Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/046337-4f1f-444e-83d7-054d65d7247f/1/W5KgXzw2kuhNJeFp6kEO84P4V4c.roa
File: W5KgXzw2kuhNJeFp6kEO84P4V4c.roa (raw, json)
Hash identifier: luseelVnITE7IuWNpKziCQF0jk10H87K4BvhWyTa/fE=
Subject key identifier: 5B:92:A0:5F:3C:36:92:E8:4D:25:E1:69:EA:41:0E:F3:83:F8:57:87
Certificate issuer: /CN=19c91f1cb0874232a04fbc092baa688accecc9d7
Certificate serial: 0845CC68
Authority key identifier: 19:C9:1F:1C:B0:87:42:32:A0:4F:BC:09:2B:AA:68:8A:CC:EC:C9:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GckfHLCHQjKgT7wJK6poiszsydc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/046337-4f1f-444e-83d7-054d65d7247f/1/W5KgXzw2kuhNJeFp6kEO84P4V4c.roa
Signing time: Sat 01 Jan 2022 12:54:57 +0000
ROA not before: Sat 01 Jan 2022 12:54:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 40138
IP address blocks: 45.85.236.0/24 maxlen: 24
45.85.237.0/24 maxlen: 24
2a0e:c887::/44 maxlen: 48
2a0e:c886::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 138792040 (0x845cc68)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19c91f1cb0874232a04fbc092baa688accecc9d7
Validity
Not Before: Jan 1 12:54:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5b92a05f3c3692e84d25e169ea410ef383f85787
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:a8:47:19:03:9f:6b:69:b6:bf:e4:a1:9a:df:
45:ef:10:3b:34:b7:98:b7:87:f1:e9:ed:eb:58:07:
d8:c2:ac:48:cd:89:cb:fb:78:14:01:3d:1f:f1:80:
c5:30:bc:44:c8:c2:77:9f:6a:93:db:81:a2:b6:50:
8d:d1:bf:76:df:13:9a:3d:44:37:7a:1b:ac:33:85:
32:b0:5c:56:2c:b0:c6:e7:d4:42:47:c7:7b:53:94:
a5:2c:f8:88:c2:f0:71:08:17:21:30:bd:4b:52:2b:
e2:07:a0:43:ac:ce:4f:2e:19:fa:a0:48:ce:40:cb:
5f:18:ec:6f:e2:94:ad:3c:07:bc:68:95:b4:9f:0c:
e9:bc:8b:60:e9:89:9c:54:22:4a:e7:6f:44:22:5b:
8f:61:19:4a:7b:f6:bd:09:81:6e:f9:92:17:b2:be:
11:ae:45:55:e7:eb:24:fb:ed:d2:d8:d6:4b:7c:1a:
55:0c:9e:60:72:38:1b:4c:de:8d:22:d6:26:70:a6:
fc:22:c4:f2:96:cb:b3:91:13:14:72:6d:a0:e0:06:
8b:3a:51:c4:0e:eb:1c:53:52:55:ad:c4:6b:e2:d4:
1f:68:2c:e6:92:e5:2b:5b:f7:0f:2c:24:a7:81:8c:
05:55:be:75:0d:f8:e1:c4:c0:72:87:ca:95:29:2c:
0a:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:92:A0:5F:3C:36:92:E8:4D:25:E1:69:EA:41:0E:F3:83:F8:57:87
X509v3 Authority Key Identifier:
keyid:19:C9:1F:1C:B0:87:42:32:A0:4F:BC:09:2B:AA:68:8A:CC:EC:C9:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GckfHLCHQjKgT7wJK6poiszsydc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/046337-4f1f-444e-83d7-054d65d7247f/1/W5KgXzw2kuhNJeFp6kEO84P4V4c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/046337-4f1f-444e-83d7-054d65d7247f/1/GckfHLCHQjKgT7wJK6poiszsydc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.236.0/23
IPv6:
2a0e:c886::/44
2a0e:c887::/44
Signature Algorithm: sha256WithRSAEncryption
09:62:72:56:a8:a2:25:f3:c2:bc:f2:ed:e8:93:02:ef:a2:b1:
6d:51:19:ea:f6:25:f3:0b:23:97:98:19:e1:8b:b6:f9:98:ff:
c4:9d:05:d0:e0:f3:d6:76:6f:16:1f:79:28:df:7b:ed:73:b7:
12:32:13:5e:51:33:49:5f:00:e2:72:b0:e7:72:9f:71:cd:20:
90:43:d2:0c:9f:9e:53:53:55:f1:46:38:0d:23:91:8a:f2:be:
69:f9:8c:f3:f8:11:3f:9e:6f:4d:04:46:75:88:a9:b5:ee:f0:
3b:c3:47:ee:0f:14:d5:d6:27:e4:a3:a2:06:cf:58:9f:84:a4:
69:ac:78:94:f3:67:5f:5d:f1:ff:93:ac:f6:c6:23:fa:83:d2:
91:d8:13:64:fc:e5:c2:56:1d:6d:e1:39:0b:44:b5:b8:a3:a2:
37:13:68:bf:54:3d:fc:38:c8:f8:2f:52:9e:6e:ee:78:88:84:
c2:eb:0e:6f:fe:e1:cb:31:3c:e7:55:f1:48:4b:2a:e1:fc:87:
a0:5c:28:d5:f8:2c:d6:a4:94:5e:e4:83:32:10:21:2d:a6:c8:
c3:0b:4d:c7:b1:80:6f:06:a8:cf:9b:a9:02:84:ba:6c:7e:f2:
1a:b7:6e:e2:10:b9:57:80:47:03:da:06:16:b9:ea:63:04:a0:
c7:30:44:da
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIECEXMaDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
OWM5MWYxY2IwODc0MjMyYTA0ZmJjMDkyYmFhNjg4YWNjZWNjOWQ3MB4XDTIyMDEw
MTEyNTQ1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWI5MmEwNWYzYzM2
OTJlODRkMjVlMTY5ZWE0MTBlZjM4M2Y4NTc4NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKWoRxkDn2tptr/koZrfRe8QOzS3mLeH8ent61gH2MKsSM2J
y/t4FAE9H/GAxTC8RMjCd59qk9uBorZQjdG/dt8Tmj1EN3obrDOFMrBcViywxufU
QkfHe1OUpSz4iMLwcQgXITC9S1Ir4gegQ6zOTy4Z+qBIzkDLXxjsb+KUrTwHvGiV
tJ8M6byLYOmJnFQiSudvRCJbj2EZSnv2vQmBbvmSF7K+Ea5FVefrJPvt0tjWS3wa
VQyeYHI4G0zejSLWJnCm/CLE8pbLs5ETFHJtoOAGizpRxA7rHFNSVa3Ea+LUH2gs
5pLlK1v3Dywkp4GMBVW+dQ344cTAcofKlSksCjECAwEAAaOCAiMwggIfMB0GA1Ud
DgQWBBRbkqBfPDaS6E0l4WnqQQ7zg/hXhzAfBgNVHSMEGDAWgBQZyR8csIdCMqBP
vAkrqmiKzOzJ1zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0dja2ZITENIUWpLZ1Q3d0pLNnBvaXN6c3lkYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGMvMDQ2MzM3LTRmMWYtNDQ0ZS04M2Q3LTA1NGQ2NWQ3MjQ3Zi8x
L1c1S2dYencya3VoTkplRnA2a0VPODRQNFY0Yy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGMv
MDQ2MzM3LTRmMWYtNDQ0ZS04M2Q3LTA1NGQ2NWQ3MjQ3Zi8xL0dja2ZITENIUWpL
Z1Q3d0pLNnBvaXN6c3lkYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5
BggrBgEFBQcBBwEB/wQqMCgwDAQCAAEwBgMEAS1V7DAYBAIAAjASAwcEKg7IhgAA
AwcEKg7IhwAAMA0GCSqGSIb3DQEBCwUAA4IBAQAJYnJWqKIl88K88u3okwLvorFt
URnq9iXzCyOXmBnhi7b5mP/EnQXQ4PPWdm8WH3ko33vtc7cSMhNeUTNJXwDicrDn
cp9xzSCQQ9IMn55TU1XxRjgNI5GK8r5p+Yzz+BE/nm9NBEZ1iKm17vA7w0fuDxTV
1ifko6IGz1ifhKRprHiU82dfXfH/k6z2xiP6g9KR2BNk/OXCVh1t4TkLRLW4o6I3
E2i/VD38OMj4L1Kebu54iITC6w5v/uHLMTznVfFISyrh/IegXCjV+CzWpJRe5IMy
ECEtpsjDC03HsYBvBqjPm6kChLpsfvIat27iELlXgEcD2gYWuepjBKDHMETa
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:13 2023 by rpki-client on console-fra.rpki-client.org