Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/RO5mkMEdDjyhsgvC8ofl86n6LmI.roa
File: RO5mkMEdDjyhsgvC8ofl86n6LmI.roa (raw, json)
Hash identifier: Cl8XTxq90W6GTY6Bx5ZdNnxaugoE23h2gwbmy4XFbgQ=
Subject key identifier: 44:EE:66:90:C1:1D:0E:3C:A1:B2:0B:C2:F2:87:E5:F3:A9:FA:2E:62
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 0184AF16B43FE537F0EB3AB684C9F7822BF7
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/RO5mkMEdDjyhsgvC8ofl86n6LmI.roa
Signing time: Fri 25 Nov 2022 14:00:11 +0000
ROA not before: Fri 25 Nov 2022 14:00:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212669
IP address blocks: 85.209.121.0/24 maxlen: 24
45.151.0.0/24 maxlen: 24
45.138.181.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:af:16:b4:3f:e5:37:f0:eb:3a:b6:84:c9:f7:82:2b:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Nov 25 14:00:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=44ee6690c11d0e3ca1b20bc2f287e5f3a9fa2e62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:df:bd:b4:c8:66:f2:a9:0b:9c:08:c2:70:35:
b0:ab:8b:92:65:46:98:11:33:10:7a:53:3f:ce:60:
c4:5d:11:2d:68:9b:ad:ce:98:3b:bf:41:96:c0:0c:
26:1b:59:3b:23:f7:a2:04:45:21:0b:b9:a4:21:bf:
14:b9:ba:a1:99:23:11:2f:fb:f1:a2:9c:7c:4a:eb:
46:f9:dd:61:d5:cf:fa:f4:d9:7e:fd:20:c7:1e:05:
0d:05:8f:ae:1a:c6:9f:cc:72:93:e4:1e:6c:91:1f:
fb:e0:1f:ca:0f:61:87:77:b2:c3:b7:59:eb:b3:ae:
64:29:34:ae:7a:61:cb:9a:5d:18:51:e8:dc:1a:a3:
67:0d:cc:4c:96:d2:b9:02:c1:60:dd:8a:d6:71:b2:
ee:55:f5:ef:0b:35:a9:e5:62:dd:90:48:54:5b:d6:
b9:0b:69:25:5f:dc:07:97:b4:b3:0b:73:db:94:c7:
d2:38:41:30:96:b2:bc:25:4f:dd:7b:20:43:61:35:
d9:7a:6d:ee:c5:21:3a:9f:3a:5a:b4:72:3a:73:2b:
ef:ff:15:fb:69:e9:34:49:06:f2:f8:49:93:c5:43:
08:64:ec:c3:ff:5a:15:1b:b9:f7:7c:ac:fd:f7:f0:
2a:3d:07:c1:0a:9c:69:25:05:88:6c:31:5d:ff:9f:
65:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:EE:66:90:C1:1D:0E:3C:A1:B2:0B:C2:F2:87:E5:F3:A9:FA:2E:62
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/RO5mkMEdDjyhsgvC8ofl86n6LmI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.138.181.0/24
45.151.0.0/24
85.209.121.0/24
Signature Algorithm: sha256WithRSAEncryption
85:29:d5:17:b0:50:40:5d:12:23:f0:b5:aa:ed:b7:92:47:ef:
71:2b:65:81:f8:30:60:2a:90:ba:cf:ea:5b:98:d8:e0:b1:b4:
9c:47:9f:6f:24:e0:44:fd:31:27:47:9a:e1:b8:06:37:b5:c7:
93:02:10:8c:5d:1c:37:42:be:e1:31:2f:5f:5f:e9:15:02:99:
bf:26:a5:9c:b2:3c:92:32:cb:a1:9d:3a:54:97:49:cb:aa:0a:
bb:f7:34:1b:77:08:f8:f7:c1:68:b1:6a:e6:94:b3:83:1d:be:
41:33:c0:f2:5c:f9:1d:c2:a8:8c:95:82:d7:6e:67:c1:30:6a:
ab:81:37:44:c7:58:4d:9b:53:0b:dc:39:b0:d1:2f:74:62:20:
d8:3f:cc:e7:7b:d2:d3:55:52:d4:3f:a6:f9:84:cf:41:0d:b6:
72:c1:ba:61:8f:d8:3f:25:9f:88:6c:1b:37:37:69:9d:a3:ec:
56:e9:15:96:e2:77:22:e8:b6:02:f3:e1:4a:cb:85:03:19:e2:
3c:5d:8f:15:55:f3:4c:54:18:e1:21:f8:28:05:72:d5:36:4f:
bc:90:61:82:ee:b6:ee:c3:2c:d3:80:c1:b5:a8:1e:ce:d3:1d:
ae:cf:15:0c:77:e7:19:a5:5b:73:6d:3c:9c:da:54:ce:6b:dc:
ce:b2:79:62
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYSvFrQ/5Tfw6zq2hMn3giv3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjIxMTI1MTQwMDExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGVlNjY5MGMxMWQwZTNjYTFiMjBiYzJmMjg3ZTVmM2E5ZmEyZTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyd+9tMhm8qkLnAjCcDWwq4uSZUaY
ETMQelM/zmDEXREtaJutzpg7v0GWwAwmG1k7I/eiBEUhC7mkIb8UubqhmSMRL/vx
opx8SutG+d1h1c/69Nl+/SDHHgUNBY+uGsafzHKT5B5skR/74B/KD2GHd7LDt1nr
s65kKTSuemHLml0YUejcGqNnDcxMltK5AsFg3YrWcbLuVfXvCzWp5WLdkEhUW9a5
C2klX9wHl7SzC3PblMfSOEEwlrK8JU/deyBDYTXZem3uxSE6nzpatHI6cyvv/xX7
aek0SQby+EmTxUMIZOzD/1oVG7n3fKz99/AqPQfBCpxpJQWIbDFd/59laQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFETuZpDBHQ48obILwvKH5fOp+i5iMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvUk81bWtNRWREanloc2d2QzhvZmw4Nm42TG1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALYq1AwQA
LZcAAwQAVdF5MA0GCSqGSIb3DQEBCwUAA4IBAQCFKdUXsFBAXRIj8LWq7beSR+9x
K2WB+DBgKpC6z+pbmNjgsbScR59vJOBE/TEnR5rhuAY3tceTAhCMXRw3Qr7hMS9f
X+kVApm/JqWcsjySMsuhnTpUl0nLqgq79zQbdwj498FosWrmlLODHb5BM8DyXPkd
wqiMlYLXbmfBMGqrgTdEx1hNm1ML3Dmw0S90YiDYP8zne9LTVVLUP6b5hM9BDbZy
wbphj9g/JZ+IbBs3N2mdo+xW6RWW4nci6LYC8+FKy4UDGeI8XY8VVfNMVBjhIfgo
BXLVNk+8kGGC7rbuwyzTgMG1qB7O0x2uzxUMd+cZpVtzbTyc2lTOa9zOsnli
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:20 2023 by rpki-client on console-ams.rpki-client.org