Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/4522fb-c1da-4ccc-a7c7-a043e1b67b94/1/2M1Fs20cqUwZpIRmiZ0jkP0mjbI.roa
File: 2M1Fs20cqUwZpIRmiZ0jkP0mjbI.roa (raw, json)
Hash identifier: 5NZD4Dz0ZmERPdW6f0/5lGdV7klL8TWVd5c/7YjGvBg=
Subject key identifier: D8:CD:45:B3:6D:1C:A9:4C:19:A4:84:66:89:9D:23:90:FD:26:8D:B2
Certificate issuer: /CN=4292b5da4b4ffeaf720649518fbaaa10c5cb2811
Certificate serial: 01825A8504B160CBB1AFD5F5431F6F6E67CE
Authority key identifier: 42:92:B5:DA:4B:4F:FE:AF:72:06:49:51:8F:BA:AA:10:C5:CB:28:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QpK12ktP_q9yBklRj7qqEMXLKBE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/4522fb-c1da-4ccc-a7c7-a043e1b67b94/1/2M1Fs20cqUwZpIRmiZ0jkP0mjbI.roa
Signing time: Mon 01 Aug 2022 17:47:23 +0000
ROA not before: Mon 01 Aug 2022 17:47:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44854
IP address blocks: 103.229.81.0/24 maxlen: 24
185.219.6.0/24 maxlen: 24
93.114.180.0/23 maxlen: 24
2a10:e300:35::/48 maxlen: 48
2a10:e300::/32 maxlen: 48
2a10:e300:26::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:5a:85:04:b1:60:cb:b1:af:d5:f5:43:1f:6f:6e:67:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4292b5da4b4ffeaf720649518fbaaa10c5cb2811
Validity
Not Before: Aug 1 17:47:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d8cd45b36d1ca94c19a48466899d2390fd268db2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:8a:70:7f:f8:b5:0b:d3:9b:18:f4:d5:c7:d7:
99:62:7d:5c:a5:11:b8:2a:14:64:12:a5:2a:9b:4c:
b7:74:10:9d:33:6f:19:68:0c:ff:9f:47:93:a1:fa:
40:8e:62:78:ae:03:f9:38:38:ae:e1:2e:17:dd:4e:
9f:7c:c5:b5:5b:19:63:43:bb:5b:ff:b4:a4:a5:68:
a8:e8:60:84:7c:90:04:8d:29:d0:39:2e:57:d6:3a:
4b:64:2e:5c:e5:d5:e3:69:ef:23:0f:c8:9b:74:3b:
ad:96:3d:e1:d1:d3:1b:eb:1d:7f:bd:35:17:4a:9c:
44:b1:ff:8e:d8:97:0a:9a:e7:78:fb:88:1a:44:5e:
81:7c:0c:3a:a9:ba:47:5b:f2:c9:36:1a:6e:b0:4e:
cd:f1:73:50:bd:cf:d7:e1:cc:ac:d4:6b:48:81:a6:
24:80:c7:aa:62:16:47:c1:42:d2:32:4d:b7:ca:92:
0d:b4:e8:e0:ef:40:0d:0f:ed:f2:29:0f:bb:b8:e2:
d9:73:b3:2d:d3:8a:b4:72:e7:99:e0:b5:8d:dd:27:
6b:47:76:bb:6e:2a:40:56:ce:5c:7e:aa:38:05:79:
ef:e6:d3:27:43:48:d2:3a:1d:4f:cb:4a:1f:c8:88:
b0:c6:77:57:70:0c:a9:6a:48:39:61:4f:49:b3:e2:
e6:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:CD:45:B3:6D:1C:A9:4C:19:A4:84:66:89:9D:23:90:FD:26:8D:B2
X509v3 Authority Key Identifier:
keyid:42:92:B5:DA:4B:4F:FE:AF:72:06:49:51:8F:BA:AA:10:C5:CB:28:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QpK12ktP_q9yBklRj7qqEMXLKBE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/4522fb-c1da-4ccc-a7c7-a043e1b67b94/1/2M1Fs20cqUwZpIRmiZ0jkP0mjbI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/4522fb-c1da-4ccc-a7c7-a043e1b67b94/1/QpK12ktP_q9yBklRj7qqEMXLKBE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.114.180.0/23
103.229.81.0/24
185.219.6.0/24
IPv6:
2a10:e300::/32
Signature Algorithm: sha256WithRSAEncryption
1c:4d:40:f5:92:34:a2:54:21:44:46:8e:41:f1:1f:5e:c2:d0:
6d:a5:fc:1f:f4:b0:0f:c8:af:9d:fb:25:05:df:ec:28:53:69:
4f:37:23:a8:7a:34:63:a5:d9:ae:01:c3:d2:d4:02:02:7e:ec:
11:7b:a2:60:45:f2:1b:5e:9b:93:a8:6e:62:5e:e7:68:7a:5e:
a9:98:fe:0c:e2:f8:3b:49:aa:19:fd:a5:bd:68:00:e1:7f:ee:
48:a5:65:18:83:41:f3:55:a9:f4:97:cc:1e:38:7f:25:cd:db:
0c:8f:7f:40:78:8d:b3:63:85:b6:1f:f3:11:96:9b:ad:b4:f2:
33:13:e9:aa:e1:8b:6e:08:b4:08:82:b2:09:99:e2:55:dd:4d:
d3:d7:57:85:ef:7a:ef:ce:25:3b:32:69:ef:2e:0e:07:bc:dd:
41:2e:af:82:79:36:40:b5:08:2c:6e:35:5b:b1:ac:76:b8:e0:
25:a7:cb:c0:52:93:57:59:01:0c:5f:fd:8d:8c:5a:94:6a:fe:
47:8c:fd:17:33:df:58:39:a7:e5:0a:6f:89:55:a8:11:60:c3:
07:67:ee:ee:43:81:2b:69:2f:b2:4c:91:a3:dd:a0:a1:42:c4:
91:f1:a6:7f:ce:ce:01:ca:6f:09:4c:e3:54:34:ee:ca:f8:c9:
15:aa:9f:09
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYJahQSxYMuxr9X1Qx9vbmfOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyOTJiNWRhNGI0ZmZlYWY3MjA2NDk1MThmYmFhYTEwYzVj
YjI4MTEwHhcNMjIwODAxMTc0NzIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGNkNDViMzZkMWNhOTRjMTlhNDg0NjY4OTlkMjM5MGZkMjY4ZGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApIpwf/i1C9ObGPTVx9eZYn1cpRG4
KhRkEqUqm0y3dBCdM28ZaAz/n0eTofpAjmJ4rgP5ODiu4S4X3U6ffMW1WxljQ7tb
/7SkpWio6GCEfJAEjSnQOS5X1jpLZC5c5dXjae8jD8ibdDutlj3h0dMb6x1/vTUX
SpxEsf+O2JcKmud4+4gaRF6BfAw6qbpHW/LJNhpusE7N8XNQvc/X4cys1GtIgaYk
gMeqYhZHwULSMk23ypINtOjg70AND+3yKQ+7uOLZc7Mt04q0cueZ4LWN3SdrR3a7
bipAVs5cfqo4BXnv5tMnQ0jSOh1Py0ofyIiwxndXcAypakg5YU9Js+Lm6wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFNjNRbNtHKlMGaSEZomdI5D9Jo2yMB8GA1UdIwQY
MBaAFEKStdpLT/6vcgZJUY+6qhDFyygRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXBLMTJrdFBfcTl5QmtsUmo3cXFFTVhMS0JFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS80NTIyZmItYzFkYS00Y2NjLWE3Yzct
YTA0M2UxYjY3Yjk0LzEvMk0xRnMyMGNxVXdacElSbWlaMGprUDBtamJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS80NTIyZmItYzFkYS00Y2NjLWE3YzctYTA0M2UxYjY3Yjk0
LzEvUXBLMTJrdFBfcTl5QmtsUmo3cXFFTVhMS0JFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQBXXK0AwQA
Z+VRAwQAudsGMA0EAgACMAcDBQAqEOMAMA0GCSqGSIb3DQEBCwUAA4IBAQAcTUD1
kjSiVCFERo5B8R9ewtBtpfwf9LAPyK+d+yUF3+woU2lPNyOoejRjpdmuAcPS1AIC
fuwRe6JgRfIbXpuTqG5iXudoel6pmP4M4vg7SaoZ/aW9aADhf+5IpWUYg0HzVan0
l8weOH8lzdsMj39AeI2zY4W2H/MRlputtPIzE+mq4YtuCLQIgrIJmeJV3U3T11eF
73rvziU7MmnvLg4HvN1BLq+CeTZAtQgsbjVbsax2uOAlp8vAUpNXWQEMX/2NjFqU
av5HjP0XM99YOaflCm+JVagRYMMHZ+7uQ4EraS+yTJGj3aChQsSR8aZ/zs4Bym8J
TONUNO7K+MkVqp8J
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:16 2023 by rpki-client on console-ams.rpki-client.org