Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/4b9ccf-7535-45dd-bd97-0b5ecb474f15/1/7H086mn58XpTG-HMQaQe8AV5f7k.roa
File: 7H086mn58XpTG-HMQaQe8AV5f7k.roa (raw, json)
Hash identifier: 0Y3GaGHJFulB7F0qSte3arjkWB0AChTbSWFfRHBuFGg=
Subject key identifier: EC:7D:3C:EA:69:F9:F1:7A:53:1B:E1:CC:41:A4:1E:F0:05:79:7F:B9
Certificate issuer: /CN=de2921989d7d90c64ebb35658831fe6a8f49c938
Certificate serial: 0184B54B242333C278F7035E75A413FF99BC
Authority key identifier: DE:29:21:98:9D:7D:90:C6:4E:BB:35:65:88:31:FE:6A:8F:49:C9:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3ikhmJ19kMZOuzVliDH-ao9JyTg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/4b9ccf-7535-45dd-bd97-0b5ecb474f15/1/7H086mn58XpTG-HMQaQe8AV5f7k.roa
Signing time: Sat 26 Nov 2022 18:55:11 +0000
ROA not before: Sat 26 Nov 2022 18:55:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12293
IP address blocks: 45.132.64.0/22 maxlen: 22
2a0c:1180::/40 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:b5:4b:24:23:33:c2:78:f7:03:5e:75:a4:13:ff:99:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de2921989d7d90c64ebb35658831fe6a8f49c938
Validity
Not Before: Nov 26 18:55:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ec7d3cea69f9f17a531be1cc41a41ef005797fb9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:e7:cb:76:0f:33:57:ea:18:b6:f6:c0:af:34:
c4:44:12:db:15:c2:15:cc:a4:23:a5:a6:09:b4:1d:
e7:c1:97:d5:65:03:db:6e:f7:23:f8:fa:98:39:eb:
a9:0b:15:0a:5d:b7:aa:6e:dc:85:1d:2e:29:74:0a:
ba:08:97:4d:05:c3:e6:b2:79:ea:1f:33:7e:54:5a:
1c:ab:c9:66:dc:06:d3:1e:35:f5:6c:15:42:2c:d0:
93:fb:a7:78:f9:0f:d3:73:b3:66:ea:ee:f9:82:97:
98:e5:ab:fa:2b:8b:23:e9:9c:af:dc:fc:8e:63:59:
0e:6b:47:1b:7f:94:43:10:d1:8c:67:aa:39:26:24:
54:a7:76:5e:e2:46:7e:14:97:f9:f0:13:ea:59:8b:
3d:47:5f:76:74:6e:13:ef:22:9b:55:41:37:67:3e:
f6:d8:e5:44:b9:7c:81:7e:a6:a1:e5:b7:79:93:c2:
75:d5:cf:75:76:04:76:9a:db:df:fe:86:f7:99:ef:
98:a2:5f:f5:7d:6f:ae:11:de:3d:0c:d2:2f:67:29:
79:5a:c8:47:df:23:34:fd:c9:cf:7f:9f:a3:5f:e7:
76:19:d6:00:4d:f2:ef:f9:8b:4d:ca:6d:d8:5d:10:
74:ac:06:ed:ba:8f:b8:59:8b:2d:e3:f8:83:17:40:
9b:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:7D:3C:EA:69:F9:F1:7A:53:1B:E1:CC:41:A4:1E:F0:05:79:7F:B9
X509v3 Authority Key Identifier:
keyid:DE:29:21:98:9D:7D:90:C6:4E:BB:35:65:88:31:FE:6A:8F:49:C9:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ikhmJ19kMZOuzVliDH-ao9JyTg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/4b9ccf-7535-45dd-bd97-0b5ecb474f15/1/7H086mn58XpTG-HMQaQe8AV5f7k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/4b9ccf-7535-45dd-bd97-0b5ecb474f15/1/3ikhmJ19kMZOuzVliDH-ao9JyTg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.64.0/22
IPv6:
2a0c:1180::/40
Signature Algorithm: sha256WithRSAEncryption
c9:d8:c1:ed:0b:99:82:6c:ae:b0:aa:7c:13:8a:9d:cd:5e:7f:
90:13:2c:b8:2a:7f:91:c4:0b:1a:2d:67:42:82:5a:e7:e8:61:
d1:d2:81:40:1c:f0:3a:f8:b6:ad:f9:6e:39:95:74:9e:61:75:
51:63:6a:17:ce:eb:f1:27:13:80:48:7e:06:9e:c4:7c:2c:18:
6c:cb:12:ac:0e:cf:22:51:5f:8d:da:44:ee:5a:2f:07:b9:fb:
84:fb:d8:d7:65:d9:77:15:1d:35:ed:b6:5b:09:ce:95:c0:93:
b1:aa:b6:94:b1:45:a1:83:c0:cf:1e:c4:95:25:be:ec:8e:60:
05:f6:4d:a4:17:20:ef:a0:25:79:52:45:47:60:d3:ac:3b:d8:
d3:73:51:e7:a0:1f:73:71:c6:9a:a4:10:b2:35:8d:30:1f:97:
9f:31:73:96:10:3b:96:39:73:84:b5:02:4a:51:e5:b4:7d:24:
7b:d4:af:c1:05:67:67:95:5e:4b:70:2d:cb:c0:b1:06:d3:5a:
80:e5:04:15:93:07:da:d6:88:93:d7:1b:5f:83:82:76:76:35:
e7:5d:96:9e:ca:5e:ec:ba:7b:fb:5b:41:fa:eb:ef:00:ce:e4:
33:1d:fd:8e:0c:a7:40:08:25:88:b3:c9:2b:76:72:96:e5:8b:
6c:85:2f:af
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYS1SyQjM8J49wNedaQT/5m8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlMjkyMTk4OWQ3ZDkwYzY0ZWJiMzU2NTg4MzFmZTZhOGY0
OWM5MzgwHhcNMjIxMTI2MTg1NTExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzdkM2NlYTY5ZjlmMTdhNTMxYmUxY2M0MWE0MWVmMDA1Nzk3ZmI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkOfLdg8zV+oYtvbArzTERBLbFcIV
zKQjpaYJtB3nwZfVZQPbbvcj+PqYOeupCxUKXbeqbtyFHS4pdAq6CJdNBcPmsnnq
HzN+VFocq8lm3AbTHjX1bBVCLNCT+6d4+Q/Tc7Nm6u75gpeY5av6K4sj6Zyv3PyO
Y1kOa0cbf5RDENGMZ6o5JiRUp3Ze4kZ+FJf58BPqWYs9R192dG4T7yKbVUE3Zz72
2OVEuXyBfqah5bd5k8J11c91dgR2mtvf/ob3me+Yol/1fW+uEd49DNIvZyl5WshH
3yM0/cnPf5+jX+d2GdYATfLv+YtNym3YXRB0rAbtuo+4WYst4/iDF0Cb5wIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFOx9POpp+fF6UxvhzEGkHvAFeX+5MB8GA1UdIwQY
MBaAFN4pIZidfZDGTrs1ZYgx/mqPSck4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2lraG1KMTlrTVpPdXpWbGlESC1hbzlKeVRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS80YjljY2YtNzUzNS00NWRkLWJkOTct
MGI1ZWNiNDc0ZjE1LzEvN0gwODZtbjU4WHBURy1ITVFhUWU4QVY1ZjdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS80YjljY2YtNzUzNS00NWRkLWJkOTctMGI1ZWNiNDc0ZjE1
LzEvM2lraG1KMTlrTVpPdXpWbGlESC1hbzlKeVRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQCLYRAMA4E
AgACMAgDBgAqDBGAADANBgkqhkiG9w0BAQsFAAOCAQEAydjB7QuZgmyusKp8E4qd
zV5/kBMsuCp/kcQLGi1nQoJa5+hh0dKBQBzwOvi2rfluOZV0nmF1UWNqF87r8ScT
gEh+Bp7EfCwYbMsSrA7PIlFfjdpE7lovB7n7hPvY12XZdxUdNe22WwnOlcCTsaq2
lLFFoYPAzx7ElSW+7I5gBfZNpBcg76AleVJFR2DTrDvY03NR56Afc3HGmqQQsjWN
MB+XnzFzlhA7ljlzhLUCSlHltH0ke9SvwQVnZ5VeS3Aty8CxBtNagOUEFZMH2taI
k9cbX4OCdnY1512Wnspe7Lp7+1tB+uvvAM7kMx39jgynQAgliLPJK3ZyluWLbIUv
rw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:20 2024 by rpki-client on console-fra.rpki-client.org