Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/cf3ca3-1cd7-4312-ba73-83c8596229fa/1/haG7qz_UNwtBb_9266WeMsYqEyc.roa
File: haG7qz_UNwtBb_9266WeMsYqEyc.roa (raw, json)
Hash identifier: EOdKWh4ZVbx2Stu4rzLEOQluUr0vRBOcc9BtL/ixgrM=
Subject key identifier: 85:A1:BB:AB:3F:D4:37:0B:41:6F:FF:76:EB:A5:9E:32:C6:2A:13:27
Certificate issuer: /CN=d24f497d157847005336b777361b1d20905c5213
Certificate serial: 09331089
Authority key identifier: D2:4F:49:7D:15:78:47:00:53:36:B7:77:36:1B:1D:20:90:5C:52:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0k9JfRV4RwBTNrd3NhsdIJBcUhM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/cf3ca3-1cd7-4312-ba73-83c8596229fa/1/haG7qz_UNwtBb_9266WeMsYqEyc.roa
Signing time: Thu 02 Jun 2022 19:11:20 +0000
ROA not before: Thu 02 Jun 2022 19:11:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208431
IP address blocks: 45.136.222.0/24 maxlen: 24
45.136.220.0/23 maxlen: 24
2a0e:9b41::/32 maxlen: 48
2a0e:9b40::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 154341513 (0x9331089)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d24f497d157847005336b777361b1d20905c5213
Validity
Not Before: Jun 2 19:11:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=85a1bbab3fd4370b416fff76eba59e32c62a1327
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:ef:ef:fe:88:73:1e:46:79:c5:3e:27:8c:21:
be:98:69:23:63:33:6c:94:ee:c9:27:f8:62:a5:07:
34:89:50:16:80:f3:35:09:df:7b:a9:58:49:1f:45:
1a:09:ec:f3:82:24:95:92:04:98:f6:32:90:1d:eb:
4b:22:f5:10:f7:dd:63:72:b6:ea:0a:09:ac:0a:96:
a6:fe:22:7b:77:56:90:76:17:88:c0:e4:0c:cb:27:
c7:6b:03:27:bb:40:19:32:f5:04:7b:7f:f3:4c:0b:
1c:bf:7f:83:22:66:c3:bc:64:a2:d0:dc:60:0f:1a:
8d:bc:36:31:75:4d:66:db:6f:a5:91:37:a1:d3:46:
4d:6d:92:94:b0:ae:56:35:b8:a9:02:87:b6:5f:f0:
1c:99:cc:1e:0a:b4:68:a2:a1:f6:f5:3c:ab:9e:61:
11:54:ff:88:02:74:26:a8:ea:df:8c:bc:91:29:64:
5c:13:32:e4:06:19:70:1f:e3:bc:85:ab:30:88:74:
01:fa:6e:a5:84:61:b1:cd:bb:4c:f7:87:2c:b9:f6:
64:b8:e8:4c:9c:2e:cc:79:d7:95:45:ff:8a:5a:c0:
c0:5a:ca:ab:f6:02:46:c6:fb:cb:93:0d:6b:1c:3e:
37:1d:1d:c7:10:05:db:0b:7f:ef:54:2a:ed:bc:3e:
9e:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:A1:BB:AB:3F:D4:37:0B:41:6F:FF:76:EB:A5:9E:32:C6:2A:13:27
X509v3 Authority Key Identifier:
keyid:D2:4F:49:7D:15:78:47:00:53:36:B7:77:36:1B:1D:20:90:5C:52:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0k9JfRV4RwBTNrd3NhsdIJBcUhM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/cf3ca3-1cd7-4312-ba73-83c8596229fa/1/haG7qz_UNwtBb_9266WeMsYqEyc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/cf3ca3-1cd7-4312-ba73-83c8596229fa/1/0k9JfRV4RwBTNrd3NhsdIJBcUhM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.220.0-45.136.222.255
IPv6:
2a0e:9b40::/31
Signature Algorithm: sha256WithRSAEncryption
67:60:b4:4c:a6:3d:dd:09:50:59:d4:c8:99:59:df:9a:ff:2f:
05:ad:c0:48:01:a4:d8:76:00:0d:ba:f1:7b:8c:42:8c:66:86:
f0:45:dd:91:61:49:b1:4f:89:4e:09:d8:4e:6b:be:28:a4:a3:
64:68:50:1b:90:8a:07:54:f8:f8:4b:ac:47:8c:34:8f:dc:48:
b6:43:8f:bb:e7:ef:a4:f9:65:f2:a6:fa:f2:4a:f2:b7:9c:fe:
af:e1:54:9c:f3:0f:3d:48:55:51:ae:06:52:9b:a3:15:4e:72:
4b:2d:16:85:8d:bd:e5:60:67:c6:22:da:df:c2:a3:27:32:4d:
d0:45:9f:33:42:00:f8:b7:fd:61:ae:96:c7:fa:9a:f8:34:48:
f7:df:83:ab:c0:80:e8:23:f9:03:fb:67:a0:06:fb:ad:95:c9:
60:1b:79:a7:60:5b:57:39:24:99:f8:7e:2a:83:9e:d7:41:53:
90:72:bf:b5:44:75:73:10:be:0b:47:02:1a:aa:ff:c5:28:6a:
ba:42:cd:ea:df:bb:38:31:11:73:d2:1c:dd:4a:2d:07:37:d0:
22:12:db:a5:f3:5d:85:be:78:57:6e:ff:2c:e1:7d:c4:35:4c:
05:ee:21:48:9d:dc:40:65:4a:f8:30:85:39:02:3d:4d:70:c2:
05:f5:40:79
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIECTMQiTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MjRmNDk3ZDE1Nzg0NzAwNTMzNmI3NzczNjFiMWQyMDkwNWM1MjEzMB4XDTIyMDYw
MjE5MTEyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODVhMWJiYWIzZmQ0
MzcwYjQxNmZmZjc2ZWJhNTllMzJjNjJhMTMyNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPTv7/6Icx5GecU+J4whvphpI2MzbJTuySf4YqUHNIlQFoDz
NQnfe6lYSR9FGgns84IklZIEmPYykB3rSyL1EPfdY3K26goJrAqWpv4ie3dWkHYX
iMDkDMsnx2sDJ7tAGTL1BHt/80wLHL9/gyJmw7xkotDcYA8ajbw2MXVNZttvpZE3
odNGTW2SlLCuVjW4qQKHtl/wHJnMHgq0aKKh9vU8q55hEVT/iAJ0Jqjq34y8kSlk
XBMy5AYZcB/jvIWrMIh0AfpupYRhsc27TPeHLLn2ZLjoTJwuzHnXlUX/ilrAwFrK
q/YCRsb7y5MNaxw+Nx0dxxAF2wt/71Qq7bw+no8CAwEAAaOCAiAwggIcMB0GA1Ud
DgQWBBSFoburP9Q3C0Fv/3brpZ4yxioTJzAfBgNVHSMEGDAWgBTST0l9FXhHAFM2
t3c2Gx0gkFxSEzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzBrOUpmUlY0UndCVE5yZDNOaHNkSUpCY1VoTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTcvY2YzY2EzLTFjZDctNDMxMi1iYTczLTgzYzg1OTYyMjlmYS8x
L2hhRzdxel9VTnd0QmJfOTI2NldlTXNZcUV5Yy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTcv
Y2YzY2EzLTFjZDctNDMxMi1iYTczLTgzYzg1OTYyMjlmYS8xLzBrOUpmUlY0UndC
VE5yZDNOaHNkSUpCY1VoTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA2
BggrBgEFBQcBBwEB/wQnMCUwFAQCAAEwDjAMAwQCLYjcAwQALYjeMA0EAgACMAcD
BQEqDptAMA0GCSqGSIb3DQEBCwUAA4IBAQBnYLRMpj3dCVBZ1MiZWd+a/y8FrcBI
AaTYdgANuvF7jEKMZobwRd2RYUmxT4lOCdhOa74opKNkaFAbkIoHVPj4S6xHjDSP
3Ei2Q4+75++k+WXypvrySvK3nP6v4VSc8w89SFVRrgZSm6MVTnJLLRaFjb3lYGfG
ItrfwqMnMk3QRZ8zQgD4t/1hrpbH+pr4NEj334OrwIDoI/kD+2egBvutlclgG3mn
YFtXOSSZ+H4qg57XQVOQcr+1RHVzEL4LRwIaqv/FKGq6Qs3q37s4MRFz0hzdSi0H
N9AiEtul812FvnhXbv8s4X3ENUwF7iFIndxAZUr4MIU5Aj1NcMIF9UB5
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:23 2023 by rpki-client on console-ams.rpki-client.org