Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/346a23-1181-4a80-9f55-dd7d47cf5c18/1/UsV1bRMkZdUSzAZX-zz7wTsXKlg.roa
File: UsV1bRMkZdUSzAZX-zz7wTsXKlg.roa (raw, json)
Hash identifier: LZ+tiFOb1/PagSj3B63yxCTthxCUE62TyXGFSgqZVhY=
Subject key identifier: 52:C5:75:6D:13:24:65:D5:12:CC:06:57:FB:3C:FB:C1:3B:17:2A:58
Certificate issuer: /CN=c4add5ba7662b731dd08bcf8738f135d93aed451
Certificate serial: 0748FF6F
Authority key identifier: C4:AD:D5:BA:76:62:B7:31:DD:08:BC:F8:73:8F:13:5D:93:AE:D4:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xK3VunZitzHdCLz4c48TXZOu1FE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/346a23-1181-4a80-9f55-dd7d47cf5c18/1/UsV1bRMkZdUSzAZX-zz7wTsXKlg.roa
Signing time: Sat 01 Jan 2022 13:58:33 +0000
ROA not before: Sat 01 Jan 2022 13:58:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16509
IP address blocks: 45.149.108.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 122224495 (0x748ff6f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4add5ba7662b731dd08bcf8738f135d93aed451
Validity
Not Before: Jan 1 13:58:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=52c5756d132465d512cc0657fb3cfbc13b172a58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:0d:51:91:13:93:50:35:8c:08:63:e5:d0:5e:
1c:aa:f3:2d:0e:15:57:76:3d:97:4c:00:f5:fc:23:
75:be:31:97:26:78:8f:c3:ef:ce:c0:82:a7:08:16:
de:14:61:ed:c7:a3:0c:e0:d9:68:f4:a3:ba:53:99:
0f:cf:77:69:a8:fc:f5:6a:6a:80:37:fa:29:e5:aa:
f3:89:ad:34:fa:e9:18:ad:0b:af:7a:1c:7d:1d:3a:
0e:d2:62:14:8c:4a:16:21:a4:8e:aa:42:3b:df:de:
1b:cf:a8:cd:c1:00:ab:73:d5:33:dd:16:18:d7:22:
bb:0a:69:75:d6:e4:e5:43:dd:cb:89:71:2f:e7:2c:
5e:ae:61:4f:ef:85:85:a2:21:97:7f:3a:18:60:60:
9a:9a:05:a3:45:70:c5:47:97:ac:46:73:3c:ad:ee:
89:29:79:3a:67:3c:a0:a4:cf:b1:2f:5e:03:ec:a2:
c1:d5:63:20:10:1d:fa:64:2b:6b:45:9e:dd:bc:79:
60:91:48:7e:1f:1a:b6:93:a0:09:25:63:f4:80:ee:
5a:5d:c1:74:c7:46:96:12:25:ca:c0:b3:f2:45:c0:
07:5a:9c:22:d2:2c:6a:28:a6:c3:3f:3c:91:c7:e6:
17:f3:0b:33:ab:23:9f:b3:e5:ed:0d:b1:51:d1:56:
44:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:C5:75:6D:13:24:65:D5:12:CC:06:57:FB:3C:FB:C1:3B:17:2A:58
X509v3 Authority Key Identifier:
keyid:C4:AD:D5:BA:76:62:B7:31:DD:08:BC:F8:73:8F:13:5D:93:AE:D4:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xK3VunZitzHdCLz4c48TXZOu1FE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/346a23-1181-4a80-9f55-dd7d47cf5c18/1/UsV1bRMkZdUSzAZX-zz7wTsXKlg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/346a23-1181-4a80-9f55-dd7d47cf5c18/1/xK3VunZitzHdCLz4c48TXZOu1FE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.108.0/22
Signature Algorithm: sha256WithRSAEncryption
2e:aa:47:ba:1c:2b:7d:34:c0:ed:8b:06:ab:03:69:e8:ad:d1:
dc:0f:4c:f1:85:db:3e:b2:63:26:c3:cc:63:ea:85:5a:00:14:
7d:a4:43:c0:53:26:94:e3:ec:53:bf:9c:87:44:21:1c:d8:aa:
f8:20:bd:57:66:88:5c:86:de:3a:58:87:55:f0:fe:fe:f1:18:
a3:ae:9e:5f:10:e0:75:7a:50:2b:1b:9c:d1:6f:54:83:b0:10:
06:3e:b9:ca:c0:56:f5:77:07:19:c9:d8:de:99:ff:89:b9:16:
c7:67:10:94:66:45:18:4a:d4:bc:5b:79:c4:1b:84:0d:66:87:
a1:22:06:10:6b:35:2a:14:c3:7f:ef:4e:9e:60:9c:32:e3:b1:
40:4e:4d:7b:f8:3a:c6:b5:68:63:ff:74:65:01:2b:79:b7:b9:
f3:10:cf:8f:a1:ea:11:88:fe:0d:d3:2c:8b:a2:0a:76:fc:87:
8c:9a:74:6d:bf:aa:4f:e7:16:ac:a2:1b:45:73:3a:32:d7:08:
bc:38:b7:3a:3a:49:80:a9:b7:4d:a0:33:8e:07:2d:8b:9d:94:
96:e0:43:06:2a:8e:00:39:16:38:80:11:a7:53:5f:a0:2b:c2:
7a:d2:e7:23:d6:00:3b:f0:80:e7:23:c2:4c:b0:9d:85:0d:a2:
96:1a:77:86
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEB0j/bzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NGFkZDViYTc2NjJiNzMxZGQwOGJjZjg3MzhmMTM1ZDkzYWVkNDUxMB4XDTIyMDEw
MTEzNTgzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTJjNTc1NmQxMzI0
NjVkNTEyY2MwNjU3ZmIzY2ZiYzEzYjE3MmE1ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAO4NUZETk1A1jAhj5dBeHKrzLQ4VV3Y9l0wA9fwjdb4xlyZ4
j8PvzsCCpwgW3hRh7cejDODZaPSjulOZD893aaj89WpqgDf6KeWq84mtNPrpGK0L
r3ocfR06DtJiFIxKFiGkjqpCO9/eG8+ozcEAq3PVM90WGNciuwppddbk5UPdy4lx
L+csXq5hT++FhaIhl386GGBgmpoFo0VwxUeXrEZzPK3uiSl5Omc8oKTPsS9eA+yi
wdVjIBAd+mQra0We3bx5YJFIfh8atpOgCSVj9IDuWl3BdMdGlhIlysCz8kXAB1qc
ItIsaiimwz88kcfmF/MLM6sjn7Pl7Q2xUdFWRCsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRSxXVtEyRl1RLMBlf7PPvBOxcqWDAfBgNVHSMEGDAWgBTErdW6dmK3Md0I
vPhzjxNdk67UUTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3hLM1Z1blppdHpIZENMejRjNDhUWFpPdTFGRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzUvMzQ2YTIzLTExODEtNGE4MC05ZjU1LWRkN2Q0N2NmNWMxOC8x
L1VzVjFiUk1rWmRVU3pBWlgteno3d1RzWEtsZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzUv
MzQ2YTIzLTExODEtNGE4MC05ZjU1LWRkN2Q0N2NmNWMxOC8xL3hLM1Z1blppdHpI
ZENMejRjNDhUWFpPdTFGRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi2VbDANBgkqhkiG9w0BAQsFAAOC
AQEALqpHuhwrfTTA7YsGqwNp6K3R3A9M8YXbPrJjJsPMY+qFWgAUfaRDwFMmlOPs
U7+ch0QhHNiq+CC9V2aIXIbeOliHVfD+/vEYo66eXxDgdXpQKxuc0W9Ug7AQBj65
ysBW9XcHGcnY3pn/ibkWx2cQlGZFGErUvFt5xBuEDWaHoSIGEGs1KhTDf+9OnmCc
MuOxQE5Ne/g6xrVoY/90ZQErebe58xDPj6HqEYj+DdMsi6IKdvyHjJp0bb+qT+cW
rKIbRXM6MtcIvDi3OjpJgKm3TaAzjgcti52UluBDBiqOADkWOIARp1NfoCvCetLn
I9YAO/CA5yPCTLCdhQ2ilhp3hg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:39 2023 by rpki-client on console-ams.rpki-client.org