Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/daf960-d060-49fc-af42-dee292ea87a3/1/KKyaC2ieLl_7Mxq_8SjiQO7wjA0.roa
File: KKyaC2ieLl_7Mxq_8SjiQO7wjA0.roa (raw, json)
Hash identifier: cuPCtT/MsK3e9kj7Ehnl0IccesIZkkDDSS2iWrljV48=
Subject key identifier: 28:AC:9A:0B:68:9E:2E:5F:FB:33:1A:BF:F1:28:E2:40:EE:F0:8C:0D
Certificate issuer: /CN=8a1ce1d135bf2cf8e8c13f33ec11c8523703dc75
Certificate serial: 018325B398504C8AD2848E7E2BCD989CE22D
Authority key identifier: 8A:1C:E1:D1:35:BF:2C:F8:E8:C1:3F:33:EC:11:C8:52:37:03:DC:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ihzh0TW_LPjowT8z7BHIUjcD3HU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/daf960-d060-49fc-af42-dee292ea87a3/1/KKyaC2ieLl_7Mxq_8SjiQO7wjA0.roa
Signing time: Sat 10 Sep 2022 04:41:10 +0000
ROA not before: Sat 10 Sep 2022 04:41:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35489
IP address blocks: 45.133.100.0/24 maxlen: 24
45.133.101.0/24 maxlen: 24
193.8.4.0/24 maxlen: 24
193.8.4.0/23 maxlen: 23
193.8.5.0/24 maxlen: 24
193.8.6.0/24 maxlen: 24
193.8.7.0/24 maxlen: 24
2a0c:7cc0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:25:b3:98:50:4c:8a:d2:84:8e:7e:2b:cd:98:9c:e2:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a1ce1d135bf2cf8e8c13f33ec11c8523703dc75
Validity
Not Before: Sep 10 04:41:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=28ac9a0b689e2e5ffb331abff128e240eef08c0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:92:7f:0f:84:4c:42:d0:b8:0c:ef:f7:69:77:
f7:6b:2d:9d:34:f6:d7:31:3a:62:21:04:6c:91:1e:
e1:43:f3:49:9b:f6:4c:c2:54:23:46:1f:4b:48:10:
bc:d9:6d:04:0f:0a:83:e6:d9:2b:c6:c4:37:39:c0:
90:52:de:29:bb:8d:3b:a1:8a:f3:7c:cd:df:fb:28:
ae:56:2b:fe:24:a3:bb:ea:12:b0:1f:a3:41:94:ed:
fc:0d:1a:3a:47:a6:e6:5d:d7:00:c4:36:5e:82:e6:
f4:56:50:4d:1a:fd:16:b5:01:b8:12:26:da:b1:1c:
74:7e:81:5f:c8:d7:91:9a:3c:f3:c7:38:2b:f4:aa:
5d:e4:0c:a4:b2:4e:fe:af:7d:ee:d5:2f:43:b1:0d:
2b:1c:aa:3c:ff:6f:46:9b:a3:09:c7:fc:8a:d7:af:
cf:ba:fa:c0:fd:16:65:dc:cf:c4:2c:38:da:e6:44:
94:ad:3a:42:aa:51:01:d7:c1:cf:23:00:f2:71:56:
2c:ec:ba:8d:6f:ab:15:7d:ff:fd:1f:77:4a:ea:37:
94:c9:44:11:2f:13:5a:40:6f:97:69:62:66:61:4f:
07:1a:2a:46:99:ea:1c:70:13:cd:bf:f4:0f:ed:b3:
fc:7a:e6:13:17:01:ae:82:26:0d:8d:6e:f8:c5:60:
ce:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:AC:9A:0B:68:9E:2E:5F:FB:33:1A:BF:F1:28:E2:40:EE:F0:8C:0D
X509v3 Authority Key Identifier:
keyid:8A:1C:E1:D1:35:BF:2C:F8:E8:C1:3F:33:EC:11:C8:52:37:03:DC:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ihzh0TW_LPjowT8z7BHIUjcD3HU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/daf960-d060-49fc-af42-dee292ea87a3/1/KKyaC2ieLl_7Mxq_8SjiQO7wjA0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/daf960-d060-49fc-af42-dee292ea87a3/1/ihzh0TW_LPjowT8z7BHIUjcD3HU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.133.100.0/23
193.8.4.0/22
IPv6:
2a0c:7cc0::/48
Signature Algorithm: sha256WithRSAEncryption
07:0d:05:ae:57:c9:c1:f7:ed:aa:e6:f8:20:8a:fe:5e:d9:30:
14:c1:f0:9a:5f:7d:61:66:cc:fc:85:fd:c0:14:41:63:05:61:
b8:04:0e:e2:5d:24:c9:87:39:a5:18:16:3d:12:dd:7b:45:60:
88:ea:05:16:62:38:59:ff:f3:aa:36:37:e1:a5:18:9e:2a:89:
b9:57:f5:9e:3e:92:bb:41:f3:af:4f:0e:ae:80:04:e9:43:e7:
cc:53:cf:86:85:75:5e:f1:6c:80:e8:bc:26:61:e4:de:5e:c7:
c0:ef:86:17:f0:f9:a2:85:f5:7c:d4:b1:5c:e5:7d:db:81:3c:
3d:e0:69:b7:ee:36:f5:a9:c0:3d:97:7d:2f:ec:84:d4:38:e3:
e6:bd:a8:2c:1d:6e:9e:5b:12:a9:12:3b:48:14:a7:0e:9a:54:
a4:f1:cb:b1:cb:16:5a:05:cb:38:1b:6b:bb:64:23:75:47:35:
79:f0:c4:2c:f0:b8:5c:f2:4c:6b:23:d1:c1:b4:6d:15:38:44:
1e:6b:19:09:03:15:54:00:87:41:99:05:b9:7a:d1:44:b9:8e:
37:55:91:57:9d:be:d5:5c:f2:48:57:39:82:f0:2c:d7:47:6b:
db:70:4a:9a:f2:bf:10:24:ba:e0:8e:74:4f:7b:b5:c6:b7:8c:
fc:eb:d3:bd
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYMls5hQTIrShI5+K82YnOItMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhMWNlMWQxMzViZjJjZjhlOGMxM2YzM2VjMTFjODUyMzcw
M2RjNzUwHhcNMjIwOTEwMDQ0MTEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGFjOWEwYjY4OWUyZTVmZmIzMzFhYmZmMTI4ZTI0MGVlZjA4YzBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjJJ/D4RMQtC4DO/3aXf3ay2dNPbX
MTpiIQRskR7hQ/NJm/ZMwlQjRh9LSBC82W0EDwqD5tkrxsQ3OcCQUt4pu407oYrz
fM3f+yiuViv+JKO76hKwH6NBlO38DRo6R6bmXdcAxDZegub0VlBNGv0WtQG4Eiba
sRx0foFfyNeRmjzzxzgr9Kpd5Ayksk7+r33u1S9DsQ0rHKo8/29Gm6MJx/yK16/P
uvrA/RZl3M/ELDja5kSUrTpCqlEB18HPIwDycVYs7LqNb6sVff/9H3dK6jeUyUQR
LxNaQG+XaWJmYU8HGipGmeoccBPNv/QP7bP8euYTFwGugiYNjW74xWDOcQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFCismgtoni5f+zMav/Eo4kDu8IwNMB8GA1UdIwQY
MBaAFIoc4dE1vyz46ME/M+wRyFI3A9x1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWh6aDBUV19MUGpvd1Q4ejdCSElVamNEM0hVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9kYWY5NjAtZDA2MC00OWZjLWFmNDIt
ZGVlMjkyZWE4N2EzLzEvS0t5YUMyaWVMbF83TXhxXzhTamlRTzd3akEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9kYWY5NjAtZDA2MC00OWZjLWFmNDItZGVlMjkyZWE4N2Ez
LzEvaWh6aDBUV19MUGpvd1Q4ejdCSElVamNEM0hVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQBLYVkAwQC
wQgEMA8EAgACMAkDBwAqDHzAAAAwDQYJKoZIhvcNAQELBQADggEBAAcNBa5XycH3
7arm+CCK/l7ZMBTB8JpffWFmzPyF/cAUQWMFYbgEDuJdJMmHOaUYFj0S3XtFYIjq
BRZiOFn/86o2N+GlGJ4qiblX9Z4+krtB869PDq6ABOlD58xTz4aFdV7xbIDovCZh
5N5ex8Dvhhfw+aKF9XzUsVzlfduBPD3gabfuNvWpwD2XfS/shNQ44+a9qCwdbp5b
EqkSO0gUpw6aVKTxy7HLFloFyzgba7tkI3VHNXnwxCzwuFzyTGsj0cG0bRU4RB5r
GQkDFVQAh0GZBbl60US5jjdVkVedvtVc8khXOYLwLNdHa9twSpryvxAkuuCOdE97
tca3jPzr070=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:32 2023 by rpki-client on console-ams.rpki-client.org