Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/BUdjSI8tQYi2N-aVHQvFbhBiiAk.roa
File: BUdjSI8tQYi2N-aVHQvFbhBiiAk.roa (raw, json)
Hash identifier: pSSKeICm8jF/Y3NZk8iZTNrSqFx5iA55NJJGrVGJLEg=
Subject key identifier: 05:47:63:48:8F:2D:41:88:B6:37:E6:95:1D:0B:C5:6E:10:62:88:09
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 0184EBA9BF3873A6F3130C3D23953B140F8B
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/BUdjSI8tQYi2N-aVHQvFbhBiiAk.roa
Signing time: Wed 07 Dec 2022 08:18:01 +0000
ROA not before: Wed 07 Dec 2022 08:18:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 40676
IP address blocks: 45.134.37.0/24 maxlen: 24
45.134.38.0/24 maxlen: 24
45.80.192.0/24 maxlen: 24
45.10.20.0/24 maxlen: 24
45.135.150.0/24 maxlen: 24
45.137.69.0/24 maxlen: 24
45.147.4.0/24 maxlen: 24
45.91.249.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:eb:a9:bf:38:73:a6:f3:13:0c:3d:23:95:3b:14:0f:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: Dec 7 08:18:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=054763488f2d4188b637e6951d0bc56e10628809
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:04:2e:e7:4e:56:04:77:69:3d:85:ee:a5:33:
91:da:76:61:8f:b4:0a:b5:e2:84:ff:38:9f:da:28:
7f:4b:5e:d2:cb:97:c5:75:7c:f7:b6:36:0b:43:af:
d1:b5:cf:76:85:23:ad:29:18:27:59:c3:d0:db:d6:
b5:b8:f5:8d:c9:eb:1b:1f:e4:c5:79:2a:79:18:d2:
22:c1:04:bd:85:c6:0a:ba:49:4d:0f:10:8c:28:ed:
d0:f3:94:d8:dd:8a:21:66:0b:e6:55:1d:5b:ce:b5:
2b:67:e8:e0:0a:a7:1c:95:be:73:ad:67:e7:e8:61:
69:8b:22:5c:36:0a:15:5d:47:a8:a7:69:31:3c:c3:
24:98:f8:32:72:e7:a5:58:b6:66:e7:8f:c8:a2:d9:
0d:97:c2:9a:db:00:cb:e9:13:d9:17:96:78:08:bc:
6d:35:23:d5:84:e9:94:7e:36:ff:eb:d8:b8:a9:87:
58:01:a7:a6:fb:0f:3d:45:fc:f5:41:b7:93:12:aa:
ae:bc:4f:d9:86:42:d5:82:d6:b9:2f:3d:a4:b0:43:
31:d0:bf:81:68:7c:00:3e:7b:ea:8b:e1:2d:14:ba:
ac:ad:e7:0e:7d:f7:bf:b1:7c:72:90:ad:88:5c:2d:
6b:c0:ad:7b:2d:28:62:a6:13:21:e6:a0:85:f1:2a:
3f:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:47:63:48:8F:2D:41:88:B6:37:E6:95:1D:0B:C5:6E:10:62:88:09
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/BUdjSI8tQYi2N-aVHQvFbhBiiAk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.20.0/24
45.80.192.0/24
45.91.249.0/24
45.134.37.0-45.134.38.255
45.135.150.0/24
45.137.69.0/24
45.147.4.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:59:84:71:23:f1:2b:55:dd:28:4d:fe:8e:55:34:4b:49:8b:
24:3b:90:9a:d6:53:ac:ab:5d:ca:b1:a6:3e:66:f6:85:77:dd:
b2:c3:52:4d:e1:e1:9e:a6:4b:d6:df:5d:55:aa:a5:cd:d0:50:
67:2d:a3:d5:73:a5:bb:53:77:4f:f5:f4:63:81:07:98:1c:d7:
ff:80:53:25:7f:f1:c9:21:3f:ef:dd:a5:af:bf:0e:ab:a3:6b:
e9:90:17:52:f2:8e:b9:51:ca:27:d3:10:ce:de:2b:eb:7f:f8:
b9:50:f3:77:2e:3b:4d:a7:b6:67:7b:7d:73:38:e0:14:e7:15:
bf:6f:46:8c:fa:3f:92:5a:b4:bd:3f:b8:e5:ca:07:f3:8b:33:
23:03:00:a6:d8:07:1d:ed:a8:f9:c7:f7:6a:48:ab:41:8e:cb:
0f:3b:7f:d3:95:8a:22:02:00:d8:33:0d:16:44:82:c2:74:c8:
eb:ee:fb:ef:93:ac:d5:60:d9:c7:30:88:63:f4:d2:2b:14:6e:
ed:63:aa:38:62:c7:f4:80:f8:5e:2f:30:f8:e5:62:3c:7b:6f:
01:dc:91:e4:86:9b:63:27:dd:04:89:60:44:b5:f8:39:f1:99:
18:72:0c:89:40:89:9e:99:63:06:a8:6f:1b:ac:02:a3:6b:f3:
77:02:6f:96
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYTrqb84c6bzEww9I5U7FA+LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjIxMjA3MDgxODAxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTQ3NjM0ODhmMmQ0MTg4YjYzN2U2OTUxZDBiYzU2ZTEwNjI4ODA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQQu505WBHdpPYXupTOR2nZhj7QK
teKE/zif2ih/S17Sy5fFdXz3tjYLQ6/Rtc92hSOtKRgnWcPQ29a1uPWNyesbH+TF
eSp5GNIiwQS9hcYKuklNDxCMKO3Q85TY3YohZgvmVR1bzrUrZ+jgCqcclb5zrWfn
6GFpiyJcNgoVXUeop2kxPMMkmPgycuelWLZm54/IotkNl8Ka2wDL6RPZF5Z4CLxt
NSPVhOmUfjb/69i4qYdYAaem+w89Rfz1QbeTEqquvE/ZhkLVgta5Lz2ksEMx0L+B
aHwAPnvqi+EtFLqsrecOffe/sXxykK2IXC1rwK17LShiphMh5qCF8So/QwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFAVHY0iPLUGItjfmlR0LxW4QYogJMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvQlVkalNJOHRRWWkyTi1hVkhRdkZiaEJpaUFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQALQoUAwQA
LVDAAwQALVv5MAwDBAAthiUDBAAthiYDBAAth5YDBAAtiUUDBAAtkwQwDQYJKoZI
hvcNAQELBQADggEBAKVZhHEj8StV3ShN/o5VNEtJiyQ7kJrWU6yrXcqxpj5m9oV3
3bLDUk3h4Z6mS9bfXVWqpc3QUGcto9VzpbtTd0/19GOBB5gc1/+AUyV/8ckhP+/d
pa+/Dquja+mQF1LyjrlRyifTEM7eK+t/+LlQ83cuO02ntmd7fXM44BTnFb9vRoz6
P5JatL0/uOXKB/OLMyMDAKbYBx3tqPnH92pIq0GOyw87f9OViiICANgzDRZEgsJ0
yOvu+++TrNVg2ccwiGP00isUbu1jqjhix/SA+F4vMPjlYjx7bwHckeSGm2Mn3QSJ
YES1+DnxmRhyDIlAiZ6ZYwaobxusAqNr83cCb5Y=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:13 2024 by rpki-client on console-ams.rpki-client.org