Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/93da3a-87d5-4433-9f38-a296092be153/1/SgkCuaFIxvakdduBvnLUEMzh7Lc.roa
File: SgkCuaFIxvakdduBvnLUEMzh7Lc.roa (raw, json)
Hash identifier: kHwef7v/QIV7GLA247q7fpDhjj3wMwBCJIRojwI/2sE=
Subject key identifier: 4A:09:02:B9:A1:48:C6:F6:A4:75:DB:81:BE:72:D4:10:CC:E1:EC:B7
Certificate issuer: /CN=8348da7cbe8ca41865bda1a082e00cb5c25887af
Certificate serial: 07AEC7FC
Authority key identifier: 83:48:DA:7C:BE:8C:A4:18:65:BD:A1:A0:82:E0:0C:B5:C2:58:87:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g0jafL6MpBhlvaGgguAMtcJYh68.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/93da3a-87d5-4433-9f38-a296092be153/1/SgkCuaFIxvakdduBvnLUEMzh7Lc.roa
Signing time: Sat 01 Jan 2022 10:03:50 +0000
ROA not before: Sat 01 Jan 2022 10:03:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208419
IP address blocks: 45.138.20.0/22 maxlen: 22
2a0e:ab40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 128894972 (0x7aec7fc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8348da7cbe8ca41865bda1a082e00cb5c25887af
Validity
Not Before: Jan 1 10:03:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4a0902b9a148c6f6a475db81be72d410cce1ecb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:1c:84:c3:8d:0f:90:c8:bb:5a:ac:86:1e:b4:
5e:84:8c:2f:9b:de:38:9a:d7:b7:a8:59:15:f5:6a:
b7:87:cc:4e:e2:b2:56:9e:03:a2:ac:80:f3:f3:0c:
25:d9:d5:d0:87:80:1e:60:79:a8:dd:df:68:9c:d3:
40:2a:67:ce:39:10:32:ae:85:80:19:1d:92:ee:43:
28:aa:1d:68:19:dc:4e:d3:0c:45:fa:ea:7a:f2:6d:
8d:af:46:4f:1e:54:71:90:67:36:7b:d3:b8:e0:5e:
99:d8:65:87:fe:6c:06:af:5c:84:8b:0c:a9:34:1e:
67:9c:aa:74:1b:15:67:c9:91:03:d9:c9:10:09:31:
04:37:0c:0b:bc:e5:dc:2c:c4:cf:5e:34:d2:12:00:
d5:c6:df:6c:57:ee:81:81:42:46:7a:a9:62:ed:fa:
1a:42:fd:50:7c:41:76:0b:ee:ca:61:59:f1:25:18:
77:c9:ab:ab:40:90:d6:87:6a:0b:61:69:7f:74:49:
19:c3:97:14:27:20:4d:f6:d3:d7:60:b9:85:a1:ac:
27:d9:bc:4f:e2:9c:25:40:1b:69:e7:29:86:ec:cb:
76:90:aa:56:e4:d9:c3:58:73:3c:b9:b0:09:6d:14:
66:ce:28:08:0c:d8:b6:90:86:08:d5:ba:38:ae:58:
eb:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:09:02:B9:A1:48:C6:F6:A4:75:DB:81:BE:72:D4:10:CC:E1:EC:B7
X509v3 Authority Key Identifier:
keyid:83:48:DA:7C:BE:8C:A4:18:65:BD:A1:A0:82:E0:0C:B5:C2:58:87:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g0jafL6MpBhlvaGgguAMtcJYh68.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/93da3a-87d5-4433-9f38-a296092be153/1/SgkCuaFIxvakdduBvnLUEMzh7Lc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/93da3a-87d5-4433-9f38-a296092be153/1/g0jafL6MpBhlvaGgguAMtcJYh68.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.138.20.0/22
IPv6:
2a0e:ab40::/29
Signature Algorithm: sha256WithRSAEncryption
65:cc:77:2b:0c:90:3d:91:64:60:1c:ef:42:9f:b6:14:7f:6c:
64:12:67:84:e4:ba:11:63:f2:69:14:21:bc:ee:bf:d8:5e:66:
d2:f3:d1:bc:60:ae:f2:33:3e:66:5d:fd:da:31:7c:13:2b:42:
1b:00:ea:93:fe:bf:bd:6e:7d:c7:da:2c:c9:6d:86:9d:ad:99:
5c:cb:44:63:0f:48:e4:07:d3:82:9a:19:d9:39:52:fe:d2:2c:
fa:49:af:d2:38:20:69:15:43:69:92:18:69:c7:c3:2c:b2:47:
d4:98:ab:e6:4d:dd:30:82:4f:50:e3:33:40:5b:c7:e1:35:a7:
54:ce:50:5a:c4:6a:c0:03:75:a2:2b:53:28:cf:56:cc:0f:38:
72:6c:d1:ed:47:86:38:f7:50:10:05:da:b5:fa:92:05:ca:f3:
82:f9:a4:b7:97:a1:c7:74:9a:0f:5c:83:e1:aa:0f:ee:88:c0:
8c:20:7f:41:dc:c1:33:c0:52:30:08:f7:63:ee:a1:fc:73:9e:
ba:7b:b3:a3:73:ce:b6:18:2c:b1:83:33:6c:6f:d4:91:91:00:
26:b6:e9:4a:b3:03:50:eb:c1:0e:cf:2d:17:18:13:c7:a4:0f:
19:8f:ee:ea:b8:23:29:a0:55:3c:d1:ad:d6:db:2b:2d:93:96:
bd:8e:0e:a7
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEB67H/DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MzQ4ZGE3Y2JlOGNhNDE4NjViZGExYTA4MmUwMGNiNWMyNTg4N2FmMB4XDTIyMDEw
MTEwMDM1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGEwOTAyYjlhMTQ4
YzZmNmE0NzVkYjgxYmU3MmQ0MTBjY2UxZWNiNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALgchMOND5DIu1qshh60XoSML5veOJrXt6hZFfVqt4fMTuKy
Vp4DoqyA8/MMJdnV0IeAHmB5qN3faJzTQCpnzjkQMq6FgBkdku5DKKodaBncTtMM
RfrqevJtja9GTx5UcZBnNnvTuOBemdhlh/5sBq9chIsMqTQeZ5yqdBsVZ8mRA9nJ
EAkxBDcMC7zl3CzEz1400hIA1cbfbFfugYFCRnqpYu36GkL9UHxBdgvuymFZ8SUY
d8mrq0CQ1odqC2Fpf3RJGcOXFCcgTfbT12C5haGsJ9m8T+KcJUAbaecphuzLdpCq
VuTZw1hzPLmwCW0UZs4oCAzYtpCGCNW6OK5Y618CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBRKCQK5oUjG9qR124G+ctQQzOHstzAfBgNVHSMEGDAWgBSDSNp8voykGGW9
oaCC4Ay1wliHrzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2cwamFmTDZNcEJobHZhR2dndUFNdGNKWWg2OC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODUvOTNkYTNhLTg3ZDUtNDQzMy05ZjM4LWEyOTYwOTJiZTE1My8x
L1Nna0N1YUZJeHZha2RkdUJ2bkxVRU16aDdMYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODUv
OTNkYTNhLTg3ZDUtNDQzMy05ZjM4LWEyOTYwOTJiZTE1My8xL2cwamFmTDZNcEJo
bHZhR2dndUFNdGNKWWg2OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAi2KFDANBAIAAjAHAwUDKg6rQDAN
BgkqhkiG9w0BAQsFAAOCAQEAZcx3KwyQPZFkYBzvQp+2FH9sZBJnhOS6EWPyaRQh
vO6/2F5m0vPRvGCu8jM+Zl392jF8EytCGwDqk/6/vW59x9osyW2Gna2ZXMtEYw9I
5AfTgpoZ2TlS/tIs+kmv0jggaRVDaZIYacfDLLJH1Jir5k3dMIJPUOMzQFvH4TWn
VM5QWsRqwAN1oitTKM9WzA84cmzR7UeGOPdQEAXatfqSBcrzgvmkt5ehx3SaD1yD
4aoP7ojAjCB/QdzBM8BSMAj3Y+6h/HOeunuzo3POthgssYMzbG/UkZEAJrbpSrMD
UOvBDs8tFxgTx6QPGY/u6rgjKaBVPNGt1tsrLZOWvY4Opw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:23 2024 by rpki-client on console-ams.rpki-client.org