Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/1--UhZQP5RyUX1C6PYx78dZ2qUFE.roa
File: 1--UhZQP5RyUX1C6PYx78dZ2qUFE.roa (raw, json)
Hash identifier: OFqlxQBzuTiTtEtCmrSYRc8vwpRtjQAosodOaVdTzcw=
Subject key identifier: FB:E5:21:65:03:F9:47:25:17:D4:2E:8F:63:1E:FC:75:9D:AA:50:51
Certificate issuer: /CN=bf84113545d9000760f66062a4221933a2e959d8
Certificate serial: 018235E9B94F1D4184A8D97A318A5065D41A
Authority key identifier: BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/1--UhZQP5RyUX1C6PYx78dZ2qUFE.roa
Signing time: Mon 25 Jul 2022 15:11:25 +0000
ROA not before: Mon 25 Jul 2022 15:11:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43624
IP address blocks: 45.150.67.0/24 maxlen: 24
45.140.147.0/24 maxlen: 24
185.234.247.0/24 maxlen: 24
45.144.29.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:35:e9:b9:4f:1d:41:84:a8:d9:7a:31:8a:50:65:d4:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf84113545d9000760f66062a4221933a2e959d8
Validity
Not Before: Jul 25 15:11:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fbe5216503f9472517d42e8f631efc759daa5051
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:50:16:45:bd:00:2d:79:b1:af:6c:34:e6:31:
c0:03:e0:ab:0c:25:17:94:02:2b:47:74:d0:96:3c:
d0:63:d5:91:32:46:95:81:77:ad:68:9c:89:b0:68:
6e:7a:d0:6f:11:0a:60:e8:4c:45:77:a0:3a:3b:ec:
2d:6c:e7:ad:e3:8b:71:10:d6:45:b0:0b:c8:be:97:
58:78:f4:6a:2b:c1:e3:44:2e:27:f3:f8:ab:5a:69:
1a:25:5f:b1:80:76:7c:08:52:2c:74:09:e1:da:a3:
9c:1d:e3:bf:da:f7:ca:c8:52:52:4a:87:2f:fe:61:
83:3a:d6:28:a3:dd:f5:60:c6:c8:cb:c0:62:75:93:
fa:92:b4:15:c5:c5:52:7d:39:64:e3:ce:b3:87:1e:
91:f5:56:c4:cb:e0:7c:5a:76:d4:10:e6:f7:48:59:
a1:a4:56:e0:7e:11:21:0b:b1:d9:a8:fe:f0:0b:e1:
4e:e3:bf:22:1b:96:2f:5a:ee:4a:42:59:f5:1a:a0:
e9:41:a3:5e:7a:1b:50:8c:91:87:db:27:50:78:12:
42:a9:9e:58:b8:cb:6c:c7:cf:3b:e9:6a:ca:cf:62:
60:ca:19:60:a7:48:d2:df:bf:73:ef:48:46:92:fc:
1b:cf:aa:aa:d1:b5:8f:6f:4c:d4:3f:b5:e3:2a:8e:
70:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:E5:21:65:03:F9:47:25:17:D4:2E:8F:63:1E:FC:75:9D:AA:50:51
X509v3 Authority Key Identifier:
keyid:BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/1--UhZQP5RyUX1C6PYx78dZ2qUFE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.147.0/24
45.144.29.0/24
45.150.67.0/24
185.234.247.0/24
Signature Algorithm: sha256WithRSAEncryption
84:f3:34:26:27:c7:0f:1e:32:53:f4:06:7a:12:95:b9:c3:d8:
40:67:6a:12:be:59:95:56:da:65:dd:2f:e4:33:9c:65:17:11:
d1:82:49:9c:43:8b:6c:b5:71:19:5c:0d:bc:5d:7b:26:9e:24:
24:37:9f:34:fa:1d:cc:43:8a:fc:21:6e:5b:e4:25:e1:1d:90:
b8:ec:11:a8:17:03:dd:5b:0f:16:65:2b:e9:11:f9:19:de:ea:
a2:2e:cd:ed:99:32:32:91:26:f6:1c:ce:c8:56:91:c9:eb:1d:
10:0f:34:fe:9e:77:9c:10:15:d0:ac:cf:46:26:4b:c9:20:8d:
67:1e:a1:d3:4a:6b:41:c0:90:b4:48:5b:41:44:96:f5:98:07:
82:91:f6:7a:4d:9b:a8:44:5a:c5:43:be:39:db:ea:1a:d1:12:
5a:35:9e:50:bf:3f:3e:63:91:40:96:41:25:56:48:d2:db:e1:
fe:5b:5e:fe:fa:54:f3:fd:ad:fb:ea:81:bc:80:0a:64:40:38:
75:05:9a:65:64:36:f3:36:54:0d:bc:90:d0:a0:1b:e6:5e:35:
fb:c4:75:b5:5c:64:2b:30:65:c9:93:6e:0c:94:91:dd:6b:a7:
80:a3:8a:0e:e8:59:73:9d:06:90:15:da:6f:39:ba:02:d1:8a:
44:32:94:f2
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAYI16blPHUGEqNl6MYpQZdQaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmODQxMTM1NDVkOTAwMDc2MGY2NjA2MmE0MjIxOTMzYTJl
OTU5ZDgwHhcNMjIwNzI1MTUxMTI1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmU1MjE2NTAzZjk0NzI1MTdkNDJlOGY2MzFlZmM3NTlkYWE1MDUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiVAWRb0ALXmxr2w05jHAA+CrDCUX
lAIrR3TQljzQY9WRMkaVgXetaJyJsGhuetBvEQpg6ExFd6A6O+wtbOet44txENZF
sAvIvpdYePRqK8HjRC4n8/irWmkaJV+xgHZ8CFIsdAnh2qOcHeO/2vfKyFJSSocv
/mGDOtYoo931YMbIy8BidZP6krQVxcVSfTlk486zhx6R9VbEy+B8WnbUEOb3SFmh
pFbgfhEhC7HZqP7wC+FO478iG5YvWu5KQln1GqDpQaNeehtQjJGH2ydQeBJCqZ5Y
uMtsx8876WrKz2Jgyhlgp0jS379z70hGkvwbz6qq0bWPb0zUP7XjKo5wWwIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFPvlIWUD+UclF9Quj2Me/HWdqlBRMB8GA1UdIwQY
MBaAFL+EETVF2QAHYPZgYqQiGTOi6VnYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEt
NGJkNjNhZGM3MzU0LzEvMS0tVWhaUVA1UnlVWDFDNlBZeDc4ZFoycVVGRS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMjUvMzBkYzg1LTJkZDgtNGIxYy1iMTUxLTRiZDYzYWRjNzM1
NC8xL3Y0UVJOVVhaQUFkZzltQmlwQ0laTTZMcFdkZy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAxBggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAC2MkwME
AC2QHQMEAC2WQwMEALnq9zANBgkqhkiG9w0BAQsFAAOCAQEAhPM0JifHDx4yU/QG
ehKVucPYQGdqEr5ZlVbaZd0v5DOcZRcR0YJJnEOLbLVxGVwNvF17Jp4kJDefNPod
zEOK/CFuW+Ql4R2QuOwRqBcD3VsPFmUr6RH5Gd7qoi7N7ZkyMpEm9hzOyFaRyesd
EA80/p53nBAV0KzPRiZLySCNZx6h00prQcCQtEhbQUSW9ZgHgpH2ek2bqERaxUO+
OdvqGtESWjWeUL8/PmORQJZBJVZI0tvh/lte/vpU8/2t++qBvIAKZEA4dQWaZWQ2
8zZUDbyQ0KAb5l41+8R1tVxkKzBlyZNuDJSR3WungKOKDuhZc50GkBXabzm6AtGK
RDKU8g==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:11 2023 by rpki-client on console-ams.rpki-client.org