Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/SHeJIfZPqwp-dhrhQq7o_CJZC3U.roa
File: SHeJIfZPqwp-dhrhQq7o_CJZC3U.roa (raw, json)
Hash identifier: I6HbkSYlO69EG95Ef74UXFK+0812jAm+nWZ2U+m2+/M=
Subject key identifier: 48:77:89:21:F6:4F:AB:0A:7E:76:1A:E1:42:AE:E8:FC:22:59:0B:75
Certificate issuer: /CN=1773db17795d2bf1b4b5345c5b29390dbaf4523e
Certificate serial: 018221C7495A789873581EB37CFD6B65D699
Authority key identifier: 17:73:DB:17:79:5D:2B:F1:B4:B5:34:5C:5B:29:39:0D:BA:F4:52:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/SHeJIfZPqwp-dhrhQq7o_CJZC3U.roa
Signing time: Thu 21 Jul 2022 17:21:24 +0000
ROA not before: Thu 21 Jul 2022 17:21:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1136
IP address blocks: 145.119.0.0/18 maxlen: 18
145.15.111.0/24 maxlen: 24
145.15.110.0/24 maxlen: 24
145.15.109.0/24 maxlen: 24
145.15.108.0/24 maxlen: 24
145.15.108.0/22 maxlen: 22
145.15.115.0/24 maxlen: 24
145.15.114.0/24 maxlen: 24
145.119.160.0/19 maxlen: 19
145.119.199.0/24 maxlen: 24
145.119.192.0/18 maxlen: 18
145.15.208.0/21 maxlen: 21
145.4.224.0/20 maxlen: 20
145.119.128.0/18 maxlen: 18
145.119.64.0/19 maxlen: 19
145.119.64.0/18 maxlen: 18
145.78.0.0/16 maxlen: 16
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:21:c7:49:5a:78:98:73:58:1e:b3:7c:fd:6b:65:d6:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1773db17795d2bf1b4b5345c5b29390dbaf4523e
Validity
Not Before: Jul 21 17:21:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=48778921f64fab0a7e761ae142aee8fc22590b75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:9a:67:24:1b:b8:4b:30:f7:4d:43:f1:4c:91:
46:4b:d8:87:a3:3d:7c:e0:31:b0:0d:c9:8f:15:19:
94:5d:0e:38:3f:5e:6b:e9:a8:c9:a1:62:75:a0:8d:
51:2b:18:89:88:3c:17:07:6a:29:79:a5:76:f2:b3:
a3:d7:ac:02:6b:05:f6:6b:88:db:71:e2:20:45:19:
aa:6d:6c:25:90:dc:67:1b:66:1c:ee:65:0a:bf:82:
b3:a2:50:0c:76:3f:96:7e:73:56:58:0e:35:ce:55:
34:ce:f4:df:c6:c2:b1:06:68:f0:55:a2:40:5a:53:
f7:ad:45:00:30:46:a3:83:c8:25:95:39:cd:fa:c3:
db:3e:39:1b:df:11:8c:06:32:d2:81:16:36:02:d5:
25:02:42:ea:87:e7:7b:d7:a5:6c:6a:fc:2d:39:ea:
da:a5:a2:93:96:39:55:3d:bc:49:8c:3b:11:02:cd:
56:51:01:aa:f7:fe:6b:b4:04:92:32:bf:dc:f6:49:
17:17:ca:25:5c:15:39:8a:27:46:eb:f3:b0:93:ce:
0d:d4:af:87:a7:cf:f1:e0:8b:1a:b0:a9:1a:02:25:
63:14:f4:0a:38:20:0e:77:b4:e2:f4:f0:f2:ba:10:
8c:2d:d0:5c:fb:43:2c:33:bd:74:ff:1a:9b:34:4b:
51:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:77:89:21:F6:4F:AB:0A:7E:76:1A:E1:42:AE:E8:FC:22:59:0B:75
X509v3 Authority Key Identifier:
keyid:17:73:DB:17:79:5D:2B:F1:B4:B5:34:5C:5B:29:39:0D:BA:F4:52:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/SHeJIfZPqwp-dhrhQq7o_CJZC3U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.4.224.0/20
145.15.108.0/22
145.15.114.0/23
145.15.208.0/21
145.78.0.0/16
145.119.0.0/16
Signature Algorithm: sha256WithRSAEncryption
37:ce:ea:61:54:c4:fa:77:9b:10:00:bd:90:0d:0a:77:16:1f:
4d:6b:3a:aa:31:a5:6b:ff:67:9b:1b:3c:1a:5c:54:a8:d9:11:
2e:21:d1:43:b8:57:46:8b:41:98:20:f2:53:0c:2c:87:a7:7e:
e6:83:39:19:24:7d:48:08:87:ad:19:02:89:26:1c:27:b6:2e:
f2:4e:c8:ce:61:25:fb:ac:bd:d7:d6:bd:3e:3a:fb:cc:65:fe:
60:d0:ce:94:ff:7b:58:19:7d:32:49:3f:4e:d7:6b:68:34:c1:
a4:76:51:5c:d0:85:a2:01:43:3b:cd:34:10:e8:3f:23:63:99:
61:5a:6a:63:66:f0:76:0d:69:64:9b:2d:a2:8a:76:91:40:0e:
05:28:cc:52:40:c4:97:2e:9d:bd:d9:a1:bf:eb:0a:5b:f8:00:
98:8c:9b:aa:c2:fd:7b:fa:d9:bc:0a:1f:5f:59:d9:4c:ea:b4:
bf:91:5e:a7:ae:cf:fc:b7:70:dc:9b:46:f3:67:38:33:7f:03:
6a:45:4f:23:14:eb:17:69:47:38:b4:d1:bc:f7:d8:17:78:13:
4a:5a:ee:10:ba:df:22:83:1a:cd:98:a6:48:07:78:59:b2:5c:
88:b6:b8:e2:4e:9e:33:1f:15:5e:89:e4:16:61:0a:ea:73:16:
fd:91:ff:ac
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYIhx0laeJhzWB6zfP1rZdaZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3NzNkYjE3Nzk1ZDJiZjFiNGI1MzQ1YzViMjkzOTBkYmFm
NDUyM2UwHhcNMjIwNzIxMTcyMTI0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODc3ODkyMWY2NGZhYjBhN2U3NjFhZTE0MmFlZThmYzIyNTkwYjc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnZpnJBu4SzD3TUPxTJFGS9iHoz18
4DGwDcmPFRmUXQ44P15r6ajJoWJ1oI1RKxiJiDwXB2opeaV28rOj16wCawX2a4jb
ceIgRRmqbWwlkNxnG2Yc7mUKv4KzolAMdj+WfnNWWA41zlU0zvTfxsKxBmjwVaJA
WlP3rUUAMEajg8gllTnN+sPbPjkb3xGMBjLSgRY2AtUlAkLqh+d716VsavwtOera
paKTljlVPbxJjDsRAs1WUQGq9/5rtASSMr/c9kkXF8olXBU5iidG6/Owk84N1K+H
p8/x4IsasKkaAiVjFPQKOCAOd7Ti9PDyuhCMLdBc+0MsM710/xqbNEtRWQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFEh3iSH2T6sKfnYa4UKu6PwiWQt1MB8GA1UdIwQY
MBaAFBdz2xd5XSvxtLU0XFspOQ269FI+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjNQYkYzbGRLX0cwdFRSY1d5azVEYnIwVWo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9mNzdjYmQtODkzYi00NjE2LTlkNzYt
NTQ4NjFmMjMyNDlkLzEvU0hlSklmWlBxd3AtZGhyaFFxN29fQ0paQzNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9mNzdjYmQtODkzYi00NjE2LTlkNzYtNTQ4NjFmMjMyNDlk
LzEvRjNQYkYzbGRLX0cwdFRSY1d5azVEYnIwVWo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiAwQEkQTgAwQC
kQ9sAwQBkQ9yAwQDkQ/QAwMAkU4DAwCRdzANBgkqhkiG9w0BAQsFAAOCAQEAN87q
YVTE+nebEAC9kA0KdxYfTWs6qjGla/9nmxs8GlxUqNkRLiHRQ7hXRotBmCDyUwws
h6d+5oM5GSR9SAiHrRkCiSYcJ7Yu8k7IzmEl+6y919a9Pjr7zGX+YNDOlP97WBl9
Mkk/TtdraDTBpHZRXNCFogFDO800EOg/I2OZYVpqY2bwdg1pZJstoop2kUAOBSjM
UkDEly6dvdmhv+sKW/gAmIybqsL9e/rZvAofX1nZTOq0v5Fep67P/Ldw3JtG82c4
M38DakVPIxTrF2lHOLTRvPfYF3gTSlruELrfIoMazZimSAd4WbJciLa44k6eMx8V
XonkFmEK6nMW/ZH/rA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:44 2024 by rpki-client on console-ams.rpki-client.org