Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/M5lYtos0z5ayu3VKgZRQ0pazXGo.roa
File: M5lYtos0z5ayu3VKgZRQ0pazXGo.roa (raw, json)
Hash identifier: D02KVLnchO4+tbTIGSkQ59o6JVcX7UDS6pMN6HBEM1Y=
Subject key identifier: 33:99:58:B6:8B:34:CF:96:B2:BB:75:4A:81:94:50:D2:96:B3:5C:6A
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 01830E25185288CBB9A6CFCC4A641D4EFAC0
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/M5lYtos0z5ayu3VKgZRQ0pazXGo.roa
Signing time: Mon 05 Sep 2022 14:54:15 +0000
ROA not before: Mon 05 Sep 2022 14:54:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 397525
IP address blocks: 45.13.226.0/24 maxlen: 24
45.147.7.0/24 maxlen: 24
45.84.197.0/24 maxlen: 24
45.145.225.0/24 maxlen: 24
45.145.224.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:0e:25:18:52:88:cb:b9:a6:cf:cc:4a:64:1d:4e:fa:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: Sep 5 14:54:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=339958b68b34cf96b2bb754a819450d296b35c6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:93:eb:77:52:40:37:6e:ae:2d:b3:10:a1:55:
08:58:07:79:7d:30:ce:f5:31:0b:3c:e6:8f:88:b5:
fc:9e:40:ba:fe:30:c9:54:08:65:55:97:1c:3f:e4:
a3:db:0c:fe:ea:51:2c:f0:72:df:c7:55:ae:14:9e:
41:f2:00:57:f9:cc:63:87:2e:11:46:ba:d8:ad:62:
7f:ac:26:ce:c2:5d:b5:74:2f:bb:79:96:f8:ad:bb:
ad:81:e5:ff:24:e1:81:52:64:d8:93:31:05:28:bd:
d3:db:2d:21:e2:9f:b8:94:62:c9:9e:d2:2e:cd:fe:
a4:ba:76:25:1b:58:94:2e:41:61:7a:32:ec:f1:c4:
17:0e:9a:2d:00:56:50:d7:e8:60:d2:6c:39:34:91:
f2:b4:e4:f6:41:b4:4c:5f:08:eb:25:29:97:53:28:
85:d0:fe:52:c4:78:2c:40:83:c6:8d:b0:bd:95:07:
79:13:41:21:cf:14:7f:2e:e3:b2:21:61:bc:3e:8f:
0c:1d:f0:c7:13:2d:21:13:14:da:a5:50:cc:70:4b:
db:a4:d2:08:36:84:8b:40:1c:39:5f:fc:65:8a:11:
21:68:b0:66:c4:8d:b0:9b:64:28:61:29:88:f3:03:
67:13:db:ae:b0:89:a2:6f:b6:67:73:66:7f:51:cd:
59:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:99:58:B6:8B:34:CF:96:B2:BB:75:4A:81:94:50:D2:96:B3:5C:6A
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/M5lYtos0z5ayu3VKgZRQ0pazXGo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.226.0/24
45.84.197.0/24
45.145.224.0/23
45.147.7.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:04:59:aa:91:71:ba:70:a1:31:9d:89:a4:bd:e1:04:64:09:
4a:88:fd:88:f2:a4:0b:fa:8d:27:a2:5a:c6:cc:ed:57:88:85:
5c:d5:b8:8b:cb:96:ca:e4:56:4c:4b:1d:6a:6c:ce:22:ea:7c:
05:46:37:a0:5e:e6:8a:94:42:4a:64:a5:b3:55:03:cb:7c:31:
6c:8c:7d:aa:94:01:58:79:94:1d:08:23:c3:4e:e6:ad:87:d3:
bd:26:da:99:f5:0c:9d:30:b9:07:69:42:b8:5d:52:11:89:4d:
00:85:3f:b2:75:82:8a:ad:ee:5c:7a:0d:dc:2a:96:fc:7e:eb:
0d:94:45:07:64:3a:42:36:3f:2a:8c:6a:e9:70:42:25:06:3b:
a4:a5:69:90:8e:bf:30:4d:7c:a9:31:d4:a0:15:4e:ca:4b:0b:
f4:4f:35:dc:a6:c6:91:a3:54:cf:2e:33:41:a2:35:4e:a3:99:
a3:fc:9f:3b:e8:3d:40:51:a9:f8:4d:9f:cf:03:6a:c0:3d:30:
bd:fa:cc:cf:0d:2d:b1:c4:d8:cc:96:06:da:e1:2e:5d:4b:8e:
8a:c4:77:86:2a:59:e0:40:15:b5:6b:23:29:23:7e:5e:29:a8:
9f:8e:f8:b2:5c:04:31:d4:24:a5:c3:6b:57:c2:6c:b5:f6:fd:
87:bf:81:ff
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYMOJRhSiMu5ps/MSmQdTvrAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjIwOTA1MTQ1NDE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzk5NThiNjhiMzRjZjk2YjJiYjc1NGE4MTk0NTBkMjk2YjM1YzZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo5Prd1JAN26uLbMQoVUIWAd5fTDO
9TELPOaPiLX8nkC6/jDJVAhlVZccP+Sj2wz+6lEs8HLfx1WuFJ5B8gBX+cxjhy4R
RrrYrWJ/rCbOwl21dC+7eZb4rbutgeX/JOGBUmTYkzEFKL3T2y0h4p+4lGLJntIu
zf6kunYlG1iULkFhejLs8cQXDpotAFZQ1+hg0mw5NJHytOT2QbRMXwjrJSmXUyiF
0P5SxHgsQIPGjbC9lQd5E0EhzxR/LuOyIWG8Po8MHfDHEy0hExTapVDMcEvbpNII
NoSLQBw5X/xlihEhaLBmxI2wm2QoYSmI8wNnE9uusImib7Znc2Z/Uc1ZLwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDOZWLaLNM+Wsrt1SoGUUNKWs1xqMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvTTVsWXRvczB6NWF5dTNWS2daUlEwcGF6WEdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALQ3iAwQA
LVTFAwQBLZHgAwQALZMHMA0GCSqGSIb3DQEBCwUAA4IBAQBNBFmqkXG6cKExnYmk
veEEZAlKiP2I8qQL+o0nolrGzO1XiIVc1biLy5bK5FZMSx1qbM4i6nwFRjegXuaK
lEJKZKWzVQPLfDFsjH2qlAFYeZQdCCPDTuath9O9JtqZ9QydMLkHaUK4XVIRiU0A
hT+ydYKKre5ceg3cKpb8fusNlEUHZDpCNj8qjGrpcEIlBjukpWmQjr8wTXypMdSg
FU7KSwv0TzXcpsaRo1TPLjNBojVOo5mj/J876D1AUan4TZ/PA2rAPTC9+szPDS2x
xNjMlgba4S5dS46KxHeGKlngQBW1ayMpI35eKaifjviyXAQx1CSlw2tXwmy19v2H
v4H/
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:30 2023 by rpki-client on console-fra.rpki-client.org