Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/SUcPJGbmJ5wBZwneBW_MpexIgsw.roa
File: SUcPJGbmJ5wBZwneBW_MpexIgsw.roa (raw, json)
Hash identifier: pQWNq+mCvf5eWNECJDMcoVySE6nUufGrC9ohnZdsIvU=
Subject key identifier: 49:47:0F:24:66:E6:27:9C:01:67:09:DE:05:6F:CC:A5:EC:48:82:CC
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018330373CD448A9D873A5D13F2A7854AB8B
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/SUcPJGbmJ5wBZwneBW_MpexIgsw.roa
Signing time: Mon 12 Sep 2022 05:41:09 +0000
ROA not before: Mon 12 Sep 2022 05:41:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203790
IP address blocks: 45.148.117.0/24 maxlen: 24
45.148.116.0/24 maxlen: 24
45.148.119.0/24 maxlen: 24
45.131.187.0/24 maxlen: 24
2a0e:97c0:460::/44 maxlen: 48
2a0e:b107:12a0::/44 maxlen: 48
2a10:cc40:1d0::/44 maxlen: 48
2a10:cc41:110::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:30:37:3c:d4:48:a9:d8:73:a5:d1:3f:2a:78:54:ab:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Sep 12 05:41:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=49470f2466e6279c016709de056fcca5ec4882cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:9f:e8:c3:bd:75:dd:71:86:4f:d7:60:49:ae:
28:61:4a:f6:8e:f8:13:ed:e6:4a:0f:a9:57:fb:a9:
5d:20:cc:4f:9b:dd:83:db:91:4a:69:d1:6e:13:6c:
44:94:97:c1:f4:8d:1a:04:30:97:eb:c2:f0:e9:b2:
f6:40:84:12:3e:1b:71:eb:86:4a:d6:f8:a2:db:1a:
69:82:56:4c:3c:91:ed:43:c1:32:9a:96:cb:3f:ee:
65:9a:e7:97:c1:9c:d6:ac:f4:f4:7e:61:33:62:e8:
75:ef:30:29:48:da:b0:df:18:d4:88:5c:02:dc:f6:
1d:f6:9b:cd:0a:e0:d0:52:d6:3b:4d:39:49:eb:fd:
f9:3a:50:93:7e:5c:db:45:f2:aa:03:2a:c1:7a:a6:
9f:74:1c:f9:d2:7b:23:48:00:5e:b6:e5:dd:80:d3:
2e:32:ca:d9:33:91:ed:f3:0a:68:da:05:8c:5d:5d:
e4:c7:69:b4:d9:7b:f4:f7:d5:d9:a2:b3:fa:4f:12:
94:8a:38:9a:1c:7c:84:78:e5:8e:01:9b:9c:42:c9:
60:71:08:db:b8:e5:58:f1:22:ba:36:61:bb:7f:9e:
50:83:b0:36:1c:11:7a:7f:19:8d:fe:4a:74:e0:0c:
68:b7:68:0a:b0:83:9f:17:43:25:f9:96:5e:4d:42:
4c:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:47:0F:24:66:E6:27:9C:01:67:09:DE:05:6F:CC:A5:EC:48:82:CC
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/SUcPJGbmJ5wBZwneBW_MpexIgsw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.131.187.0/24
45.148.116.0/23
45.148.119.0/24
IPv6:
2a0e:97c0:460::/44
2a0e:b107:12a0::/44
2a10:cc40:1d0::/44
2a10:cc41:110::/44
Signature Algorithm: sha256WithRSAEncryption
c3:ea:a0:e1:08:e4:a5:55:2d:24:c6:d6:38:f1:86:d9:d3:4c:
83:98:59:7b:0a:62:a1:c8:e2:fa:cf:66:35:99:3a:0f:80:34:
a8:70:81:30:0a:fd:92:e1:8f:e1:85:9d:9c:12:39:78:95:ab:
07:d0:6d:43:35:86:b6:71:6a:a5:7f:3b:31:53:57:b9:6c:a4:
58:c0:30:98:2b:74:b8:42:c3:91:da:02:5c:fc:c6:24:88:24:
da:b5:e9:af:8d:5b:f5:d5:b2:f8:0f:75:b5:32:6c:92:3d:4e:
3f:96:6e:f4:c0:07:f1:04:48:7e:62:32:8a:55:94:53:4b:4c:
33:2f:ef:5d:e5:61:b7:0f:ba:03:96:df:87:44:d3:f6:20:bc:
2f:44:7f:38:b0:99:5b:47:f6:ba:d7:2b:17:01:0e:ad:98:9f:
db:72:b6:19:ee:c0:22:08:d6:b9:5a:b9:42:47:83:d5:f7:f5:
aa:48:ee:f1:e8:1c:40:27:7d:cd:51:83:84:71:83:6e:4a:6d:
70:87:2d:82:17:a0:6f:c6:cd:2e:6b:7c:ea:6d:be:8b:7b:3f:
65:53:09:ed:78:7c:e3:36:ca:15:4d:3f:28:d6:ef:7a:91:2d:
9f:aa:49:55:52:75:37:0c:c6:fd:01:98:ee:89:3f:ba:ce:1b:
83:e7:eb:89
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYMwNzzUSKnYc6XRPyp4VKuLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIwOTEyMDU0MTA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTQ3MGYyNDY2ZTYyNzljMDE2NzA5ZGUwNTZmY2NhNWVjNDg4MmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgp/ow7113XGGT9dgSa4oYUr2jvgT
7eZKD6lX+6ldIMxPm92D25FKadFuE2xElJfB9I0aBDCX68Lw6bL2QIQSPhtx64ZK
1vii2xppglZMPJHtQ8EympbLP+5lmueXwZzWrPT0fmEzYuh17zApSNqw3xjUiFwC
3PYd9pvNCuDQUtY7TTlJ6/35OlCTflzbRfKqAyrBeqafdBz50nsjSABetuXdgNMu
MsrZM5Ht8wpo2gWMXV3kx2m02Xv099XZorP6TxKUijiaHHyEeOWOAZucQslgcQjb
uOVY8SK6NmG7f55Qg7A2HBF6fxmN/kp04Axot2gKsIOfF0Ml+ZZeTUJMDwIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFElHDyRm5iecAWcJ3gVvzKXsSILMMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvU1VjUEpHYm1KNXdCWnduZUJXX01wZXhJZ3N3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjAYBAIAATASAwQALYO7AwQB
LZR0AwQALZR3MCoEAgACMCQDBwQqDpfABGADBwQqDrEHEqADBwQqEMxAAdADBwQq
EMxBARAwDQYJKoZIhvcNAQELBQADggEBAMPqoOEI5KVVLSTG1jjxhtnTTIOYWXsK
YqHI4vrPZjWZOg+ANKhwgTAK/ZLhj+GFnZwSOXiVqwfQbUM1hrZxaqV/OzFTV7ls
pFjAMJgrdLhCw5HaAlz8xiSIJNq16a+NW/XVsvgPdbUybJI9Tj+WbvTAB/EESH5i
MopVlFNLTDMv713lYbcPugOW34dE0/YgvC9EfziwmVtH9rrXKxcBDq2Yn9tythnu
wCII1rlauUJHg9X39apI7vHoHEAnfc1Rg4Rxg25KbXCHLYIXoG/GzS5rfOptvot7
P2VTCe14fOM2yhVNPyjW73qRLZ+qSVVSdTcMxv0BmO6JP7rOG4Pn64k=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:16 2023 by rpki-client on console-fra.rpki-client.org