Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/XrOiNCVWNhS5WyKt92Uc6YpNWx8.roa
File: XrOiNCVWNhS5WyKt92Uc6YpNWx8.roa (raw, json)
Hash identifier: lz8BXSyx6knJSNmVDcbSn7WmIoJ6eJ/dlpNSKZdbfPM=
Subject key identifier: 5E:B3:A2:34:25:56:36:14:B9:5B:22:AD:F7:65:1C:E9:8A:4D:5B:1F
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 0183AA5497379060CA271633815A0A4AD26B
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/XrOiNCVWNhS5WyKt92Uc6YpNWx8.roa
Signing time: Wed 05 Oct 2022 22:46:53 +0000
ROA not before: Wed 05 Oct 2022 22:46:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 11426
IP address blocks: 104.249.56.0/22 maxlen: 22
45.43.132.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:aa:54:97:37:90:60:ca:27:16:33:81:5a:0a:4a:d2:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Oct 5 22:46:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5eb3a23425563614b95b22adf7651ce98a4d5b1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:83:18:89:93:80:9c:cc:a6:96:89:b5:6b:89:
9d:b5:37:c1:96:07:48:e5:17:3d:49:d3:48:1f:44:
68:2e:53:c6:57:26:06:c4:70:f0:fb:1c:83:15:57:
59:eb:dc:90:06:39:fb:0a:9b:1c:c0:1c:2a:ba:cc:
b8:ab:49:c7:a6:27:ff:1b:f6:04:6c:f3:52:cc:0b:
7e:6c:7a:6f:5f:2a:4b:2a:29:68:cd:aa:b0:e7:b6:
1a:81:c6:85:eb:80:90:14:b1:bd:9a:47:8a:b7:0d:
95:5d:30:63:7f:67:02:77:d3:b2:06:6a:41:d4:fc:
f7:56:9c:45:14:18:f5:45:49:6a:e2:5c:1d:1c:30:
66:f2:7f:8a:71:0d:a8:b8:ad:cd:1d:48:aa:8e:c2:
29:ee:fd:89:c6:f7:ed:6d:bc:12:19:b7:40:30:d9:
48:13:4d:d0:1f:29:96:af:3b:08:0c:a9:cd:00:ea:
82:b1:5c:94:2c:51:37:87:c5:be:7c:78:1d:8a:a1:
9a:1f:44:b8:85:3e:76:f2:f2:44:da:95:5a:b2:58:
74:c1:5e:14:c2:25:45:ce:0a:c8:d7:0a:4a:33:50:
a8:60:17:73:59:cb:5e:28:f5:78:fd:49:dc:67:1f:
84:10:9c:11:39:7c:c9:09:52:b8:d8:e1:53:4a:a7:
cf:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:B3:A2:34:25:56:36:14:B9:5B:22:AD:F7:65:1C:E9:8A:4D:5B:1F
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/XrOiNCVWNhS5WyKt92Uc6YpNWx8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.132.0/22
104.249.56.0/22
Signature Algorithm: sha256WithRSAEncryption
43:0b:79:bc:a6:f9:29:74:a4:8d:7e:9b:f1:87:1a:5f:99:4f:
42:22:50:3d:08:65:62:fe:f7:72:68:b8:3c:5d:ce:32:e8:e9:
5d:4e:d2:98:31:de:82:7a:5f:13:4a:14:d0:b4:51:e4:20:00:
e3:6a:29:15:98:1b:4a:61:93:b8:aa:45:64:1e:f4:e0:07:e0:
99:d8:23:f2:06:5d:b0:b8:69:e5:7c:15:25:e4:7b:26:aa:70:
37:7c:1a:6e:4d:76:66:50:be:53:23:0e:90:84:de:2b:08:be:
81:26:8d:d9:97:ac:19:82:4d:ab:34:f3:e2:52:f7:82:dd:0e:
41:fd:86:7e:c9:70:1d:05:33:3e:c4:b0:4c:92:64:02:a6:90:
dd:6b:dc:d8:b7:1c:27:8d:c5:d0:56:7c:a9:dd:53:44:44:88:
ad:82:95:69:3b:ba:c0:94:3c:21:18:ce:35:92:93:e3:b4:2f:
95:9d:d0:48:25:0c:0a:ef:4d:2d:03:be:21:0c:3c:a1:0d:c9:
b1:4c:ad:b5:2d:f5:42:60:5b:23:a9:1b:a0:d8:98:33:3f:00:
8a:22:b4:9b:81:d3:da:f3:a3:b5:07:47:fd:b7:a5:88:47:21:
2d:ec:a6:8c:26:db:96:b6:a8:3e:3e:f5:84:c4:04:49:4b:7e:
35:01:32:87
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYOqVJc3kGDKJxYzgVoKStJrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjIxMDA1MjI0NjUzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWIzYTIzNDI1NTYzNjE0Yjk1YjIyYWRmNzY1MWNlOThhNGQ1YjFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlIMYiZOAnMymlom1a4mdtTfBlgdI
5Rc9SdNIH0RoLlPGVyYGxHDw+xyDFVdZ69yQBjn7CpscwBwqusy4q0nHpif/G/YE
bPNSzAt+bHpvXypLKilozaqw57YagcaF64CQFLG9mkeKtw2VXTBjf2cCd9OyBmpB
1Pz3VpxFFBj1RUlq4lwdHDBm8n+KcQ2ouK3NHUiqjsIp7v2JxvftbbwSGbdAMNlI
E03QHymWrzsIDKnNAOqCsVyULFE3h8W+fHgdiqGaH0S4hT528vJE2pVaslh0wV4U
wiVFzgrI1wpKM1CoYBdzWcteKPV4/UncZx+EEJwROXzJCVK42OFTSqfPoQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFF6zojQlVjYUuVsirfdlHOmKTVsfMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvWHJPaU5DVldOaFM1V3lLdDkyVWM2WXBOV3g4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLSuEAwQC
aPk4MA0GCSqGSIb3DQEBCwUAA4IBAQBDC3m8pvkpdKSNfpvxhxpfmU9CIlA9CGVi
/vdyaLg8Xc4y6OldTtKYMd6Cel8TShTQtFHkIADjaikVmBtKYZO4qkVkHvTgB+CZ
2CPyBl2wuGnlfBUl5HsmqnA3fBpuTXZmUL5TIw6QhN4rCL6BJo3Zl6wZgk2rNPPi
UveC3Q5B/YZ+yXAdBTM+xLBMkmQCppDda9zYtxwnjcXQVnyp3VNERIitgpVpO7rA
lDwhGM41kpPjtC+VndBIJQwK700tA74hDDyhDcmxTK21LfVCYFsjqRug2JgzPwCK
IrSbgdPa86O1B0f9t6WIRyEt7KaMJtuWtqg+PvWExARJS341ATKH
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:38 2023 by rpki-client on console-ams.rpki-client.org