyogFOMrGnxw2JzECNSGlDc6Pjracbo7Ohu32U0wj87H/CMpf
JfndSi+o8bCNzkI5nuptA3lTjsaGBqWA0j19+GabYC+80ZWZn3GdP+AR
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:17 2024 by rpki-client on console-ams.rpki-client.org