Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/cf3ca3-1cd7-4312-ba73-83c8596229fa/1/aLwYmLucbt2ET4f3l44gi6SwLFY.roa
File: aLwYmLucbt2ET4f3l44gi6SwLFY.roa (raw, json)
Hash identifier: Dw7swCswQ3Dw+TB1/tzVgsUHEMLEEbnpQqyB1uVQLQY=
Subject key identifier: 68:BC:18:98:BB:9C:6E:DD:84:4F:87:F7:97:8E:20:8B:A4:B0:2C:56
Certificate issuer: /CN=d24f497d157847005336b777361b1d20905c5213
Certificate serial: 07DD49B4
Authority key identifier: D2:4F:49:7D:15:78:47:00:53:36:B7:77:36:1B:1D:20:90:5C:52:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0k9JfRV4RwBTNrd3NhsdIJBcUhM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/cf3ca3-1cd7-4312-ba73-83c8596229fa/1/aLwYmLucbt2ET4f3l44gi6SwLFY.roa
Signing time: Sat 01 Jan 2022 15:57:09 +0000
ROA not before: Sat 01 Jan 2022 15:57:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208431
IP address blocks: 45.136.220.0/22 maxlen: 24
2a0e:9b41::/32 maxlen: 48
2a0e:9b40::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 131942836 (0x7dd49b4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d24f497d157847005336b777361b1d20905c5213
Validity
Not Before: Jan 1 15:57:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=68bc1898bb9c6edd844f87f7978e208ba4b02c56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:9d:2b:e9:2f:6e:2b:b9:7c:c6:3e:ea:19:17:
c9:fd:68:93:be:57:99:78:0d:39:cf:3e:e2:45:f5:
e3:5e:db:56:01:03:e5:0d:ab:ed:cd:b3:8c:ad:4e:
4d:a4:e2:86:80:d0:99:1e:0f:c8:aa:98:5c:d4:bb:
9e:32:32:6f:3e:c1:f1:79:57:81:69:fa:8e:c4:83:
ee:46:fb:bd:c3:80:e3:df:dd:1f:96:f1:87:91:87:
0f:b5:01:e5:d5:9e:08:dc:a2:33:d2:0a:a6:05:8e:
7e:99:14:58:5b:0a:64:ea:9a:e9:c0:95:8b:d5:50:
74:46:45:f4:f9:e3:fa:f6:a8:6f:65:70:7a:65:6a:
09:dc:77:ee:c0:d9:cf:a4:a1:36:bc:69:da:b1:e5:
ff:fb:e4:fb:2a:79:13:57:b9:56:e4:e5:87:05:f3:
9a:e2:2f:92:bd:d3:e7:5b:5e:5b:cb:47:7e:c1:95:
c5:b7:7e:df:97:01:98:2b:75:13:5f:8f:58:6b:f1:
98:ee:da:29:10:96:6f:ef:6f:47:23:db:45:9b:9b:
06:ab:86:04:51:4d:86:b8:3a:91:f0:54:d3:36:c4:
28:30:a2:81:f3:1c:73:e3:63:2a:25:57:60:db:a4:
4d:ae:5a:36:33:f7:c2:aa:88:9a:45:9e:1a:01:48:
df:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:BC:18:98:BB:9C:6E:DD:84:4F:87:F7:97:8E:20:8B:A4:B0:2C:56
X509v3 Authority Key Identifier:
keyid:D2:4F:49:7D:15:78:47:00:53:36:B7:77:36:1B:1D:20:90:5C:52:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0k9JfRV4RwBTNrd3NhsdIJBcUhM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/cf3ca3-1cd7-4312-ba73-83c8596229fa/1/aLwYmLucbt2ET4f3l44gi6SwLFY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/cf3ca3-1cd7-4312-ba73-83c8596229fa/1/0k9JfRV4RwBTNrd3NhsdIJBcUhM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.220.0/22
IPv6:
2a0e:9b40::/31
Signature Algorithm: sha256WithRSAEncryption
4f:9d:64:3b:4c:08:67:fb:bb:cc:f6:a6:c8:5b:4d:db:92:99:
c3:f8:23:1a:51:aa:ed:e7:dc:25:e1:35:e2:f1:bc:cb:2a:a5:
ea:ca:a3:bf:87:02:58:96:17:55:8f:b9:13:e7:ab:02:89:51:
87:6b:4d:b5:cc:b8:98:a5:a6:e6:56:96:9f:09:5c:68:d7:99:
1f:e9:e1:5d:bb:45:c3:68:55:1a:77:89:ab:1d:8a:fc:d0:95:
d2:65:55:2b:22:36:0e:f6:9f:64:26:42:a6:64:5c:22:ad:a7:
bc:06:4a:a7:f6:74:1c:0e:76:e6:7d:42:d0:6f:ce:c4:95:c3:
4f:34:9c:df:87:0b:8b:74:4c:a4:0c:63:d1:5b:28:1c:09:d6:
95:31:ac:95:3b:07:d3:7f:e9:7c:a4:c5:20:d9:73:1d:22:b7:
9c:26:bd:27:e8:b2:55:1f:ed:0e:96:3b:c8:1e:0c:20:c9:4b:
4f:f1:cb:bd:e6:e4:b8:46:54:08:fb:2f:68:9f:d1:ff:1b:a9:
82:6f:99:5a:5a:16:64:bc:38:0a:83:4f:18:1d:12:2c:b6:bf:
f7:1b:f3:74:23:54:33:d1:ae:69:d7:1f:fa:33:90:48:6d:4f:
a1:6c:ba:a1:6f:35:f9:6c:76:ba:19:91:cc:87:2c:97:ce:7f:
1d:7b:28:f5
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEB91JtDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MjRmNDk3ZDE1Nzg0NzAwNTMzNmI3NzczNjFiMWQyMDkwNWM1MjEzMB4XDTIyMDEw
MTE1NTcwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjhiYzE4OThiYjlj
NmVkZDg0NGY4N2Y3OTc4ZTIwOGJhNGIwMmM1NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJudK+kvbiu5fMY+6hkXyf1ok75XmXgNOc8+4kX1417bVgED
5Q2r7c2zjK1OTaTihoDQmR4PyKqYXNS7njIybz7B8XlXgWn6jsSD7kb7vcOA49/d
H5bxh5GHD7UB5dWeCNyiM9IKpgWOfpkUWFsKZOqa6cCVi9VQdEZF9Pnj+vaob2Vw
emVqCdx37sDZz6ShNrxp2rHl//vk+yp5E1e5VuTlhwXzmuIvkr3T51teW8tHfsGV
xbd+35cBmCt1E1+PWGvxmO7aKRCWb+9vRyPbRZubBquGBFFNhrg6kfBU0zbEKDCi
gfMcc+NjKiVXYNukTa5aNjP3wqqImkWeGgFI330CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBRovBiYu5xu3YRPh/eXjiCLpLAsVjAfBgNVHSMEGDAWgBTST0l9FXhHAFM2
t3c2Gx0gkFxSEzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzBrOUpmUlY0UndCVE5yZDNOaHNkSUpCY1VoTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTcvY2YzY2EzLTFjZDctNDMxMi1iYTczLTgzYzg1OTYyMjlmYS8x
L2FMd1ltTHVjYnQyRVQ0ZjNsNDRnaTZTd0xGWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTcv
Y2YzY2EzLTFjZDctNDMxMi1iYTczLTgzYzg1OTYyMjlmYS8xLzBrOUpmUlY0UndC
VE5yZDNOaHNkSUpCY1VoTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAi2I3DANBAIAAjAHAwUBKg6bQDAN
BgkqhkiG9w0BAQsFAAOCAQEAT51kO0wIZ/u7zPamyFtN25KZw/gjGlGq7efcJeE1
4vG8yyql6sqjv4cCWJYXVY+5E+erAolRh2tNtcy4mKWm5laWnwlcaNeZH+nhXbtF
w2hVGneJqx2K/NCV0mVVKyI2DvafZCZCpmRcIq2nvAZKp/Z0HA525n1C0G/OxJXD
TzSc34cLi3RMpAxj0VsoHAnWlTGslTsH03/pfKTFINlzHSK3nCa9J+iyVR/tDpY7
yB4MIMlLT/HLvebkuEZUCPsvaJ/R/xupgm+ZWloWZLw4CoNPGB0SLLa/9xvzdCNU
M9Guadcf+jOQSG1PoWy6oW81+Wx2uhmRzIcsl85/HXso9Q==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:40 2023 by rpki-client on console-fra.rpki-client.org