Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e52b07-f2a4-47c1-9460-1e4e0400844b/1/O1aRswSoLyMU6WR-8G_017fouHw.roa
File: O1aRswSoLyMU6WR-8G_017fouHw.roa (raw, json)
Hash identifier: G/WsV3vpIy783eAqC0QMKINM6j6nA3dycmoRKhOC2D0=
Subject key identifier: 3B:56:91:B3:04:A8:2F:23:14:E9:64:7E:F0:6F:F4:D7:B7:E8:B8:7C
Certificate issuer: /CN=21351865b767dd7b9c22314bfc8055bd57db0065
Certificate serial: 0A1BF13A
Authority key identifier: 21:35:18:65:B7:67:DD:7B:9C:22:31:4B:FC:80:55:BD:57:DB:00:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITUYZbdn3XucIjFL_IBVvVfbAGU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e52b07-f2a4-47c1-9460-1e4e0400844b/1/O1aRswSoLyMU6WR-8G_017fouHw.roa
Signing time: Sat 01 Jan 2022 06:03:49 +0000
ROA not before: Sat 01 Jan 2022 06:03:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205381
IP address blocks: 45.88.33.0/24 maxlen: 24
45.88.32.0/24 maxlen: 24
45.88.34.0/24 maxlen: 24
45.88.35.0/24 maxlen: 24
2a0c:f587:fffd::/48 maxlen: 48
2a07:86c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 169603386 (0xa1bf13a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21351865b767dd7b9c22314bfc8055bd57db0065
Validity
Not Before: Jan 1 06:03:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3b5691b304a82f2314e9647ef06ff4d7b7e8b87c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:80:be:62:49:bd:14:03:ca:24:78:2b:61:df:
82:a6:1d:50:05:a8:9b:46:5d:f7:38:ad:0a:bc:89:
42:59:87:9b:3e:1f:63:cf:a6:27:ea:58:83:8a:ca:
81:6e:a4:23:26:e9:ab:90:d6:71:22:e2:f9:68:8c:
4e:b2:e3:09:67:67:05:c8:bc:e6:ff:06:c8:fc:40:
7b:e2:4b:7d:9a:6d:85:33:98:d8:dc:d5:b5:d1:84:
19:70:50:f1:c6:42:44:0d:b2:5b:36:b8:a0:e7:43:
45:b8:9a:4a:a7:e5:c5:a5:9b:22:cc:a7:89:ee:ca:
ec:74:ec:f7:9d:0b:69:2b:a7:51:7e:fa:15:61:62:
c2:3c:8c:99:b7:6a:b9:a3:ba:c0:e0:0f:0f:ed:8b:
23:d8:4f:63:c0:7b:d2:76:40:a8:06:16:fa:04:af:
e8:e8:80:4d:a9:56:5c:38:18:5b:bf:5d:57:95:cb:
e4:44:e4:f7:ad:40:54:17:48:b3:32:f6:d6:a9:44:
d5:46:5b:49:1e:fc:d8:3a:62:3b:b1:45:51:e3:bf:
95:9a:71:f3:2d:28:23:39:04:8e:eb:46:1d:e4:ad:
29:ac:8e:1c:b7:c4:8a:0d:d6:7f:14:86:2d:3e:8e:
0b:48:9b:12:6c:bc:8f:c6:c8:6e:c5:8a:68:c7:72:
6b:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:56:91:B3:04:A8:2F:23:14:E9:64:7E:F0:6F:F4:D7:B7:E8:B8:7C
X509v3 Authority Key Identifier:
keyid:21:35:18:65:B7:67:DD:7B:9C:22:31:4B:FC:80:55:BD:57:DB:00:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITUYZbdn3XucIjFL_IBVvVfbAGU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e52b07-f2a4-47c1-9460-1e4e0400844b/1/O1aRswSoLyMU6WR-8G_017fouHw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e52b07-f2a4-47c1-9460-1e4e0400844b/1/ITUYZbdn3XucIjFL_IBVvVfbAGU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.32.0/22
IPv6:
2a07:86c0::/29
2a0c:f587:fffd::/48
Signature Algorithm: sha256WithRSAEncryption
88:0f:0d:77:77:6b:85:8c:39:f9:3d:4d:d3:77:d1:e4:0e:15:
c1:7a:57:08:9b:b7:ba:31:88:c9:b4:d5:10:4b:56:b3:86:4a:
57:db:fb:bb:13:a0:e0:40:60:27:eb:2a:45:43:18:a4:6a:32:
14:3e:1b:da:85:b7:9d:c6:df:b1:0d:d4:91:b3:33:de:54:c6:
1f:12:62:d5:21:96:e2:8c:7f:d2:de:f4:31:9c:98:eb:0b:0b:
8c:40:df:29:d6:5a:05:81:12:80:08:f6:55:67:2e:9c:8a:8b:
6d:15:cb:dc:26:fc:55:4c:47:87:27:48:9a:2d:46:7f:54:c2:
2b:ab:45:2e:e7:f4:07:f6:cd:b2:4c:03:f7:dc:12:b0:d1:c8:
a1:c9:9a:20:3d:a5:52:4c:63:61:45:33:36:2f:3c:3e:61:51:
48:10:6d:85:db:15:b5:7d:75:9b:f8:d6:09:d2:92:32:e5:85:
50:ae:f6:ee:87:26:35:3e:c3:2c:01:b8:f3:56:3c:a0:7a:ba:
4e:34:84:ff:48:44:8c:fb:2f:02:a5:99:61:06:65:83:0e:aa:
44:d6:36:79:eb:40:8a:71:1b:60:df:eb:0c:59:d5:73:92:13:
77:76:f6:24:dc:7b:22:8f:0d:81:22:e7:b0:fe:4e:eb:0a:d0:
9c:75:a7:54
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIEChvxOjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MTM1MTg2NWI3NjdkZDdiOWMyMjMxNGJmYzgwNTViZDU3ZGIwMDY1MB4XDTIyMDEw
MTA2MDM0OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2I1NjkxYjMwNGE4
MmYyMzE0ZTk2NDdlZjA2ZmY0ZDdiN2U4Yjg3YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK+AvmJJvRQDyiR4K2HfgqYdUAWom0Zd9zitCryJQlmHmz4f
Y8+mJ+pYg4rKgW6kIybpq5DWcSLi+WiMTrLjCWdnBci85v8GyPxAe+JLfZpthTOY
2NzVtdGEGXBQ8cZCRA2yWza4oOdDRbiaSqflxaWbIsynie7K7HTs950LaSunUX76
FWFiwjyMmbdquaO6wOAPD+2LI9hPY8B70nZAqAYW+gSv6OiATalWXDgYW79dV5XL
5ETk961AVBdIszL21qlE1UZbSR782DpiO7FFUeO/lZpx8y0oIzkEjutGHeStKayO
HLfEig3WfxSGLT6OC0ibEmy8j8bIbsWKaMdya8MCAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBQ7VpGzBKgvIxTpZH7wb/TXt+i4fDAfBgNVHSMEGDAWgBQhNRhlt2fde5wi
MUv8gFW9V9sAZTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lUVVlaYmRuM1h1Y0lqRkxfSUJWdlZmYkFHVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmQvZTUyYjA3LWYyYTQtNDdjMS05NDYwLTFlNGUwNDAwODQ0Yi8x
L08xYVJzd1NvTHlNVTZXUi04R18wMTdmb3VIdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmQv
ZTUyYjA3LWYyYTQtNDdjMS05NDYwLTFlNGUwNDAwODQ0Yi8xL0lUVVlaYmRuM1h1
Y0lqRkxfSUJWdlZmYkFHVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwDAQCAAEwBgMEAi1YIDAWBAIAAjAQAwUDKgeGwAMH
ACoM9Yf//TANBgkqhkiG9w0BAQsFAAOCAQEAiA8Nd3drhYw5+T1N03fR5A4VwXpX
CJu3ujGIybTVEEtWs4ZKV9v7uxOg4EBgJ+sqRUMYpGoyFD4b2oW3ncbfsQ3UkbMz
3lTGHxJi1SGW4ox/0t70MZyY6wsLjEDfKdZaBYESgAj2VWcunIqLbRXL3Cb8VUxH
hydImi1Gf1TCK6tFLuf0B/bNskwD99wSsNHIocmaID2lUkxjYUUzNi88PmFRSBBt
hdsVtX11m/jWCdKSMuWFUK727ocmNT7DLAG481Y8oHq6TjSE/0hEjPsvAqWZYQZl
gw6qRNY2eetAinEbYN/rDFnVc5ITd3b2JNx7Io8NgSLnsP5O6wrQnHWnVA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:58 2024 by rpki-client on console-fra.rpki-client.org