Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/A1oYlaGQ4UXQ0q5GNCju2MGssaE.roa
File: A1oYlaGQ4UXQ0q5GNCju2MGssaE.roa (raw, json)
Hash identifier: NVczT9BJV34egV1wQ389zWXFzskEEzcGpx8UbAJQ5N8=
Subject key identifier: 03:5A:18:95:A1:90:E1:45:D0:D2:AE:46:34:28:EE:D8:C1:AC:B1:A1
Certificate issuer: /CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Certificate serial: 095A20A4
Authority key identifier: 93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/A1oYlaGQ4UXQ0q5GNCju2MGssaE.roa
Signing time: Sat 01 Jan 2022 09:03:49 +0000
ROA not before: Sat 01 Jan 2022 09:03:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41378
IP address blocks: 45.9.10.0/24 maxlen: 24
45.9.11.0/24 maxlen: 24
45.9.8.0/24 maxlen: 24
45.9.8.0/22 maxlen: 24
45.9.9.0/24 maxlen: 24
2a0e:aa00:100::/44 maxlen: 48
2a0e:aa00:300::/44 maxlen: 48
2a0e:aa00:200::/44 maxlen: 48
2a0e:aa00:140::/44 maxlen: 48
2a0e:aa00:120::/44 maxlen: 48
2a0e:aa00:220::/44 maxlen: 48
2a0e:aa02::/32 maxlen: 48
2a0e:aa00:110::/44 maxlen: 48
2a0e:aa00:310::/44 maxlen: 48
2a0e:aa00:210::/44 maxlen: 48
2a0e:aa00:130::/44 maxlen: 48
2a0e:aa00:230::/44 maxlen: 48
2a0e:aa00:aa00::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 156901540 (0x95a20a4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Validity
Not Before: Jan 1 09:03:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=035a1895a190e145d0d2ae463428eed8c1acb1a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:b9:4c:9e:c3:99:bb:f1:b4:54:c2:46:cd:7e:
ec:18:62:1c:d5:6d:ed:be:fc:0c:16:e1:e5:a3:af:
ce:4b:55:81:14:a4:19:92:b3:bc:83:04:c6:d9:a0:
63:45:3d:d7:fa:6d:f9:04:c9:e0:7b:dd:84:be:f5:
32:0c:81:32:d8:bc:6f:1f:38:55:23:ac:eb:54:76:
1e:e0:c9:4a:f1:0e:5e:62:12:2e:55:a2:58:38:c4:
05:bc:19:fd:30:67:32:ba:d2:94:fa:88:be:df:94:
4c:5e:4d:0e:9b:15:b4:86:a1:7e:92:6f:cc:85:cc:
8b:b6:d8:9b:bd:3b:7d:1c:04:8c:4c:e6:87:52:3d:
45:97:6a:4b:9d:41:4e:ae:4e:ea:79:de:23:9c:a1:
49:36:44:e4:31:29:dc:02:ae:17:c9:59:b7:1c:0e:
0e:d9:d3:49:f8:43:f0:60:d1:c7:98:1e:ab:b9:fe:
d0:94:fd:b6:27:fe:e9:44:98:20:cf:c1:2d:5d:b3:
cd:0d:bb:cb:05:e5:88:59:fc:52:77:90:bf:f6:9f:
a5:59:e9:75:05:fc:14:be:62:ee:d5:99:9c:b6:fe:
06:47:81:62:a8:d2:90:76:bf:2c:e2:e9:b3:f0:ef:
fc:d1:57:bb:2d:f7:f3:95:a8:ce:44:2d:83:9a:e7:
bc:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:5A:18:95:A1:90:E1:45:D0:D2:AE:46:34:28:EE:D8:C1:AC:B1:A1
X509v3 Authority Key Identifier:
keyid:93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/A1oYlaGQ4UXQ0q5GNCju2MGssaE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.8.0/22
IPv6:
2a0e:aa00:100::-2a0e:aa00:14f:ffff:ffff:ffff:ffff:ffff
2a0e:aa00:200::/42
2a0e:aa00:300::/43
2a0e:aa00:aa00::/40
2a0e:aa02::/32
Signature Algorithm: sha256WithRSAEncryption
9c:f8:a5:75:b6:77:8e:c6:dc:d8:82:ac:20:8d:8a:c8:e0:23:
08:17:2a:44:ec:a7:5c:64:bc:8c:44:c3:30:c2:0c:95:e8:2f:
4e:01:98:c9:f1:3e:c6:ce:6c:24:f8:3e:3c:94:3b:ff:3a:d6:
83:2e:43:2e:a7:eb:29:2c:fc:f0:31:a8:60:ed:e9:5e:a9:c5:
9d:d8:91:fe:8d:4d:17:fe:4e:4f:ae:6e:1e:cd:32:1b:10:aa:
01:68:75:82:06:c5:c3:31:9a:cf:4a:08:32:0c:8a:86:c3:5e:
1c:f4:2e:85:31:3b:a4:b0:92:72:65:e1:db:8b:84:95:bc:b3:
d2:1f:eb:f5:42:00:35:11:a3:7e:b3:f1:34:59:ca:d7:d1:da:
ef:06:4a:fd:3d:58:4f:b8:c2:95:29:fe:b5:53:c4:4a:00:ad:
be:ae:a2:d0:16:e6:7c:f3:41:f2:87:83:8a:e5:b4:84:6c:53:
44:fa:bf:b9:cd:74:b7:1b:e0:bd:95:ce:b7:d0:db:69:ee:7a:
b1:01:61:ef:74:d9:45:52:16:06:46:9e:05:e0:c1:e7:6e:48:
f8:1c:40:a1:b9:7b:8b:69:ea:38:17:a6:c6:33:d7:56:ee:60:
42:26:87:5c:f3:d2:74:28:7b:09:51:d6:3c:6c:ea:ae:e7:5f:
9d:a3:ae:57
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIECVogpDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MzYxYjVjZDY5NjgyNWI3NGZjY2JhN2Q5N2MzZDBhMjcyNGVmM2FhMB4XDTIyMDEw
MTA5MDM0OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDM1YTE4OTVhMTkw
ZTE0NWQwZDJhZTQ2MzQyOGVlZDhjMWFjYjFhMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALG5TJ7DmbvxtFTCRs1+7BhiHNVt7b78DBbh5aOvzktVgRSk
GZKzvIMExtmgY0U91/pt+QTJ4HvdhL71MgyBMti8bx84VSOs61R2HuDJSvEOXmIS
LlWiWDjEBbwZ/TBnMrrSlPqIvt+UTF5NDpsVtIahfpJvzIXMi7bYm707fRwEjEzm
h1I9RZdqS51BTq5O6nneI5yhSTZE5DEp3AKuF8lZtxwODtnTSfhD8GDRx5geq7n+
0JT9tif+6USYIM/BLV2zzQ27ywXliFn8UneQv/afpVnpdQX8FL5i7tWZnLb+BkeB
YqjSkHa/LOLps/Dv/NFXuy3385WozkQtg5rnvI8CAwEAAaOCAkUwggJBMB0GA1Ud
DgQWBBQDWhiVoZDhRdDSrkY0KO7YwayxoTAfBgNVHSMEGDAWgBSTYbXNaWglt0/M
un2Xw9Cick7zqjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2syRzF6V2xvSmJkUHpMcDlsOFBRb25KTzg2by5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2YvNzJiZjJmLThlMzQtNDhhMi04NDlhLWE1NDFkMWJjZWUxOS8x
L0Exb1lsYUdRNFVYUTBxNUdOQ2p1Mk1Hc3NhRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Yv
NzJiZjJmLThlMzQtNDhhMi04NDlhLWE1NDFkMWJjZWUxOS8xL2syRzF6V2xvSmJk
UHpMcDlsOFBRb25KTzg2by5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBb
BggrBgEFBQcBBwEB/wRMMEowDAQCAAEwBgMEAi0JCDA6BAIAAjA0MBEDBgAqDqoA
AQMHBCoOqgABQAMHBioOqgACAAMHBSoOqgADAAMGACoOqgCqAwUAKg6qAjANBgkq
hkiG9w0BAQsFAAOCAQEAnPildbZ3jsbc2IKsII2KyOAjCBcqROynXGS8jETDMMIM
legvTgGYyfE+xs5sJPg+PJQ7/zrWgy5DLqfrKSz88DGoYO3pXqnFndiR/o1NF/5O
T65uHs0yGxCqAWh1ggbFwzGaz0oIMgyKhsNeHPQuhTE7pLCScmXh24uElbyz0h/r
9UIANRGjfrPxNFnK19Ha7wZK/T1YT7jClSn+tVPESgCtvq6i0BbmfPNB8oeDiuW0
hGxTRPq/uc10txvgvZXOt9Dbae56sQFh73TZRVIWBkaeBeDB525I+BxAobl7i2nq
OBemxjPXVu5gQiaHXPPSdCh7CVHWPGzqrudfnaOuVw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:31 2023 by rpki-client on console-fra.rpki-client.org