Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/2a96b8-046d-4ac3-b23d-d819794a32a3/1/q6bma0IrYZVf-Ng4v79xs5pUJ_o.roa
File: q6bma0IrYZVf-Ng4v79xs5pUJ_o.roa (raw, json)
Hash identifier: t+dZg/VM8gBebxSGKbL4T9w8CHXQSLqZBylz/8iK70E=
Subject key identifier: AB:A6:E6:6B:42:2B:61:95:5F:F8:D8:38:BF:BF:71:B3:9A:54:27:FA
Certificate issuer: /CN=94282a6078ba98fb4a6e343e7603a960e7a63442
Certificate serial: 05B5C351
Authority key identifier: 94:28:2A:60:78:BA:98:FB:4A:6E:34:3E:76:03:A9:60:E7:A6:34:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lCgqYHi6mPtKbjQ-dgOpYOemNEI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/2a96b8-046d-4ac3-b23d-d819794a32a3/1/q6bma0IrYZVf-Ng4v79xs5pUJ_o.roa
Signing time: Sat 01 Jan 2022 13:57:36 +0000
ROA not before: Sat 01 Jan 2022 13:57:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209064
IP address blocks: 45.8.38.0/24 maxlen: 24
45.8.37.0/24 maxlen: 24
45.8.36.0/24 maxlen: 24
45.8.36.0/22 maxlen: 22
45.8.39.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95798097 (0x5b5c351)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94282a6078ba98fb4a6e343e7603a960e7a63442
Validity
Not Before: Jan 1 13:57:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=aba6e66b422b61955ff8d838bfbf71b39a5427fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:b5:42:8e:3b:c9:03:0d:6a:08:2a:53:3b:59:
88:ea:a3:8a:c1:e0:e3:c1:f4:80:6e:46:56:bf:74:
16:af:8d:cb:16:29:6d:5a:d3:94:0e:ed:fa:9d:5b:
b2:d0:7b:57:c1:0a:77:85:61:de:16:b8:6d:16:0e:
4c:ca:ba:a8:a3:bb:1f:e2:5d:d8:26:c9:00:d9:d2:
5a:2e:7b:51:0a:ac:25:6b:a3:71:a9:67:8e:70:95:
79:20:8c:47:ad:b0:66:8f:21:d1:88:6a:5e:2d:86:
47:fb:e0:55:66:ed:f9:9e:f3:04:ec:dd:d7:87:cf:
a3:12:42:b3:16:69:a0:df:92:de:f6:bd:39:94:ee:
a1:e0:6c:de:95:86:f4:b0:61:21:23:88:0d:9a:8b:
e6:d7:5f:84:7c:a2:82:7c:c0:c3:cc:2d:f5:8d:23:
27:77:50:1d:b6:f2:69:63:c0:80:22:72:05:00:13:
98:32:fd:0f:67:0e:25:9d:08:23:03:3b:4e:c9:6e:
31:0b:c3:05:f9:c2:00:de:f3:e0:ac:19:d6:38:1c:
72:06:9d:d0:fa:ff:b0:42:3a:08:59:31:7f:45:8e:
fc:3d:55:f2:33:aa:91:74:43:5c:48:02:a6:b3:50:
26:21:14:cb:86:48:82:9a:a9:5c:39:d6:34:64:15:
c5:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:A6:E6:6B:42:2B:61:95:5F:F8:D8:38:BF:BF:71:B3:9A:54:27:FA
X509v3 Authority Key Identifier:
keyid:94:28:2A:60:78:BA:98:FB:4A:6E:34:3E:76:03:A9:60:E7:A6:34:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lCgqYHi6mPtKbjQ-dgOpYOemNEI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/2a96b8-046d-4ac3-b23d-d819794a32a3/1/q6bma0IrYZVf-Ng4v79xs5pUJ_o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/2a96b8-046d-4ac3-b23d-d819794a32a3/1/lCgqYHi6mPtKbjQ-dgOpYOemNEI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.36.0/22
Signature Algorithm: sha256WithRSAEncryption
5b:6b:db:22:e0:f0:02:ce:65:9f:3d:28:f1:25:fb:3c:fb:7f:
b6:f6:30:7f:ee:f2:5b:2f:f7:72:24:3e:2c:91:a5:b5:c6:49:
c1:59:a9:02:c4:ce:87:95:90:b7:e1:fe:3d:b5:e6:2d:a6:1b:
20:50:00:f7:83:e3:d1:ce:ec:8f:c3:16:d7:a6:1a:f9:f2:9f:
f7:11:89:4d:8a:8e:ef:c0:cd:5f:3d:1b:ac:ec:87:b1:9a:ea:
1b:18:37:77:ba:33:12:f0:9d:3c:12:62:22:da:a2:8d:9d:16:
b8:db:b2:e0:3f:8f:2f:0d:70:1d:56:7c:36:22:1f:d3:85:0d:
eb:29:10:9f:c5:2f:1c:1c:46:60:40:62:ec:37:e4:80:b3:16:
e7:80:6b:3f:44:59:44:7b:b7:80:55:2d:7a:49:c6:df:f5:ac:
2b:eb:a9:bf:b3:f1:4e:ce:97:5c:a6:71:11:97:5b:60:1e:06:
cd:49:27:db:7f:97:c9:32:6e:5b:0f:f4:3c:02:a0:4b:be:f2:
9a:e0:45:1f:12:86:2d:fb:52:a7:d2:36:7c:9c:0f:7f:d6:46:
0d:b1:4f:1d:06:16:9d:e8:8e:5d:92:d4:ff:7f:49:49:61:ae:
f2:78:c3:ed:ee:4b:ce:65:e4:ec:ce:fc:d1:0f:c9:b8:c6:77:
57:86:0b:71
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBbXDUTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NDI4MmE2MDc4YmE5OGZiNGE2ZTM0M2U3NjAzYTk2MGU3YTYzNDQyMB4XDTIyMDEw
MTEzNTczNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWJhNmU2NmI0MjJi
NjE5NTVmZjhkODM4YmZiZjcxYjM5YTU0MjdmYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALu1Qo47yQMNaggqUztZiOqjisHg48H0gG5GVr90Fq+NyxYp
bVrTlA7t+p1bstB7V8EKd4Vh3ha4bRYOTMq6qKO7H+Jd2CbJANnSWi57UQqsJWuj
calnjnCVeSCMR62wZo8h0YhqXi2GR/vgVWbt+Z7zBOzd14fPoxJCsxZpoN+S3va9
OZTuoeBs3pWG9LBhISOIDZqL5tdfhHyignzAw8wt9Y0jJ3dQHbbyaWPAgCJyBQAT
mDL9D2cOJZ0IIwM7TsluMQvDBfnCAN7z4KwZ1jgccgad0Pr/sEI6CFkxf0WO/D1V
8jOqkXRDXEgCprNQJiEUy4ZIgpqpXDnWNGQVxX0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSrpuZrQithlV/42Di/v3GzmlQn+jAfBgNVHSMEGDAWgBSUKCpgeLqY+0pu
ND52A6lg56Y0QjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2xDZ3FZSGk2bVB0S2JqUS1kZ09wWU9lbU5FSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2IvMmE5NmI4LTA0NmQtNGFjMy1iMjNkLWQ4MTk3OTRhMzJhMy8x
L3E2Ym1hMElyWVpWZi1OZzR2Nzl4czVwVUpfby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Iv
MmE5NmI4LTA0NmQtNGFjMy1iMjNkLWQ4MTk3OTRhMzJhMy8xL2xDZ3FZSGk2bVB0
S2JqUS1kZ09wWU9lbU5FSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi0IJDANBgkqhkiG9w0BAQsFAAOC
AQEAW2vbIuDwAs5lnz0o8SX7PPt/tvYwf+7yWy/3ciQ+LJGltcZJwVmpAsTOh5WQ
t+H+PbXmLaYbIFAA94Pj0c7sj8MW16Ya+fKf9xGJTYqO78DNXz0brOyHsZrqGxg3
d7ozEvCdPBJiItqijZ0WuNuy4D+PLw1wHVZ8NiIf04UN6ykQn8UvHBxGYEBi7Dfk
gLMW54BrP0RZRHu3gFUteknG3/WsK+upv7PxTs6XXKZxEZdbYB4GzUkn23+XyTJu
Ww/0PAKgS77ymuBFHxKGLftSp9I2fJwPf9ZGDbFPHQYWneiOXZLU/39JSWGu8njD
7e5LzmXk7M780Q/JuMZ3V4YLcQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:01 2024 by rpki-client on console-ams.rpki-client.org