Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/720f9f-f0b8-44d2-8367-f81fdf74e655/1/8dHgVtqqCpkx2mT-g56TCYTBkMM.roa
File: 8dHgVtqqCpkx2mT-g56TCYTBkMM.roa (raw, json)
Hash identifier: IRWWngjTlr1Lcx3W0kChoXue62TfsBNZ9u2uWHkb36w=
Subject key identifier: F1:D1:E0:56:DA:AA:0A:99:31:DA:64:FE:83:9E:93:09:84:C1:90:C3
Certificate issuer: /CN=aaf4969842de9c4c1e1a5759d98d1ed5c0d62ef8
Certificate serial: 018267F767826292C11ACA64230C1193579E
Authority key identifier: AA:F4:96:98:42:DE:9C:4C:1E:1A:57:59:D9:8D:1E:D5:C0:D6:2E:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qvSWmELenEweGldZ2Y0e1cDWLvg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/720f9f-f0b8-44d2-8367-f81fdf74e655/1/8dHgVtqqCpkx2mT-g56TCYTBkMM.roa
Signing time: Thu 04 Aug 2022 08:27:23 +0000
ROA not before: Thu 04 Aug 2022 08:27:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202272
IP address blocks: 45.152.68.0/24 maxlen: 24
2a0f:4900::/44 maxlen: 44
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:67:f7:67:82:62:92:c1:1a:ca:64:23:0c:11:93:57:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aaf4969842de9c4c1e1a5759d98d1ed5c0d62ef8
Validity
Not Before: Aug 4 08:27:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f1d1e056daaa0a9931da64fe839e930984c190c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:2e:62:cf:7d:5d:dc:4b:68:75:39:c6:3b:88:
42:12:66:b2:12:36:c9:38:99:18:67:68:2b:fe:e0:
b7:49:43:64:c8:64:8a:21:7b:86:d3:42:46:ec:71:
5e:27:13:89:60:d6:23:cc:6d:d9:84:51:7f:eb:00:
0a:ed:56:5a:2b:40:3c:8b:2f:03:d5:66:fb:82:36:
c6:d8:d6:68:01:b4:a0:6b:b4:38:f1:81:44:72:b5:
35:4d:91:ae:c1:9b:88:58:b0:80:1f:e1:4e:62:8b:
0e:13:09:19:6d:ae:e7:0b:a3:47:59:b2:ef:5d:4f:
6b:d1:2d:45:b3:e2:86:25:60:5f:5a:45:b3:f9:d0:
32:3f:cf:fc:60:44:e3:33:78:c1:ba:13:36:14:02:
94:d9:f8:66:1d:9b:c6:12:40:0c:ac:c1:df:09:69:
08:60:3b:2e:97:cc:ec:58:b1:2b:c5:97:25:94:f2:
3d:8d:43:93:00:ce:46:b5:ce:d2:b2:43:d0:d4:e6:
a7:bf:71:c6:f2:bd:67:07:d8:04:c3:b3:40:29:e9:
b1:e6:94:3f:d7:db:57:ab:0d:c3:a3:8f:06:dd:f9:
50:94:11:fa:06:49:f5:14:4e:31:28:b5:d9:f1:38:
32:41:67:16:c8:35:1b:e4:68:46:df:a8:ad:09:55:
a6:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:D1:E0:56:DA:AA:0A:99:31:DA:64:FE:83:9E:93:09:84:C1:90:C3
X509v3 Authority Key Identifier:
keyid:AA:F4:96:98:42:DE:9C:4C:1E:1A:57:59:D9:8D:1E:D5:C0:D6:2E:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qvSWmELenEweGldZ2Y0e1cDWLvg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/720f9f-f0b8-44d2-8367-f81fdf74e655/1/8dHgVtqqCpkx2mT-g56TCYTBkMM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/720f9f-f0b8-44d2-8367-f81fdf74e655/1/qvSWmELenEweGldZ2Y0e1cDWLvg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.152.68.0/24
IPv6:
2a0f:4900::/44
Signature Algorithm: sha256WithRSAEncryption
28:2e:8c:5e:b8:d0:81:2a:36:f5:65:82:07:78:5c:60:01:21:
05:d7:f3:be:a4:01:1b:5f:3f:04:f8:06:f1:5c:43:8f:f2:77:
7f:54:b0:00:db:5b:f5:c5:d3:df:24:aa:ac:8b:ed:33:a7:fd:
7a:40:6e:86:6b:b0:2b:c4:a4:5b:83:4f:67:a3:5f:da:75:86:
99:9c:3c:77:37:94:ff:ea:96:ff:13:66:ea:82:c9:5a:4b:7a:
04:37:42:e4:1f:73:65:66:52:aa:ed:95:43:93:d8:d0:2e:08:
5c:30:1f:2e:27:e7:23:ea:b2:2d:49:b4:eb:f8:d4:5e:83:43:
c6:11:0b:dc:fc:6f:80:e4:52:8d:a6:9f:b7:c4:cf:64:2c:10:
07:6b:9b:cd:e0:27:ca:79:08:83:bf:1e:82:db:29:8d:ee:97:
1b:28:9a:de:fc:98:3b:09:82:e9:02:ca:c8:30:d2:64:5a:8e:
64:a3:b6:5c:d3:f1:f9:62:21:d3:6c:a9:4f:d3:50:1c:9a:1e:
15:a7:c4:d3:89:84:56:c3:aa:08:b8:e2:d5:61:91:de:12:0c:
47:3e:ae:c5:3c:40:58:0a:38:85:1b:55:73:b6:2b:1e:f2:e4:
23:6d:fa:95:66:42:22:02:d5:fa:d6:8c:1a:0e:42:a4:35:02:
4a:a9:85:85
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYJn92eCYpLBGspkIwwRk1eeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhZjQ5Njk4NDJkZTljNGMxZTFhNTc1OWQ5OGQxZWQ1YzBk
NjJlZjgwHhcNMjIwODA0MDgyNzIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWQxZTA1NmRhYWEwYTk5MzFkYTY0ZmU4MzllOTMwOTg0YzE5MGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgi5iz31d3EtodTnGO4hCEmayEjbJ
OJkYZ2gr/uC3SUNkyGSKIXuG00JG7HFeJxOJYNYjzG3ZhFF/6wAK7VZaK0A8iy8D
1Wb7gjbG2NZoAbSga7Q48YFEcrU1TZGuwZuIWLCAH+FOYosOEwkZba7nC6NHWbLv
XU9r0S1Fs+KGJWBfWkWz+dAyP8/8YETjM3jBuhM2FAKU2fhmHZvGEkAMrMHfCWkI
YDsul8zsWLErxZcllPI9jUOTAM5Gtc7SskPQ1Oanv3HG8r1nB9gEw7NAKemx5pQ/
19tXqw3Do48G3flQlBH6Bkn1FE4xKLXZ8TgyQWcWyDUb5GhG36itCVWmoQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPHR4FbaqgqZMdpk/oOekwmEwZDDMB8GA1UdIwQY
MBaAFKr0lphC3pxMHhpXWdmNHtXA1i74MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXZTV21FTGVuRXdlR2xkWjJZMGUxY0RXTHZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC83MjBmOWYtZjBiOC00NGQyLTgzNjct
ZjgxZmRmNzRlNjU1LzEvOGRIZ1Z0cXFDcGt4Mm1ULWc1NlRDWVRCa01NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC83MjBmOWYtZjBiOC00NGQyLTgzNjctZjgxZmRmNzRlNjU1
LzEvcXZTV21FTGVuRXdlR2xkWjJZMGUxY0RXTHZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQALZhEMA8E
AgACMAkDBwQqD0kAAAAwDQYJKoZIhvcNAQELBQADggEBACgujF640IEqNvVlggd4
XGABIQXX876kARtfPwT4BvFcQ4/yd39UsADbW/XF098kqqyL7TOn/XpAboZrsCvE
pFuDT2ejX9p1hpmcPHc3lP/qlv8TZuqCyVpLegQ3QuQfc2VmUqrtlUOT2NAuCFww
Hy4n5yPqsi1JtOv41F6DQ8YRC9z8b4DkUo2mn7fEz2QsEAdrm83gJ8p5CIO/HoLb
KY3ulxsomt78mDsJgukCysgw0mRajmSjtlzT8fliIdNsqU/TUByaHhWnxNOJhFbD
qgi44tVhkd4SDEc+rsU8QFgKOIUbVXO2Kx7y5CNt+pVmQiIC1frWjBoOQqQ1Akqp
hYU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:13 2024 by rpki-client on console-ams.rpki-client.org