Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/0hXKeDf3PecMc82WLFrNk081iN0.roa
File: 0hXKeDf3PecMc82WLFrNk081iN0.roa (raw, json)
Hash identifier: JKNvX3s0X6gcGIwDU4GrJ2tzmJ6pD4v7CI4PtDYhISA=
Subject key identifier: D2:15:CA:78:37:F7:3D:E7:0C:73:CD:96:2C:5A:CD:93:4F:35:88:DD
Certificate issuer: /CN=8e1c11658d2041eaf2502fe5408ed493bbd4f318
Certificate serial: 01850FBADB43D8AF5DA42B96B44D329BEB0A
Authority key identifier: 8E:1C:11:65:8D:20:41:EA:F2:50:2F:E5:40:8E:D4:93:BB:D4:F3:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/0hXKeDf3PecMc82WLFrNk081iN0.roa
Signing time: Wed 14 Dec 2022 08:23:02 +0000
ROA not before: Wed 14 Dec 2022 08:23:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210636
IP address blocks: 45.88.184.0/24 maxlen: 24
45.88.185.0/24 maxlen: 24
45.88.186.0/24 maxlen: 24
45.91.117.0/24 maxlen: 24
45.93.150.0/24 maxlen: 24
45.93.151.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:0f:ba:db:43:d8:af:5d:a4:2b:96:b4:4d:32:9b:eb:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e1c11658d2041eaf2502fe5408ed493bbd4f318
Validity
Not Before: Dec 14 08:23:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d215ca7837f73de70c73cd962c5acd934f3588dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:72:78:2a:c2:99:7a:fc:af:c2:0b:01:77:ae:
f2:21:8d:a7:d0:50:24:04:f0:64:5c:de:4a:70:15:
4e:9f:00:15:55:03:23:23:17:f9:fb:6a:43:0f:0d:
2c:67:1a:1d:cb:47:62:bf:a2:18:7f:0d:ef:c1:a4:
0f:e1:ec:0b:9b:98:97:22:64:52:bd:8f:69:17:f2:
93:19:26:05:71:0d:d5:54:90:0c:e8:2c:24:73:8c:
08:0c:7b:33:fc:af:dc:eb:08:78:da:ca:e3:17:96:
93:14:63:72:9d:de:f9:25:61:6b:6d:3e:88:55:db:
42:6b:63:d2:74:ff:bd:a6:6a:34:02:50:b9:7c:6e:
f5:1f:15:b7:ca:39:9c:9d:9c:29:69:7c:73:88:ef:
80:e1:62:a1:06:a1:54:d9:7f:f1:69:f7:e0:1a:9a:
e3:0b:ae:56:a5:c4:06:89:5b:e0:65:50:2a:73:5c:
40:3d:46:48:19:49:71:23:79:0e:68:ad:b8:fe:d7:
f3:49:8b:51:cb:ee:ee:68:08:22:5e:04:05:7f:c4:
d5:53:24:92:34:a5:66:9e:7a:db:6f:c3:d1:6f:1d:
78:4c:c9:52:1f:8e:49:3b:c9:90:38:9f:43:b4:41:
5d:a3:fc:b9:fb:7e:16:7e:24:6d:a3:7a:27:30:8e:
ea:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:15:CA:78:37:F7:3D:E7:0C:73:CD:96:2C:5A:CD:93:4F:35:88:DD
X509v3 Authority Key Identifier:
keyid:8E:1C:11:65:8D:20:41:EA:F2:50:2F:E5:40:8E:D4:93:BB:D4:F3:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/0hXKeDf3PecMc82WLFrNk081iN0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/jhwRZY0gQeryUC_lQI7Uk7vU8xg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.184.0-45.88.186.255
45.91.117.0/24
45.93.150.0/23
Signature Algorithm: sha256WithRSAEncryption
72:ab:03:6f:b3:78:4d:05:fa:23:02:e4:bc:0a:ff:2d:c6:c2:
e0:05:c9:03:2a:d5:75:ff:0f:ed:e2:15:97:33:09:aa:67:73:
2a:c4:47:23:a1:61:bc:98:31:ec:09:33:1b:35:23:ec:9a:79:
50:4c:8e:c0:ee:81:0b:24:31:db:75:52:43:98:79:57:96:b2:
fc:bf:60:52:7f:24:b6:de:a5:25:f1:fe:69:38:0b:c0:f0:8c:
1a:2f:c4:95:42:d0:24:80:2e:b2:a1:c8:96:1b:29:5a:fc:ad:
db:53:f5:52:b9:e1:ee:b2:61:b8:a2:16:68:48:65:ed:68:cb:
75:56:a0:eb:e8:c1:db:05:48:e7:4b:5b:83:07:b2:60:bb:40:
ba:af:ba:8e:32:e3:a1:f8:06:7a:84:34:07:6a:4c:45:59:fc:
4b:be:6d:e8:4d:e2:23:64:a9:01:a0:d4:f5:f8:60:94:10:14:
61:d8:74:b7:78:fb:2e:f4:24:ee:57:2f:ff:88:27:05:fc:13:
45:56:a3:a6:fb:b8:1d:70:37:a8:ff:2e:6b:51:e9:e9:e2:18:
08:fb:fc:eb:5a:6c:38:79:39:90:dc:15:9e:2e:29:24:4b:a3:
11:8f:7e:64:fe:76:fd:ec:a1:66:82:58:7a:17:63:8f:48:c6:
b8:39:1b:94
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYUPuttD2K9dpCuWtE0ym+sKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlMWMxMTY1OGQyMDQxZWFmMjUwMmZlNTQwOGVkNDkzYmJk
NGYzMTgwHhcNMjIxMjE0MDgyMzAyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjE1Y2E3ODM3ZjczZGU3MGM3M2NkOTYyYzVhY2Q5MzRmMzU4OGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj3J4KsKZevyvwgsBd67yIY2n0FAk
BPBkXN5KcBVOnwAVVQMjIxf5+2pDDw0sZxody0div6IYfw3vwaQP4ewLm5iXImRS
vY9pF/KTGSYFcQ3VVJAM6Cwkc4wIDHsz/K/c6wh42srjF5aTFGNynd75JWFrbT6I
VdtCa2PSdP+9pmo0AlC5fG71HxW3yjmcnZwpaXxziO+A4WKhBqFU2X/xaffgGprj
C65WpcQGiVvgZVAqc1xAPUZIGUlxI3kOaK24/tfzSYtRy+7uaAgiXgQFf8TVUySS
NKVmnnrbb8PRbx14TMlSH45JO8mQOJ9DtEFdo/y5+34WfiRto3onMI7qLwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFNIVyng39z3nDHPNlixazZNPNYjdMB8GA1UdIwQY
MBaAFI4cEWWNIEHq8lAv5UCO1JO71PMYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamh3UlpZMGdRZXJ5VUNfbFFJN1VrN3ZVOHhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi83MGJmOGItZDhjNC00MGMzLTkwMjIt
NjMzNDhjZGJmMDI0LzEvMGhYS2VEZjNQZWNNYzgyV0xGck5rMDgxaU4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi83MGJmOGItZDhjNC00MGMzLTkwMjItNjMzNDhjZGJmMDI0
LzEvamh3UlpZMGdRZXJ5VUNfbFFJN1VrN3ZVOHhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAMtWLgD
BAAtWLoDBAAtW3UDBAEtXZYwDQYJKoZIhvcNAQELBQADggEBAHKrA2+zeE0F+iMC
5LwK/y3GwuAFyQMq1XX/D+3iFZczCapncyrERyOhYbyYMewJMxs1I+yaeVBMjsDu
gQskMdt1UkOYeVeWsvy/YFJ/JLbepSXx/mk4C8DwjBovxJVC0CSALrKhyJYbKVr8
rdtT9VK54e6yYbiiFmhIZe1oy3VWoOvowdsFSOdLW4MHsmC7QLqvuo4y46H4BnqE
NAdqTEVZ/Eu+behN4iNkqQGg1PX4YJQQFGHYdLd4+y70JO5XL/+IJwX8E0VWo6b7
uB1wN6j/LmtR6eniGAj7/OtabDh5OZDcFZ4uKSRLoxGPfmT+dv3soWaCWHoXY49I
xrg5G5Q=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:02 2023 by rpki-client on console-fra.rpki-client.org