Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/OkU5eStbwiJiCBHv8t53dRZjqg0.roa
File: OkU5eStbwiJiCBHv8t53dRZjqg0.roa (raw, json)
Hash identifier: aZlf2NliSPMvgouUxwG7LTObNy8GDsc8XuPxM3DNiTM=
Subject key identifier: 3A:45:39:79:2B:5B:C2:22:62:08:11:EF:F2:DE:77:75:16:63:AA:0D
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 110E5BE3
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/OkU5eStbwiJiCBHv8t53dRZjqg0.roa
Signing time: Tue 04 Jan 2022 05:09:07 +0000
ROA not before: Tue 04 Jan 2022 05:09:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58057
IP address blocks: 45.136.136.0/22 maxlen: 24
94.177.122.0/24 maxlen: 24
194.50.92.0/24 maxlen: 24
194.50.94.0/24 maxlen: 24
194.50.111.0/24 maxlen: 24
45.12.68.0/22 maxlen: 24
139.28.96.0/22 maxlen: 24
2a10:cc46:100::/44 maxlen: 48
2a0e:97c0:260::/44 maxlen: 44
2a0c:3b80::/29 maxlen: 48
2001:7f8:119::/48 maxlen: 48
2a0e:97c0:170::/48 maxlen: 48
2a09:4c0::/29 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 286153699 (0x110e5be3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 4 05:09:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3a4539792b5bc222620811eff2de77751663aa0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:2a:9c:05:89:87:4c:f4:66:f9:5b:c7:da:c5:
78:fc:0a:be:17:89:d4:cc:c7:40:1b:86:53:08:59:
36:01:3c:9c:53:c2:cb:e7:61:cf:95:73:4d:02:f2:
ce:6a:21:7d:22:8d:eb:55:ec:9e:bb:ac:a7:6b:1e:
5b:a3:c9:ad:92:ed:68:64:5e:0d:bb:cd:83:e3:75:
ca:eb:bc:b7:c9:7b:e3:d3:c7:87:2c:77:08:d5:52:
6a:fc:5b:14:5c:41:70:ea:44:16:84:d6:41:b2:1a:
b8:6d:f3:86:5e:64:b9:26:d9:10:d9:02:9c:7a:d1:
31:e8:e1:3f:c1:63:57:96:13:82:34:80:77:9c:8a:
b8:7f:71:e6:6c:28:8a:e1:fe:33:bb:0c:a2:10:2f:
83:e3:41:2d:52:73:ee:16:8f:dc:e1:14:ed:ed:79:
26:d8:84:84:9a:73:a1:8c:58:a3:78:fe:3c:59:97:
85:f3:22:e2:10:4a:b5:33:c6:4e:29:8d:f0:c1:c5:
71:aa:74:27:ab:c3:c2:c2:8a:b4:36:5e:22:54:e2:
39:c2:8d:eb:68:7b:87:e3:92:08:4c:c6:4e:37:ad:
dd:b9:10:ff:7e:f9:48:3c:88:d0:33:de:7b:8a:36:
35:cd:d9:46:81:87:e5:bf:f5:a5:de:93:35:e5:61:
4e:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:45:39:79:2B:5B:C2:22:62:08:11:EF:F2:DE:77:75:16:63:AA:0D
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/OkU5eStbwiJiCBHv8t53dRZjqg0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.68.0/22
45.136.136.0/22
94.177.122.0/24
139.28.96.0/22
194.50.92.0/24
194.50.94.0/24
194.50.111.0/24
IPv6:
2001:7f8:119::/48
2a09:4c0::/29
2a0c:3b80::/29
2a0e:97c0:170::/48
2a0e:97c0:260::/44
2a10:cc46:100::/44
Signature Algorithm: sha256WithRSAEncryption
ad:93:19:f0:50:97:1a:60:a4:c0:dd:0a:a7:29:0a:b2:b0:c3:
18:49:f0:20:05:40:61:c4:51:f7:c3:d3:1a:9b:70:fe:d4:89:
11:40:80:85:4a:9d:8c:c3:b7:44:ce:e6:93:1f:71:6f:88:61:
ae:a9:aa:c5:f4:3a:92:42:df:2a:31:13:53:a1:f8:7e:50:61:
43:67:a7:2a:3f:f6:3f:7f:ef:7f:ba:3e:f4:d7:d4:18:dc:17:
9a:15:39:3b:fa:af:3f:5f:13:5a:e1:97:c3:09:38:52:91:57:
fa:21:1d:be:b0:48:4a:58:47:08:83:27:fa:76:34:74:db:49:
4f:01:5b:4b:fb:b3:ad:b0:b0:6f:3b:ec:ae:85:d7:ea:32:37:
00:e2:81:54:6e:5e:64:07:cd:ca:d8:9c:c0:05:80:bd:74:69:
7c:48:0b:cf:b9:ae:cc:cc:e7:40:76:f6:b5:30:19:93:b9:d1:
9d:a8:80:9a:56:ae:91:fe:9e:9d:20:b2:47:30:c1:f8:35:23:
ab:e2:43:ac:bf:78:3d:24:37:a5:2d:9f:01:1f:dd:9e:f7:10:
5b:6e:d1:0d:f1:10:01:eb:80:86:e3:20:f6:be:8d:35:a1:f7:
7c:eb:43:04:15:64:96:bb:35:af:bc:18:82:11:f7:48:7c:36:
54:a9:4f:d0
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgIEEQ5b4zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
M2U5MTY3MTdhYjExY2NjZjExZWYxZmI1YzEyZWU0MTk1MGZhZDliMB4XDTIyMDEw
NDA1MDkwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2E0NTM5NzkyYjVi
YzIyMjYyMDgxMWVmZjJkZTc3NzUxNjYzYWEwZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANEqnAWJh0z0Zvlbx9rFePwKvheJ1MzHQBuGUwhZNgE8nFPC
y+dhz5VzTQLyzmohfSKN61Xsnrusp2seW6PJrZLtaGReDbvNg+N1yuu8t8l749PH
hyx3CNVSavxbFFxBcOpEFoTWQbIauG3zhl5kuSbZENkCnHrRMejhP8FjV5YTgjSA
d5yKuH9x5mwoiuH+M7sMohAvg+NBLVJz7haP3OEU7e15JtiEhJpzoYxYo3j+PFmX
hfMi4hBKtTPGTimN8MHFcap0J6vDwsKKtDZeIlTiOcKN62h7h+OSCEzGTjet3bkQ
/375SDyI0DPee4o2Nc3ZRoGH5b/1pd6TNeVhTt0CAwEAAaOCAmcwggJjMB0GA1Ud
DgQWBBQ6RTl5K1vCImIIEe/y3nd1FmOqDTAfBgNVHSMEGDAWgBRj6RZxerEczPEe
8ftcEu5BlQ+tmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8x
L09rVTVlU3Rid2lKaUNCSHY4dDUzZFJaanFnMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZhNS8xL1kta1djWHF4SE16
eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB9
BggrBgEFBQcBBwEB/wRuMGwwMAQCAAEwKgMEAi0MRAMEAi2IiAMEAF6xegMEAosc
YAMEAMIyXAMEAMIyXgMEAMIybzA4BAIAAjAyAwcAIAEH+AEZAwUDKgkEwAMFAyoM
O4ADBwAqDpfAAXADBwQqDpfAAmADBwQqEMxGAQAwDQYJKoZIhvcNAQELBQADggEB
AK2TGfBQlxpgpMDdCqcpCrKwwxhJ8CAFQGHEUffD0xqbcP7UiRFAgIVKnYzDt0TO
5pMfcW+IYa6pqsX0OpJC3yoxE1Oh+H5QYUNnpyo/9j9/73+6PvTX1BjcF5oVOTv6
rz9fE1rhl8MJOFKRV/ohHb6wSEpYRwiDJ/p2NHTbSU8BW0v7s62wsG877K6F1+oy
NwDigVRuXmQHzcrYnMAFgL10aXxIC8+5rszM50B29rUwGZO50Z2ogJpWrpH+np0g
skcwwfg1I6viQ6y/eD0kN6UtnwEf3Z73EFtu0Q3xEAHrgIbjIPa+jTWh93zrQwQV
ZJa7Na+8GIIR90h8NlSpT9A=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:58 2023 by rpki-client on console-ams.rpki-client.org