Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/T8DjPpVMLVI8Cuoq-fda7sRkLdI.roa
File: T8DjPpVMLVI8Cuoq-fda7sRkLdI.roa (raw, json)
Hash identifier: lyL9aJeVdTfhPyjiMvEj7aE9S3gwPVFFkcSb53wHWco=
Subject key identifier: 4F:C0:E3:3E:95:4C:2D:52:3C:0A:EA:2A:F9:F7:5A:EE:C4:64:2D:D2
Certificate issuer: /CN=28107ab6921ef8cb2deca3eb766478cff3e5fc6d
Certificate serial: 0181CD9A92D0DAAA06E1D8EB0276CCB8496E
Authority key identifier: 28:10:7A:B6:92:1E:F8:CB:2D:EC:A3:EB:76:64:78:CF:F3:E5:FC:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/T8DjPpVMLVI8Cuoq-fda7sRkLdI.roa
Signing time: Tue 05 Jul 2022 09:04:28 +0000
ROA not before: Tue 05 Jul 2022 09:04:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 45.150.175.0/24 maxlen: 24
45.139.196.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:cd:9a:92:d0:da:aa:06:e1:d8:eb:02:76:cc:b8:49:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28107ab6921ef8cb2deca3eb766478cff3e5fc6d
Validity
Not Before: Jul 5 09:04:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4fc0e33e954c2d523c0aea2af9f75aeec4642dd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:2e:cd:d3:92:c7:68:55:d4:95:62:41:e0:0e:
22:ab:3a:4c:3c:e2:c9:92:79:6e:53:bf:82:f1:2b:
71:fd:64:20:bb:f9:cb:24:bc:9a:96:65:6a:6c:2e:
26:b4:c6:32:ae:ae:6f:88:80:67:d0:e6:6d:d7:12:
f2:1c:7c:7c:ab:65:96:69:94:cf:50:52:d2:85:b7:
c7:9c:2b:30:a4:b5:d4:89:d8:78:ea:f1:e7:aa:b7:
93:d6:75:61:39:a4:eb:3b:74:88:0e:c1:94:3b:73:
23:b9:80:b4:71:62:c2:ce:0c:c6:85:b6:ee:04:a4:
31:cf:c6:6e:3c:39:c2:31:19:eb:3f:ec:86:db:b4:
6d:30:d4:64:24:63:e6:84:3b:44:39:ae:fe:c3:87:
c4:07:d2:c6:d4:5b:f4:0a:de:d5:73:ed:29:86:de:
dc:27:26:45:de:e0:c2:52:53:80:9b:74:3e:c5:45:
e0:cc:be:e3:6e:e4:f8:75:a7:f1:8c:ba:cc:ac:b0:
cb:ae:34:c6:3c:4c:8e:46:41:39:68:d5:d0:8d:b1:
10:66:e8:60:0b:5e:0d:67:60:b9:65:0e:9b:ad:b9:
fa:c6:b4:cd:bb:9f:77:ee:81:f1:ea:fc:15:7c:2b:
7a:9a:21:98:45:5c:31:44:eb:06:6c:d3:15:5b:0e:
74:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:C0:E3:3E:95:4C:2D:52:3C:0A:EA:2A:F9:F7:5A:EE:C4:64:2D:D2
X509v3 Authority Key Identifier:
keyid:28:10:7A:B6:92:1E:F8:CB:2D:EC:A3:EB:76:64:78:CF:F3:E5:FC:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/T8DjPpVMLVI8Cuoq-fda7sRkLdI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.196.0/22
45.150.175.0/24
Signature Algorithm: sha256WithRSAEncryption
19:8e:0f:fb:3b:86:99:16:f4:78:95:33:05:88:bc:ae:4c:b3:
06:ab:a4:79:2e:15:a6:fe:8b:64:17:44:5a:32:ac:8c:d9:70:
a0:d6:8c:b7:ce:f4:cc:5e:f2:46:97:bf:ca:f8:ce:4b:83:5b:
95:79:40:88:74:4e:6e:1f:5c:12:db:3f:6b:04:ab:0d:1c:26:
b2:3a:95:c7:35:87:f7:64:bf:7e:57:fd:89:9f:b7:d3:61:fb:
8b:e2:42:77:00:f8:7f:19:15:a0:73:76:62:77:be:04:00:3c:
a5:b9:83:81:e8:f6:cf:3b:cc:eb:ee:02:ea:6a:ad:d6:fc:2a:
1a:bb:7f:92:85:71:0a:5e:ea:f8:08:c4:48:20:77:e0:f3:e5:
61:24:e2:61:84:9c:c7:37:45:d3:48:cd:2e:d0:77:d4:96:df:
14:10:39:be:58:e2:e1:cb:33:17:4e:bb:13:b7:f0:c8:6a:6d:
d4:15:c7:76:38:42:cc:47:5a:7c:ec:c0:c7:b7:d7:0a:01:84:
47:ab:83:1d:e5:af:9f:92:e8:e2:6e:1f:bb:01:8c:4f:c1:a8:
61:3c:3a:68:6a:30:9e:4a:28:9e:19:d3:a9:b6:0a:dc:0a:9e:
83:f1:c5:27:32:e6:b9:9e:f9:35:18:68:d4:15:df:5a:8b:9d:
bb:c2:fd:d0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYHNmpLQ2qoG4djrAnbMuEluMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MTA3YWI2OTIxZWY4Y2IyZGVjYTNlYjc2NjQ3OGNmZjNl
NWZjNmQwHhcNMjIwNzA1MDkwNDI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmMwZTMzZTk1NGMyZDUyM2MwYWVhMmFmOWY3NWFlZWM0NjQyZGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvi7N05LHaFXUlWJB4A4iqzpMPOLJ
knluU7+C8Stx/WQgu/nLJLyalmVqbC4mtMYyrq5viIBn0OZt1xLyHHx8q2WWaZTP
UFLShbfHnCswpLXUidh46vHnqreT1nVhOaTrO3SIDsGUO3MjuYC0cWLCzgzGhbbu
BKQxz8ZuPDnCMRnrP+yG27RtMNRkJGPmhDtEOa7+w4fEB9LG1Fv0Ct7Vc+0pht7c
JyZF3uDCUlOAm3Q+xUXgzL7jbuT4dafxjLrMrLDLrjTGPEyORkE5aNXQjbEQZuhg
C14NZ2C5ZQ6brbn6xrTNu5937oHx6vwVfCt6miGYRVwxROsGbNMVWw50BwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFE/A4z6VTC1SPArqKvn3Wu7EZC3SMB8GA1UdIwQY
MBaAFCgQeraSHvjLLeyj63ZkeM/z5fxtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0JCNnRwSWUtTXN0N0tQcmRtUjR6X1BsX0cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8wODgyNmUtNzdkMC00MzdiLWExYzIt
YzBmYjNlZjc2NDBlLzEvVDhEalBwVk1MVkk4Q3VvcS1mZGE3c1JrTGRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8wODgyNmUtNzdkMC00MzdiLWExYzItYzBmYjNlZjc2NDBl
LzEvS0JCNnRwSWUtTXN0N0tQcmRtUjR6X1BsX0cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLYvEAwQA
LZavMA0GCSqGSIb3DQEBCwUAA4IBAQAZjg/7O4aZFvR4lTMFiLyuTLMGq6R5LhWm
/otkF0RaMqyM2XCg1oy3zvTMXvJGl7/K+M5Lg1uVeUCIdE5uH1wS2z9rBKsNHCay
OpXHNYf3ZL9+V/2Jn7fTYfuL4kJ3APh/GRWgc3Zid74EADyluYOB6PbPO8zr7gLq
aq3W/Coau3+ShXEKXur4CMRIIHfg8+VhJOJhhJzHN0XTSM0u0HfUlt8UEDm+WOLh
yzMXTrsTt/DIam3UFcd2OELMR1p87MDHt9cKAYRHq4Md5a+fkujibh+7AYxPwahh
PDpoajCeSiieGdOptgrcCp6D8cUnMua5nvk1GGjUFd9ai527wv3Q
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:15 2023 by rpki-client on console-ams.rpki-client.org