Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/6cf712-dd0b-4a90-958e-693bf67e61f3/1/Iu_GckEXSZzeUX77F3RW1Ztp86Y.roa
File: Iu_GckEXSZzeUX77F3RW1Ztp86Y.roa (raw, json)
Hash identifier: nvfW7c7C2P5gaYNYYrdGPNllY2jtElcN6TZtHXvUG2s=
Subject key identifier: 22:EF:C6:72:41:17:49:9C:DE:51:7E:FB:17:74:56:D5:9B:69:F3:A6
Certificate issuer: /CN=a39b4943e7d6b4b0e1de85c9bc38b857554dd47d
Certificate serial: 0182D5E8A34E288361E96D2E5A7E35E26562
Authority key identifier: A3:9B:49:43:E7:D6:B4:B0:E1:DE:85:C9:BC:38:B8:57:55:4D:D4:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o5tJQ-fWtLDh3oXJvDi4V1VN1H0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/6cf712-dd0b-4a90-958e-693bf67e61f3/1/Iu_GckEXSZzeUX77F3RW1Ztp86Y.roa
Signing time: Thu 25 Aug 2022 16:49:29 +0000
ROA not before: Thu 25 Aug 2022 16:49:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29467
IP address blocks: 45.67.254.0/24 maxlen: 24
45.67.255.0/24 maxlen: 24
45.67.252.0/24 maxlen: 24
45.67.253.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:d5:e8:a3:4e:28:83:61:e9:6d:2e:5a:7e:35:e2:65:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a39b4943e7d6b4b0e1de85c9bc38b857554dd47d
Validity
Not Before: Aug 25 16:49:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=22efc6724117499cde517efb177456d59b69f3a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:ff:70:e3:d2:42:a1:40:e2:84:8c:22:e6:2b:
f0:c5:92:c1:ad:cb:56:e6:4b:5f:6f:a4:c7:7e:ab:
be:c4:6a:59:ad:7f:de:57:cf:3a:31:f3:65:e8:11:
c7:dc:df:0c:dd:e1:60:85:44:b3:2a:53:72:f8:a8:
a9:c6:10:8f:9f:35:66:96:19:04:34:af:6d:17:a3:
16:ca:cd:68:f9:fe:9b:ab:29:6a:8c:ab:53:38:7e:
12:4f:18:81:23:8d:5f:5a:68:3b:ba:a5:75:40:9a:
f3:f6:33:61:a7:bc:bd:5f:90:f5:b6:d3:9e:d6:ea:
02:d1:a9:b7:85:69:3c:60:f0:b6:24:ee:60:89:1a:
dc:b7:36:ac:6d:83:29:fd:45:e2:72:57:c9:16:8a:
a5:30:44:09:2d:7d:0f:21:16:8f:6c:0f:55:1d:45:
bb:f2:4a:f3:51:15:c4:78:45:7a:c9:da:cd:ce:ce:
78:28:4e:9a:44:74:dd:34:2f:2e:1d:46:57:45:f6:
11:b4:87:ec:e8:0f:e8:18:12:50:2f:16:a1:9f:06:
66:5f:0a:e9:04:90:df:82:c0:9e:9f:b7:c9:3d:c5:
36:79:30:b0:9a:bb:5e:84:ca:40:8e:ed:29:eb:a6:
02:ec:7f:04:db:94:c3:1b:b6:9d:1b:87:b4:b5:f9:
c3:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:EF:C6:72:41:17:49:9C:DE:51:7E:FB:17:74:56:D5:9B:69:F3:A6
X509v3 Authority Key Identifier:
keyid:A3:9B:49:43:E7:D6:B4:B0:E1:DE:85:C9:BC:38:B8:57:55:4D:D4:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o5tJQ-fWtLDh3oXJvDi4V1VN1H0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/6cf712-dd0b-4a90-958e-693bf67e61f3/1/Iu_GckEXSZzeUX77F3RW1Ztp86Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/6cf712-dd0b-4a90-958e-693bf67e61f3/1/o5tJQ-fWtLDh3oXJvDi4V1VN1H0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.252.0/22
Signature Algorithm: sha256WithRSAEncryption
76:10:bf:06:99:5c:43:44:f2:63:80:ed:a3:02:9c:6e:5f:68:
ca:dc:92:5b:b5:4b:fd:3e:ec:b0:78:98:b2:be:e9:6b:a7:9d:
95:fe:25:bb:41:4c:09:1f:6c:02:6f:67:87:32:d5:10:d8:08:
9b:30:71:a9:ba:43:93:9f:dd:e2:9c:ec:7e:43:11:1c:0f:11:
ba:d3:53:15:1a:f0:d5:d1:6e:ed:9f:3d:97:b8:23:9b:ad:71:
d9:2a:0d:65:ab:9d:6e:0b:5d:87:7e:19:88:a3:b2:09:e8:42:
41:a9:37:20:58:80:59:09:5b:fa:cf:72:ea:d3:c4:27:49:18:
a4:d7:77:43:a7:42:68:d9:6d:02:dc:10:d0:7b:72:1d:11:d9:
da:b8:14:c8:a3:da:ca:3a:2c:9b:ab:82:50:d6:98:5a:39:86:
99:e4:60:1e:cd:6f:94:94:18:ae:31:0a:b7:5b:71:fb:5f:41:
9b:20:73:66:45:05:0b:f7:bc:29:d3:10:77:c6:3c:a2:02:c8:
45:59:17:74:ee:97:f3:19:e3:be:cc:84:5d:37:45:b6:54:d2:
4b:a8:42:be:d6:a3:0c:d8:76:13:4b:dc:5f:f4:af:f8:f2:5f:
0d:46:94:df:ff:45:b7:70:13:84:88:89:1a:b7:1a:08:ff:2f:
1c:63:19:a7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYLV6KNOKINh6W0uWn414mViMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzOWI0OTQzZTdkNmI0YjBlMWRlODVjOWJjMzhiODU3NTU0
ZGQ0N2QwHhcNMjIwODI1MTY0OTI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmVmYzY3MjQxMTc0OTljZGU1MTdlZmIxNzc0NTZkNTliNjlmM2E2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnf9w49JCoUDihIwi5ivwxZLBrctW
5ktfb6THfqu+xGpZrX/eV886MfNl6BHH3N8M3eFghUSzKlNy+KipxhCPnzVmlhkE
NK9tF6MWys1o+f6bqylqjKtTOH4STxiBI41fWmg7uqV1QJrz9jNhp7y9X5D1ttOe
1uoC0am3hWk8YPC2JO5giRrctzasbYMp/UXiclfJFoqlMEQJLX0PIRaPbA9VHUW7
8krzURXEeEV6ydrNzs54KE6aRHTdNC8uHUZXRfYRtIfs6A/oGBJQLxahnwZmXwrp
BJDfgsCen7fJPcU2eTCwmrtehMpAju0p66YC7H8E25TDG7adG4e0tfnDcwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCLvxnJBF0mc3lF++xd0VtWbafOmMB8GA1UdIwQY
MBaAFKObSUPn1rSw4d6Fybw4uFdVTdR9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzV0SlEtZld0TERoM29YSnZEaTRWMVZOMUgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS82Y2Y3MTItZGQwYi00YTkwLTk1OGUt
NjkzYmY2N2U2MWYzLzEvSXVfR2NrRVhTWnplVVg3N0YzUlcxWnRwODZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS82Y2Y3MTItZGQwYi00YTkwLTk1OGUtNjkzYmY2N2U2MWYz
LzEvbzV0SlEtZld0TERoM29YSnZEaTRWMVZOMUgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLUP8MA0G
CSqGSIb3DQEBCwUAA4IBAQB2EL8GmVxDRPJjgO2jApxuX2jK3JJbtUv9PuyweJiy
vulrp52V/iW7QUwJH2wCb2eHMtUQ2AibMHGpukOTn93inOx+QxEcDxG601MVGvDV
0W7tnz2XuCObrXHZKg1lq51uC12HfhmIo7IJ6EJBqTcgWIBZCVv6z3Lq08QnSRik
13dDp0Jo2W0C3BDQe3IdEdnauBTIo9rKOiybq4JQ1phaOYaZ5GAezW+UlBiuMQq3
W3H7X0GbIHNmRQUL97wp0xB3xjyiAshFWRd07pfzGeO+zIRdN0W2VNJLqEK+1qMM
2HYTS9xf9K/48l8NRpTf/0W3cBOEiIkatxoI/y8cYxmn
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:32 2024 by rpki-client on console-fra.rpki-client.org