Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/c9aa81-5bfd-4535-9606-941cc6a7bad9/1/tsJeE4IGL41SzuJWY-2cS5C5epQ.roa
File: tsJeE4IGL41SzuJWY-2cS5C5epQ.roa (raw, json)
Hash identifier: DEtyWtM80yXFcDYQcSCASBiDBpPqy2mrZJkxTlvqWJk=
Subject key identifier: B6:C2:5E:13:82:06:2F:8D:52:CE:E2:56:63:ED:9C:4B:90:B9:7A:94
Certificate issuer: /CN=17526ccac4f9064e058549b30172c84439787fbc
Certificate serial: 01835C8E9114294E6EC9112A8DD40BCCC9E0
Authority key identifier: 17:52:6C:CA:C4:F9:06:4E:05:85:49:B3:01:72:C8:44:39:78:7F:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F1JsysT5Bk4FhUmzAXLIRDl4f7w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/c9aa81-5bfd-4535-9606-941cc6a7bad9/1/tsJeE4IGL41SzuJWY-2cS5C5epQ.roa
Signing time: Tue 20 Sep 2022 20:19:50 +0000
ROA not before: Tue 20 Sep 2022 20:19:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208661
IP address blocks: 45.90.84.0/24 maxlen: 24
2a0c:b6c3::/32 maxlen: 32
2a0c:b6c7::/32 maxlen: 32
2a0c:b6c5::/32 maxlen: 32
2a0c:b6c1::/32 maxlen: 32
2a0c:b6c4::/32 maxlen: 32
2a0c:b6c2::/32 maxlen: 32
2a0c:b6c0::/32 maxlen: 32
2a0c:b6c6::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:5c:8e:91:14:29:4e:6e:c9:11:2a:8d:d4:0b:cc:c9:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17526ccac4f9064e058549b30172c84439787fbc
Validity
Not Before: Sep 20 20:19:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b6c25e1382062f8d52cee25663ed9c4b90b97a94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:55:e1:83:cb:dd:47:5b:55:b0:35:1b:96:2c:
3d:83:9e:7f:ab:ad:1f:79:19:a9:93:2f:ae:e9:e6:
97:7b:72:a1:73:52:f2:47:dd:65:68:7d:82:88:ac:
3c:c0:d1:52:72:53:8c:16:04:98:51:52:ab:2c:c6:
76:d7:47:87:8e:af:69:9d:dc:af:9f:a9:bb:21:75:
90:42:af:fb:fb:63:95:25:dd:bb:bc:7a:88:e9:12:
fa:56:12:4c:fd:50:3e:61:da:7d:7d:b7:93:ca:2b:
96:f3:1c:68:4b:09:2c:07:35:a0:29:25:04:97:eb:
1c:b3:13:e8:e0:eb:91:ef:9f:69:90:19:b9:68:ed:
43:2f:ac:99:56:dd:bd:72:05:10:f2:e0:48:43:5f:
96:ec:d4:9d:3c:9a:bf:33:ac:6a:34:4e:d2:84:ff:
a6:9f:13:85:bf:0a:a1:76:04:b5:56:14:64:b1:92:
a7:2b:a4:7a:6a:e4:65:18:1d:61:5f:a1:c1:40:5a:
eb:ce:53:fb:bd:90:ae:f3:c1:8f:a5:ff:88:81:1a:
08:73:ab:e5:87:89:4c:78:06:ed:c3:d9:c5:1f:35:
ae:fd:3f:42:b4:db:0e:23:8a:ca:91:bd:80:83:70:
33:5c:f0:96:0e:fb:db:5d:37:23:72:f1:5a:d8:76:
7d:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:C2:5E:13:82:06:2F:8D:52:CE:E2:56:63:ED:9C:4B:90:B9:7A:94
X509v3 Authority Key Identifier:
keyid:17:52:6C:CA:C4:F9:06:4E:05:85:49:B3:01:72:C8:44:39:78:7F:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F1JsysT5Bk4FhUmzAXLIRDl4f7w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/c9aa81-5bfd-4535-9606-941cc6a7bad9/1/tsJeE4IGL41SzuJWY-2cS5C5epQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/c9aa81-5bfd-4535-9606-941cc6a7bad9/1/F1JsysT5Bk4FhUmzAXLIRDl4f7w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.84.0/24
IPv6:
2a0c:b6c0::/29
Signature Algorithm: sha256WithRSAEncryption
45:e1:70:e3:8d:37:a3:ec:c3:22:05:9e:61:3d:53:4b:d9:6a:
dc:12:50:bf:33:33:5e:13:4f:4f:2d:46:e2:49:75:de:e7:c3:
44:19:e2:ba:20:e5:f2:55:50:6d:e7:5e:52:b2:4c:d6:23:a1:
53:bf:44:7a:c0:25:87:7b:35:b5:1b:20:70:cd:ce:6e:e7:f4:
44:3a:af:a0:7f:83:54:7a:4e:40:5d:a1:16:dd:c7:6d:47:83:
55:91:07:23:aa:44:eb:86:67:5c:49:67:d7:11:32:9b:61:fe:
90:f0:e5:30:bb:57:00:62:64:97:16:ca:e1:37:4f:53:d2:ed:
7a:aa:e2:1b:30:77:5e:c8:6f:6a:41:46:75:f8:d5:93:f1:48:
0c:72:d4:04:92:1b:20:a1:03:60:39:e8:1b:f3:4c:37:75:69:
0e:bd:d4:7a:35:f8:05:33:94:62:5a:9a:23:3b:bc:84:32:ad:
d4:e8:26:f2:8a:50:d4:e8:5d:1f:1c:d6:08:29:1a:21:e6:f2:
9e:85:56:60:49:1f:79:97:61:34:2e:8f:1e:57:00:56:22:23:
8f:fd:f1:af:53:f8:30:96:9a:c1:ad:06:fc:93:0e:92:bb:c6:
d7:e0:3a:77:14:a4:84:5c:9f:43:74:79:3f:7b:92:c3:14:8b:
04:2f:1a:32
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYNcjpEUKU5uyREqjdQLzMngMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3NTI2Y2NhYzRmOTA2NGUwNTg1NDliMzAxNzJjODQ0Mzk3
ODdmYmMwHhcNMjIwOTIwMjAxOTUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmMyNWUxMzgyMDYyZjhkNTJjZWUyNTY2M2VkOWM0YjkwYjk3YTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkVXhg8vdR1tVsDUbliw9g55/q60f
eRmpky+u6eaXe3Khc1LyR91laH2CiKw8wNFSclOMFgSYUVKrLMZ210eHjq9pndyv
n6m7IXWQQq/7+2OVJd27vHqI6RL6VhJM/VA+Ydp9fbeTyiuW8xxoSwksBzWgKSUE
l+scsxPo4OuR759pkBm5aO1DL6yZVt29cgUQ8uBIQ1+W7NSdPJq/M6xqNE7ShP+m
nxOFvwqhdgS1VhRksZKnK6R6auRlGB1hX6HBQFrrzlP7vZCu88GPpf+IgRoIc6vl
h4lMeAbtw9nFHzWu/T9CtNsOI4rKkb2Ag3AzXPCWDvvbXTcjcvFa2HZ9pQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLbCXhOCBi+NUs7iVmPtnEuQuXqUMB8GA1UdIwQY
MBaAFBdSbMrE+QZOBYVJswFyyEQ5eH+8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjFKc3lzVDVCazRGaFVtekFYTElSRGw0Zjd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9jOWFhODEtNWJmZC00NTM1LTk2MDYt
OTQxY2M2YTdiYWQ5LzEvdHNKZUU0SUdMNDFTenVKV1ktMmNTNUM1ZXBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9jOWFhODEtNWJmZC00NTM1LTk2MDYtOTQxY2M2YTdiYWQ5
LzEvRjFKc3lzVDVCazRGaFVtekFYTElSRGw0Zjd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQALVpUMA0E
AgACMAcDBQMqDLbAMA0GCSqGSIb3DQEBCwUAA4IBAQBF4XDjjTej7MMiBZ5hPVNL
2WrcElC/MzNeE09PLUbiSXXe58NEGeK6IOXyVVBt515SskzWI6FTv0R6wCWHezW1
GyBwzc5u5/REOq+gf4NUek5AXaEW3cdtR4NVkQcjqkTrhmdcSWfXETKbYf6Q8OUw
u1cAYmSXFsrhN09T0u16quIbMHdeyG9qQUZ1+NWT8UgMctQEkhsgoQNgOegb80w3
dWkOvdR6NfgFM5RiWpojO7yEMq3U6CbyilDU6F0fHNYIKRoh5vKehVZgSR95l2E0
Lo8eVwBWIiOP/fGvU/gwlprBrQb8kw6Su8bX4Dp3FKSEXJ9DdHk/e5LDFIsELxoy
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:12 2023 by rpki-client on console-ams.rpki-client.org