Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/spB1wlNx2tK_p5MtvvIIwugZUSs.roa
File: spB1wlNx2tK_p5MtvvIIwugZUSs.roa (raw, json)
Hash identifier: h+yvoJgbWNyvTu+nwBwS5VmBoOtXy2LpD2ur9TQxb4E=
Subject key identifier: B2:90:75:C2:53:71:DA:D2:BF:A7:93:2D:BE:F2:08:C2:E8:19:51:2B
Certificate issuer: /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial: 067D55A4
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/spB1wlNx2tK_p5MtvvIIwugZUSs.roa
Signing time: Sat 01 Jan 2022 07:00:54 +0000
ROA not before: Sat 01 Jan 2022 07:00:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211091
IP address blocks: 45.154.159.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 108877220 (0x67d55a4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Validity
Not Before: Jan 1 07:00:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b29075c25371dad2bfa7932dbef208c2e819512b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:eb:df:eb:57:c9:9e:44:90:68:1b:3d:3b:ea:
84:15:82:f1:d0:b6:33:ae:fe:59:96:f1:00:bd:73:
e5:fa:bf:dd:e6:49:36:bf:51:b1:af:c9:28:87:20:
24:79:72:f9:2f:d9:1f:97:c1:ed:0b:4c:1e:3b:a8:
0d:15:1c:8e:c0:4b:37:b6:cc:d0:d5:e7:58:99:0f:
c0:8f:7e:bc:c0:b5:10:08:06:fa:c6:9d:54:d9:c8:
67:b7:a3:c5:88:0f:e9:3d:22:04:d3:5e:8e:f1:7d:
37:dc:fd:4a:13:bf:88:aa:f7:7b:15:ab:fb:6a:3c:
8a:40:03:50:fe:a2:53:ea:d4:51:3a:29:1d:3f:93:
b5:ec:f3:0b:53:13:3c:f3:6b:f8:0b:66:73:9b:f5:
ee:58:a4:b1:01:49:8c:fb:c1:85:cf:a0:27:c2:a1:
b3:dd:47:9e:84:b5:5a:f3:1e:2c:66:2d:15:0e:eb:
e1:3c:eb:e9:d2:8f:4a:24:86:a7:de:8a:8c:d9:90:
a3:f4:5d:e6:c4:ff:ce:aa:2a:e9:69:97:08:96:4c:
2e:5d:d9:ee:5a:e9:9e:bc:2c:3a:7b:96:70:42:61:
fe:b6:64:dc:e3:72:62:fb:ea:f7:ef:96:1b:fb:73:
63:41:53:56:b4:33:0d:fe:a9:57:ef:2b:3d:08:38:
67:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:90:75:C2:53:71:DA:D2:BF:A7:93:2D:BE:F2:08:C2:E8:19:51:2B
X509v3 Authority Key Identifier:
keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/spB1wlNx2tK_p5MtvvIIwugZUSs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.159.0/24
Signature Algorithm: sha256WithRSAEncryption
72:d7:c0:37:37:ab:a1:5e:59:a5:38:83:b8:06:95:36:08:71:
8a:74:b6:1d:2b:ce:75:e7:9d:4f:4c:03:11:ee:f3:44:c7:4a:
d1:f4:19:44:d5:11:47:0c:2e:89:dc:0b:a4:bd:ff:97:26:f6:
42:ed:19:6e:01:83:74:aa:8b:3c:81:15:1b:95:b1:97:8d:c4:
a4:35:81:eb:8f:e9:ec:a3:38:7c:65:61:09:d6:13:3a:7d:21:
51:9e:5a:4f:39:1e:fa:0c:93:2f:ae:4b:3c:35:25:b4:cd:95:
3e:07:66:81:a1:2a:18:41:16:0c:bd:b9:1f:50:dc:ba:f2:0b:
78:d1:f5:e0:10:aa:fe:10:95:93:aa:7d:e7:c7:a7:46:6d:e9:
9f:ed:e3:bd:2b:71:cb:6e:d7:88:59:bf:db:21:de:79:dc:f8:
b8:c1:d8:82:de:3c:b2:7c:94:9b:7a:02:d2:bb:c6:69:f9:92:
ca:c0:ad:0e:7c:87:98:0d:e1:ca:57:a6:2f:9d:4c:ff:cc:c2:
ad:21:f0:07:5c:e0:5e:08:71:5c:89:a9:df:40:4d:cb:bd:aa:
fa:d4:23:10:08:ad:81:eb:19:e2:f5:76:d0:ab:3e:0f:9c:03:
8b:1a:b0:68:ac:a9:16:0e:2f:ea:d9:7b:22:b2:42:6a:c5:56:
57:b7:6b:ec
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBn1VpDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
OTNkYTIwMTk5MDlkOWZjMzc4MjlmZDllYzI5ZDk0OGVjZmY3YzkyMB4XDTIyMDEw
MTA3MDA1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjI5MDc1YzI1Mzcx
ZGFkMmJmYTc5MzJkYmVmMjA4YzJlODE5NTEyYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJrr3+tXyZ5EkGgbPTvqhBWC8dC2M67+WZbxAL1z5fq/3eZJ
Nr9Rsa/JKIcgJHly+S/ZH5fB7QtMHjuoDRUcjsBLN7bM0NXnWJkPwI9+vMC1EAgG
+sadVNnIZ7ejxYgP6T0iBNNejvF9N9z9ShO/iKr3exWr+2o8ikADUP6iU+rUUTop
HT+TtezzC1MTPPNr+Atmc5v17liksQFJjPvBhc+gJ8Khs91HnoS1WvMeLGYtFQ7r
4Tzr6dKPSiSGp96KjNmQo/Rd5sT/zqoq6WmXCJZMLl3Z7lrpnrwsOnuWcEJh/rZk
3ONyYvvq9++WG/tzY0FTVrQzDf6pV+8rPQg4Z/MCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSykHXCU3Ha0r+nky2+8gjC6BlRKzAfBgNVHSMEGDAWgBTZPaIBmQnZ/DeC
n9nsKdlI7P98kjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJUMmlBWmtKMmZ3M2dwX1o3Q25aU096X2ZKSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzIvNDdhZmEzLWNlMzEtNDA2MC1hMDc4LWY1YWRkZGRmMWVjNS8x
L3NwQjF3bE54MnRLX3A1TXR2dklJd3VnWlVTcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzIv
NDdhZmEzLWNlMzEtNDA2MC1hMDc4LWY1YWRkZGRmMWVjNS8xLzJUMmlBWmtKMmZ3
M2dwX1o3Q25aU096X2ZKSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC2anzANBgkqhkiG9w0BAQsFAAOC
AQEActfANzeroV5ZpTiDuAaVNghxinS2HSvOdeedT0wDEe7zRMdK0fQZRNURRwwu
idwLpL3/lyb2Qu0ZbgGDdKqLPIEVG5Wxl43EpDWB64/p7KM4fGVhCdYTOn0hUZ5a
Tzke+gyTL65LPDUltM2VPgdmgaEqGEEWDL25H1DcuvILeNH14BCq/hCVk6p958en
Rm3pn+3jvStxy27XiFm/2yHeedz4uMHYgt48snyUm3oC0rvGafmSysCtDnyHmA3h
ylemL51M/8zCrSHwB1zgXghxXImp30BNy72q+tQjEAitgesZ4vV20Ks+D5wDixqw
aKypFg4v6tl7IrJCasVWV7dr7A==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:59 2023 by rpki-client on console-ams.rpki-client.org