Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/hmTwsZuItUM6M3M_i-ukP9GRfPE.roa
File: hmTwsZuItUM6M3M_i-ukP9GRfPE.roa (raw, json)
Hash identifier: nQ2V/2Ysj44yQIZMwr8GiuzJ4bjw4MYSaGZGc0HD/cA=
Subject key identifier: 86:64:F0:B1:9B:88:B5:43:3A:33:73:3F:8B:EB:A4:3F:D1:91:7C:F1
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018259EDF78F10FA05B384008780DEDFD4E4
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/hmTwsZuItUM6M3M_i-ukP9GRfPE.roa
Signing time: Mon 01 Aug 2022 15:02:23 +0000
ROA not before: Mon 01 Aug 2022 15:02:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203790
IP address blocks: 45.131.187.0/24 maxlen: 24
2a0e:97c0:460::/44 maxlen: 48
2a10:cc40:1d0::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:59:ed:f7:8f:10:fa:05:b3:84:00:87:80:de:df:d4:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Aug 1 15:02:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8664f0b19b88b5433a33733f8beba43fd1917cf1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:d9:bc:1e:c9:6d:c5:53:55:b0:e4:49:87:81:
00:b4:2b:b5:bf:27:83:38:17:9e:35:82:19:f7:d5:
e3:64:c2:8a:11:1b:23:0b:60:d4:b0:06:c1:43:9e:
7f:89:ed:0e:c2:30:6c:fd:69:c2:3c:45:1e:22:fa:
57:c8:fd:7a:75:59:d1:b5:d5:71:1b:ba:95:c5:6f:
70:a2:b2:f2:cc:03:b1:80:0c:99:17:52:aa:63:71:
66:2d:29:5f:5b:32:51:bf:77:ae:76:85:7d:8f:b2:
8a:14:fe:51:66:e8:d2:ea:df:67:11:e2:28:fd:ae:
cb:73:e3:ae:44:66:d2:1e:49:6a:1b:de:bd:99:28:
35:15:6f:d3:aa:93:f1:2b:c4:c2:e8:7a:87:20:25:
f1:bb:1b:f7:d5:6a:fe:76:51:1b:5e:b0:3b:0c:9e:
04:ec:38:66:68:d2:2e:32:6b:a3:63:7b:a5:fa:f8:
8e:54:95:5a:51:d5:25:da:98:c6:a8:3b:27:eb:dd:
3d:e6:3b:74:34:bd:55:6e:d2:bf:21:bc:eb:95:0e:
81:fe:bc:a3:62:8c:32:00:32:cf:53:35:dc:f7:87:
ee:a2:2a:2b:8f:bf:c7:85:42:e5:65:cb:7b:7d:2e:
14:97:12:1f:80:7b:a0:20:42:68:aa:38:64:59:8f:
59:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:64:F0:B1:9B:88:B5:43:3A:33:73:3F:8B:EB:A4:3F:D1:91:7C:F1
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/hmTwsZuItUM6M3M_i-ukP9GRfPE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.131.187.0/24
IPv6:
2a0e:97c0:460::/44
2a10:cc40:1d0::/44
Signature Algorithm: sha256WithRSAEncryption
2a:9e:92:e6:35:f0:5d:ed:1b:ce:b9:2b:de:21:ee:e2:02:0d:
38:4e:78:8d:f7:c1:50:d2:00:cb:a8:eb:53:4d:18:60:76:12:
64:66:ac:30:6b:76:32:c4:e8:a6:3f:4b:5f:36:8f:3c:a1:80:
3e:ea:a8:1d:1d:73:fa:d8:90:d3:a8:ec:46:99:67:71:60:4f:
16:84:09:24:c6:79:18:0a:a5:a1:2c:bd:4e:8b:33:0f:e3:7c:
2d:6f:2e:c9:59:e2:98:cd:58:a4:72:57:d4:c8:1a:4f:96:4e:
bd:81:1d:b2:5a:be:0d:5c:bc:c6:56:cd:2a:9a:34:64:24:38:
10:60:1d:9a:33:23:7b:c7:e2:c7:fa:97:d3:77:2e:76:d8:c1:
4b:5b:10:eb:cc:5c:3b:61:3f:07:25:4c:0b:ff:27:8f:60:08:
78:e4:ac:95:75:2d:e4:bd:5f:2c:09:21:19:82:5d:fe:05:bf:
2a:24:69:27:61:58:e2:08:85:33:5c:68:a3:8e:ea:2b:af:e8:
31:72:eb:8c:3e:1e:73:e9:0b:15:88:6c:9d:06:a4:ca:d4:f3:
38:08:4b:f1:e2:f9:7f:6d:c8:98:3b:a3:44:0a:7b:c6:86:47:
61:f9:d3:2f:43:f2:0a:93:e7:31:c5:68:f5:55:66:19:33:4e:
1e:75:dc:4b
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYJZ7fePEPoFs4QAh4De39TkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIwODAxMTUwMjIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjY0ZjBiMTliODhiNTQzM2EzMzczM2Y4YmViYTQzZmQxOTE3Y2YxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj9m8HsltxVNVsORJh4EAtCu1vyeD
OBeeNYIZ99XjZMKKERsjC2DUsAbBQ55/ie0OwjBs/WnCPEUeIvpXyP16dVnRtdVx
G7qVxW9worLyzAOxgAyZF1KqY3FmLSlfWzJRv3eudoV9j7KKFP5RZujS6t9nEeIo
/a7Lc+OuRGbSHklqG969mSg1FW/TqpPxK8TC6HqHICXxuxv31Wr+dlEbXrA7DJ4E
7DhmaNIuMmujY3ul+viOVJVaUdUl2pjGqDsn69095jt0NL1VbtK/IbzrlQ6B/ryj
YowyADLPUzXc94fuoiorj7/HhULlZct7fS4UlxIfgHugIEJoqjhkWY9ZBQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFIZk8LGbiLVDOjNzP4vrpD/RkXzxMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvaG1Ud3NadUl0VU02TTNNX2ktdWtQOUdSZlBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQALYO7MBgE
AgACMBIDBwQqDpfABGADBwQqEMxAAdAwDQYJKoZIhvcNAQELBQADggEBACqekuY1
8F3tG865K94h7uICDThOeI33wVDSAMuo61NNGGB2EmRmrDBrdjLE6KY/S182jzyh
gD7qqB0dc/rYkNOo7EaZZ3FgTxaECSTGeRgKpaEsvU6LMw/jfC1vLslZ4pjNWKRy
V9TIGk+WTr2BHbJavg1cvMZWzSqaNGQkOBBgHZozI3vH4sf6l9N3LnbYwUtbEOvM
XDthPwclTAv/J49gCHjkrJV1LeS9XywJIRmCXf4FvyokaSdhWOIIhTNcaKOO6iuv
6DFy64w+HnPpCxWIbJ0GpMrU8zgIS/Hi+X9tyJg7o0QKe8aGR2H50y9D8gqT5zHF
aPVVZhkzTh513Es=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:02 2023 by rpki-client on console-ams.rpki-client.org