Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/be66bf-561c-4d55-826d-038035d80c0b/1/5h3WN3KfVyoDQ5N3G5HjhSgFr_0.roa
File: 5h3WN3KfVyoDQ5N3G5HjhSgFr_0.roa (raw, json)
Hash identifier: YmEF6P6FW1w/UE0kjW8z6XoCT3mEIoA/Ob7EF0Jm7WE=
Subject key identifier: E6:1D:D6:37:72:9F:57:2A:03:43:93:77:1B:91:E3:85:28:05:AF:FD
Certificate issuer: /CN=ce37ca3abca5e14ac11bc7f3c1562a64d6391d22
Certificate serial: 0568BA44
Authority key identifier: CE:37:CA:3A:BC:A5:E1:4A:C1:1B:C7:F3:C1:56:2A:64:D6:39:1D:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zjfKOryl4UrBG8fzwVYqZNY5HSI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/be66bf-561c-4d55-826d-038035d80c0b/1/5h3WN3KfVyoDQ5N3G5HjhSgFr_0.roa
Signing time: Sat 01 Jan 2022 12:03:41 +0000
ROA not before: Sat 01 Jan 2022 12:03:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208411
IP address blocks: 45.137.252.0/22 maxlen: 22
45.137.252.0/24 maxlen: 24
45.137.253.0/24 maxlen: 24
45.137.255.0/24 maxlen: 24
45.137.254.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90749508 (0x568ba44)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ce37ca3abca5e14ac11bc7f3c1562a64d6391d22
Validity
Not Before: Jan 1 12:03:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e61dd637729f572a034393771b91e3852805affd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:c4:c4:6d:88:70:8e:fe:fa:97:56:8c:6c:70:
ef:3b:34:9d:96:09:68:ed:48:10:2e:e1:35:b3:bb:
60:be:d8:ee:88:96:3d:00:0b:3e:93:d0:9e:83:63:
7b:01:70:59:f7:4d:59:46:df:15:d8:7c:17:6e:ae:
f4:b2:ec:96:d1:9f:f1:41:9e:e4:67:48:c7:34:db:
af:a2:3d:53:3d:7b:98:d4:b9:f3:cf:44:d4:e0:57:
95:b0:c6:24:6d:fc:b1:7b:14:2e:13:52:fc:34:f4:
e5:31:34:5d:50:f2:e0:23:2e:b5:ff:7b:38:74:37:
32:91:84:c8:3f:66:cd:b9:be:27:5f:d0:d8:af:36:
1f:44:d1:83:b0:12:47:fd:6b:01:e1:f9:d0:2e:8d:
1b:b6:10:3e:11:c5:b4:16:70:7e:89:29:ad:cf:cf:
60:ec:a2:89:5f:09:27:77:c6:b2:f4:45:e0:01:62:
b9:4a:c2:8d:25:73:53:eb:43:af:6c:12:9e:31:99:
0d:c6:0a:0b:08:1c:32:8a:dc:54:4d:80:29:a8:3a:
fc:de:4f:46:06:f1:d2:f3:e3:33:f0:17:57:f1:a5:
ff:26:90:cc:e6:42:01:64:73:2e:73:9c:24:bd:c2:
84:f6:bf:d0:8b:44:4d:48:3d:2f:84:9b:b8:87:8e:
c4:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:1D:D6:37:72:9F:57:2A:03:43:93:77:1B:91:E3:85:28:05:AF:FD
X509v3 Authority Key Identifier:
keyid:CE:37:CA:3A:BC:A5:E1:4A:C1:1B:C7:F3:C1:56:2A:64:D6:39:1D:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zjfKOryl4UrBG8fzwVYqZNY5HSI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/be66bf-561c-4d55-826d-038035d80c0b/1/5h3WN3KfVyoDQ5N3G5HjhSgFr_0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/be66bf-561c-4d55-826d-038035d80c0b/1/zjfKOryl4UrBG8fzwVYqZNY5HSI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.252.0/22
Signature Algorithm: sha256WithRSAEncryption
13:7d:22:98:bf:26:39:24:30:70:f4:2b:c8:01:01:50:6b:df:
7e:ff:97:de:d0:97:0f:f8:63:76:b1:f5:3e:fe:ad:0e:c4:c3:
9c:44:c2:a5:8a:9f:d7:70:93:97:4a:2c:83:eb:99:44:ff:f3:
89:18:ef:c1:e5:26:e9:99:fe:84:30:13:1d:e0:54:12:8e:c4:
50:32:79:70:d6:a4:b4:4b:2e:b4:6b:d5:fe:fa:0a:ef:58:43:
59:bc:cd:16:c5:46:32:ad:1e:28:b7:78:38:d5:97:45:4f:ff:
e4:b8:0c:49:94:41:99:fc:a4:89:a4:87:4c:0f:3e:58:80:ef:
fa:0e:ce:8e:a7:a0:b6:70:b4:cd:bb:04:65:f5:09:4f:cc:01:
0e:b5:3e:34:35:96:ca:c3:07:a1:9f:17:e1:c5:95:20:e7:0d:
28:9c:10:6f:ce:a1:aa:57:b8:6a:74:42:64:08:c3:0e:7c:c3:
a0:1d:88:da:c9:57:5e:d9:0a:b8:fc:a1:55:a5:29:5a:a1:fb:
c7:a7:3c:ae:ad:ae:6d:93:d9:fb:f7:83:80:70:76:20:ad:ca:
3f:b4:ba:63:31:a7:e6:47:d5:fe:db:b0:f5:3c:56:8e:8f:3e:
74:49:cc:a0:c5:fd:50:67:e5:c2:ab:53:4c:66:f2:9f:4e:4b:
9c:f5:68:62
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBWi6RDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
ZTM3Y2EzYWJjYTVlMTRhYzExYmM3ZjNjMTU2MmE2NGQ2MzkxZDIyMB4XDTIyMDEw
MTEyMDM0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTYxZGQ2Mzc3Mjlm
NTcyYTAzNDM5Mzc3MWI5MWUzODUyODA1YWZmZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALrExG2IcI7++pdWjGxw7zs0nZYJaO1IEC7hNbO7YL7Y7oiW
PQALPpPQnoNjewFwWfdNWUbfFdh8F26u9LLsltGf8UGe5GdIxzTbr6I9Uz17mNS5
889E1OBXlbDGJG38sXsULhNS/DT05TE0XVDy4CMutf97OHQ3MpGEyD9mzbm+J1/Q
2K82H0TRg7ASR/1rAeH50C6NG7YQPhHFtBZwfokprc/PYOyiiV8JJ3fGsvRF4AFi
uUrCjSVzU+tDr2wSnjGZDcYKCwgcMorcVE2AKag6/N5PRgbx0vPjM/AXV/Gl/yaQ
zOZCAWRzLnOcJL3ChPa/0ItETUg9L4SbuIeOxEkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTmHdY3cp9XKgNDk3cbkeOFKAWv/TAfBgNVHSMEGDAWgBTON8o6vKXhSsEb
x/PBVipk1jkdIjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3pqZktPcnlsNFVyQkc4Znp3VllxWk5ZNUhTSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjAvYmU2NmJmLTU2MWMtNGQ1NS04MjZkLTAzODAzNWQ4MGMwYi8x
LzVoM1dOM0tmVnlvRFE1TjNHNUhqaFNnRnJfMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjAv
YmU2NmJmLTU2MWMtNGQ1NS04MjZkLTAzODAzNWQ4MGMwYi8xL3pqZktPcnlsNFVy
Qkc4Znp3VllxWk5ZNUhTSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi2J/DANBgkqhkiG9w0BAQsFAAOC
AQEAE30imL8mOSQwcPQryAEBUGvffv+X3tCXD/hjdrH1Pv6tDsTDnETCpYqf13CT
l0osg+uZRP/ziRjvweUm6Zn+hDATHeBUEo7EUDJ5cNaktEsutGvV/voK71hDWbzN
FsVGMq0eKLd4ONWXRU//5LgMSZRBmfykiaSHTA8+WIDv+g7OjqegtnC0zbsEZfUJ
T8wBDrU+NDWWysMHoZ8X4cWVIOcNKJwQb86hqle4anRCZAjDDnzDoB2I2slXXtkK
uPyhVaUpWqH7x6c8rq2ubZPZ+/eDgHB2IK3KP7S6YzGn5kfV/tuw9TxWjo8+dEnM
oMX9UGflwqtTTGbyn05LnPVoYg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:13:58 2024 by rpki-client on console-ams.rpki-client.org