Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/rssq7Pi5T2B5DMVgTOIihXgkQTE.roa
File: rssq7Pi5T2B5DMVgTOIihXgkQTE.roa (raw, json)
Hash identifier: lfXaXzwyCUUyT7YhR0JaE2w9tySa1cjsS71114rUZ98=
Subject key identifier: AE:CB:2A:EC:F8:B9:4F:60:79:0C:C5:60:4C:E2:22:85:78:24:41:31
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 1493E089
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/rssq7Pi5T2B5DMVgTOIihXgkQTE.roa
Signing time: Sat 16 Apr 2022 08:47:17 +0000
ROA not before: Sat 16 Apr 2022 08:47:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34078
IP address blocks: 45.146.240.0/23 maxlen: 24
188.214.238.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 345235593 (0x1493e089)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Apr 16 08:47:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=aecb2aecf8b94f60790cc5604ce2228578244131
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:90:3e:dd:d1:3d:1b:4b:11:92:c4:57:98:21:
cd:47:5d:0b:15:bb:2c:e7:8b:07:bf:f9:66:7c:e5:
66:c8:19:18:77:4e:c7:e1:3e:43:10:dc:46:db:96:
6d:42:87:d7:0d:36:51:1b:18:aa:1c:fc:99:eb:26:
dc:3d:89:ac:09:dd:2c:6f:cc:2e:c8:99:10:50:4c:
24:ab:a7:21:cd:82:68:c9:a8:b1:f2:e3:cb:31:87:
17:6b:d6:3b:3b:33:26:7a:a3:59:02:f4:86:c4:c0:
c0:b1:d7:15:ed:4f:a4:19:de:d7:b2:af:c9:9b:57:
5b:26:1c:c1:67:e9:62:4a:f8:52:9c:bc:9f:9e:19:
dc:d2:fc:fd:62:d9:9a:c2:87:0a:72:e1:d9:d5:9c:
9c:c6:2a:2a:47:d5:3b:ee:a5:d9:18:bf:8d:81:1e:
5f:19:ed:e0:08:40:cd:1f:33:56:c7:5c:1a:e1:08:
a0:37:e8:bf:cc:29:a1:41:e3:6c:c0:f7:2b:7b:45:
41:86:d0:da:61:b7:b5:6d:a0:38:1b:89:c0:4d:dd:
4b:ec:2a:14:94:fd:53:9e:9d:38:47:bb:f0:24:10:
5e:db:6b:1d:76:7c:84:4f:86:49:17:8c:ff:74:69:
db:69:fc:4c:ca:0d:d5:c8:be:5b:e9:56:73:77:43:
8d:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:CB:2A:EC:F8:B9:4F:60:79:0C:C5:60:4C:E2:22:85:78:24:41:31
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/rssq7Pi5T2B5DMVgTOIihXgkQTE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.240.0/23
188.214.238.0/23
Signature Algorithm: sha256WithRSAEncryption
8f:d3:5b:d2:3f:a6:fe:87:22:d1:1e:e5:b6:3f:d6:26:fa:3f:
90:5e:c6:27:31:0a:f5:3d:0a:6b:29:6a:4c:10:29:97:0b:0c:
f8:ea:3d:e3:d5:9b:42:80:71:60:33:28:10:75:e8:8f:6e:af:
ad:cd:60:4d:41:6a:ee:cd:2d:4e:44:b9:1d:75:69:a1:c7:5c:
84:dc:e1:e7:4c:00:57:c9:28:f9:5f:3c:42:be:95:77:ea:d2:
68:a3:fb:4e:8e:ca:db:c6:69:3d:97:70:40:74:4d:d7:2b:a7:
af:74:7c:93:59:25:b6:03:7e:6b:66:9f:1a:79:80:d6:5d:94:
66:44:de:2f:8d:b7:b0:ce:1f:00:7f:8d:fb:84:f5:ca:34:c2:
b8:56:8b:ec:48:32:64:71:82:f7:63:8e:36:19:a0:b3:c5:93:
61:80:a4:99:bf:8b:e0:70:7e:5d:f2:64:13:7c:c7:34:30:b7:
2c:c2:d8:f4:d4:12:50:5c:23:69:a9:a5:22:4f:7c:84:25:1d:
b9:10:37:a8:1f:c8:c7:63:af:5f:34:25:1b:2e:cd:a8:5b:da:
b8:30:b4:24:33:e0:91:85:97:56:26:27:48:9d:78:36:44:7d:
0e:aa:e9:28:9c:e9:d8:98:74:26:a5:56:e6:9a:51:74:96:61:
90:41:36:c8
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEFJPgiTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
YWMzZGFhMWIxNDg1MGYyZTYxYzU5MmIyMTkxOTE1YTVlNjVhNDc4MB4XDTIyMDQx
NjA4NDcxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWVjYjJhZWNmOGI5
NGY2MDc5MGNjNTYwNGNlMjIyODU3ODI0NDEzMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM2QPt3RPRtLEZLEV5ghzUddCxW7LOeLB7/5ZnzlZsgZGHdO
x+E+QxDcRtuWbUKH1w02URsYqhz8mesm3D2JrAndLG/MLsiZEFBMJKunIc2CaMmo
sfLjyzGHF2vWOzszJnqjWQL0hsTAwLHXFe1PpBne17KvyZtXWyYcwWfpYkr4Upy8
n54Z3NL8/WLZmsKHCnLh2dWcnMYqKkfVO+6l2Ri/jYEeXxnt4AhAzR8zVsdcGuEI
oDfov8wpoUHjbMD3K3tFQYbQ2mG3tW2gOBuJwE3dS+wqFJT9U56dOEe78CQQXttr
HXZ8hE+GSReM/3Rp22n8TMoN1ci+W+lWc3dDjdcCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSuyyrs+LlPYHkMxWBM4iKFeCRBMTAfBgNVHSMEGDAWgBQqw9qhsUhQ8uYc
WSshkZFaXmWkeDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tzUGFvYkZJVVBMbUhGa3JJWkdSV2w1bHBIZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzAvNDA1YmJkLTU5MTMtNGU5NS04ZTc1LWZlMDY1OTE3NmE1Ni8x
L3Jzc3E3UGk1VDJCNURNVmdUT0lpaFhna1FURS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzAv
NDA1YmJkLTU5MTMtNGU5NS04ZTc1LWZlMDY1OTE3NmE1Ni8xL0tzUGFvYkZJVVBM
bUhGa3JJWkdSV2w1bHBIZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAS2S8AMEAbzW7jANBgkqhkiG9w0B
AQsFAAOCAQEAj9Nb0j+m/oci0R7ltj/WJvo/kF7GJzEK9T0KaylqTBAplwsM+Oo9
49WbQoBxYDMoEHXoj26vrc1gTUFq7s0tTkS5HXVpocdchNzh50wAV8ko+V88Qr6V
d+rSaKP7To7K28ZpPZdwQHRN1yunr3R8k1kltgN+a2afGnmA1l2UZkTeL423sM4f
AH+N+4T1yjTCuFaL7EgyZHGC92OONhmgs8WTYYCkmb+L4HB+XfJkE3zHNDC3LMLY
9NQSUFwjaamlIk98hCUduRA3qB/Ix2OvXzQlGy7NqFvauDC0JDPgkYWXViYnSJ14
NkR9DqrpKJzp2Jh0JqVW5ppRdJZhkEE2yA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:45 2023 by rpki-client on console-fra.rpki-client.org