Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/4HvUDULrQL5ugXJ7xaO_3C2Cv2o.roa
File: 4HvUDULrQL5ugXJ7xaO_3C2Cv2o.roa (raw, json)
Hash identifier: mNfKoyQh0z1gX9HADeAbMkxhXWlUQ2MSvuL69FztWas=
Subject key identifier: E0:7B:D4:0D:42:EB:40:BE:6E:81:72:7B:C5:A3:BF:DC:2D:82:BF:6A
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 0183FE7E9B4497FFB183796C843704EE5FE1
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/4HvUDULrQL5ugXJ7xaO_3C2Cv2o.roa
Signing time: Sat 22 Oct 2022 07:00:53 +0000
ROA not before: Sat 22 Oct 2022 07:00:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7029
IP address blocks: 45.151.0.0/23 maxlen: 23
45.151.2.0/24 maxlen: 24
45.88.139.0/24 maxlen: 24
45.138.180.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:fe:7e:9b:44:97:ff:b1:83:79:6c:84:37:04:ee:5f:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Oct 22 07:00:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e07bd40d42eb40be6e81727bc5a3bfdc2d82bf6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:c9:34:ae:51:72:5c:12:e2:3f:b9:e5:01:f7:
0a:fc:40:79:bc:19:bc:b9:6b:f5:bb:9f:cc:eb:3a:
9a:59:6c:61:85:4f:4b:59:4c:dc:3f:48:4c:dc:77:
a3:9c:72:7d:80:34:34:b0:fd:b2:00:78:27:1a:24:
32:19:f5:2b:a2:a5:c4:2b:e8:fa:a0:ca:46:0e:15:
2c:3b:d5:1d:fe:c0:0a:77:7a:29:08:2e:51:9d:f2:
fa:4e:20:04:43:8d:f4:32:2b:b2:10:a4:09:5c:60:
eb:a5:c4:0c:4b:e7:81:e0:6b:fa:48:a9:c2:4b:2d:
e5:33:1e:94:25:c9:27:76:cf:84:d8:ee:2a:2b:a5:
4e:a6:94:43:15:29:7b:51:ba:fd:a9:64:ec:78:9a:
f5:31:e7:a4:bd:41:99:d4:0f:ab:d1:51:ae:44:de:
1e:e9:94:a7:da:f0:ab:26:14:0f:ec:c1:6e:b3:e1:
f0:b0:53:8d:6e:55:05:66:5d:10:20:fc:bf:74:fc:
f1:e5:60:8c:e8:59:09:43:4c:6f:e2:47:9e:2e:f0:
f3:6e:16:e2:ca:83:ac:a6:a7:79:7c:b0:44:97:e2:
ff:25:31:24:5a:ee:99:8e:f2:06:3c:c8:17:9c:0e:
bb:b6:a8:f9:98:2c:e6:eb:0f:59:82:1c:fb:5c:92:
d5:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:7B:D4:0D:42:EB:40:BE:6E:81:72:7B:C5:A3:BF:DC:2D:82:BF:6A
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/4HvUDULrQL5ugXJ7xaO_3C2Cv2o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.139.0/24
45.138.180.0/22
45.151.0.0-45.151.2.255
Signature Algorithm: sha256WithRSAEncryption
54:61:e8:54:9d:35:00:6e:33:81:aa:f6:15:01:2b:34:9b:0e:
09:5d:a3:a3:99:f3:69:81:fe:88:e9:87:4b:e9:5f:93:b4:87:
07:64:48:0c:f0:91:28:16:b6:4d:46:1c:64:6e:3c:80:81:78:
5f:4f:c7:37:5e:31:af:68:33:e8:87:a2:ef:68:7b:31:36:7b:
10:92:22:a0:b9:ed:30:71:1e:6a:35:57:16:65:1d:20:cf:ab:
75:1d:b3:d4:b3:bd:1d:b0:23:d7:f6:74:c1:65:76:c0:5a:cf:
a8:b6:4a:50:ab:6b:3d:2a:3a:e1:55:25:81:f2:7d:0a:03:2f:
35:ad:74:67:54:0d:96:28:8d:f8:18:1d:19:f6:95:85:27:a2:
25:60:89:1d:e4:0e:ed:64:c0:18:d4:ed:55:02:da:15:6a:46:
e8:9a:0c:1e:de:71:fb:95:72:49:af:df:8d:2c:af:73:50:05:
2f:7d:59:0f:f3:3d:19:d5:15:df:5b:ab:b2:84:b7:f8:d9:57:
4c:65:21:38:66:99:a7:67:0c:a9:4d:d1:2a:66:5c:a4:db:c6:
df:aa:34:ec:57:76:3c:b3:0f:ba:5e:7f:97:06:a2:a5:61:31:
4f:f1:f7:5c:74:5c:77:f2:05:fe:b9:99:5c:37:5d:ab:46:47:
47:44:74:b7
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAYP+fptEl/+xg3lshDcE7l/hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjIxMDIyMDcwMDUzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDdiZDQwZDQyZWI0MGJlNmU4MTcyN2JjNWEzYmZkYzJkODJiZjZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhsk0rlFyXBLiP7nlAfcK/EB5vBm8
uWv1u5/M6zqaWWxhhU9LWUzcP0hM3HejnHJ9gDQ0sP2yAHgnGiQyGfUroqXEK+j6
oMpGDhUsO9Ud/sAKd3opCC5RnfL6TiAEQ430MiuyEKQJXGDrpcQMS+eB4Gv6SKnC
Sy3lMx6UJcknds+E2O4qK6VOppRDFSl7Ubr9qWTseJr1MeekvUGZ1A+r0VGuRN4e
6ZSn2vCrJhQP7MFus+HwsFONblUFZl0QIPy/dPzx5WCM6FkJQ0xv4keeLvDzbhbi
yoOspqd5fLBEl+L/JTEkWu6ZjvIGPMgXnA67tqj5mCzm6w9Zghz7XJLViwIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFOB71A1C60C+boFye8Wjv9wtgr9qMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvNEh2VURVTHJRTDV1Z1hKN3hhT18zQzJDdjJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDIGCCsGAQUFBwEHAQH/BCMwITAfBAIAATAZAwQALViLAwQC
LYq0MAsDAwAtlwMEAC2XAjANBgkqhkiG9w0BAQsFAAOCAQEAVGHoVJ01AG4zgar2
FQErNJsOCV2jo5nzaYH+iOmHS+lfk7SHB2RIDPCRKBa2TUYcZG48gIF4X0/HN14x
r2gz6Iei72h7MTZ7EJIioLntMHEeajVXFmUdIM+rdR2z1LO9HbAj1/Z0wWV2wFrP
qLZKUKtrPSo64VUlgfJ9CgMvNa10Z1QNliiN+BgdGfaVhSeiJWCJHeQO7WTAGNTt
VQLaFWpG6JoMHt5x+5VySa/fjSyvc1AFL31ZD/M9GdUV31ursoS3+NlXTGUhOGaZ
p2cMqU3RKmZcpNvG36o07Fd2PLMPul5/lwaipWExT/H3XHRcd/IF/rmZXDddq0ZH
R0R0tw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:31 2024 by rpki-client on console-fra.rpki-client.org