Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/1636f8-5026-404e-a1ae-2509743ad29e/1/m6Bdd0okN4YNg92VWpJP5YUWLdE.roa
File: m6Bdd0okN4YNg92VWpJP5YUWLdE.roa (raw, json)
Hash identifier: 9oCaKrIDA2uNvg5N3U6zh5Qt4XK/0IUjEDTKjyc3z/4=
Subject key identifier: 9B:A0:5D:77:4A:24:37:86:0D:83:DD:95:5A:92:4F:E5:85:16:2D:D1
Certificate issuer: /CN=43dfc066ce7cd3e382574a68667973b0b468df3c
Certificate serial: 05950868
Authority key identifier: 43:DF:C0:66:CE:7C:D3:E3:82:57:4A:68:66:79:73:B0:B4:68:DF:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q9_AZs580-OCV0poZnlzsLRo3zw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/1636f8-5026-404e-a1ae-2509743ad29e/1/m6Bdd0okN4YNg92VWpJP5YUWLdE.roa
Signing time: Sat 01 Jan 2022 15:55:30 +0000
ROA not before: Sat 01 Jan 2022 15:55:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16509
IP address blocks: 45.155.99.0/24 maxlen: 24
2a10:ba00:bee4::/48 maxlen: 48
2a10:ba00:bee2::/48 maxlen: 48
2a10:ba00:bee5::/48 maxlen: 48
2a10:ba00:bee0::/48 maxlen: 48
2a10:ba00:bee3::/48 maxlen: 48
2a10:ba00:bee1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93653096 (0x5950868)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43dfc066ce7cd3e382574a68667973b0b468df3c
Validity
Not Before: Jan 1 15:55:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9ba05d774a2437860d83dd955a924fe585162dd1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:d4:bf:fc:56:ed:d4:5b:2d:8e:52:49:90:c9:
32:09:5a:99:86:57:41:b8:ed:c9:2a:a9:12:e3:e6:
38:f9:66:53:d9:dd:d4:fd:80:f7:4c:94:c9:de:08:
c6:32:5a:67:57:a5:ab:ac:3b:a0:38:11:2f:da:aa:
09:79:28:de:d7:a5:ff:3c:2c:50:ea:07:0d:34:5b:
e0:cb:53:20:a7:a0:5c:64:fe:f5:81:17:44:47:1f:
9f:27:6c:f2:65:ab:55:eb:25:50:5f:e2:6f:2d:86:
cd:00:bf:e5:1d:c9:dd:1f:4b:84:1c:23:ff:60:16:
85:99:85:58:32:ce:a6:5f:28:16:3d:4e:e1:8e:bc:
d6:1c:6a:18:f8:cd:29:ed:14:20:62:88:89:72:36:
f7:57:3d:fa:dc:43:6b:28:40:48:e0:08:67:28:4e:
14:db:2e:62:4f:cc:9e:26:8b:b4:e5:8a:63:d9:f7:
f3:77:d8:3f:8c:44:30:2e:94:f1:ef:d8:05:e5:c7:
79:d9:3a:0f:aa:12:d1:6b:b5:bb:ca:be:de:e8:06:
c6:15:b9:7a:39:3f:5f:98:e8:99:04:75:6f:06:84:
b3:0b:5d:4a:e2:df:34:58:e1:48:88:a6:17:5e:ab:
30:a8:44:e5:c8:28:fc:1a:a5:79:a7:a9:8c:38:7a:
21:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:A0:5D:77:4A:24:37:86:0D:83:DD:95:5A:92:4F:E5:85:16:2D:D1
X509v3 Authority Key Identifier:
keyid:43:DF:C0:66:CE:7C:D3:E3:82:57:4A:68:66:79:73:B0:B4:68:DF:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q9_AZs580-OCV0poZnlzsLRo3zw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1636f8-5026-404e-a1ae-2509743ad29e/1/m6Bdd0okN4YNg92VWpJP5YUWLdE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1636f8-5026-404e-a1ae-2509743ad29e/1/Q9_AZs580-OCV0poZnlzsLRo3zw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.99.0/24
IPv6:
2a10:ba00:bee0::-2a10:ba00:bee5:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
a4:2f:ed:02:76:d3:06:11:d0:6e:29:bd:a3:99:e3:7d:46:a3:
a3:2f:2b:f5:76:6a:b9:7e:96:e0:8c:8c:81:71:8b:bd:b3:c6:
4c:a1:a0:07:dd:e4:8c:e3:0a:f5:3a:dd:be:62:c2:1e:7b:e6:
de:85:b2:ae:6f:cb:9a:8d:39:fe:49:ee:f0:a0:00:01:83:7d:
4b:c1:bf:c3:8c:c0:aa:04:ee:61:02:28:da:f6:e6:37:1d:50:
1f:96:19:59:cf:a3:5b:b0:a6:19:8b:2c:99:f9:ac:53:74:b5:
32:e8:bb:47:ce:73:d1:b4:2d:66:f0:96:0c:ba:0b:84:a3:7c:
b3:9e:e5:ea:c6:e1:f2:8a:c4:d5:46:4d:24:fd:2c:76:d8:c9:
bb:ef:da:00:58:f3:3a:81:d8:55:ba:f9:99:24:d6:14:53:02:
b5:12:54:82:7b:c9:78:0c:38:55:b2:dc:2f:cf:bc:05:cf:fe:
ce:fc:6e:5d:45:14:d7:1f:bd:4b:92:09:32:65:bc:d8:f7:4f:
55:c0:fc:ef:b0:5a:6b:48:05:69:0b:e1:fe:34:b6:c7:a4:63:
39:dc:c6:b3:c5:88:84:43:28:d0:09:e7:56:94:85:76:b1:e0:
0d:34:1c:83:82:86:46:a5:01:20:d9:55:bb:4b:a7:d3:44:b4:
f5:b3:4e:e9
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIEBZUIaDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
M2RmYzA2NmNlN2NkM2UzODI1NzRhNjg2Njc5NzNiMGI0NjhkZjNjMB4XDTIyMDEw
MTE1NTUzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWJhMDVkNzc0YTI0
Mzc4NjBkODNkZDk1NWE5MjRmZTU4NTE2MmRkMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALLUv/xW7dRbLY5SSZDJMglamYZXQbjtySqpEuPmOPlmU9nd
1P2A90yUyd4IxjJaZ1elq6w7oDgRL9qqCXko3tel/zwsUOoHDTRb4MtTIKegXGT+
9YEXREcfnyds8mWrVeslUF/iby2GzQC/5R3J3R9LhBwj/2AWhZmFWDLOpl8oFj1O
4Y681hxqGPjNKe0UIGKIiXI291c9+txDayhASOAIZyhOFNsuYk/MniaLtOWKY9n3
83fYP4xEMC6U8e/YBeXHedk6D6oS0Wu1u8q+3ugGxhW5ejk/X5jomQR1bwaEswtd
SuLfNFjhSIimF16rMKhE5cgo/BqleaepjDh6IYkCAwEAAaOCAiUwggIhMB0GA1Ud
DgQWBBSboF13SiQ3hg2D3ZVakk/lhRYt0TAfBgNVHSMEGDAWgBRD38BmznzT44JX
SmhmeXOwtGjfPDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1E5X0FaczU4MC1PQ1YwcG9abmx6c0xSbzN6dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjQvMTYzNmY4LTUwMjYtNDA0ZS1hMWFlLTI1MDk3NDNhZDI5ZS8x
L202QmRkMG9rTjRZTmc5MlZXcEpQNVlVV0xkRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjQv
MTYzNmY4LTUwMjYtNDA0ZS1hMWFlLTI1MDk3NDNhZDI5ZS8xL1E5X0FaczU4MC1P
Q1YwcG9abmx6c0xSbzN6dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA7
BggrBgEFBQcBBwEB/wQsMCowDAQCAAEwBgMEAC2bYzAaBAIAAjAUMBIDBwUqELoA
vuADBwEqELoAvuQwDQYJKoZIhvcNAQELBQADggEBAKQv7QJ20wYR0G4pvaOZ431G
o6MvK/V2arl+luCMjIFxi72zxkyhoAfd5IzjCvU63b5iwh575t6Fsq5vy5qNOf5J
7vCgAAGDfUvBv8OMwKoE7mECKNr25jcdUB+WGVnPo1uwphmLLJn5rFN0tTLou0fO
c9G0LWbwlgy6C4SjfLOe5erG4fKKxNVGTST9LHbYybvv2gBY8zqB2FW6+Zkk1hRT
ArUSVIJ7yXgMOFWy3C/PvAXP/s78bl1FFNcfvUuSCTJlvNj3T1XA/O+wWmtIBWkL
4f40tsekYzncxrPFiIRDKNAJ51aUhXax4A00HIOChkalASDZVbtLp9NEtPWzTuk=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:47 2023 by rpki-client on console-ams.rpki-client.org