Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/09cea0-ef2b-4f20-a19a-eb5a627e76a3/1/40jl4VPYo_w223uxVPFn3t1sIjQ.roa
File: 40jl4VPYo_w223uxVPFn3t1sIjQ.roa (raw, json)
Hash identifier: y4X3/KH/Yhr3+y5S1/pLHJvX4c21ToJ5oXjkm7wc20k=
Subject key identifier: E3:48:E5:E1:53:D8:A3:FC:36:DB:7B:B1:54:F1:67:DE:DD:6C:22:34
Certificate issuer: /CN=4c37f27eb4997b3bef9f28266a39694050fe74f9
Certificate serial: 0182BF016CADA8E43C2DD5CD7C6CF31E2A53
Authority key identifier: 4C:37:F2:7E:B4:99:7B:3B:EF:9F:28:26:6A:39:69:40:50:FE:74:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TDfyfrSZezvvnygmajlpQFD-dPk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/09cea0-ef2b-4f20-a19a-eb5a627e76a3/1/40jl4VPYo_w223uxVPFn3t1sIjQ.roa
Signing time: Sun 21 Aug 2022 06:05:17 +0000
ROA not before: Sun 21 Aug 2022 06:05:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 63889
IP address blocks: 45.121.104.0/24 maxlen: 24
45.121.106.0/24 maxlen: 24
45.121.107.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:bf:01:6c:ad:a8:e4:3c:2d:d5:cd:7c:6c:f3:1e:2a:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c37f27eb4997b3bef9f28266a39694050fe74f9
Validity
Not Before: Aug 21 06:05:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e348e5e153d8a3fc36db7bb154f167dedd6c2234
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:c1:77:0b:9e:2e:a8:b8:e7:4c:d4:30:9b:b2:
78:7e:e8:ea:ac:4e:0a:f7:83:5b:51:06:98:be:b1:
bd:be:8d:19:bd:1b:fa:18:65:cc:d4:a9:39:46:d1:
5e:b9:d1:51:ff:42:38:a7:0b:5d:2e:b7:a2:a8:28:
6b:7a:f9:e4:be:61:64:3a:7c:85:07:e0:2d:ff:83:
2a:a9:74:84:9f:4c:b6:b7:5a:58:80:87:bc:a1:d9:
59:99:ca:1e:d3:13:e0:ed:30:b7:98:a0:1b:59:86:
e4:9d:15:86:7e:c8:9d:2f:bd:51:7e:3f:e0:dd:32:
3e:6f:51:d6:ab:73:fc:ce:c8:f2:81:05:0a:a4:2c:
91:fb:bf:3c:43:a8:3f:cf:8e:c9:f7:68:e2:6d:9a:
f5:26:07:59:6f:8a:85:ae:ed:b4:43:f5:71:b7:5b:
59:50:f8:35:b5:7a:5c:2e:d0:30:0c:32:ce:39:52:
04:72:c5:7f:53:1b:d0:92:f6:d2:80:53:d9:be:76:
80:d4:f9:07:ed:5e:15:9e:fd:31:73:f5:74:08:7f:
08:b6:63:bf:f6:24:73:e4:d6:7c:cd:ee:7a:fa:84:
2a:1c:1d:0c:6c:6f:58:90:17:e5:e0:9e:57:2e:36:
61:29:e8:92:12:c6:fa:85:38:e7:f8:ff:cb:86:1f:
42:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:48:E5:E1:53:D8:A3:FC:36:DB:7B:B1:54:F1:67:DE:DD:6C:22:34
X509v3 Authority Key Identifier:
keyid:4C:37:F2:7E:B4:99:7B:3B:EF:9F:28:26:6A:39:69:40:50:FE:74:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TDfyfrSZezvvnygmajlpQFD-dPk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/09cea0-ef2b-4f20-a19a-eb5a627e76a3/1/40jl4VPYo_w223uxVPFn3t1sIjQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/09cea0-ef2b-4f20-a19a-eb5a627e76a3/1/TDfyfrSZezvvnygmajlpQFD-dPk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.121.104.0/24
45.121.106.0/23
Signature Algorithm: sha256WithRSAEncryption
5b:10:20:e1:52:b4:e0:98:55:8c:8c:50:4d:b2:08:6a:98:24:
76:7d:ba:d3:10:52:55:c5:ff:6f:26:4b:0b:c7:d0:a1:b5:a4:
f9:87:bd:9b:b7:ce:1c:30:75:1a:d6:cf:f3:e8:a1:37:a5:1b:
ce:42:db:69:52:ef:dc:53:84:4d:0d:1a:82:0d:59:8d:2c:d0:
32:1c:83:3d:ac:cf:7d:76:ea:6b:52:ac:f9:78:9a:2f:17:6c:
ed:f8:76:ad:10:87:29:95:b5:b5:20:8b:58:ef:3a:df:66:dd:
64:ab:ef:b1:2e:c3:62:87:79:08:3d:8a:93:05:64:36:b5:07:
eb:e4:a4:b9:75:8e:ed:dd:01:a4:a1:09:bd:5b:d4:db:ed:61:
dc:13:38:d2:2f:32:71:75:6b:23:d3:e0:d2:74:66:ca:f5:b2:
a9:0b:d7:6e:95:75:58:c0:a2:4b:46:fb:93:23:5e:43:c5:ef:
01:1a:74:19:7f:79:7f:90:db:75:1b:98:7b:8b:e4:b9:fc:88:
b3:a7:e5:be:b2:33:38:f6:c1:79:90:c2:1a:d2:a9:4f:8f:bb:
d1:ca:16:3f:6e:12:7b:cf:1e:96:b5:df:fd:2e:aa:80:2a:fd:
0e:17:59:2f:23:61:67:30:c0:37:86:34:c6:19:64:1c:d1:af:
6c:fa:8d:bb
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYK/AWytqOQ8LdXNfGzzHipTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjMzdmMjdlYjQ5OTdiM2JlZjlmMjgyNjZhMzk2OTQwNTBm
ZTc0ZjkwHhcNMjIwODIxMDYwNTE3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzQ4ZTVlMTUzZDhhM2ZjMzZkYjdiYjE1NGYxNjdkZWRkNmMyMjM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2MF3C54uqLjnTNQwm7J4fujqrE4K
94NbUQaYvrG9vo0ZvRv6GGXM1Kk5RtFeudFR/0I4pwtdLreiqChrevnkvmFkOnyF
B+At/4MqqXSEn0y2t1pYgIe8odlZmcoe0xPg7TC3mKAbWYbknRWGfsidL71Rfj/g
3TI+b1HWq3P8zsjygQUKpCyR+788Q6g/z47J92jibZr1JgdZb4qFru20Q/Vxt1tZ
UPg1tXpcLtAwDDLOOVIEcsV/UxvQkvbSgFPZvnaA1PkH7V4Vnv0xc/V0CH8ItmO/
9iRz5NZ8ze56+oQqHB0MbG9YkBfl4J5XLjZhKeiSEsb6hTjn+P/Lhh9CqQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFONI5eFT2KP8Ntt7sVTxZ97dbCI0MB8GA1UdIwQY
MBaAFEw38n60mXs7758oJmo5aUBQ/nT5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVERmeWZyU1plenZ2bnlnbWFqbHBRRkQtZFBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC8wOWNlYTAtZWYyYi00ZjIwLWExOWEt
ZWI1YTYyN2U3NmEzLzEvNDBqbDRWUFlvX3cyMjN1eFZQRm4zdDFzSWpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC8wOWNlYTAtZWYyYi00ZjIwLWExOWEtZWI1YTYyN2U3NmEz
LzEvVERmeWZyU1plenZ2bnlnbWFqbHBRRkQtZFBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALXloAwQB
LXlqMA0GCSqGSIb3DQEBCwUAA4IBAQBbECDhUrTgmFWMjFBNsghqmCR2fbrTEFJV
xf9vJksLx9ChtaT5h72bt84cMHUa1s/z6KE3pRvOQttpUu/cU4RNDRqCDVmNLNAy
HIM9rM99duprUqz5eJovF2zt+HatEIcplbW1IItY7zrfZt1kq++xLsNih3kIPYqT
BWQ2tQfr5KS5dY7t3QGkoQm9W9Tb7WHcEzjSLzJxdWsj0+DSdGbK9bKpC9dulXVY
wKJLRvuTI15Dxe8BGnQZf3l/kNt1G5h7i+S5/Iizp+W+sjM49sF5kMIa0qlPj7vR
yhY/bhJ7zx6Wtd/9LqqAKv0OF1kvI2FnMMA3hjTGGWQc0a9s+o27
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:20 2024 by rpki-client on console-fra.rpki-client.org