Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/4a7d7f-886d-4bdf-83d6-f66138066358/1/gDWY3HAm9mRgwX245MHR45tYB4A.roa
File: gDWY3HAm9mRgwX245MHR45tYB4A.roa (raw, json)
Hash identifier: nCH1GMNZ4XvW2+5fcy009UTrhl4h8PMo/2SsmfAEJbE=
Subject key identifier: 80:35:98:DC:70:26:F6:64:60:C1:7D:B8:E4:C1:D1:E3:9B:58:07:80
Certificate issuer: /CN=03cbdb0595fc48902938a78f42c1eaf0a159bf46
Certificate serial: 0183EF404686DB8FD502D994EAED00AA5C03
Authority key identifier: 03:CB:DB:05:95:FC:48:90:29:38:A7:8F:42:C1:EA:F0:A1:59:BF:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A8vbBZX8SJApOKePQsHq8KFZv0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/4a7d7f-886d-4bdf-83d6-f66138066358/1/gDWY3HAm9mRgwX245MHR45tYB4A.roa
Signing time: Wed 19 Oct 2022 07:58:30 +0000
ROA not before: Wed 19 Oct 2022 07:58:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203936
IP address blocks: 45.148.72.0/24 maxlen: 24
45.148.75.0/24 maxlen: 24
45.148.74.0/24 maxlen: 24
45.148.73.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:ef:40:46:86:db:8f:d5:02:d9:94:ea:ed:00:aa:5c:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03cbdb0595fc48902938a78f42c1eaf0a159bf46
Validity
Not Before: Oct 19 07:58:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=803598dc7026f66460c17db8e4c1d1e39b580780
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:c6:49:72:25:12:c5:7f:6a:27:be:5d:52:c0:
3f:b4:68:f1:39:0c:0f:12:c6:50:18:0c:56:97:6f:
e5:28:2c:8e:39:6e:1c:b4:c6:c8:a8:86:b2:10:d2:
20:79:d3:d5:6b:62:cb:e3:91:84:33:99:ed:f3:1d:
1b:bb:2b:5c:51:30:8c:a3:a8:d1:17:84:d0:82:f2:
f1:c1:41:0b:b4:5e:b8:e7:62:5d:82:31:f7:02:16:
a3:96:ad:be:1b:3f:70:08:70:ad:ce:db:12:9b:f8:
17:e5:fd:79:28:8d:4a:fa:e1:11:d0:92:2f:72:7f:
12:4a:ff:8e:eb:d9:40:13:af:18:16:e6:cc:19:eb:
ac:b1:8a:66:45:54:5a:50:59:09:f7:7e:f2:be:91:
a6:f3:d3:63:ef:8c:ad:3c:89:46:44:f8:f3:51:be:
84:c9:dd:c7:15:75:24:11:05:40:85:2b:7e:3c:d0:
44:14:8f:88:be:69:2d:2f:cd:74:bc:08:61:a1:c4:
4f:df:6d:f4:7d:ee:6b:b5:dd:fd:3b:39:2e:ce:7d:
9b:a1:ca:cd:c6:e0:f1:b9:a1:59:79:39:d0:67:1f:
2e:8f:74:b4:07:ef:04:6b:dc:9f:0d:ee:a9:76:0c:
46:63:2d:5d:89:30:c9:f5:74:67:77:a8:f4:be:49:
78:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:35:98:DC:70:26:F6:64:60:C1:7D:B8:E4:C1:D1:E3:9B:58:07:80
X509v3 Authority Key Identifier:
keyid:03:CB:DB:05:95:FC:48:90:29:38:A7:8F:42:C1:EA:F0:A1:59:BF:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A8vbBZX8SJApOKePQsHq8KFZv0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/4a7d7f-886d-4bdf-83d6-f66138066358/1/gDWY3HAm9mRgwX245MHR45tYB4A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/4a7d7f-886d-4bdf-83d6-f66138066358/1/A8vbBZX8SJApOKePQsHq8KFZv0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.148.72.0/22
Signature Algorithm: sha256WithRSAEncryption
36:93:05:f5:4b:b5:2f:8e:b8:95:85:dd:8a:c5:55:46:c2:5f:
7c:41:98:40:4b:11:e2:9f:76:5e:af:a1:98:9f:41:9b:80:0d:
0d:14:57:89:ae:62:a2:03:ee:0c:83:31:bd:5a:ca:13:97:81:
c7:82:66:d0:13:b7:55:2c:a3:dc:40:9b:6e:3e:c8:8f:2a:19:
6b:f6:f0:2e:10:3f:e6:06:e5:61:37:68:f4:ec:d6:26:06:bf:
6e:39:a9:1d:69:40:92:06:cd:8b:42:bd:36:85:dd:59:97:7b:
80:94:86:8c:65:4f:44:2d:85:32:60:46:7f:2a:b6:26:a2:35:
b4:27:44:67:72:3a:78:dd:c8:70:a0:7a:36:e9:d6:90:90:d4:
68:eb:b3:5c:5e:b7:66:28:5d:00:c5:6c:79:ab:b0:57:64:04:
b9:a8:e4:cb:65:04:4c:96:0e:89:96:4d:11:d3:90:42:2e:2e:
2d:70:be:69:18:ba:3a:b4:31:25:63:cf:05:d4:6c:90:af:71:
b0:aa:d9:df:f7:06:09:a8:e7:9f:df:6d:d6:fc:2f:4d:a2:60:
21:5c:1c:62:5c:61:00:05:76:4b:13:c0:a7:20:ce:40:1e:96:
2d:94:85:93:fc:1b:9f:b7:07:43:ba:13:8b:e8:ea:0e:24:33:
a3:cb:e8:ee
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYPvQEaG24/VAtmU6u0AqlwDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzY2JkYjA1OTVmYzQ4OTAyOTM4YTc4ZjQyYzFlYWYwYTE1
OWJmNDYwHhcNMjIxMDE5MDc1ODMwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDM1OThkYzcwMjZmNjY0NjBjMTdkYjhlNGMxZDFlMzliNTgwNzgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlMZJciUSxX9qJ75dUsA/tGjxOQwP
EsZQGAxWl2/lKCyOOW4ctMbIqIayENIgedPVa2LL45GEM5nt8x0buytcUTCMo6jR
F4TQgvLxwUELtF6452JdgjH3Ahajlq2+Gz9wCHCtztsSm/gX5f15KI1K+uER0JIv
cn8SSv+O69lAE68YFubMGeussYpmRVRaUFkJ937yvpGm89Nj74ytPIlGRPjzUb6E
yd3HFXUkEQVAhSt+PNBEFI+IvmktL810vAhhocRP3230fe5rtd39Ozkuzn2bocrN
xuDxuaFZeTnQZx8uj3S0B+8Ea9yfDe6pdgxGYy1diTDJ9XRnd6j0vkl45QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIA1mNxwJvZkYMF9uOTB0eObWAeAMB8GA1UdIwQY
MBaAFAPL2wWV/EiQKTinj0LB6vChWb9GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTh2YkJaWDhTSkFwT0tlUFFzSHE4S0ZadjBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My80YTdkN2YtODg2ZC00YmRmLTgzZDYt
ZjY2MTM4MDY2MzU4LzEvZ0RXWTNIQW05bVJnd1gyNDVNSFI0NXRZQjRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My80YTdkN2YtODg2ZC00YmRmLTgzZDYtZjY2MTM4MDY2MzU4
LzEvQTh2YkJaWDhTSkFwT0tlUFFzSHE4S0ZadjBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZRIMA0G
CSqGSIb3DQEBCwUAA4IBAQA2kwX1S7UvjriVhd2KxVVGwl98QZhASxHin3Zer6GY
n0GbgA0NFFeJrmKiA+4MgzG9WsoTl4HHgmbQE7dVLKPcQJtuPsiPKhlr9vAuED/m
BuVhN2j07NYmBr9uOakdaUCSBs2LQr02hd1Zl3uAlIaMZU9ELYUyYEZ/KrYmojW0
J0Rncjp43chwoHo26daQkNRo67NcXrdmKF0AxWx5q7BXZAS5qOTLZQRMlg6Jlk0R
05BCLi4tcL5pGLo6tDElY88F1GyQr3Gwqtnf9wYJqOef323W/C9NomAhXBxiXGEA
BXZLE8CnIM5AHpYtlIWT/BuftwdDuhOL6OoOJDOjy+ju
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:12 2024 by rpki-client on console-fra.rpki-client.org