Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/omgWAo9RwLjGKmgTcHH3SQGTB0w.roa
File: omgWAo9RwLjGKmgTcHH3SQGTB0w.roa (raw, json)
Hash identifier: +yXhW+pgRTDhPmc1a6chnVvvaUKr1gQJyEYRBBvqHXI=
Subject key identifier: A2:68:16:02:8F:51:C0:B8:C6:2A:68:13:70:71:F7:49:01:93:07:4C
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018531E3BDFC05B2DFED9AEFD370D0A693D5
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/omgWAo9RwLjGKmgTcHH3SQGTB0w.roa
Signing time: Tue 20 Dec 2022 23:34:46 +0000
ROA not before: Tue 20 Dec 2022 23:34:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202827
IP address blocks: 45.148.117.0/24 maxlen: 24
2a0e:b107:1ce1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:31:e3:bd:fc:05:b2:df:ed:9a:ef:d3:70:d0:a6:93:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Dec 20 23:34:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a26816028f51c0b8c62a68137071f7490193074c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:08:a5:a7:e0:92:9c:a2:7c:04:8d:53:fb:c1:
0c:27:c8:d9:73:87:3a:1f:ea:3d:fb:c7:57:10:94:
3a:59:93:ac:b1:ea:83:21:8d:0a:00:26:6b:fd:bf:
8c:69:ef:e7:d8:0d:a4:59:e3:a0:d4:49:f8:b3:2a:
d3:c9:21:e0:d6:a2:74:63:e1:48:87:28:70:ba:90:
94:fa:69:b3:bf:53:94:33:27:86:a2:4c:c1:69:2c:
ea:ce:18:9d:99:96:8c:96:e0:05:a8:f0:8d:8d:44:
00:25:9a:3d:85:3d:42:2e:5f:90:10:c6:c3:c8:4d:
83:6c:37:ca:81:92:07:99:bf:3a:bd:6e:b1:78:79:
be:8e:e1:13:23:4a:b2:c1:9f:50:6e:29:99:3a:da:
f3:6d:c9:53:51:85:0d:ca:1e:d4:63:24:c4:bd:d9:
a1:4d:05:cd:a3:46:88:36:e1:27:34:f2:a5:ad:61:
f8:12:e3:9c:eb:09:7c:1e:7d:a3:75:fc:07:d9:fd:
d8:c5:aa:f3:0e:a4:32:36:92:08:7a:94:df:ca:d5:
a0:90:18:79:39:5b:2d:0a:79:98:20:a8:ba:6a:4b:
1a:dc:3a:c7:42:6b:52:e3:54:20:a6:80:8e:11:33:
52:a8:23:58:19:00:cb:87:bc:24:51:35:a1:64:fc:
b8:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:68:16:02:8F:51:C0:B8:C6:2A:68:13:70:71:F7:49:01:93:07:4C
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/omgWAo9RwLjGKmgTcHH3SQGTB0w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.148.117.0/24
IPv6:
2a0e:b107:1ce1::/48
Signature Algorithm: sha256WithRSAEncryption
3d:98:9e:eb:c2:06:0b:03:4a:61:bd:f6:18:f4:22:a6:e8:87:
a2:48:ab:b3:2c:b2:ec:d4:31:c4:93:6e:d6:87:e6:7c:e1:7d:
7b:ac:b1:9e:27:32:3b:a8:6b:55:78:81:79:22:b0:e2:a3:f1:
b3:e2:d5:b7:be:5a:9c:65:06:67:30:17:a0:f8:2b:f5:cc:69:
8e:05:da:b0:fe:c8:ec:40:84:9e:ca:51:db:94:ca:b5:e6:21:
c6:f3:52:9c:e8:03:c7:80:26:ea:49:7b:89:ae:1a:0c:44:3f:
63:90:a6:7f:26:8f:45:59:ed:0c:c2:b7:90:a7:35:ac:9c:3a:
27:29:5d:3e:ec:c3:07:07:1d:93:06:84:e5:41:e3:4c:73:39:
3c:dc:06:a9:ee:9f:1d:27:e7:36:0e:3c:f1:c3:c1:24:8d:db:
3c:c1:8c:0f:88:c5:d4:8d:c1:a2:48:15:8d:57:b4:ad:6c:ae:
6f:94:b6:eb:5a:1d:d5:f6:d4:33:cc:17:a5:5f:03:0a:ae:a9:
bc:f9:94:db:7f:a3:4b:5c:6c:25:14:f2:65:21:06:3b:95:37:
71:40:77:bd:11:3b:a3:63:85:4c:d9:4b:d0:e3:fb:e6:4b:20:
46:59:7c:a6:c0:dc:a4:81:9f:58:ca:b2:e8:6c:1c:a8:bd:29:
3b:f6:35:49
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYUx4738BbLf7Zrv03DQppPVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMjIwMjMzNDQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjY4MTYwMjhmNTFjMGI4YzYyYTY4MTM3MDcxZjc0OTAxOTMwNzRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtAilp+CSnKJ8BI1T+8EMJ8jZc4c6
H+o9+8dXEJQ6WZOsseqDIY0KACZr/b+Mae/n2A2kWeOg1En4syrTySHg1qJ0Y+FI
hyhwupCU+mmzv1OUMyeGokzBaSzqzhidmZaMluAFqPCNjUQAJZo9hT1CLl+QEMbD
yE2DbDfKgZIHmb86vW6xeHm+juETI0qywZ9QbimZOtrzbclTUYUNyh7UYyTEvdmh
TQXNo0aINuEnNPKlrWH4EuOc6wl8Hn2jdfwH2f3YxarzDqQyNpIIepTfytWgkBh5
OVstCnmYIKi6aksa3DrHQmtS41QgpoCOETNSqCNYGQDLh7wkUTWhZPy40wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKJoFgKPUcC4xipoE3Bx90kBkwdMMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvb21nV0FvOVJ3TGpHS21nVGNISDNTUUdUQjB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQALZR1MA8E
AgACMAkDBwAqDrEHHOEwDQYJKoZIhvcNAQELBQADggEBAD2YnuvCBgsDSmG99hj0
Iqboh6JIq7MssuzUMcSTbtaH5nzhfXussZ4nMjuoa1V4gXkisOKj8bPi1be+Wpxl
BmcwF6D4K/XMaY4F2rD+yOxAhJ7KUduUyrXmIcbzUpzoA8eAJupJe4muGgxEP2OQ
pn8mj0VZ7QzCt5CnNaycOicpXT7swwcHHZMGhOVB40xzOTzcBqnunx0n5zYOPPHD
wSSN2zzBjA+IxdSNwaJIFY1XtK1srm+UtutaHdX21DPMF6VfAwquqbz5lNt/o0tc
bCUU8mUhBjuVN3FAd70RO6NjhUzZS9Dj++ZLIEZZfKbA3KSBn1jKsuhsHKi9KTv2
NUk=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:03 2023 by rpki-client on console-ams.rpki-client.org