Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/gCpbymj2W1bVDxa7t7BWAC8ALTM.roa
File: gCpbymj2W1bVDxa7t7BWAC8ALTM.roa (raw, json)
Hash identifier: mvbnOLW+Hd1eEIoJB60jpIDCD+GGA1aNwx8nVunP9VA=
Subject key identifier: 80:2A:5B:CA:68:F6:5B:56:D5:0F:16:BB:B7:B0:56:00:2F:00:2D:33
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0182971A58E068B91F79A8BCBE4572342DD2
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/gCpbymj2W1bVDxa7t7BWAC8ALTM.roa
Signing time: Sat 13 Aug 2022 12:07:42 +0000
ROA not before: Sat 13 Aug 2022 12:07:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203790
IP address blocks: 45.131.187.0/24 maxlen: 24
2a0e:97c0:460::/44 maxlen: 48
2a0e:b107:12a0::/44 maxlen: 48
2a10:cc40:1d0::/44 maxlen: 48
2a10:cc41:110::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:97:1a:58:e0:68:b9:1f:79:a8:bc:be:45:72:34:2d:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Aug 13 12:07:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=802a5bca68f65b56d50f16bbb7b056002f002d33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:4b:e7:03:7f:93:08:62:ab:33:00:5f:3d:10:
ba:6d:f0:d3:8e:ca:19:0a:da:75:f8:bf:c6:5c:cf:
70:7c:71:d2:56:af:6f:bb:bf:38:65:08:36:07:87:
55:1a:fd:4c:90:76:26:53:2b:8a:d2:dd:d7:45:e3:
b7:d6:c3:59:ca:7f:db:9c:b0:0d:71:7c:e9:9e:0f:
20:f2:7c:79:bd:26:a9:0c:47:ba:70:d6:b2:2c:d3:
f6:d2:4d:08:ab:90:c3:bf:d7:c6:7f:a8:5a:ff:22:
0d:67:31:70:24:7b:17:8a:d2:de:36:97:f0:be:05:
d4:65:52:06:59:01:72:55:83:c7:df:1e:16:12:af:
9a:1c:35:1a:37:70:b0:27:3a:6a:19:7b:6c:d4:e2:
ac:ab:d7:ac:a2:b5:b7:70:05:3d:20:cc:9a:7f:16:
8e:ec:cb:52:fa:dc:7e:97:43:3c:ec:9f:6f:08:5f:
77:3a:f1:12:27:9f:bb:f2:b7:42:8e:c6:27:4d:5d:
68:13:02:2d:99:09:47:b5:6d:90:b7:51:61:34:3e:
5d:1f:1e:f4:f8:4e:ed:4b:b2:a3:00:66:bf:10:22:
dd:74:0c:ba:e5:cc:e7:e7:db:4d:48:69:d9:ef:c7:
df:82:1f:46:2d:97:5a:31:c0:65:e2:09:04:c3:94:
bd:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:2A:5B:CA:68:F6:5B:56:D5:0F:16:BB:B7:B0:56:00:2F:00:2D:33
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/gCpbymj2W1bVDxa7t7BWAC8ALTM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.131.187.0/24
IPv6:
2a0e:97c0:460::/44
2a0e:b107:12a0::/44
2a10:cc40:1d0::/44
2a10:cc41:110::/44
Signature Algorithm: sha256WithRSAEncryption
a4:78:33:86:75:8c:7d:38:bf:be:47:ca:3e:df:66:6b:5c:36:
95:e6:76:11:82:75:71:c5:12:31:6d:63:9d:da:bd:0c:75:b4:
a3:be:41:1a:c7:78:64:28:68:0c:7d:86:46:80:b4:c6:75:79:
fe:c7:38:9e:9c:f4:f5:4f:6a:ed:f6:52:e5:67:d2:5f:18:0d:
fe:36:c5:53:8f:22:0b:cb:4d:33:83:fd:e8:cd:10:d7:a4:c9:
31:53:8d:72:70:0e:fb:eb:94:35:da:24:c7:0f:83:0a:45:af:
83:11:3e:f8:db:43:9f:91:e6:4e:da:c3:03:83:f5:7e:ab:77:
63:cd:4d:38:fb:cc:d2:62:4b:33:57:80:ec:ce:f0:31:8e:cc:
2c:22:81:43:00:26:31:fc:89:27:97:11:6d:32:dc:68:d2:8a:
c8:3e:c0:0c:72:59:ad:83:ac:10:68:de:cc:ac:6d:bf:25:ac:
22:a4:65:b9:93:20:6e:53:8d:f7:fe:63:52:41:47:43:87:94:
bf:4c:08:d0:65:b5:19:57:ac:c1:2a:95:ab:dc:81:8e:65:2e:
90:58:d9:89:f0:5f:ac:bd:a4:b9:29:48:46:97:23:33:5a:af:
62:3f:93:7b:a2:bc:8a:cc:8c:3c:37:9c:77:32:cf:c6:2f:2e:
3e:ff:81:e1
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYKXGljgaLkfeai8vkVyNC3SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIwODEzMTIwNzQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDJhNWJjYTY4ZjY1YjU2ZDUwZjE2YmJiN2IwNTYwMDJmMDAyZDMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiUvnA3+TCGKrMwBfPRC6bfDTjsoZ
Ctp1+L/GXM9wfHHSVq9vu784ZQg2B4dVGv1MkHYmUyuK0t3XReO31sNZyn/bnLAN
cXzpng8g8nx5vSapDEe6cNayLNP20k0Iq5DDv9fGf6ha/yINZzFwJHsXitLeNpfw
vgXUZVIGWQFyVYPH3x4WEq+aHDUaN3CwJzpqGXts1OKsq9esorW3cAU9IMyafxaO
7MtS+tx+l0M87J9vCF93OvESJ5+78rdCjsYnTV1oEwItmQlHtW2Qt1FhND5dHx70
+E7tS7KjAGa/ECLddAy65czn59tNSGnZ78ffgh9GLZdaMcBl4gkEw5S9+QIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFIAqW8po9ltW1Q8Wu7ewVgAvAC0zMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvZ0NwYnltajJXMWJWRHhhN3Q3QldBQzhBTFRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjAMBAIAATAGAwQALYO7MCoE
AgACMCQDBwQqDpfABGADBwQqDrEHEqADBwQqEMxAAdADBwQqEMxBARAwDQYJKoZI
hvcNAQELBQADggEBAKR4M4Z1jH04v75Hyj7fZmtcNpXmdhGCdXHFEjFtY53avQx1
tKO+QRrHeGQoaAx9hkaAtMZ1ef7HOJ6c9PVPau32UuVn0l8YDf42xVOPIgvLTTOD
/ejNENekyTFTjXJwDvvrlDXaJMcPgwpFr4MRPvjbQ5+R5k7awwOD9X6rd2PNTTj7
zNJiSzNXgOzO8DGOzCwigUMAJjH8iSeXEW0y3GjSisg+wAxyWa2DrBBo3sysbb8l
rCKkZbmTIG5Tjff+Y1JBR0OHlL9MCNBltRlXrMEqlavcgY5lLpBY2YnwX6y9pLkp
SEaXIzNar2I/k3uivIrMjDw3nHcyz8YvLj7/geE=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:18 2023 by rpki-client on console-fra.rpki-client.org