Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/c9aa81-5bfd-4535-9606-941cc6a7bad9/1/s-ZTd6ns_5lt8BUOn_DpQ16sgRc.roa
File: s-ZTd6ns_5lt8BUOn_DpQ16sgRc.roa (raw, json)
Hash identifier: 4R6AwymlIaNXpFYbfgdywddTfi3TCdQX7itnypVQZnE=
Subject key identifier: B3:E6:53:77:A9:EC:FF:99:6D:F0:15:0E:9F:F0:E9:43:5E:AC:81:17
Certificate issuer: /CN=17526ccac4f9064e058549b30172c84439787fbc
Certificate serial: 01841921A55AE337F00832588F61E09F1CBA
Authority key identifier: 17:52:6C:CA:C4:F9:06:4E:05:85:49:B3:01:72:C8:44:39:78:7F:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F1JsysT5Bk4FhUmzAXLIRDl4f7w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/c9aa81-5bfd-4535-9606-941cc6a7bad9/1/s-ZTd6ns_5lt8BUOn_DpQ16sgRc.roa
Signing time: Thu 27 Oct 2022 11:09:06 +0000
ROA not before: Thu 27 Oct 2022 11:09:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208661
IP address blocks: 45.90.84.0/24 maxlen: 24
2a0c:b6c3::/32 maxlen: 32
2a0c:b6c5::/32 maxlen: 32
2a0c:b6c1::/32 maxlen: 32
2a0c:b6c4::/32 maxlen: 32
2a0c:b6c2::/32 maxlen: 32
2a0c:b6c0::/32 maxlen: 32
2a0c:b6c6::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:19:21:a5:5a:e3:37:f0:08:32:58:8f:61:e0:9f:1c:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17526ccac4f9064e058549b30172c84439787fbc
Validity
Not Before: Oct 27 11:09:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b3e65377a9ecff996df0150e9ff0e9435eac8117
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:e5:bc:01:14:ab:a0:24:70:38:4e:65:63:41:
db:e9:65:66:c0:94:85:33:13:a0:30:06:ff:fa:17:
89:92:6d:5d:0a:6d:6b:cf:cb:e9:40:4c:72:2c:bc:
7d:c4:97:97:a7:54:53:df:05:1a:10:f9:b0:b9:db:
53:0e:cb:b9:ce:64:f4:ae:a5:db:94:bc:10:c3:50:
53:49:33:a2:fc:60:f3:76:a1:2d:49:8c:17:1c:dc:
0c:0e:6b:b3:70:0e:0c:1e:a9:98:f8:29:9d:8d:3e:
5c:79:82:a5:9d:30:6c:d1:5d:fc:54:48:26:3e:ef:
63:d9:93:c5:47:a3:76:f6:2c:6b:0b:6c:92:20:af:
9d:6f:38:0b:2a:55:fe:6b:5b:e7:6a:3d:fe:bc:29:
43:0e:4b:20:d2:54:23:f9:fc:bb:41:1a:8e:09:b5:
04:25:0d:7e:f5:aa:2e:1e:ba:39:ed:07:56:88:88:
21:b9:c9:c7:91:34:30:57:e3:aa:69:cf:50:ea:01:
e3:e6:2d:dd:b6:50:9b:42:dd:90:5d:28:88:2b:83:
59:e1:e9:28:d2:43:ea:72:7d:e4:35:b5:d4:a1:46:
83:6a:56:03:29:44:f5:13:55:fc:10:9e:ee:98:b2:
9e:fe:f0:0a:23:f0:df:ff:68:04:2e:88:91:32:18:
47:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:E6:53:77:A9:EC:FF:99:6D:F0:15:0E:9F:F0:E9:43:5E:AC:81:17
X509v3 Authority Key Identifier:
keyid:17:52:6C:CA:C4:F9:06:4E:05:85:49:B3:01:72:C8:44:39:78:7F:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F1JsysT5Bk4FhUmzAXLIRDl4f7w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/c9aa81-5bfd-4535-9606-941cc6a7bad9/1/s-ZTd6ns_5lt8BUOn_DpQ16sgRc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/c9aa81-5bfd-4535-9606-941cc6a7bad9/1/F1JsysT5Bk4FhUmzAXLIRDl4f7w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.84.0/24
IPv6:
2a0c:b6c0::-2a0c:b6c6:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
4d:8e:81:10:95:75:4c:53:77:ca:1a:c3:81:6c:e3:7e:73:50:
e6:30:f9:2f:6b:90:27:bc:c0:27:cc:8f:9e:68:05:01:d6:2f:
ca:84:96:bd:7c:dc:9c:d2:ae:3c:a6:5f:3f:05:06:fc:51:b4:
2f:4d:21:17:b8:7a:0c:e6:27:ef:4b:54:a4:7e:0c:6d:8f:a2:
de:8c:20:18:f5:5a:34:5f:8e:7f:84:b3:9f:93:b4:84:19:a5:
4b:cd:cf:22:dc:6a:3e:b8:56:75:04:46:ba:d2:d9:4e:19:bb:
32:63:0f:9b:40:6d:07:1f:5f:37:e5:7d:a9:cb:c3:df:44:2d:
89:0e:59:8a:c0:87:cb:26:49:82:45:e9:2f:a7:67:93:83:86:
1b:29:9f:21:55:b6:d7:ab:c9:cd:0b:d1:c9:d0:bc:ad:b4:c2:
dd:8c:26:f4:07:d5:49:e7:17:93:38:06:a7:b3:b7:ad:11:17:
1c:43:30:01:85:ba:a6:da:c8:fe:41:20:a5:52:0b:4b:5b:c5:
d3:dc:01:99:1e:0f:1e:9d:0e:00:ec:38:a5:f8:d5:32:a0:77:
0a:5c:e7:d1:77:31:db:69:54:7f:0c:6f:b8:14:dc:4e:f6:a6:
48:ab:b6:e4:cb:25:bf:97:4c:33:1f:e8:d2:56:7c:e0:ba:bf:
fc:b3:b6:b0
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYQZIaVa4zfwCDJYj2Hgnxy6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3NTI2Y2NhYzRmOTA2NGUwNTg1NDliMzAxNzJjODQ0Mzk3
ODdmYmMwHhcNMjIxMDI3MTEwOTA2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2U2NTM3N2E5ZWNmZjk5NmRmMDE1MGU5ZmYwZTk0MzVlYWM4MTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoOW8ARSroCRwOE5lY0Hb6WVmwJSF
MxOgMAb/+heJkm1dCm1rz8vpQExyLLx9xJeXp1RT3wUaEPmwudtTDsu5zmT0rqXb
lLwQw1BTSTOi/GDzdqEtSYwXHNwMDmuzcA4MHqmY+CmdjT5ceYKlnTBs0V38VEgm
Pu9j2ZPFR6N29ixrC2ySIK+dbzgLKlX+a1vnaj3+vClDDksg0lQj+fy7QRqOCbUE
JQ1+9aouHro57QdWiIghucnHkTQwV+Oqac9Q6gHj5i3dtlCbQt2QXSiIK4NZ4eko
0kPqcn3kNbXUoUaDalYDKUT1E1X8EJ7umLKe/vAKI/Df/2gELoiRMhhHswIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFLPmU3ep7P+ZbfAVDp/w6UNerIEXMB8GA1UdIwQY
MBaAFBdSbMrE+QZOBYVJswFyyEQ5eH+8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjFKc3lzVDVCazRGaFVtekFYTElSRGw0Zjd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9jOWFhODEtNWJmZC00NTM1LTk2MDYt
OTQxY2M2YTdiYWQ5LzEvcy1aVGQ2bnNfNWx0OEJVT25fRHBRMTZzZ1JjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9jOWFhODEtNWJmZC00NTM1LTk2MDYtOTQxY2M2YTdiYWQ5
LzEvRjFKc3lzVDVCazRGaFVtekFYTElSRGw0Zjd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAMBAIAATAGAwQALVpUMBYE
AgACMBAwDgMFBioMtsADBQAqDLbGMA0GCSqGSIb3DQEBCwUAA4IBAQBNjoEQlXVM
U3fKGsOBbON+c1DmMPkva5AnvMAnzI+eaAUB1i/KhJa9fNyc0q48pl8/BQb8UbQv
TSEXuHoM5ifvS1Skfgxtj6LejCAY9Vo0X45/hLOfk7SEGaVLzc8i3Go+uFZ1BEa6
0tlOGbsyYw+bQG0HH1835X2py8PfRC2JDlmKwIfLJkmCRekvp2eTg4YbKZ8hVbbX
q8nNC9HJ0LyttMLdjCb0B9VJ5xeTOAans7etERccQzABhbqm2sj+QSClUgtLW8XT
3AGZHg8enQ4A7Dil+NUyoHcKXOfRdzHbaVR/DG+4FNxO9qZIq7bkyyW/l0wzH+jS
Vnzgur/8s7aw
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:12 2023 by rpki-client on console-ams.rpki-client.org