Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/Ctzq8ovYvdbEeE3FjTSre2dr3Lc.roa
File: Ctzq8ovYvdbEeE3FjTSre2dr3Lc.roa (raw, json)
Hash identifier: FPkJkb23bPbWWTeMS7V8cElKpWXIDig3VdemzW4MOuQ=
Subject key identifier: 0A:DC:EA:F2:8B:D8:BD:D6:C4:78:4D:C5:8D:34:AB:7B:67:6B:DC:B7
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 0182DAA5B6CF39A4C31BA9586737639F068E
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/Ctzq8ovYvdbEeE3FjTSre2dr3Lc.roa
Signing time: Fri 26 Aug 2022 14:54:29 +0000
ROA not before: Fri 26 Aug 2022 14:54:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 40676
IP address blocks: 45.134.37.0/24 maxlen: 24
45.134.38.0/24 maxlen: 24
152.89.253.0/24 maxlen: 24
45.80.192.0/24 maxlen: 24
45.10.20.0/24 maxlen: 24
45.135.150.0/24 maxlen: 24
45.137.69.0/24 maxlen: 24
45.147.4.0/24 maxlen: 24
45.91.249.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:da:a5:b6:cf:39:a4:c3:1b:a9:58:67:37:63:9f:06:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: Aug 26 14:54:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0adceaf28bd8bdd6c4784dc58d34ab7b676bdcb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:fb:9e:8a:39:67:c8:27:17:ba:d5:de:b2:95:
a4:d1:c9:ce:aa:f3:16:ba:d3:86:8f:0c:c1:c5:b7:
7f:20:38:a4:18:2f:c8:bd:3e:3b:0d:a4:d9:0c:05:
12:d2:61:49:c7:b6:52:e9:99:42:c2:d8:a7:49:28:
f5:0a:47:b5:ef:9b:89:ea:01:19:9c:ee:4b:6a:d6:
75:92:f0:31:7e:41:8d:4b:4b:c0:dd:d4:39:34:56:
de:4d:a0:15:17:a6:e7:ed:fa:3e:18:53:4e:b8:56:
f1:a3:20:ef:87:7b:85:ea:3d:7e:14:44:a8:0c:50:
ce:97:9e:4a:52:13:2d:a7:8f:49:3a:9a:58:0a:f7:
e8:52:0f:78:5c:cc:6d:e7:a1:11:9e:e0:93:72:5d:
66:f3:8e:98:6d:5a:4a:dc:7d:0d:c5:3d:42:bc:16:
a9:fe:8a:a3:b6:d0:fc:ac:c5:e9:ae:ce:05:c0:d7:
eb:11:08:38:f9:90:78:9e:26:5e:a1:15:79:72:ac:
4a:83:c7:8b:18:b6:ec:0b:84:f1:e0:1e:f3:a4:8e:
e9:47:c8:f3:d2:03:6c:f7:86:ca:bc:e7:3e:ea:25:
1e:42:a0:ba:7c:76:b6:eb:70:dc:f2:ea:3b:86:43:
f5:73:3d:3e:2b:a8:1f:1d:00:bf:ab:53:73:69:14:
00:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:DC:EA:F2:8B:D8:BD:D6:C4:78:4D:C5:8D:34:AB:7B:67:6B:DC:B7
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/Ctzq8ovYvdbEeE3FjTSre2dr3Lc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.20.0/24
45.80.192.0/24
45.91.249.0/24
45.134.37.0-45.134.38.255
45.135.150.0/24
45.137.69.0/24
45.147.4.0/24
152.89.253.0/24
Signature Algorithm: sha256WithRSAEncryption
28:24:50:66:89:68:d2:b5:10:31:84:f7:7b:2e:eb:4d:c4:d9:
97:23:32:97:bc:1d:b5:14:7d:ad:57:ed:d8:e3:98:dd:75:92:
5c:49:cc:5c:a2:0c:72:c6:b8:13:8f:88:9a:ef:e7:8d:c6:68:
03:3b:ed:47:6d:ef:04:58:ab:b7:8e:51:c2:09:6c:50:61:67:
c8:e3:ea:10:e0:ce:8e:cb:7e:b0:9a:7e:b0:a8:d3:ae:f7:33:
db:34:8f:9c:df:27:53:96:96:f3:46:36:ab:24:a7:e5:d1:cb:
b2:35:1e:6e:be:24:88:ca:58:d7:9b:ab:2e:41:92:64:5a:90:
38:b9:3a:f2:15:fa:0c:c9:92:30:26:d1:67:79:9a:97:65:ed:
66:1b:35:d0:42:d5:a6:d4:04:09:89:47:37:09:1e:1c:0a:cf:
d0:d5:23:a1:2e:56:c6:9d:1f:7d:e6:cc:83:c3:a6:bc:b1:19:
7f:25:ca:b2:72:15:d6:bf:d5:c8:e0:ba:ec:4c:c5:f0:50:90:
7f:cc:d9:7d:85:6c:1d:22:fc:d3:46:91:6b:ae:07:e9:2b:f2:
8d:ba:de:ac:25:cc:02:59:c3:e7:81:68:ca:02:f9:29:10:de:
bb:fd:e3:65:85:48:d9:94:e5:d1:9b:88:f7:4e:91:be:12:ca:
12:89:16:ac
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYLapbbPOaTDG6lYZzdjnwaOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjIwODI2MTQ1NDI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWRjZWFmMjhiZDhiZGQ2YzQ3ODRkYzU4ZDM0YWI3YjY3NmJkY2I3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtfueijlnyCcXutXespWk0cnOqvMW
utOGjwzBxbd/IDikGC/IvT47DaTZDAUS0mFJx7ZS6ZlCwtinSSj1Cke175uJ6gEZ
nO5LatZ1kvAxfkGNS0vA3dQ5NFbeTaAVF6bn7fo+GFNOuFbxoyDvh3uF6j1+FESo
DFDOl55KUhMtp49JOppYCvfoUg94XMxt56ERnuCTcl1m846YbVpK3H0NxT1CvBap
/oqjttD8rMXprs4FwNfrEQg4+ZB4niZeoRV5cqxKg8eLGLbsC4Tx4B7zpI7pR8jz
0gNs94bKvOc+6iUeQqC6fHa263Dc8uo7hkP1cz0+K6gfHQC/q1NzaRQAewIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFArc6vKL2L3WxHhNxY00q3tna9y3MB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvQ3R6cThvdll2ZGJFZUUzRmpUU3JlMmRyM0xjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQALQoUAwQA
LVDAAwQALVv5MAwDBAAthiUDBAAthiYDBAAth5YDBAAtiUUDBAAtkwQDBACYWf0w
DQYJKoZIhvcNAQELBQADggEBACgkUGaJaNK1EDGE93su603E2ZcjMpe8HbUUfa1X
7djjmN11klxJzFyiDHLGuBOPiJrv543GaAM77Udt7wRYq7eOUcIJbFBhZ8jj6hDg
zo7LfrCafrCo0673M9s0j5zfJ1OWlvNGNqskp+XRy7I1Hm6+JIjKWNebqy5BkmRa
kDi5OvIV+gzJkjAm0Wd5mpdl7WYbNdBC1abUBAmJRzcJHhwKz9DVI6EuVsadH33m
zIPDpryxGX8lyrJyFda/1cjguuxMxfBQkH/M2X2FbB0i/NNGkWuuB+kr8o263qwl
zAJZw+eBaMoC+SkQ3rv942WFSNmU5dGbiPdOkb4SyhKJFqw=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:19 2023 by rpki-client on console-ams.rpki-client.org