Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/8bdfd3-d5a1-45b9-9296-6319bb079c44/1/_gM4atwLBEfWOsbmjAIr6vb5KA4.roa
File: _gM4atwLBEfWOsbmjAIr6vb5KA4.roa (raw, json)
Hash identifier: 5cgfMg2RravfUZPUeIjNfCE+sal0bQgNnEBeR30tGL0=
Subject key identifier: FE:03:38:6A:DC:0B:04:47:D6:3A:C6:E6:8C:02:2B:EA:F6:F9:28:0E
Certificate issuer: /CN=87f45e3a4069d4f5ebd5f6e6421d8d3cabe30921
Certificate serial: 018345DC46A65359E14C27DD7E89DCFA3528
Authority key identifier: 87:F4:5E:3A:40:69:D4:F5:EB:D5:F6:E6:42:1D:8D:3C:AB:E3:09:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h_ReOkBp1PXr1fbmQh2NPKvjCSE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/8bdfd3-d5a1-45b9-9296-6319bb079c44/1/_gM4atwLBEfWOsbmjAIr6vb5KA4.roa
Signing time: Fri 16 Sep 2022 10:33:27 +0000
ROA not before: Fri 16 Sep 2022 10:33:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60781
IP address blocks: 45.159.204.0/22 maxlen: 24
2a09:db40::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:45:dc:46:a6:53:59:e1:4c:27:dd:7e:89:dc:fa:35:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87f45e3a4069d4f5ebd5f6e6421d8d3cabe30921
Validity
Not Before: Sep 16 10:33:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fe03386adc0b0447d63ac6e68c022beaf6f9280e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:d7:27:ec:14:62:78:f4:f4:c6:66:dc:31:fc:
40:ef:bc:e6:47:f9:14:4c:70:a5:74:49:8d:8b:49:
68:5f:43:9d:39:81:1d:3a:79:2e:bd:e8:42:29:22:
55:5e:4c:d0:d3:bc:fc:f9:13:b1:7b:67:99:2b:dd:
05:7f:2d:82:53:a2:20:5c:c3:7a:d4:83:6a:82:9e:
b0:72:ae:d1:ad:13:e1:47:21:01:bf:ad:21:66:74:
49:d9:be:9e:fe:72:e1:69:b3:71:d6:bf:a2:ad:71:
26:37:2f:05:60:14:3c:9d:26:04:e7:c6:5b:7b:33:
a6:76:b7:be:49:40:83:fb:ad:c6:bd:bb:ed:71:2e:
b8:49:48:d3:e4:e5:5a:9c:7b:7c:2b:40:b0:30:d5:
7d:cf:c0:c1:e0:d5:46:b8:05:66:b0:47:27:99:6d:
56:9b:58:e8:e6:f9:9b:f9:7f:2a:a0:64:e6:04:7e:
a5:84:a3:14:7a:b6:8d:a2:a2:0a:3b:6c:80:f7:15:
e4:18:f8:3d:91:56:46:e7:1b:57:c8:d4:57:77:c6:
78:b2:ef:0f:4e:21:58:e2:78:0b:32:5e:fd:f0:76:
12:8f:7d:65:68:3a:32:0b:29:a7:7d:2c:b1:72:1c:
4c:ea:e9:16:c3:34:5f:f6:f3:c3:e0:ba:ce:a7:2a:
8d:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:03:38:6A:DC:0B:04:47:D6:3A:C6:E6:8C:02:2B:EA:F6:F9:28:0E
X509v3 Authority Key Identifier:
keyid:87:F4:5E:3A:40:69:D4:F5:EB:D5:F6:E6:42:1D:8D:3C:AB:E3:09:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h_ReOkBp1PXr1fbmQh2NPKvjCSE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/8bdfd3-d5a1-45b9-9296-6319bb079c44/1/_gM4atwLBEfWOsbmjAIr6vb5KA4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/8bdfd3-d5a1-45b9-9296-6319bb079c44/1/h_ReOkBp1PXr1fbmQh2NPKvjCSE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.204.0/22
IPv6:
2a09:db40::/29
Signature Algorithm: sha256WithRSAEncryption
63:46:71:cc:54:08:cc:6d:3e:75:42:05:0d:29:79:8d:3d:97:
6e:dc:fc:c6:55:b1:5e:c0:2f:02:d3:72:c6:b8:3a:73:8b:26:
8d:7e:8a:36:99:59:79:c9:fd:18:f4:23:d2:e4:0b:df:e6:86:
48:79:12:58:83:02:a2:05:0d:5c:7d:ab:d2:06:e0:9e:b5:ed:
4c:38:21:2a:8a:68:6a:90:a7:e8:7e:59:da:78:a6:85:cd:f5:
03:98:1c:97:38:93:8f:96:ba:46:47:4c:2f:45:9d:cf:58:51:
df:2b:7b:9d:24:a2:d9:cf:73:58:ce:37:20:77:64:15:3e:c9:
3b:a4:53:61:96:5e:cc:37:ea:27:c9:1a:a3:87:ce:ea:17:50:
5f:67:33:da:17:6a:e8:0a:b6:3f:44:b5:15:56:b2:6f:bc:63:
01:a0:40:7c:76:f1:3e:da:95:13:d4:89:c7:a4:2d:74:62:85:
3d:80:3f:aa:41:da:cd:d9:de:2a:50:c7:9b:b5:32:91:b4:63:
c4:d3:f9:ec:ba:c0:af:20:a4:27:5b:46:08:78:6a:61:fe:8c:
8f:6b:b8:2d:ab:be:b4:84:a9:57:b6:94:b2:d8:e0:95:32:5f:
c0:c9:76:5d:96:1a:4f:f6:66:87:6c:3c:41:08:d6:51:c6:ce:
0d:68:c2:5c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYNF3EamU1nhTCfdfonc+jUoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3ZjQ1ZTNhNDA2OWQ0ZjVlYmQ1ZjZlNjQyMWQ4ZDNjYWJl
MzA5MjEwHhcNMjIwOTE2MTAzMzI3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTAzMzg2YWRjMGIwNDQ3ZDYzYWM2ZTY4YzAyMmJlYWY2ZjkyODBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw9cn7BRiePT0xmbcMfxA77zmR/kU
THCldEmNi0loX0OdOYEdOnkuvehCKSJVXkzQ07z8+ROxe2eZK90Ffy2CU6IgXMN6
1INqgp6wcq7RrRPhRyEBv60hZnRJ2b6e/nLhabNx1r+irXEmNy8FYBQ8nSYE58Zb
ezOmdre+SUCD+63GvbvtcS64SUjT5OVanHt8K0CwMNV9z8DB4NVGuAVmsEcnmW1W
m1jo5vmb+X8qoGTmBH6lhKMUeraNoqIKO2yA9xXkGPg9kVZG5xtXyNRXd8Z4su8P
TiFY4ngLMl798HYSj31laDoyCymnfSyxchxM6ukWwzRf9vPD4LrOpyqNuwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFP4DOGrcCwRH1jrG5owCK+r2+SgOMB8GA1UdIwQY
MBaAFIf0XjpAadT169X25kIdjTyr4wkhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaF9SZU9rQnAxUFhyMWZibVFoMk5QS3ZqQ1NFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC84YmRmZDMtZDVhMS00NWI5LTkyOTYt
NjMxOWJiMDc5YzQ0LzEvX2dNNGF0d0xCRWZXT3NibWpBSXI2dmI1S0E0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC84YmRmZDMtZDVhMS00NWI5LTkyOTYtNjMxOWJiMDc5YzQ0
LzEvaF9SZU9rQnAxUFhyMWZibVFoMk5QS3ZqQ1NFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLZ/MMA0E
AgACMAcDBQMqCdtAMA0GCSqGSIb3DQEBCwUAA4IBAQBjRnHMVAjMbT51QgUNKXmN
PZdu3PzGVbFewC8C03LGuDpziyaNfoo2mVl5yf0Y9CPS5Avf5oZIeRJYgwKiBQ1c
favSBuCete1MOCEqimhqkKfoflnaeKaFzfUDmByXOJOPlrpGR0wvRZ3PWFHfK3ud
JKLZz3NYzjcgd2QVPsk7pFNhll7MN+onyRqjh87qF1BfZzPaF2roCrY/RLUVVrJv
vGMBoEB8dvE+2pUT1InHpC10YoU9gD+qQdrN2d4qUMebtTKRtGPE0/nsusCvIKQn
W0YIeGph/oyPa7gtq760hKlXtpSy2OCVMl/AyXZdlhpP9maHbDxBCNZRxs4NaMJc
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:42 2024 by rpki-client on console-fra.rpki-client.org