Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/P8b9f-XLnXm2wNKNwWw-gH2IJsA.roa
File: P8b9f-XLnXm2wNKNwWw-gH2IJsA.roa (raw, json)
Hash identifier: z0m+ahQBK2575u2tJn4edoUyKNuSBMp6h27L53McjnY=
Subject key identifier: 3F:C6:FD:7F:E5:CB:9D:79:B6:C0:D2:8D:C1:6C:3E:80:7D:88:26:C0
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0183225ED9081F016C38767161D751D0110B
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/P8b9f-XLnXm2wNKNwWw-gH2IJsA.roa
Signing time: Fri 09 Sep 2022 13:09:44 +0000
ROA not before: Fri 09 Sep 2022 13:09:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203790
IP address blocks: 45.131.187.0/24 maxlen: 24
2a0e:97c0:460::/44 maxlen: 48
2a0e:b107:12a0::/44 maxlen: 48
2a10:cc40:1d0::/44 maxlen: 48
2a10:cc41:110::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:22:5e:d9:08:1f:01:6c:38:76:71:61:d7:51:d0:11:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Sep 9 13:09:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3fc6fd7fe5cb9d79b6c0d28dc16c3e807d8826c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:80:13:a6:84:fb:a9:e7:68:59:c8:e8:fc:e6:
bc:d0:d1:ee:96:14:11:a6:53:d9:1c:bc:73:e0:de:
cc:6d:45:cd:8a:ca:30:48:64:16:fb:19:a8:5f:13:
eb:ae:f8:cc:cd:a2:cb:5e:b3:6b:6b:07:8a:e4:d4:
45:71:e7:03:7d:19:c6:0f:b5:fb:6f:4c:62:bb:b9:
2d:10:62:55:cc:02:ee:9a:e4:59:ae:2c:fb:a7:50:
8c:31:1d:72:0e:72:f9:9a:c5:46:7f:7f:28:af:ab:
fb:85:8f:99:59:51:cf:e7:79:46:04:0b:f8:58:98:
3a:e1:ad:27:0c:f1:bb:68:01:7e:61:e1:1b:60:03:
1b:09:5a:27:09:77:66:1b:61:f0:7f:78:fd:39:5b:
f0:44:a9:ae:76:da:7b:cb:fc:9c:21:b1:10:0b:25:
f7:51:10:c9:27:44:3c:36:bd:3c:bf:38:3a:13:b5:
bf:d0:5f:57:ab:42:c9:de:92:ef:72:12:d7:ed:7f:
40:bd:36:7d:d8:d0:26:9c:cb:74:84:f4:dc:fa:ce:
58:ce:e3:33:96:66:74:df:ba:84:e6:91:9f:d7:33:
13:55:e4:00:d8:8d:fa:19:43:54:22:36:fd:c2:e2:
87:61:8c:70:24:f1:ff:18:54:81:90:da:5c:73:95:
4e:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:C6:FD:7F:E5:CB:9D:79:B6:C0:D2:8D:C1:6C:3E:80:7D:88:26:C0
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/P8b9f-XLnXm2wNKNwWw-gH2IJsA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.131.187.0/24
IPv6:
2a0e:97c0:460::/44
2a0e:b107:12a0::/44
2a10:cc40:1d0::/44
2a10:cc41:110::/44
Signature Algorithm: sha256WithRSAEncryption
06:13:a8:4d:33:d1:5d:20:95:ae:e9:be:61:46:06:f1:8d:7d:
53:0e:d8:be:a9:ad:54:a4:5f:a9:f6:42:f4:73:dc:a5:aa:9a:
64:54:1f:df:c1:45:68:7b:84:e9:d0:19:85:9b:ff:55:49:a2:
7c:75:4b:7d:60:c2:19:85:05:c9:05:ca:a2:70:ed:0d:4d:97:
13:da:d8:42:8e:9d:4d:0d:07:56:0b:2b:2c:69:0f:98:45:3a:
de:73:38:c8:31:2e:3f:0a:bc:22:7e:92:fb:a3:34:35:2f:69:
12:d2:5b:21:8a:87:0f:7b:af:b2:17:9f:25:af:2c:4b:0c:9c:
44:b1:75:db:b3:cb:ee:16:29:d6:29:b3:79:38:67:cc:7b:df:
f3:bf:41:a3:db:3d:a6:13:d5:6a:c6:86:5c:d8:ad:6f:31:dd:
d3:9c:57:af:ca:f7:51:84:29:b8:a2:09:44:82:a8:d4:b6:b0:
a7:23:47:c8:ae:f6:fd:ad:60:f5:ac:d4:7c:a1:54:13:63:be:
b6:10:b3:f2:b2:97:98:e5:0b:7b:6a:60:07:35:dd:aa:21:4b:
e4:cd:57:02:3c:49:f6:7d:dc:cd:e4:4c:3b:0c:11:eb:58:81:
76:0f:95:d6:22:08:58:75:7f:aa:2b:68:d1:62:62:9a:54:83:
4e:0e:e0:be
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYMiXtkIHwFsOHZxYddR0BELMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIwOTA5MTMwOTQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZmM2ZmQ3ZmU1Y2I5ZDc5YjZjMGQyOGRjMTZjM2U4MDdkODgyNmMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApoATpoT7qedoWcjo/Oa80NHulhQR
plPZHLxz4N7MbUXNisowSGQW+xmoXxPrrvjMzaLLXrNraweK5NRFcecDfRnGD7X7
b0xiu7ktEGJVzALumuRZriz7p1CMMR1yDnL5msVGf38or6v7hY+ZWVHP53lGBAv4
WJg64a0nDPG7aAF+YeEbYAMbCVonCXdmG2Hwf3j9OVvwRKmudtp7y/ycIbEQCyX3
URDJJ0Q8Nr08vzg6E7W/0F9Xq0LJ3pLvchLX7X9AvTZ92NAmnMt0hPTc+s5YzuMz
lmZ037qE5pGf1zMTVeQA2I36GUNUIjb9wuKHYYxwJPH/GFSBkNpcc5VOWQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFD/G/X/ly515tsDSjcFsPoB9iCbAMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvUDhiOWYtWExuWG0yd05LTndXdy1nSDJJSnNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjAMBAIAATAGAwQALYO7MCoE
AgACMCQDBwQqDpfABGADBwQqDrEHEqADBwQqEMxAAdADBwQqEMxBARAwDQYJKoZI
hvcNAQELBQADggEBAAYTqE0z0V0gla7pvmFGBvGNfVMO2L6prVSkX6n2QvRz3KWq
mmRUH9/BRWh7hOnQGYWb/1VJonx1S31gwhmFBckFyqJw7Q1NlxPa2EKOnU0NB1YL
KyxpD5hFOt5zOMgxLj8KvCJ+kvujNDUvaRLSWyGKhw97r7IXnyWvLEsMnESxdduz
y+4WKdYps3k4Z8x73/O/QaPbPaYT1WrGhlzYrW8x3dOcV6/K91GEKbiiCUSCqNS2
sKcjR8iu9v2tYPWs1HyhVBNjvrYQs/Kyl5jlC3tqYAc13aohS+TNVwI8SfZ93M3k
TDsMEetYgXYPldYiCFh1f6oraNFiYppUg04O4L4=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:15 2023 by rpki-client on console-fra.rpki-client.org