Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/a5a6b3-3ec3-487e-aba0-b8b1e4b4ecb9/1/lIgDAHyKxwbf1xraXcki7RqPZWE.roa
File: lIgDAHyKxwbf1xraXcki7RqPZWE.roa (raw, json)
Hash identifier: 31XhFrGYyY0xgVVrjZhNP/4/iBaPtkiMooXhb9VVtVE=
Subject key identifier: 94:88:03:00:7C:8A:C7:06:DF:D7:1A:DA:5D:C9:22:ED:1A:8F:65:61
Certificate issuer: /CN=b520a204f4e09cc83a6258d7aa44f7d2f0fa44a0
Certificate serial: 01B8232C
Authority key identifier: B5:20:A2:04:F4:E0:9C:C8:3A:62:58:D7:AA:44:F7:D2:F0:FA:44:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tSCiBPTgnMg6YljXqkT30vD6RKA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/a5a6b3-3ec3-487e-aba0-b8b1e4b4ecb9/1/lIgDAHyKxwbf1xraXcki7RqPZWE.roa
Signing time: Sat 01 Jan 2022 03:51:46 +0000
ROA not before: Sat 01 Jan 2022 03:51:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202365
IP address blocks: 45.153.248.0/22 maxlen: 24
185.170.9.0/24 maxlen: 24
2a10:f9c0::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 28844844 (0x1b8232c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b520a204f4e09cc83a6258d7aa44f7d2f0fa44a0
Validity
Not Before: Jan 1 03:51:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=948803007c8ac706dfd71ada5dc922ed1a8f6561
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:71:26:b0:ff:9f:f4:d2:49:e1:74:86:c4:0c:
d8:70:88:ff:e6:d2:94:1f:b1:85:35:7a:99:ad:7f:
31:46:55:81:c2:99:98:fb:34:0c:8f:81:13:b3:3e:
47:e7:36:c8:ea:ba:17:84:a4:d3:17:ac:19:8e:83:
f7:c4:50:5b:b0:6a:2f:4e:de:8b:1f:3d:12:3f:9f:
cc:42:a5:d9:12:ab:57:dd:34:9b:e6:35:78:29:e8:
54:d9:28:e0:19:b1:ab:2f:0e:78:34:d0:47:7f:cd:
1f:8f:20:fb:28:94:b5:bf:ca:84:90:31:3c:a7:79:
2f:32:75:82:ff:00:4d:83:33:20:83:4b:ed:e1:4c:
0e:78:b8:4d:cb:50:7c:d4:59:af:c8:7d:27:b5:ca:
10:2c:69:bc:b2:11:9a:55:3d:8f:f0:21:66:cd:30:
33:1a:b8:f5:2c:d4:b8:c3:ad:83:ea:2b:0a:60:b4:
bc:13:87:c9:44:95:b3:04:e3:4d:bc:9f:88:93:54:
21:ff:57:0c:3c:f4:90:59:15:c5:6f:a5:a2:de:db:
ca:fa:2e:27:da:09:61:4f:ed:df:5d:ed:f4:9d:c7:
3f:72:99:b7:12:2b:77:ea:d9:2a:9c:a8:e8:b3:7e:
64:7b:19:ae:b6:f4:72:aa:7d:e4:e3:21:d6:fc:5c:
0b:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:88:03:00:7C:8A:C7:06:DF:D7:1A:DA:5D:C9:22:ED:1A:8F:65:61
X509v3 Authority Key Identifier:
keyid:B5:20:A2:04:F4:E0:9C:C8:3A:62:58:D7:AA:44:F7:D2:F0:FA:44:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tSCiBPTgnMg6YljXqkT30vD6RKA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/a5a6b3-3ec3-487e-aba0-b8b1e4b4ecb9/1/lIgDAHyKxwbf1xraXcki7RqPZWE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/a5a6b3-3ec3-487e-aba0-b8b1e4b4ecb9/1/tSCiBPTgnMg6YljXqkT30vD6RKA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.248.0/22
185.170.9.0/24
IPv6:
2a10:f9c0::/29
Signature Algorithm: sha256WithRSAEncryption
2a:a9:aa:9b:b7:25:eb:a6:c3:08:31:ae:0c:87:14:22:33:44:
c6:7c:79:4b:0a:27:b3:23:eb:ba:ab:30:9d:4f:fa:a8:96:86:
6f:26:33:25:ab:64:a7:51:aa:7c:9a:8a:ee:d8:7f:f4:0a:48:
f5:14:ef:14:66:f1:db:07:e5:81:c9:f5:ca:0f:3f:f7:dc:7f:
73:0b:80:64:a1:72:8f:cb:68:f1:b5:6b:43:17:a5:b3:41:15:
a1:7a:46:f8:aa:c1:3c:f0:1c:48:c1:41:e2:e1:ba:99:4f:12:
83:f4:10:28:70:85:4d:4c:a0:46:b9:98:d6:17:78:10:6a:fe:
22:6e:39:dc:fc:77:b8:a8:41:98:d7:a1:3c:56:1f:42:8e:1d:
09:87:2b:bf:12:90:17:7c:72:de:9d:a1:f4:95:f3:8b:9b:18:
39:76:1b:da:12:ab:4f:7c:be:15:6e:02:ca:b2:71:1f:0b:95:
9f:fa:0b:a7:46:88:6e:ec:56:3b:4e:cf:c0:f4:ee:59:4b:ab:
cf:a7:a8:14:bc:ee:50:96:3e:b9:b4:72:6d:39:62:92:48:2f:
ac:c6:e6:1d:23:88:1a:f6:6c:a2:8f:6c:f7:af:33:c5:76:dc:
5c:59:6c:57:19:f7:86:fd:ed:21:47:4f:dc:0d:1e:a2:83:1b:
89:74:37:82
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEAbgjLDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NTIwYTIwNGY0ZTA5Y2M4M2E2MjU4ZDdhYTQ0ZjdkMmYwZmE0NGEwMB4XDTIyMDEw
MTAzNTE0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTQ4ODAzMDA3Yzhh
YzcwNmRmZDcxYWRhNWRjOTIyZWQxYThmNjU2MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMVxJrD/n/TSSeF0hsQM2HCI/+bSlB+xhTV6ma1/MUZVgcKZ
mPs0DI+BE7M+R+c2yOq6F4Sk0xesGY6D98RQW7BqL07eix89Ej+fzEKl2RKrV900
m+Y1eCnoVNko4Bmxqy8OeDTQR3/NH48g+yiUtb/KhJAxPKd5LzJ1gv8ATYMzIINL
7eFMDni4TctQfNRZr8h9J7XKECxpvLIRmlU9j/AhZs0wMxq49SzUuMOtg+orCmC0
vBOHyUSVswTjTbyfiJNUIf9XDDz0kFkVxW+lot7byvouJ9oJYU/t313t9J3HP3KZ
txIrd+rZKpyo6LN+ZHsZrrb0cqp95OMh1vxcC68CAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBSUiAMAfIrHBt/XGtpdySLtGo9lYTAfBgNVHSMEGDAWgBS1IKIE9OCcyDpi
WNeqRPfS8PpEoDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RTQ2lCUFRnbk1nNllsalhxa1QzMHZENlJLQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTQvYTVhNmIzLTNlYzMtNDg3ZS1hYmEwLWI4YjFlNGI0ZWNiOS8x
L2xJZ0RBSHlLeHdiZjF4cmFYY2tpN1JxUFpXRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTQv
YTVhNmIzLTNlYzMtNDg3ZS1hYmEwLWI4YjFlNGI0ZWNiOS8xL3RTQ2lCUFRnbk1n
Nllsalhxa1QzMHZENlJLQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAi2Z+AMEALmqCTANBAIAAjAHAwUD
KhD5wDANBgkqhkiG9w0BAQsFAAOCAQEAKqmqm7cl66bDCDGuDIcUIjNExnx5Swon
syPruqswnU/6qJaGbyYzJatkp1GqfJqK7th/9ApI9RTvFGbx2wflgcn1yg8/99x/
cwuAZKFyj8to8bVrQxels0EVoXpG+KrBPPAcSMFB4uG6mU8Sg/QQKHCFTUygRrmY
1hd4EGr+Im453Px3uKhBmNehPFYfQo4dCYcrvxKQF3xy3p2h9JXzi5sYOXYb2hKr
T3y+FW4CyrJxHwuVn/oLp0aIbuxWO07PwPTuWUurz6eoFLzuUJY+ubRybTlikkgv
rMbmHSOIGvZsoo9s968zxXbcXFlsVxn3hv3tIUdP3A0eooMbiXQ3gg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:14 2023 by rpki-client on console-ams.rpki-client.org