Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/p1dMbGj-qA6dtymQvtjEIHfhSoQ.roa
File: p1dMbGj-qA6dtymQvtjEIHfhSoQ.roa (raw, json)
Hash identifier: yH/iXC8/KHGOaWb8fW5iLtrsZHRV9irB609epDQl84I=
Subject key identifier: A7:57:4C:6C:68:FE:A8:0E:9D:B7:29:90:BE:D8:C4:20:77:E1:4A:84
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 0183694C8EBF4808EE8A6A10532AC8DCF060
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/p1dMbGj-qA6dtymQvtjEIHfhSoQ.roa
Signing time: Fri 23 Sep 2022 07:42:48 +0000
ROA not before: Fri 23 Sep 2022 07:42:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 5089
IP address blocks: 109.206.248.0/22 maxlen: 23
45.152.36.0/23 maxlen: 23
2a0c:9e06::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:69:4c:8e:bf:48:08:ee:8a:6a:10:53:2a:c8:dc:f0:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Sep 23 07:42:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a7574c6c68fea80e9db72990bed8c42077e14a84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:80:0f:52:36:c4:0e:70:1b:58:ba:04:67:26:
7c:b5:98:4f:87:4a:8f:6d:3c:cc:de:be:bc:4c:a8:
17:1d:e2:5d:b1:bd:c4:9a:50:9b:ca:29:5b:04:e9:
23:84:c4:59:03:a6:a7:1b:82:82:e9:ab:58:7b:24:
21:d1:fb:58:b2:5f:32:ac:01:1b:b2:84:f8:c7:98:
5b:00:6a:27:a9:78:cd:56:99:cd:9c:9b:33:3a:1e:
ac:ee:b4:d8:aa:f1:c5:19:db:33:39:54:77:e3:41:
92:7e:16:8d:b0:d9:75:4e:9d:c7:97:41:05:fd:02:
53:17:a9:08:ec:fb:98:d9:2e:1b:a7:82:1f:16:c4:
77:ff:6c:1e:d3:a0:a8:c5:c8:ae:38:3a:8a:a4:01:
b9:33:09:40:11:57:5c:5f:0a:5e:4d:92:a3:e7:93:
e3:fc:5c:11:c6:ce:1c:5d:97:c3:9a:78:e4:c5:d3:
c6:fa:01:bd:3f:fb:7d:3a:2f:cb:44:4d:b6:19:f4:
a3:37:ed:9e:99:ea:14:1f:5e:cb:45:e2:0b:d9:75:
b2:cd:cc:11:58:1a:32:45:c8:ab:90:97:bb:aa:37:
6e:39:93:2a:14:91:b1:a9:50:73:03:71:5a:d9:88:
1d:fc:1a:5c:f4:ac:a0:50:03:bc:80:b1:4a:48:8e:
ef:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:57:4C:6C:68:FE:A8:0E:9D:B7:29:90:BE:D8:C4:20:77:E1:4A:84
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/p1dMbGj-qA6dtymQvtjEIHfhSoQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.152.36.0/23
109.206.248.0/22
IPv6:
2a0c:9e06::/32
Signature Algorithm: sha256WithRSAEncryption
75:e9:4f:09:35:45:49:8b:b5:08:ff:38:63:ae:e9:88:65:b8:
7a:2b:29:72:08:83:dd:e9:2c:cf:35:8a:74:3d:9c:43:e4:47:
f9:c8:cf:a6:51:91:69:71:d7:b9:16:b2:54:22:d6:90:7e:51:
32:4e:e2:32:6f:20:9b:fa:d2:59:8c:b5:b3:81:de:82:62:26:
6b:68:d9:6f:8c:e8:01:32:79:f4:4d:b9:a6:d0:3e:cd:d9:b4:
35:8c:33:2e:27:68:62:75:c2:0e:2e:c1:3e:32:6a:58:cf:4e:
d4:c1:a9:08:b4:ba:37:c1:e0:60:c9:e1:38:e7:2d:42:3e:69:
6d:bc:b1:6a:4c:84:32:77:ae:0f:59:f2:2d:36:a9:73:48:fc:
12:4c:a8:72:fc:91:1b:47:05:48:71:7f:2e:30:aa:44:ea:11:
33:94:6e:de:b5:43:09:0c:1d:8c:da:9f:c2:5d:21:ce:23:57:
2b:11:2a:43:2f:62:d1:bb:bd:86:6f:e4:a5:18:06:4b:35:0a:
53:69:9c:31:b6:51:a7:d7:d8:e6:5c:3b:2f:2d:b4:c9:d3:59:
d8:a6:e2:7d:00:c7:fa:b9:3c:90:f1:11:e3:51:0a:bf:75:bb:
e8:42:1c:62:ca:41:40:7b:eb:d4:a4:f2:b4:8b:c5:47:4c:d2:
06:f6:c2:e6
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYNpTI6/SAjuimoQUyrI3PBgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjIwOTIzMDc0MjQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzU3NGM2YzY4ZmVhODBlOWRiNzI5OTBiZWQ4YzQyMDc3ZTE0YTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj4APUjbEDnAbWLoEZyZ8tZhPh0qP
bTzM3r68TKgXHeJdsb3EmlCbyilbBOkjhMRZA6anG4KC6atYeyQh0ftYsl8yrAEb
soT4x5hbAGonqXjNVpnNnJszOh6s7rTYqvHFGdszOVR340GSfhaNsNl1Tp3Hl0EF
/QJTF6kI7PuY2S4bp4IfFsR3/2we06CoxciuODqKpAG5MwlAEVdcXwpeTZKj55Pj
/FwRxs4cXZfDmnjkxdPG+gG9P/t9Oi/LRE22GfSjN+2emeoUH17LReIL2XWyzcwR
WBoyRcirkJe7qjduOZMqFJGxqVBzA3Fa2Ygd/Bpc9KygUAO8gLFKSI7vVQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKdXTGxo/qgOnbcpkL7YxCB34UqEMB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvcDFkTWJHai1xQTZkdHltUXZ0akVJSGZoU29RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBLZgkAwQC
bc74MA0EAgACMAcDBQAqDJ4GMA0GCSqGSIb3DQEBCwUAA4IBAQB16U8JNUVJi7UI
/zhjrumIZbh6KylyCIPd6SzPNYp0PZxD5Ef5yM+mUZFpcde5FrJUItaQflEyTuIy
byCb+tJZjLWzgd6CYiZraNlvjOgBMnn0Tbmm0D7N2bQ1jDMuJ2hidcIOLsE+MmpY
z07UwakItLo3weBgyeE45y1CPmltvLFqTIQyd64PWfItNqlzSPwSTKhy/JEbRwVI
cX8uMKpE6hEzlG7etUMJDB2M2p/CXSHOI1crESpDL2LRu72Gb+SlGAZLNQpTaZwx
tlGn19jmXDsvLbTJ01nYpuJ9AMf6uTyQ8RHjUQq/dbvoQhxiykFAe+vUpPK0i8VH
TNIG9sLm
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:17 2024 by rpki-client on console-ams.rpki-client.org