Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/0ptEm3BCC5aEBb8wvcslBROct-o.roa
File: 0ptEm3BCC5aEBb8wvcslBROct-o.roa (raw, json)
Hash identifier: I50xTzFW/gBvXRSmj1K8AIG6IUKeXy54kcpBWBKiGtk=
Subject key identifier: D2:9B:44:9B:70:42:0B:96:84:05:BF:30:BD:CB:25:05:13:9C:B7:EA
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018529EEAE4DCBC5DEB8295519387EE72605
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/0ptEm3BCC5aEBb8wvcslBROct-o.roa
Signing time: Mon 19 Dec 2022 10:29:45 +0000
ROA not before: Mon 19 Dec 2022 10:29:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35913
IP address blocks: 45.94.168.0/22 maxlen: 24
2.56.108.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:29:ee:ae:4d:cb:c5:de:b8:29:55:19:38:7e:e7:26:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Dec 19 10:29:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d29b449b70420b968405bf30bdcb2505139cb7ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:1a:f5:4e:40:cd:0a:35:2a:2c:03:4f:94:24:
bf:40:ac:6d:4a:d2:1f:5e:a9:6c:f0:8d:75:dc:46:
e7:a2:23:9d:26:b0:14:ff:c6:4b:a3:c9:d6:23:98:
26:51:59:24:b0:3e:a1:b0:f1:a3:f4:ad:6e:c2:72:
57:55:3b:7a:b0:21:29:8e:f0:39:ff:0a:1a:34:86:
82:9f:c3:f3:9f:3f:1d:53:31:bd:5d:db:a9:ef:41:
8e:91:a8:75:07:b9:d0:9f:b5:05:d9:6d:8d:1f:3c:
25:66:6d:e9:81:fb:d8:91:ba:37:b1:b0:61:3c:db:
1e:34:00:60:c2:51:20:e6:40:06:19:52:19:7a:05:
db:79:22:dc:1d:e6:ae:f3:60:5f:d2:bb:bd:d5:51:
ad:18:37:f3:65:2d:15:8d:7c:56:57:cc:7a:e7:b7:
ae:35:95:f2:90:47:db:fa:38:18:2c:77:18:15:79:
d1:05:d0:64:b6:c7:c3:d4:66:21:d1:83:7c:4f:1a:
c7:46:bd:b9:06:b1:ec:b6:47:59:89:2f:59:d0:c6:
37:52:fd:3f:6f:a1:e6:24:f0:47:a3:4f:12:39:11:
2b:1e:85:e8:97:9c:f9:8e:b5:c2:88:1d:7f:da:ed:
50:16:38:2a:76:68:0c:cc:66:68:b5:7a:07:aa:14:
f3:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:9B:44:9B:70:42:0B:96:84:05:BF:30:BD:CB:25:05:13:9C:B7:EA
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/0ptEm3BCC5aEBb8wvcslBROct-o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.108.0/22
45.94.168.0/22
Signature Algorithm: sha256WithRSAEncryption
1b:b5:42:53:d0:23:0d:15:1e:45:c0:a9:90:b4:a4:dc:e8:f5:
2a:99:36:31:e6:50:df:1b:e9:66:c6:97:0e:ce:fd:b2:38:5f:
0b:eb:1a:e6:c0:fe:bb:3d:32:47:f7:0c:5b:3e:d8:be:a0:94:
1e:92:33:4b:3d:e2:6f:1f:a5:ac:d1:cd:56:5e:0d:60:f0:ff:
a2:9c:1b:be:ae:99:79:9e:85:22:1a:1d:37:b9:5b:de:a5:76:
37:1d:a9:ff:38:11:b7:8f:4f:4b:56:ad:e2:19:7b:53:9e:87:
86:b4:21:9a:67:5f:98:8d:21:c2:88:69:e8:cf:5a:d3:23:dd:
64:e3:89:3f:d9:a5:95:4e:27:6f:ed:5d:f2:11:28:48:5b:3d:
10:12:94:b8:4a:06:17:ce:d3:d0:34:de:06:5f:44:52:72:d4:
b8:a8:18:4f:75:d1:ea:b3:79:18:36:52:9c:39:e8:00:ad:fd:
f6:80:de:ef:9f:04:f8:a5:e4:15:2c:93:5a:4f:d2:0f:01:9e:
73:fa:1d:e1:45:fc:0f:a8:d8:86:da:eb:26:75:1b:45:36:f0:
41:76:04:56:ff:9a:a1:11:35:b1:de:54:5f:c9:c9:96:ab:4b:
96:39:4f:ce:7a:45:17:61:d7:ff:d0:b6:3f:39:dc:62:4b:2c:
ff:d3:7e:1c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYUp7q5Ny8XeuClVGTh+5yYFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjIxMjE5MTAyOTQ1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjliNDQ5YjcwNDIwYjk2ODQwNWJmMzBiZGNiMjUwNTEzOWNiN2VhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvhr1TkDNCjUqLANPlCS/QKxtStIf
Xqls8I113EbnoiOdJrAU/8ZLo8nWI5gmUVkksD6hsPGj9K1uwnJXVTt6sCEpjvA5
/woaNIaCn8Pznz8dUzG9Xdup70GOkah1B7nQn7UF2W2NHzwlZm3pgfvYkbo3sbBh
PNseNABgwlEg5kAGGVIZegXbeSLcHeau82Bf0ru91VGtGDfzZS0VjXxWV8x657eu
NZXykEfb+jgYLHcYFXnRBdBktsfD1GYh0YN8TxrHRr25BrHstkdZiS9Z0MY3Uv0/
b6HmJPBHo08SORErHoXol5z5jrXCiB1/2u1QFjgqdmgMzGZotXoHqhTzCwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNKbRJtwQguWhAW/ML3LJQUTnLfqMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvMHB0RW0zQkNDNWFFQmI4d3Zjc2xCUk9jdC1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCAjhsAwQC
LV6oMA0GCSqGSIb3DQEBCwUAA4IBAQAbtUJT0CMNFR5FwKmQtKTc6PUqmTYx5lDf
G+lmxpcOzv2yOF8L6xrmwP67PTJH9wxbPti+oJQekjNLPeJvH6Ws0c1WXg1g8P+i
nBu+rpl5noUiGh03uVvepXY3Han/OBG3j09LVq3iGXtTnoeGtCGaZ1+YjSHCiGno
z1rTI91k44k/2aWVTidv7V3yEShIWz0QEpS4SgYXztPQNN4GX0RSctS4qBhPddHq
s3kYNlKcOegArf32gN7vnwT4peQVLJNaT9IPAZ5z+h3hRfwPqNiG2usmdRtFNvBB
dgRW/5qhETWx3lRfycmWq0uWOU/OekUXYdf/0LY/OdxiSyz/034c
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:17 2024 by rpki-client on console-ams.rpki-client.org