Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/MlddEA3knaCpGeWrBFnS2L8i-3o.roa
File: MlddEA3knaCpGeWrBFnS2L8i-3o.roa (raw, json)
Hash identifier: whvfSRP7UFPm0Zjp+56SvaIO1db9YNKXlwGRB0P8RPY=
Subject key identifier: 32:57:5D:10:0D:E4:9D:A0:A9:19:E5:AB:04:59:D2:D8:BF:22:FB:7A
Certificate issuer: /CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Certificate serial: 0182D62F2263F441658D92EBFFDF27097C1C
Authority key identifier: 49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/MlddEA3knaCpGeWrBFnS2L8i-3o.roa
Signing time: Thu 25 Aug 2022 18:06:29 +0000
ROA not before: Thu 25 Aug 2022 18:06:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209408
IP address blocks: 45.66.224.0/22 maxlen: 22
2a09:6c40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:d6:2f:22:63:f4:41:65:8d:92:eb:ff:df:27:09:7c:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Validity
Not Before: Aug 25 18:06:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=32575d100de49da0a919e5ab0459d2d8bf22fb7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:d2:fc:66:76:9b:11:7b:b1:1b:07:e6:52:b0:
a2:19:7c:46:4a:a7:71:b9:7f:cc:99:f7:30:8d:ff:
2d:1a:5a:38:98:e5:51:41:e8:78:89:dd:2a:a8:db:
53:a9:45:9b:cd:0d:06:ff:c4:61:a8:16:7e:f2:8f:
d2:76:01:cc:83:1e:ce:38:8f:44:92:2a:cc:89:fc:
a5:e9:f3:01:9e:82:b0:14:67:65:0e:11:74:3d:5f:
34:7e:52:16:6a:9f:96:bf:96:05:00:30:7d:ea:0d:
49:29:00:65:07:59:f9:50:08:09:4c:eb:60:c1:f7:
1e:b2:f0:c1:8f:37:e6:ba:da:d7:6b:9b:65:6d:25:
c6:34:ac:2c:3e:64:ca:8d:92:b3:39:96:b4:ce:7e:
7e:c5:ee:8b:bf:63:f5:a6:bb:06:78:40:f1:47:d9:
f8:56:09:ab:47:8d:6f:f7:90:38:84:36:2f:10:a0:
cd:a3:9e:ab:52:f2:86:fd:31:24:e3:c6:f0:1c:84:
0b:7a:7b:6c:f2:1f:79:d3:71:45:9f:c4:c9:b8:27:
c6:23:a3:a7:17:03:23:65:38:81:0f:60:d2:2f:36:
fa:13:70:38:68:df:3b:4a:3a:41:e9:b0:a1:54:cf:
75:5f:9d:d6:f3:21:32:54:18:ca:fb:ba:64:83:1a:
1b:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:57:5D:10:0D:E4:9D:A0:A9:19:E5:AB:04:59:D2:D8:BF:22:FB:7A
X509v3 Authority Key Identifier:
keyid:49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/MlddEA3knaCpGeWrBFnS2L8i-3o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.224.0/22
IPv6:
2a09:6c40::/29
Signature Algorithm: sha256WithRSAEncryption
11:21:2d:45:81:b1:c6:95:ca:c9:e7:7b:00:23:6c:60:89:6b:
ea:bc:f3:8c:65:2f:39:16:7f:44:9e:62:c0:c6:d5:f6:64:17:
3c:57:28:0e:44:9f:54:9d:03:1e:d0:e5:c3:22:3e:92:7a:bd:
da:d9:02:d0:7c:8a:f3:1b:bd:72:4a:ab:ef:ec:1a:fa:4b:c8:
fa:1d:97:92:d7:50:be:b2:8c:e7:3b:e3:d4:e7:5b:20:d7:9a:
47:01:23:15:bb:f8:57:ee:18:3e:ce:e0:ee:65:aa:ec:36:7e:
de:d6:c5:95:74:f7:a9:34:5d:ac:c1:35:60:91:44:90:fb:94:
8e:98:1b:ee:00:db:36:7e:d1:b5:aa:8b:0f:0d:cf:32:d1:b4:
da:7f:52:96:c7:e3:71:18:ee:e4:d8:9a:f7:77:e1:06:85:87:
4d:7a:24:3d:33:ef:eb:3a:22:c2:a6:63:c8:13:b8:3b:a0:d2:
51:cd:13:b5:c0:ea:6d:f1:56:2e:f7:bf:2b:44:15:e1:a6:ff:
9f:d3:b5:da:ce:7f:ba:0c:fe:1d:d3:dc:da:1c:ea:2d:5d:13:
36:e0:9e:71:59:90:84:ab:41:58:cd:83:dc:31:4d:70:fd:c5:
0d:0b:ec:87:56:ad:b5:93:60:e7:48:b3:95:85:69:e0:13:09:
7c:a7:2a:0a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYLWLyJj9EFljZLr/98nCXwcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTUxNjk0YzRkNDZiNGZjYzAyZmFlNzFlNWRiOTQyYTcx
MDhlNDcwHhcNMjIwODI1MTgwNjI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjU3NWQxMDBkZTQ5ZGEwYTkxOWU1YWIwNDU5ZDJkOGJmMjJmYjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg9L8ZnabEXuxGwfmUrCiGXxGSqdx
uX/Mmfcwjf8tGlo4mOVRQeh4id0qqNtTqUWbzQ0G/8RhqBZ+8o/SdgHMgx7OOI9E
kirMifyl6fMBnoKwFGdlDhF0PV80flIWap+Wv5YFADB96g1JKQBlB1n5UAgJTOtg
wfcesvDBjzfmutrXa5tlbSXGNKwsPmTKjZKzOZa0zn5+xe6Lv2P1prsGeEDxR9n4
VgmrR41v95A4hDYvEKDNo56rUvKG/TEk48bwHIQLents8h9503FFn8TJuCfGI6On
FwMjZTiBD2DSLzb6E3A4aN87SjpB6bChVM91X53W8yEyVBjK+7pkgxobGwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDJXXRAN5J2gqRnlqwRZ0ti/Ivt6MB8GA1UdIwQY
MBaAFEnlFpTE1GtPzAL65x5duUKnEI5HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQt
MTkxODliM2M5YzdkLzEvTWxkZEVBM2tuYUNwR2VXckJGblMyTDhpLTNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQtMTkxODliM2M5Yzdk
LzEvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLULgMA0E
AgACMAcDBQMqCWxAMA0GCSqGSIb3DQEBCwUAA4IBAQARIS1FgbHGlcrJ53sAI2xg
iWvqvPOMZS85Fn9EnmLAxtX2ZBc8VygORJ9UnQMe0OXDIj6Ser3a2QLQfIrzG71y
Sqvv7Br6S8j6HZeS11C+soznO+PU51sg15pHASMVu/hX7hg+zuDuZarsNn7e1sWV
dPepNF2swTVgkUSQ+5SOmBvuANs2ftG1qosPDc8y0bTaf1KWx+NxGO7k2Jr3d+EG
hYdNeiQ9M+/rOiLCpmPIE7g7oNJRzRO1wOpt8VYu978rRBXhpv+f07Xazn+6DP4d
09zaHOotXRM24J5xWZCEq0FYzYPcMU1w/cUNC+yHVq21k2DnSLOVhWngEwl8pyoK
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:33 2023 by rpki-client on console-ams.rpki-client.org