Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/cwV9qK4QOXm0-1gQjoLgiXbOupc.roa
File: cwV9qK4QOXm0-1gQjoLgiXbOupc.roa (raw, json)
Hash identifier: Z0zC8UE+ZXSryOnn8r9WC0/xMsgbmiVdGv9qty3nEY8=
Subject key identifier: 73:05:7D:A8:AE:10:39:79:B4:FB:58:10:8E:82:E0:89:76:CE:BA:97
Certificate issuer: /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial: 08A8C7E1
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/cwV9qK4QOXm0-1gQjoLgiXbOupc.roa
Signing time: Sat 01 Jan 2022 14:01:44 +0000
ROA not before: Sat 01 Jan 2022 14:01:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58299
IP address blocks: 45.11.251.0/24 maxlen: 24
45.11.249.0/24 maxlen: 24
45.11.250.0/24 maxlen: 24
45.11.248.0/24 maxlen: 24
2a0e:8f05::/32 maxlen: 48
2a0e:8f07::/32 maxlen: 48
2a0e:8f06::/32 maxlen: 48
2a0e:8f04::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 145278945 (0x8a8c7e1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Validity
Not Before: Jan 1 14:01:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=73057da8ae103979b4fb58108e82e08976ceba97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:fb:17:c0:24:2a:ca:a8:dd:6b:b9:1b:2b:b6:
22:f4:28:8d:7b:d0:e0:06:6c:95:1b:43:20:e9:83:
c4:4e:c2:2f:b4:1e:04:06:07:fb:27:1a:cb:52:3d:
0e:b6:12:00:64:94:eb:8b:db:02:07:d0:7d:44:83:
eb:ea:0d:27:13:fd:3b:ff:b7:e1:5f:59:36:a5:a1:
9d:d2:14:45:6e:de:7c:25:97:75:67:f9:97:e6:60:
09:8a:c6:c9:2e:5e:dc:0a:8c:19:2e:2c:e6:f6:45:
66:66:84:20:72:4b:37:b9:90:4a:08:9b:49:fa:5f:
6e:5d:23:90:53:9f:f6:89:4b:ba:82:95:af:ca:3e:
41:8b:bf:74:e6:66:ca:f5:86:f8:65:e3:95:00:91:
d1:66:6d:fa:0f:38:8d:12:a6:85:76:2a:e6:69:1e:
aa:88:71:e3:14:61:c6:f7:7b:26:3d:f2:05:4a:3f:
82:53:1b:97:ac:bc:33:cb:9c:a8:5f:7c:78:e2:d1:
5b:f0:ac:ee:6b:01:77:bb:27:24:3c:43:27:6e:50:
66:da:be:87:91:2e:4d:41:e7:ca:fd:16:10:85:59:
d4:d7:3d:50:fc:64:76:5f:ae:7d:d8:2f:5b:90:23:
9a:1b:f6:6d:38:e1:76:11:e3:8b:43:4a:8e:42:6b:
36:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:05:7D:A8:AE:10:39:79:B4:FB:58:10:8E:82:E0:89:76:CE:BA:97
X509v3 Authority Key Identifier:
keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/cwV9qK4QOXm0-1gQjoLgiXbOupc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.248.0/22
IPv6:
2a0e:8f04::/30
Signature Algorithm: sha256WithRSAEncryption
8c:fe:cc:f1:09:5d:32:0b:45:1a:a1:88:34:a5:28:99:6f:b8:
c5:5e:f5:d5:23:63:ac:03:a8:45:56:af:aa:4f:71:89:a2:42:
b5:24:b4:74:f0:68:2f:49:6e:ee:8f:57:4b:22:6b:7e:f5:53:
6f:8c:10:f7:50:57:0e:aa:86:1b:11:33:1f:fd:4e:e3:3d:20:
6f:d6:e5:25:b4:e6:9c:2c:96:bc:2a:9a:0a:39:54:f2:1d:c6:
9b:e9:df:c1:df:37:4a:5b:fe:d0:a2:b7:1b:77:01:c4:01:55:
48:e7:71:fb:bb:4b:8f:85:09:80:30:35:1b:f4:33:e8:f2:e2:
d2:00:c5:6c:5e:f4:87:37:94:b3:af:9e:7b:d2:c4:97:1a:25:
bc:ab:b2:33:a7:90:ed:83:a3:aa:5f:a7:ef:35:f7:05:47:1e:
4e:58:96:fb:70:fb:5d:84:19:9b:e4:e4:2c:a0:79:7f:3b:99:
2e:46:73:75:81:49:29:cc:27:95:ba:a7:54:f7:c2:73:d8:fa:
37:88:eb:0b:0f:41:f2:71:27:25:d3:38:fa:8c:b3:53:67:7b:
1f:77:05:03:ab:3c:b4:77:59:10:91:c8:35:8c:d3:c8:cb:33:
03:93:81:0c:0d:13:89:02:72:4b:a1:84:39:7e:8d:07:cd:b4:
27:81:63:61
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIECKjH4TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NTZlZjQ4ZWQ2MTU1ZGQ3ODQzZWVkMzYzMjQ2OWFiYWEzMTAwYmYzMB4XDTIyMDEw
MTE0MDE0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzMwNTdkYThhZTEw
Mzk3OWI0ZmI1ODEwOGU4MmUwODk3NmNlYmE5NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJf7F8AkKsqo3Wu5Gyu2IvQojXvQ4AZslRtDIOmDxE7CL7Qe
BAYH+ycay1I9DrYSAGSU64vbAgfQfUSD6+oNJxP9O/+34V9ZNqWhndIURW7efCWX
dWf5l+ZgCYrGyS5e3AqMGS4s5vZFZmaEIHJLN7mQSgibSfpfbl0jkFOf9olLuoKV
r8o+QYu/dOZmyvWG+GXjlQCR0WZt+g84jRKmhXYq5mkeqohx4xRhxvd7Jj3yBUo/
glMbl6y8M8ucqF98eOLRW/Cs7msBd7snJDxDJ25QZtq+h5EuTUHnyv0WEIVZ1Nc9
UPxkdl+ufdgvW5Ajmhv2bTjhdhHji0NKjkJrNh8CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBRzBX2orhA5ebT7WBCOguCJds66lzAfBgNVHSMEGDAWgBTVbvSO1hVd14Q+
7TYyRpq6oxAL8zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFXNzBqdFlWWGRlRVB1MDJNa2FhdXFNUUNfTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjUvNThmZjU0LTM0MTAtNGU0Mi1hYWI4LWQyZDdmMmJiNjRkZi8x
L2N3VjlxSzRRT1htMC0xZ1Fqb0xnaVhiT3VwYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjUv
NThmZjU0LTM0MTAtNGU0Mi1hYWI4LWQyZDdmMmJiNjRkZi8xLzFXNzBqdFlWWGRl
RVB1MDJNa2FhdXFNUUNfTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAi0L+DANBAIAAjAHAwUCKg6PBDAN
BgkqhkiG9w0BAQsFAAOCAQEAjP7M8QldMgtFGqGINKUomW+4xV711SNjrAOoRVav
qk9xiaJCtSS0dPBoL0lu7o9XSyJrfvVTb4wQ91BXDqqGGxEzH/1O4z0gb9blJbTm
nCyWvCqaCjlU8h3Gm+nfwd83Slv+0KK3G3cBxAFVSOdx+7tLj4UJgDA1G/Qz6PLi
0gDFbF70hzeUs6+ee9LElxolvKuyM6eQ7YOjql+n7zX3BUceTliW+3D7XYQZm+Tk
LKB5fzuZLkZzdYFJKcwnlbqnVPfCc9j6N4jrCw9B8nEnJdM4+oyzU2d7H3cFA6s8
tHdZEJHINYzTyMszA5OBDA0TiQJyS6GEOX6NB820J4FjYQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:12 2023 by rpki-client on console-ams.rpki-client.org