Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/fda059-3436-4158-a1e4-49da05978ad0/1/UfsH7Rf_ZVWdVL77XUnaO594rO4.roa
File: UfsH7Rf_ZVWdVL77XUnaO594rO4.roa (raw, json)
Hash identifier: SLMKe1ACasmGHOJpkqoUvfcakTlSO3BCUbxB5krS7uE=
Subject key identifier: 51:FB:07:ED:17:FF:65:55:9D:54:BE:FB:5D:49:DA:3B:9F:78:AC:EE
Certificate issuer: /CN=23dcd6f17126d4e951d92bc5f4c06ba9450fc8d4
Certificate serial: 07CA7C83
Authority key identifier: 23:DC:D6:F1:71:26:D4:E9:51:D9:2B:C5:F4:C0:6B:A9:45:0F:C8:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I9zW8XEm1OlR2SvF9MBrqUUPyNQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/fda059-3436-4158-a1e4-49da05978ad0/1/UfsH7Rf_ZVWdVL77XUnaO594rO4.roa
Signing time: Sat 01 Jan 2022 03:00:02 +0000
ROA not before: Sat 01 Jan 2022 03:00:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202966
IP address blocks: 45.137.228.0/22 maxlen: 22
2a0e:ac40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 130710659 (0x7ca7c83)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23dcd6f17126d4e951d92bc5f4c06ba9450fc8d4
Validity
Not Before: Jan 1 03:00:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=51fb07ed17ff65559d54befb5d49da3b9f78acee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:e8:9b:2c:95:99:e5:a0:05:be:cb:88:ac:4f:
5a:09:b8:ab:65:0a:e1:11:aa:65:77:13:df:71:13:
00:67:69:30:2c:81:66:75:c6:c9:26:22:0b:40:90:
fa:3d:9c:ca:b0:c1:d2:c6:09:30:d6:45:d7:19:97:
b1:20:62:ae:64:62:c9:92:08:0d:a3:0c:e3:bf:9b:
05:19:4f:2b:bb:f2:3b:18:b8:bc:ab:64:75:35:36:
25:7f:56:9b:9f:ec:48:1f:d2:da:30:18:66:9d:3e:
91:77:02:15:b4:fe:79:e7:e8:80:c7:8d:5b:49:94:
d9:fd:e6:d0:27:60:f7:c4:22:59:ad:7a:53:a9:00:
0f:87:3e:00:d6:c1:55:eb:f2:b9:6a:45:95:77:e6:
26:c0:e8:0e:61:67:26:4a:a0:da:bf:24:59:38:63:
da:98:6a:3f:d4:00:21:11:c4:71:67:0e:90:99:9c:
9e:68:5d:7c:b1:dd:52:69:6e:06:0a:c4:b6:3e:8e:
9e:4d:a9:7c:d8:55:01:40:80:ec:33:35:0c:a4:2b:
49:21:19:3d:05:72:c0:3f:a1:31:96:5d:77:2d:c0:
6a:44:28:59:7c:53:76:0b:92:8b:f7:c0:ca:cf:15:
30:1d:5c:c0:c5:90:d1:dc:9f:5a:67:24:db:43:21:
53:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:FB:07:ED:17:FF:65:55:9D:54:BE:FB:5D:49:DA:3B:9F:78:AC:EE
X509v3 Authority Key Identifier:
keyid:23:DC:D6:F1:71:26:D4:E9:51:D9:2B:C5:F4:C0:6B:A9:45:0F:C8:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I9zW8XEm1OlR2SvF9MBrqUUPyNQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/fda059-3436-4158-a1e4-49da05978ad0/1/UfsH7Rf_ZVWdVL77XUnaO594rO4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/fda059-3436-4158-a1e4-49da05978ad0/1/I9zW8XEm1OlR2SvF9MBrqUUPyNQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.228.0/22
IPv6:
2a0e:ac40::/29
Signature Algorithm: sha256WithRSAEncryption
a8:3a:b4:be:87:52:6d:b2:bb:c8:2f:34:99:ea:06:78:9e:81:
2f:e0:62:ff:b1:85:04:10:a3:16:1d:0d:1d:40:b3:06:61:4e:
8b:af:05:53:75:a2:84:17:e6:a8:99:1a:04:08:7c:38:b7:01:
1e:b0:e0:7d:0e:62:d8:0e:33:b8:2d:04:0c:93:c7:4d:1c:26:
0c:01:25:1a:51:81:48:3d:76:10:9c:15:92:65:21:88:44:f7:
5d:50:e0:dd:ff:9e:81:98:f6:17:00:81:fd:95:d4:46:e6:63:
75:84:a6:fd:5e:24:f8:2d:43:04:19:28:6b:76:f2:d9:75:7d:
fb:48:c4:52:db:c6:ed:82:a2:0c:e7:a5:d1:0f:24:cf:f3:1a:
c7:2b:b0:13:68:57:3c:b5:fa:96:5d:7f:0c:14:e8:5b:a0:ae:
75:8e:83:4e:8a:34:e4:4c:9c:d3:c3:ab:ee:4c:14:80:a7:61:
3f:ea:2d:29:1d:57:8b:90:ae:ab:b8:42:e2:72:e8:1b:2f:b5:
bb:1f:88:b1:d7:d5:2f:12:8a:bb:d4:b6:ab:c7:b0:75:73:f0:
17:6f:f9:6b:bf:cb:9e:ec:9e:82:7a:a8:82:0d:d4:eb:6d:56:
0e:39:b7:99:72:4b:d4:68:a5:cd:c2:cc:18:b8:06:12:26:8f:
a0:c4:84:cd
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEB8p8gzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
M2RjZDZmMTcxMjZkNGU5NTFkOTJiYzVmNGMwNmJhOTQ1MGZjOGQ0MB4XDTIyMDEw
MTAzMDAwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTFmYjA3ZWQxN2Zm
NjU1NTlkNTRiZWZiNWQ0OWRhM2I5Zjc4YWNlZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMnomyyVmeWgBb7LiKxPWgm4q2UK4RGqZXcT33ETAGdpMCyB
ZnXGySYiC0CQ+j2cyrDB0sYJMNZF1xmXsSBirmRiyZIIDaMM47+bBRlPK7vyOxi4
vKtkdTU2JX9Wm5/sSB/S2jAYZp0+kXcCFbT+eefogMeNW0mU2f3m0Cdg98QiWa16
U6kAD4c+ANbBVevyuWpFlXfmJsDoDmFnJkqg2r8kWThj2phqP9QAIRHEcWcOkJmc
nmhdfLHdUmluBgrEtj6Onk2pfNhVAUCA7DM1DKQrSSEZPQVywD+hMZZddy3AakQo
WXxTdguSi/fAys8VMB1cwMWQ0dyfWmck20MhU68CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBRR+wftF/9lVZ1UvvtdSdo7n3is7jAfBgNVHSMEGDAWgBQj3NbxcSbU6VHZ
K8X0wGupRQ/I1DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0k5elc4WEVtMU9sUjJTdkY5TUJycVVVUHlOUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmIvZmRhMDU5LTM0MzYtNDE1OC1hMWU0LTQ5ZGEwNTk3OGFkMC8x
L1Vmc0g3UmZfWlZXZFZMNzdYVW5hTzU5NHJPNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmIv
ZmRhMDU5LTM0MzYtNDE1OC1hMWU0LTQ5ZGEwNTk3OGFkMC8xL0k5elc4WEVtMU9s
UjJTdkY5TUJycVVVUHlOUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAi2J5DANBAIAAjAHAwUDKg6sQDAN
BgkqhkiG9w0BAQsFAAOCAQEAqDq0vodSbbK7yC80meoGeJ6BL+Bi/7GFBBCjFh0N
HUCzBmFOi68FU3WihBfmqJkaBAh8OLcBHrDgfQ5i2A4zuC0EDJPHTRwmDAElGlGB
SD12EJwVkmUhiET3XVDg3f+egZj2FwCB/ZXURuZjdYSm/V4k+C1DBBkoa3by2XV9
+0jEUtvG7YKiDOel0Q8kz/MaxyuwE2hXPLX6ll1/DBToW6CudY6DToo05Eyc08Or
7kwUgKdhP+otKR1Xi5Cuq7hC4nLoGy+1ux+IsdfVLxKKu9S2q8ewdXPwF2/5a7/L
nuyegnqogg3U621WDjm3mXJL1GilzcLMGLgGEiaPoMSEzQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:11 2023 by rpki-client on console-ams.rpki-client.org