Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/212dd2-da8d-4048-916a-45a8fed3a2a5/1/lOMeWzPcw2gnV2Rzh4mqg9D7hSw.roa
File: lOMeWzPcw2gnV2Rzh4mqg9D7hSw.roa (raw, json)
Hash identifier: C1L3kE5yMw8ajkMnjcP52g+kJP0hoM/ECiec7rUlSm0=
Subject key identifier: 94:E3:1E:5B:33:DC:C3:68:27:57:64:73:87:89:AA:83:D0:FB:85:2C
Certificate issuer: /CN=a6562d0869480dc11b74a552cd167b6f6339c8ba
Certificate serial: 0184DBB6002CFE2BD24C8D99C08E0F43E6C5
Authority key identifier: A6:56:2D:08:69:48:0D:C1:1B:74:A5:52:CD:16:7B:6F:63:39:C8:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/plYtCGlIDcEbdKVSzRZ7b2M5yLo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/212dd2-da8d-4048-916a-45a8fed3a2a5/1/lOMeWzPcw2gnV2Rzh4mqg9D7hSw.roa
Signing time: Sun 04 Dec 2022 05:57:28 +0000
ROA not before: Sun 04 Dec 2022 05:57:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202945
IP address blocks: 45.154.60.0/24 maxlen: 24
2a0f:b100:2::/48 maxlen: 48
2a0f:b100:5::/48 maxlen: 48
2a0f:b100::/44 maxlen: 44
2a0f:b100:4::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:db:b6:00:2c:fe:2b:d2:4c:8d:99:c0:8e:0f:43:e6:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a6562d0869480dc11b74a552cd167b6f6339c8ba
Validity
Not Before: Dec 4 05:57:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=94e31e5b33dcc368275764738789aa83d0fb852c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:7e:9f:c3:e7:ae:9c:2a:8f:58:98:3a:4b:73:
45:35:29:55:3c:8e:b8:ad:45:90:18:0d:d4:c7:97:
0a:bb:c6:82:6b:62:79:73:c1:7a:74:ef:4e:8a:04:
70:1c:1c:70:48:f1:8a:8e:83:ea:98:41:b5:ab:51:
b1:2f:43:15:d1:b6:ef:b3:10:ba:7b:7c:ec:33:5c:
59:0f:90:d6:33:ed:f0:29:52:0d:bb:5a:7a:5c:e6:
94:10:4a:5a:06:16:1a:08:26:fb:fe:13:8c:eb:d2:
ad:82:77:8e:a6:4f:d8:3d:6c:01:4d:7d:06:84:78:
12:d3:7c:b7:35:ad:06:41:33:62:74:3a:62:4c:90:
10:a8:c2:bb:cc:bd:e6:eb:7a:fb:c9:28:67:47:44:
88:8e:67:5b:35:54:53:9f:45:54:e5:c1:ff:80:8e:
98:c7:66:d9:d6:35:78:7e:da:9d:bb:c6:eb:8c:3f:
d7:31:00:03:0e:93:2a:33:45:c0:09:9c:e0:06:23:
6d:f9:5e:ee:03:f0:16:b7:79:a0:e1:67:15:ea:70:
c7:5a:f7:e5:f3:00:e0:ab:9a:49:ac:69:90:71:c3:
95:ba:ce:f6:6b:4e:60:0f:a1:79:55:45:92:c5:67:
6d:32:01:3f:3d:a5:be:f4:36:78:4a:c4:7c:43:a4:
ab:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:E3:1E:5B:33:DC:C3:68:27:57:64:73:87:89:AA:83:D0:FB:85:2C
X509v3 Authority Key Identifier:
keyid:A6:56:2D:08:69:48:0D:C1:1B:74:A5:52:CD:16:7B:6F:63:39:C8:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/plYtCGlIDcEbdKVSzRZ7b2M5yLo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/212dd2-da8d-4048-916a-45a8fed3a2a5/1/lOMeWzPcw2gnV2Rzh4mqg9D7hSw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/212dd2-da8d-4048-916a-45a8fed3a2a5/1/plYtCGlIDcEbdKVSzRZ7b2M5yLo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.60.0/24
IPv6:
2a0f:b100::/44
Signature Algorithm: sha256WithRSAEncryption
5e:94:6e:49:b9:40:27:ba:61:d1:49:6d:02:29:58:2c:89:9c:
98:0a:d8:c7:42:ad:d0:3d:08:e4:da:71:b4:e8:a7:d0:67:5f:
b8:52:ce:63:34:82:fb:b1:c0:8b:c4:0a:9e:ff:e2:02:3f:9e:
a6:4a:eb:46:9f:9b:65:eb:40:7b:eb:f5:39:42:2c:26:b1:c3:
55:0b:4d:4b:be:f4:c2:10:27:d1:ea:d6:f6:2e:2a:f7:89:24:
00:77:d1:b4:9d:f9:4d:e3:3d:83:a4:1b:d9:65:1e:9a:e5:f5:
2e:35:fd:6f:ce:26:7f:3a:d8:56:f2:d6:a3:96:d3:ab:d3:b9:
2c:e3:2d:84:6e:cd:09:20:8c:d1:73:e2:03:c6:3d:50:ef:a1:
d1:0c:1b:c5:f2:d2:20:92:93:5c:3b:c9:61:be:f8:70:64:3d:
b0:f7:dc:7a:a0:35:7c:56:61:36:49:7a:ee:92:9e:b0:15:e3:
b7:ab:ab:18:a8:d5:ba:80:a0:9d:eb:45:3a:a9:18:d4:85:36:
c7:73:6d:18:ef:17:fe:1b:d9:47:ad:d8:d3:aa:a8:3a:0b:ce:
1f:70:8b:03:3e:2d:74:ad:e6:b0:6e:8f:55:e2:2a:be:ac:4d:
1f:32:f7:94:cd:3a:91:bc:00:92:b7:d3:06:41:d2:2a:e0:f2:
5c:14:cd:b1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYTbtgAs/ivSTI2ZwI4PQ+bFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2NTYyZDA4Njk0ODBkYzExYjc0YTU1MmNkMTY3YjZmNjMz
OWM4YmEwHhcNMjIxMjA0MDU1NzI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGUzMWU1YjMzZGNjMzY4Mjc1NzY0NzM4Nzg5YWE4M2QwZmI4NTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvn6fw+eunCqPWJg6S3NFNSlVPI64
rUWQGA3Ux5cKu8aCa2J5c8F6dO9OigRwHBxwSPGKjoPqmEG1q1GxL0MV0bbvsxC6
e3zsM1xZD5DWM+3wKVINu1p6XOaUEEpaBhYaCCb7/hOM69KtgneOpk/YPWwBTX0G
hHgS03y3Na0GQTNidDpiTJAQqMK7zL3m63r7yShnR0SIjmdbNVRTn0VU5cH/gI6Y
x2bZ1jV4ftqdu8brjD/XMQADDpMqM0XACZzgBiNt+V7uA/AWt3mg4WcV6nDHWvfl
8wDgq5pJrGmQccOVus72a05gD6F5VUWSxWdtMgE/PaW+9DZ4SsR8Q6SrDQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJTjHlsz3MNoJ1dkc4eJqoPQ+4UsMB8GA1UdIwQY
MBaAFKZWLQhpSA3BG3SlUs0We29jOci6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGxZdENHbElEY0ViZEtWU3pSWjdiMk01eUxvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8yMTJkZDItZGE4ZC00MDQ4LTkxNmEt
NDVhOGZlZDNhMmE1LzEvbE9NZVd6UGN3MmduVjJSemg0bXFnOUQ3aFN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8yMTJkZDItZGE4ZC00MDQ4LTkxNmEtNDVhOGZlZDNhMmE1
LzEvcGxZdENHbElEY0ViZEtWU3pSWjdiMk01eUxvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQALZo8MA8E
AgACMAkDBwQqD7EAAAAwDQYJKoZIhvcNAQELBQADggEBAF6Ubkm5QCe6YdFJbQIp
WCyJnJgK2MdCrdA9COTacbTop9BnX7hSzmM0gvuxwIvECp7/4gI/nqZK60afm2Xr
QHvr9TlCLCaxw1ULTUu+9MIQJ9Hq1vYuKveJJAB30bSd+U3jPYOkG9llHprl9S41
/W/OJn862Fby1qOW06vTuSzjLYRuzQkgjNFz4gPGPVDvodEMG8Xy0iCSk1w7yWG+
+HBkPbD33HqgNXxWYTZJeu6SnrAV47erqxio1bqAoJ3rRTqpGNSFNsdzbRjvF/4b
2Uet2NOqqDoLzh9wiwM+LXSt5rBuj1XiKr6sTR8y95TNOpG8AJK30wZB0irg8lwU
zbE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:50 2024 by rpki-client on console-ams.rpki-client.org