Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/1ce7lx0eWbZGNYlINkHXQfbCVww.roa
File: 1ce7lx0eWbZGNYlINkHXQfbCVww.roa (raw, json)
Hash identifier: zg5mPh9e6iIZS20K0mwrJNbfdGBvmFCUXHPK6/xAKYA=
Subject key identifier: D5:C7:BB:97:1D:1E:59:B6:46:35:89:48:36:41:D7:41:F6:C2:57:0C
Certificate issuer: /CN=1773db17795d2bf1b4b5345c5b29390dbaf4523e
Certificate serial: 38DA2716
Authority key identifier: 17:73:DB:17:79:5D:2B:F1:B4:B5:34:5C:5B:29:39:0D:BA:F4:52:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/1ce7lx0eWbZGNYlINkHXQfbCVww.roa
Signing time: Sat 01 Jan 2022 07:55:17 +0000
ROA not before: Sat 01 Jan 2022 07:55:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 21286
IP address blocks: 145.15.96.0/22 maxlen: 22
145.15.92.0/22 maxlen: 22
145.15.0.0/22 maxlen: 22
145.15.90.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 953820950 (0x38da2716)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1773db17795d2bf1b4b5345c5b29390dbaf4523e
Validity
Not Before: Jan 1 07:55:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d5c7bb971d1e59b6463589483641d741f6c2570c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:d9:fb:28:1c:d2:19:e1:e8:3f:a6:b1:c2:7f:
60:d5:75:77:d5:a3:0d:5e:56:8c:c1:74:d8:e8:53:
50:da:13:8f:68:1e:f6:f0:cd:86:56:2d:09:ab:fc:
f8:a3:67:fe:7b:f3:1f:3d:e4:b7:ba:b7:92:11:d7:
1c:d4:b3:07:03:88:d2:70:1a:dd:c8:17:3e:2c:cf:
1b:12:01:57:c2:86:16:8e:6d:db:d6:26:44:b0:ca:
e7:15:9c:19:33:e0:77:66:1d:51:b5:1b:df:ad:7a:
d2:5f:83:eb:b8:b9:06:02:36:58:0a:c7:87:32:f9:
5f:f8:4b:39:08:7d:d5:2d:02:b8:b0:0d:78:68:d3:
bd:46:3a:5c:73:7c:51:07:93:f4:0d:92:97:4f:2f:
3b:d7:a2:c3:a3:81:8d:f3:f8:4f:73:96:82:db:f3:
b4:9a:ea:ba:b7:c4:c2:cd:37:2a:a0:b6:3a:bf:81:
85:ee:30:d4:f5:46:7e:eb:12:aa:50:6c:b4:75:9c:
9f:0d:08:cd:a8:e5:eb:40:b1:20:d0:6a:21:f1:0b:
35:34:f3:c3:01:0f:e7:f0:a3:4c:25:a9:03:72:9d:
7f:00:d8:b7:49:45:32:ea:b5:31:f3:a0:a3:db:cd:
db:39:15:2d:b0:97:cf:78:42:08:f4:16:0d:d0:ff:
93:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:C7:BB:97:1D:1E:59:B6:46:35:89:48:36:41:D7:41:F6:C2:57:0C
X509v3 Authority Key Identifier:
keyid:17:73:DB:17:79:5D:2B:F1:B4:B5:34:5C:5B:29:39:0D:BA:F4:52:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/1ce7lx0eWbZGNYlINkHXQfbCVww.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.15.0.0/22
145.15.90.0/24
145.15.92.0-145.15.99.255
Signature Algorithm: sha256WithRSAEncryption
49:68:f6:a7:01:97:f0:96:f8:c3:71:9e:5a:f7:e5:44:49:f9:
1c:33:7f:54:43:bf:c7:08:5d:89:3d:8e:e1:91:a3:80:8a:bc:
7f:9f:ae:f4:a3:c2:85:3c:b1:d1:63:11:c7:fd:39:fe:a5:49:
4f:6b:a0:fb:7a:63:56:5b:f7:fe:d5:32:26:71:b3:d2:7e:02:
4d:6d:d1:91:42:74:ca:2a:9d:6d:60:f8:db:38:0c:39:3f:2c:
a8:27:92:48:13:44:1e:75:c6:b5:21:1b:0c:2c:48:85:71:ac:
17:ce:2f:17:ba:32:aa:27:c7:74:8b:84:12:9b:28:51:85:df:
20:35:f9:bc:35:cf:3f:e8:fa:94:bf:ed:cc:5a:b2:5d:0f:85:
9e:55:51:77:55:57:46:a7:7d:c2:68:8c:be:a3:0d:2e:a3:4d:
84:2e:7f:c2:80:da:dd:9d:21:60:d9:26:f7:b6:2c:73:f0:e5:
0f:f5:c9:5c:da:20:50:15:59:c0:6c:04:46:b2:59:f9:82:4f:
b6:ca:70:bf:5a:06:7a:4c:cc:e5:e0:59:aa:75:75:94:4d:1a:
4f:36:1f:de:16:14:61:02:e1:3e:2f:8c:e6:aa:6a:c6:3a:6d:
ba:4d:96:84:52:8d:35:fa:95:22:64:33:0b:d8:3d:cc:20:f8:
55:8e:85:a5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIEONonFjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
NzczZGIxNzc5NWQyYmYxYjRiNTM0NWM1YjI5MzkwZGJhZjQ1MjNlMB4XDTIyMDEw
MTA3NTUxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDVjN2JiOTcxZDFl
NTliNjQ2MzU4OTQ4MzY0MWQ3NDFmNmMyNTcwYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMbZ+ygc0hnh6D+mscJ/YNV1d9WjDV5WjMF02OhTUNoTj2ge
9vDNhlYtCav8+KNn/nvzHz3kt7q3khHXHNSzBwOI0nAa3cgXPizPGxIBV8KGFo5t
29YmRLDK5xWcGTPgd2YdUbUb36160l+D67i5BgI2WArHhzL5X/hLOQh91S0CuLAN
eGjTvUY6XHN8UQeT9A2Sl08vO9eiw6OBjfP4T3OWgtvztJrqurfEws03KqC2Or+B
he4w1PVGfusSqlBstHWcnw0Izajl60CxINBqIfELNTTzwwEP5/CjTCWpA3KdfwDY
t0lFMuq1MfOgo9vN2zkVLbCXz3hCCPQWDdD/ky8CAwEAAaOCAh0wggIZMB0GA1Ud
DgQWBBTVx7uXHR5ZtkY1iUg2QddB9sJXDDAfBgNVHSMEGDAWgBQXc9sXeV0r8bS1
NFxbKTkNuvRSPjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0YzUGJGM2xkS19HMHRUUmNXeWs1RGJyMFVqNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmQvZjc3Y2JkLTg5M2ItNDYxNi05ZDc2LTU0ODYxZjIzMjQ5ZC8x
LzFjZTdseDBlV2JaR05ZbElOa0hYUWZiQ1Z3dy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmQv
Zjc3Y2JkLTg5M2ItNDYxNi05ZDc2LTU0ODYxZjIzMjQ5ZC8xL0YzUGJGM2xkS19H
MHRUUmNXeWs1RGJyMFVqNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAz
BggrBgEFBQcBBwEB/wQkMCIwIAQCAAEwGgMEApEPAAMEAJEPWjAMAwQCkQ9cAwQC
kQ9gMA0GCSqGSIb3DQEBCwUAA4IBAQBJaPanAZfwlvjDcZ5a9+VESfkcM39UQ7/H
CF2JPY7hkaOAirx/n670o8KFPLHRYxHH/Tn+pUlPa6D7emNWW/f+1TImcbPSfgJN
bdGRQnTKKp1tYPjbOAw5PyyoJ5JIE0Qedca1IRsMLEiFcawXzi8XujKqJ8d0i4QS
myhRhd8gNfm8Nc8/6PqUv+3MWrJdD4WeVVF3VVdGp33CaIy+ow0uo02ELn/CgNrd
nSFg2Sb3tixz8OUP9clc2iBQFVnAbARGsln5gk+2ynC/WgZ6TMzl4FmqdXWUTRpP
Nh/eFhRhAuE+L4zmqmrGOm26TZaEUo01+pUiZDML2D3MIPhVjoWl
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:09 2024 by rpki-client on console-fra.rpki-client.org