Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/b8e03e-c398-4eee-8939-f909d79a44ad/1/UF1ShdEkLnMuHQbZ-8jhbWTs5-8.roa
File: UF1ShdEkLnMuHQbZ-8jhbWTs5-8.roa (raw, json)
Hash identifier: 8EfKIG1xifpX7xoIndsVAE9DDy2d+KKfYrHmtyEGhzA=
Subject key identifier: 50:5D:52:85:D1:24:2E:73:2E:1D:06:D9:FB:C8:E1:6D:64:EC:E7:EF
Certificate issuer: /CN=779290311e6e9cfa5e517fabb0d96fa9a71c3da1
Certificate serial: 01856ECB5AED732194A51B9C74A929E958AB
Authority key identifier: 77:92:90:31:1E:6E:9C:FA:5E:51:7F:AB:B0:D9:6F:A9:A7:1C:3D:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d5KQMR5unPpeUX-rsNlvqaccPaE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/b8e03e-c398-4eee-8939-f909d79a44ad/1/UF1ShdEkLnMuHQbZ-8jhbWTs5-8.roa
Signing time: Sun 01 Jan 2023 19:24:58 +0000
ROA not before: Sun 01 Jan 2023 19:24:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208071
IP address blocks: 45.159.160.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:cb:5a:ed:73:21:94:a5:1b:9c:74:a9:29:e9:58:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=779290311e6e9cfa5e517fabb0d96fa9a71c3da1
Validity
Not Before: Jan 1 19:24:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=505d5285d1242e732e1d06d9fbc8e16d64ece7ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:96:4d:11:b2:24:a2:9c:eb:14:34:73:00:8b:
96:7e:dd:f5:b8:6e:2b:e6:67:f3:26:25:40:33:54:
90:25:8f:06:cb:85:a6:98:16:9d:0a:c0:3d:67:ae:
f5:5a:71:6e:f1:44:49:6f:d0:27:43:19:b5:e0:a9:
6c:af:ae:fa:76:7f:3e:ba:e0:f4:d0:67:a9:ac:47:
2c:48:8a:9f:5f:c4:7b:bd:ad:42:60:e8:78:c1:8b:
ec:a2:0a:17:7a:5b:4d:2e:5b:d7:75:b6:7b:4d:c9:
f4:5b:f1:14:37:f1:e1:5e:12:48:16:66:ae:6c:58:
4b:c2:2b:bf:8f:69:27:36:89:aa:a3:c6:00:f0:e1:
ad:bf:36:cc:6e:13:59:44:96:c3:3a:b0:75:8d:2a:
ae:3e:74:3c:96:2e:82:22:86:49:2e:87:a8:70:52:
79:cf:c3:8a:25:4e:b8:6b:a5:28:55:8f:ed:9d:c5:
73:15:c4:7b:56:d0:1e:82:9a:38:4d:a2:04:93:8d:
40:bc:3e:43:0e:9d:36:4d:d8:66:7b:d2:0f:7e:c4:
56:22:c7:6b:80:47:89:53:3e:00:46:ac:1a:c4:15:
dd:b7:21:da:28:21:66:25:a9:57:72:ff:2d:73:65:
1f:4e:77:51:11:bc:22:9b:fe:d8:79:69:f5:4f:b2:
ae:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:5D:52:85:D1:24:2E:73:2E:1D:06:D9:FB:C8:E1:6D:64:EC:E7:EF
X509v3 Authority Key Identifier:
keyid:77:92:90:31:1E:6E:9C:FA:5E:51:7F:AB:B0:D9:6F:A9:A7:1C:3D:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5KQMR5unPpeUX-rsNlvqaccPaE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/b8e03e-c398-4eee-8939-f909d79a44ad/1/UF1ShdEkLnMuHQbZ-8jhbWTs5-8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/b8e03e-c398-4eee-8939-f909d79a44ad/1/d5KQMR5unPpeUX-rsNlvqaccPaE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.160.0/22
Signature Algorithm: sha256WithRSAEncryption
42:cc:f1:6d:10:b2:f4:b3:3a:52:07:97:7c:f2:98:aa:0d:0c:
c6:64:75:38:c2:9d:98:e2:c0:34:ca:5d:24:e7:d1:63:ab:46:
63:83:e1:4b:77:d9:c9:fe:79:a7:4b:7e:4b:a8:d0:83:96:60:
13:3e:16:30:a3:4a:61:1a:e6:8e:7c:4a:34:69:ca:0f:97:f9:
2c:d6:64:c8:36:4b:86:d8:4d:1a:36:20:13:15:77:df:7a:b3:
9e:15:1e:ee:5a:50:2b:dc:eb:7a:84:df:44:d8:1c:36:7e:d5:
5f:86:ed:61:eb:49:ba:36:f2:cb:a6:ea:93:cb:8b:4d:a7:fc:
88:28:5f:04:e2:d3:e9:fd:a9:61:da:8d:53:69:3b:1c:0d:38:
9d:b6:d0:e5:97:9a:c1:ae:25:4a:23:1b:0b:99:10:8f:b5:d7:
33:c2:a2:08:0e:a0:d4:4c:f8:e0:97:ed:0b:d8:5d:1d:10:43:
86:92:32:5c:d4:0c:92:9a:5a:38:4d:72:e4:42:02:4b:dc:80:
45:61:08:2e:45:b7:3f:45:c3:f1:f5:34:83:71:85:f0:0c:a0:
3b:2a:f5:ec:ee:c3:c3:9b:33:71:ca:ca:c1:4c:53:14:de:78:
69:9b:0c:95:13:89:78:68:19:4a:c3:78:ed:f5:af:da:54:e5:
b1:06:fe:50
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuy1rtcyGUpRucdKkp6VirMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3OTI5MDMxMWU2ZTljZmE1ZTUxN2ZhYmIwZDk2ZmE5YTcx
YzNkYTEwHhcNMjMwMTAxMTkyNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDVkNTI4NWQxMjQyZTczMmUxZDA2ZDlmYmM4ZTE2ZDY0ZWNlN2VmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApJZNEbIkopzrFDRzAIuWft31uG4r
5mfzJiVAM1SQJY8Gy4WmmBadCsA9Z671WnFu8URJb9AnQxm14Klsr676dn8+uuD0
0GeprEcsSIqfX8R7va1CYOh4wYvsogoXeltNLlvXdbZ7Tcn0W/EUN/HhXhJIFmau
bFhLwiu/j2knNomqo8YA8OGtvzbMbhNZRJbDOrB1jSquPnQ8li6CIoZJLoeocFJ5
z8OKJU64a6UoVY/tncVzFcR7VtAegpo4TaIEk41AvD5DDp02Tdhme9IPfsRWIsdr
gEeJUz4ARqwaxBXdtyHaKCFmJalXcv8tc2UfTndREbwim/7YeWn1T7KuKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFBdUoXRJC5zLh0G2fvI4W1k7OfvMB8GA1UdIwQY
MBaAFHeSkDEebpz6XlF/q7DZb6mnHD2hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDVLUU1SNXVuUHBlVVgtcnNObHZxYWNjUGFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS9iOGUwM2UtYzM5OC00ZWVlLTg5Mzkt
ZjkwOWQ3OWE0NGFkLzEvVUYxU2hkRWtMbk11SFFiWi04amhiV1RzNS04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS9iOGUwM2UtYzM5OC00ZWVlLTg5MzktZjkwOWQ3OWE0NGFk
LzEvZDVLUU1SNXVuUHBlVVgtcnNObHZxYWNjUGFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZ+gMA0G
CSqGSIb3DQEBCwUAA4IBAQBCzPFtELL0szpSB5d88piqDQzGZHU4wp2Y4sA0yl0k
59Fjq0Zjg+FLd9nJ/nmnS35LqNCDlmATPhYwo0phGuaOfEo0acoPl/ks1mTINkuG
2E0aNiATFXfferOeFR7uWlAr3Ot6hN9E2Bw2ftVfhu1h60m6NvLLpuqTy4tNp/yI
KF8E4tPp/alh2o1TaTscDTidttDll5rBriVKIxsLmRCPtdczwqIIDqDUTPjgl+0L
2F0dEEOGkjJc1AySmlo4TXLkQgJL3IBFYQguRbc/RcPx9TSDcYXwDKA7KvXs7sPD
mzNxysrBTFMU3nhpmwyVE4l4aBlKw3jt9a/aVOWxBv5Q
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:29:37 2025 by rpki-client