Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/0fa602-f6b8-47ae-bf06-7da89cda9f71/1/MFQtFSjQF1g9oMTTOZCyrYS1k6E.roa
File: MFQtFSjQF1g9oMTTOZCyrYS1k6E.roa (raw, json)
Hash identifier: zK6la/Lj/6JZuv7TtlgGPW3mPnm7WvuTe9Ukl9GrCm4=
Subject key identifier: 30:54:2D:15:28:D0:17:58:3D:A0:C4:D3:39:90:B2:AD:84:B5:93:A1
Certificate issuer: /CN=5871720a8884167fef82a49267661fb346d7561a
Certificate serial: 072E2B76
Authority key identifier: 58:71:72:0A:88:84:16:7F:EF:82:A4:92:67:66:1F:B3:46:D7:56:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WHFyCoiEFn_vgqSSZ2Yfs0bXVho.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/0fa602-f6b8-47ae-bf06-7da89cda9f71/1/MFQtFSjQF1g9oMTTOZCyrYS1k6E.roa
Signing time: Sat 01 Jan 2022 01:50:53 +0000
ROA not before: Sat 01 Jan 2022 01:50:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208070
IP address blocks: 45.159.169.0/24 maxlen: 24
45.159.168.0/24 maxlen: 24
45.159.171.0/24 maxlen: 24
45.159.170.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 120466294 (0x72e2b76)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5871720a8884167fef82a49267661fb346d7561a
Validity
Not Before: Jan 1 01:50:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=30542d1528d017583da0c4d33990b2ad84b593a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:58:6c:9d:5a:0e:8f:21:5d:6e:3a:65:61:cb:
4a:eb:1b:f9:2b:3a:9c:6a:d9:4a:70:98:0d:08:3e:
19:b1:ce:7a:52:9f:c5:d0:e9:55:43:ce:45:16:23:
4d:e3:e1:a4:69:7a:ae:ae:f0:1d:6e:75:eb:8b:7d:
06:2d:86:c9:25:57:c3:5a:e9:05:5a:42:ef:f1:7b:
26:e2:a5:7f:92:0c:ad:89:78:fe:68:a8:14:88:b0:
bf:57:73:e7:28:6f:1e:1e:8f:8d:d5:be:59:cd:c3:
1d:9e:7b:1c:9f:18:ac:71:41:4d:4d:0d:c0:fe:88:
bd:9d:b5:09:82:67:16:69:c4:3b:c2:a8:3c:c5:e2:
d9:6e:4b:fc:87:3a:fd:45:62:5a:10:d5:91:67:51:
1c:71:72:88:6d:ca:9d:a5:b3:13:d6:5f:b6:98:83:
b4:89:b4:50:b9:c8:b2:53:98:b0:b3:30:99:07:d8:
ce:06:2f:ed:ac:1e:6d:be:4b:85:45:85:f6:50:07:
08:bb:92:19:57:2e:7f:e1:45:4d:00:82:5b:ce:91:
09:27:b9:ad:f9:54:bf:ad:aa:c4:4b:45:d1:82:70:
db:15:5b:91:47:c4:15:0f:c6:ac:26:79:0a:50:e2:
21:5e:83:7a:53:88:9e:df:1b:4c:a6:f5:3d:3c:26:
30:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:54:2D:15:28:D0:17:58:3D:A0:C4:D3:39:90:B2:AD:84:B5:93:A1
X509v3 Authority Key Identifier:
keyid:58:71:72:0A:88:84:16:7F:EF:82:A4:92:67:66:1F:B3:46:D7:56:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WHFyCoiEFn_vgqSSZ2Yfs0bXVho.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/0fa602-f6b8-47ae-bf06-7da89cda9f71/1/MFQtFSjQF1g9oMTTOZCyrYS1k6E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/0fa602-f6b8-47ae-bf06-7da89cda9f71/1/WHFyCoiEFn_vgqSSZ2Yfs0bXVho.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.168.0/22
Signature Algorithm: sha256WithRSAEncryption
84:17:7f:b3:1c:6f:d6:ed:47:f5:36:4a:1a:29:8e:4d:7c:a4:
d4:49:8f:9e:cc:a5:a5:60:c9:72:22:3d:55:3b:03:be:70:f8:
57:3c:92:36:d7:6f:38:dd:53:2d:65:19:9f:e3:d9:39:67:7a:
85:b3:e2:6b:51:d5:1b:28:e8:f0:af:e0:c9:b4:7d:09:b4:8a:
0e:98:ac:b1:de:a4:5a:20:43:8d:ef:a4:96:ab:da:91:d9:e9:
ee:56:66:2a:92:48:cf:e4:82:c1:de:d2:2a:17:ee:79:4c:36:
18:ad:d9:51:95:a0:a0:94:e1:26:0b:2a:8f:62:80:33:f6:76:
03:44:09:85:f3:f6:a9:06:f0:31:07:63:56:7d:56:dc:e6:0f:
76:e5:56:60:ff:ed:5d:b6:b4:dc:91:f6:cd:11:62:d7:ac:63:
7d:8d:9e:af:fa:f8:9e:c9:fe:9e:17:95:5b:74:dc:bf:1e:79:
49:7c:7f:2c:bd:69:7c:6d:91:40:97:eb:f1:e5:6e:90:04:77:
a0:68:ea:e0:4c:e9:3e:79:da:f8:38:60:1f:cf:16:d7:43:37:
bb:35:d2:e2:b4:d8:0e:0b:7a:3d:8b:d6:b5:3c:4c:97:d8:8c:
70:6e:32:5c:db:8c:2d:ea:55:3c:43:d9:9e:cd:ff:de:84:bb:
6f:e3:29:07
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBy4rdjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
ODcxNzIwYTg4ODQxNjdmZWY4MmE0OTI2NzY2MWZiMzQ2ZDc1NjFhMB4XDTIyMDEw
MTAxNTA1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzA1NDJkMTUyOGQw
MTc1ODNkYTBjNGQzMzk5MGIyYWQ4NGI1OTNhMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPNYbJ1aDo8hXW46ZWHLSusb+Ss6nGrZSnCYDQg+GbHOelKf
xdDpVUPORRYjTePhpGl6rq7wHW5164t9Bi2GySVXw1rpBVpC7/F7JuKlf5IMrYl4
/mioFIiwv1dz5yhvHh6PjdW+Wc3DHZ57HJ8YrHFBTU0NwP6IvZ21CYJnFmnEO8Ko
PMXi2W5L/Ic6/UViWhDVkWdRHHFyiG3KnaWzE9ZftpiDtIm0ULnIslOYsLMwmQfY
zgYv7awebb5LhUWF9lAHCLuSGVcuf+FFTQCCW86RCSe5rflUv62qxEtF0YJw2xVb
kUfEFQ/GrCZ5ClDiIV6DelOInt8bTKb1PTwmMHMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQwVC0VKNAXWD2gxNM5kLKthLWToTAfBgNVHSMEGDAWgBRYcXIKiIQWf++C
pJJnZh+zRtdWGjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1dIRnlDb2lFRm5fdmdxU1NaMllmczBiWFZoby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTUvMGZhNjAyLWY2YjgtNDdhZS1iZjA2LTdkYTg5Y2RhOWY3MS8x
L01GUXRGU2pRRjFnOW9NVFRPWkN5cllTMWs2RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTUv
MGZhNjAyLWY2YjgtNDdhZS1iZjA2LTdkYTg5Y2RhOWY3MS8xL1dIRnlDb2lFRm5f
dmdxU1NaMllmczBiWFZoby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi2fqDANBgkqhkiG9w0BAQsFAAOC
AQEAhBd/sxxv1u1H9TZKGimOTXyk1EmPnsylpWDJciI9VTsDvnD4VzySNtdvON1T
LWUZn+PZOWd6hbPia1HVGyjo8K/gybR9CbSKDpissd6kWiBDje+klqvakdnp7lZm
KpJIz+SCwd7SKhfueUw2GK3ZUZWgoJThJgsqj2KAM/Z2A0QJhfP2qQbwMQdjVn1W
3OYPduVWYP/tXba03JH2zRFi16xjfY2er/r4nsn+nheVW3Tcvx55SXx/LL1pfG2R
QJfr8eVukAR3oGjq4EzpPnna+DhgH88W10M3uzXS4rTYDgt6PYvWtTxMl9iMcG4y
XNuMLepVPEPZns3/3oS7b+MpBw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:26 2023 by rpki-client on console-fra.rpki-client.org