Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/c34c99-18c8-41a2-874b-390b85394beb/1/IOL8qIDo0EeOohsnplG-rEzuH4g.roa
File: IOL8qIDo0EeOohsnplG-rEzuH4g.roa (raw, json)
Hash identifier: /+SZWliSWXLaUnkLy/2pYB52fSUhFlyKgcIeVq8hEco=
Subject key identifier: 20:E2:FC:A8:80:E8:D0:47:8E:A2:1B:27:A6:51:BE:AC:4C:EE:1F:88
Certificate issuer: /CN=4225b570f46de5c6e8b2b64ed090ad1385dab731
Certificate serial: 0837832A
Authority key identifier: 42:25:B5:70:F4:6D:E5:C6:E8:B2:B6:4E:D0:90:AD:13:85:DA:B7:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QiW1cPRt5cbosrZO0JCtE4XatzE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/c34c99-18c8-41a2-874b-390b85394beb/1/IOL8qIDo0EeOohsnplG-rEzuH4g.roa
Signing time: Sat 01 Jan 2022 02:01:29 +0000
ROA not before: Sat 01 Jan 2022 02:01:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60377
IP address blocks: 45.13.4.0/22 maxlen: 22
45.13.5.0/24 maxlen: 24
145.40.128.0/18 maxlen: 18
2a0e:cb00::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 137855786 (0x837832a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4225b570f46de5c6e8b2b64ed090ad1385dab731
Validity
Not Before: Jan 1 02:01:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=20e2fca880e8d0478ea21b27a651beac4cee1f88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:fe:b1:4c:44:78:8c:1f:df:f4:fb:9b:3f:6c:
dc:7c:38:6b:ab:77:7c:45:c2:6d:d5:f7:e8:1d:f5:
fc:96:42:a2:50:ca:62:78:18:8e:1d:6b:dc:2c:76:
ac:ba:20:13:f3:cf:8a:4f:40:f6:f8:43:38:e0:75:
be:af:21:74:c9:1e:46:7f:04:cb:d2:23:4a:79:f7:
de:7a:7e:fe:21:9d:8b:db:4f:90:87:eb:b5:e5:4a:
53:ce:2d:96:f9:0f:80:06:95:a3:a1:91:bf:ad:62:
d1:4a:0e:08:df:92:47:f8:7d:32:fc:7e:19:7d:b1:
da:13:f2:86:c2:d1:e3:0e:d4:c8:90:59:fe:10:6a:
ee:2b:a0:46:9c:d1:fd:b4:6e:c6:fc:41:1a:ea:07:
8b:8d:40:dc:dc:4c:8b:d8:7b:10:b4:a1:00:4f:68:
fb:7a:99:91:c3:86:8c:66:50:ec:4f:8b:ca:7a:0d:
a8:a4:08:74:7a:bf:8a:b5:b7:55:8b:f6:c0:4c:f9:
2f:0e:f2:44:ea:09:19:3f:7b:37:77:ad:38:54:c3:
15:d9:89:0e:6c:0c:c3:35:0f:c9:ca:e9:fe:54:23:
6c:b5:28:5f:95:86:0c:72:79:92:25:97:0e:46:17:
43:89:36:7a:55:64:c3:ab:10:e8:37:c1:9a:d0:15:
5e:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:E2:FC:A8:80:E8:D0:47:8E:A2:1B:27:A6:51:BE:AC:4C:EE:1F:88
X509v3 Authority Key Identifier:
keyid:42:25:B5:70:F4:6D:E5:C6:E8:B2:B6:4E:D0:90:AD:13:85:DA:B7:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QiW1cPRt5cbosrZO0JCtE4XatzE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/c34c99-18c8-41a2-874b-390b85394beb/1/IOL8qIDo0EeOohsnplG-rEzuH4g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/c34c99-18c8-41a2-874b-390b85394beb/1/QiW1cPRt5cbosrZO0JCtE4XatzE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.4.0/22
145.40.128.0/18
IPv6:
2a0e:cb00::/29
Signature Algorithm: sha256WithRSAEncryption
75:ba:99:63:9e:d5:5c:f6:80:ff:64:e6:13:90:8c:20:b1:97:
00:8b:66:72:f6:51:90:da:f4:6d:1c:5b:06:aa:d8:b0:58:93:
96:8c:4b:83:22:e5:70:35:ae:4f:6f:dc:73:9d:ee:ad:7e:8a:
05:58:1f:28:35:62:1d:14:4e:7d:3b:29:69:99:cb:1a:07:1e:
a9:f1:75:5c:82:69:56:a2:93:4d:ba:aa:40:47:95:f3:e1:39:
54:e4:0a:24:b8:73:2f:eb:60:dd:21:dc:64:5e:a1:44:37:c9:
44:2c:a4:9c:45:0b:2b:c7:c5:04:a2:de:45:f3:56:94:9d:28:
38:a2:f7:98:e6:b7:f5:c2:4b:15:77:09:d8:37:0e:1b:a8:79:
f7:12:21:32:e1:be:a4:8a:1e:63:7b:88:6e:67:df:e7:b3:de:
4b:a4:11:b4:dc:dc:99:70:e5:13:28:8a:35:4e:03:e0:8e:18:
fb:52:87:db:2c:95:51:09:5e:70:f0:19:1a:bc:30:0a:87:a7:
66:b9:88:88:91:61:2c:2d:88:6a:d7:c3:3b:ef:9b:ee:23:de:
ce:5a:68:6d:0f:15:7b:f8:84:20:95:fd:3f:5d:df:92:b1:30:
b8:53:71:ec:b4:e1:c6:60:bf:28:b7:0f:88:ce:ef:e5:a8:d1:
1c:25:a1:16
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIECDeDKjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MjI1YjU3MGY0NmRlNWM2ZThiMmI2NGVkMDkwYWQxMzg1ZGFiNzMxMB4XDTIyMDEw
MTAyMDEyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjBlMmZjYTg4MGU4
ZDA0NzhlYTIxYjI3YTY1MWJlYWM0Y2VlMWY4ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALT+sUxEeIwf3/T7mz9s3Hw4a6t3fEXCbdX36B31/JZColDK
YngYjh1r3Cx2rLogE/PPik9A9vhDOOB1vq8hdMkeRn8Ey9IjSnn33np+/iGdi9tP
kIfrteVKU84tlvkPgAaVo6GRv61i0UoOCN+SR/h9Mvx+GX2x2hPyhsLR4w7UyJBZ
/hBq7iugRpzR/bRuxvxBGuoHi41A3NxMi9h7ELShAE9o+3qZkcOGjGZQ7E+LynoN
qKQIdHq/irW3VYv2wEz5Lw7yROoJGT97N3etOFTDFdmJDmwMwzUPycrp/lQjbLUo
X5WGDHJ5kiWXDkYXQ4k2elVkw6sQ6DfBmtAVXqcCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBQg4vyogOjQR46iGyemUb6sTO4fiDAfBgNVHSMEGDAWgBRCJbVw9G3lxuiy
tk7QkK0Thdq3MTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1FpVzFjUFJ0NWNib3NyWk8wSkN0RTRYYXR6RS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGUvYzM0Yzk5LTE4YzgtNDFhMi04NzRiLTM5MGI4NTM5NGJlYi8x
L0lPTDhxSURvMEVlT29oc25wbEctckV6dUg0Zy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGUv
YzM0Yzk5LTE4YzgtNDFhMi04NzRiLTM5MGI4NTM5NGJlYi8xL1FpVzFjUFJ0NWNi
b3NyWk8wSkN0RTRYYXR6RS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAi0NBAMEBpEogDANBAIAAjAHAwUD
Kg7LADANBgkqhkiG9w0BAQsFAAOCAQEAdbqZY57VXPaA/2TmE5CMILGXAItmcvZR
kNr0bRxbBqrYsFiTloxLgyLlcDWuT2/cc53urX6KBVgfKDViHRROfTspaZnLGgce
qfF1XIJpVqKTTbqqQEeV8+E5VOQKJLhzL+tg3SHcZF6hRDfJRCyknEULK8fFBKLe
RfNWlJ0oOKL3mOa39cJLFXcJ2DcOG6h59xIhMuG+pIoeY3uIbmff57PeS6QRtNzc
mXDlEyiKNU4D4I4Y+1KH2yyVUQlecPAZGrwwCoenZrmIiJFhLC2IatfDO++b7iPe
zlpobQ8Ve/iEIJX9P13fkrEwuFNx7LThxmC/KLcPiM7v5ajRHCWhFg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:24 2024 by rpki-client on console-ams.rpki-client.org