Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/exiWUxUm3yA93HvUxesmVEYEgpo.roa
File: exiWUxUm3yA93HvUxesmVEYEgpo.roa (raw, json)
Hash identifier: 2cKEcNagWA/KhXag1WvRbWUofc/qHLo4+4J7m2QIkKo=
Subject key identifier: 7B:18:96:53:15:26:DF:20:3D:DC:7B:D4:C5:EB:26:54:46:04:82:9A
Certificate issuer: /CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Certificate serial: 018408C04FABD53884B2B6B6BD97D3561C6D
Authority key identifier: 44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/exiWUxUm3yA93HvUxesmVEYEgpo.roa
Signing time: Mon 24 Oct 2022 06:48:51 +0000
ROA not before: Mon 24 Oct 2022 06:48:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204916
IP address blocks: 84.54.36.0/24 maxlen: 24
45.151.136.0/22 maxlen: 22
83.171.240.0/24 maxlen: 24
83.171.240.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:08:c0:4f:ab:d5:38:84:b2:b6:b6:bd:97:d3:56:1c:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Validity
Not Before: Oct 24 06:48:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7b1896531526df203ddc7bd4c5eb26544604829a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:4d:40:36:0a:f3:ed:1f:c1:dc:f8:b9:5e:26:
db:e6:2c:5c:11:2a:9d:aa:e1:36:23:50:8a:f8:d0:
d4:82:a4:78:4d:3e:2e:82:e7:c4:de:fc:22:39:ec:
16:79:5e:16:25:4d:b5:8f:3e:ef:dd:ba:ce:22:3a:
8b:a9:2f:db:93:23:6d:e5:e5:72:af:63:e9:e9:25:
c9:c7:50:bf:b3:5a:93:7f:8d:0a:50:39:1b:1d:a5:
fa:31:66:d8:a7:7a:ad:f5:04:7d:07:28:73:b1:85:
2d:a7:3e:0b:59:12:fe:62:6c:8d:51:66:52:8f:56:
d7:fb:a6:c8:d3:f0:b1:b0:a6:cc:c0:15:29:db:56:
46:5a:af:78:bf:67:d9:df:13:5f:2d:11:ec:7c:59:
89:a4:28:fd:d6:2f:86:ea:ce:86:49:4a:33:6f:93:
fa:af:79:83:39:40:68:4f:30:d8:55:32:21:c6:a3:
7d:c9:c3:2f:cc:f9:69:ee:20:fd:4b:8d:b8:fe:23:
57:17:be:6b:7d:25:ea:30:2d:b4:89:d7:e4:53:c7:
67:23:12:dc:68:bd:ef:dc:42:01:8e:81:50:82:1a:
a3:56:74:1f:8a:7d:a3:03:67:3d:36:86:5f:df:69:
10:97:a1:dd:7f:30:9b:36:02:20:d1:02:c6:0a:46:
8b:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:18:96:53:15:26:DF:20:3D:DC:7B:D4:C5:EB:26:54:46:04:82:9A
X509v3 Authority Key Identifier:
keyid:44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/exiWUxUm3yA93HvUxesmVEYEgpo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.136.0/22
83.171.240.0/22
84.54.36.0/24
Signature Algorithm: sha256WithRSAEncryption
50:52:c6:44:48:44:9e:15:f5:30:b1:ac:d9:15:02:18:26:5c:
59:5a:8c:ec:57:f7:0a:99:4b:3e:3f:e4:df:34:41:5d:43:8a:
3c:ab:9c:e7:8b:d4:9f:01:d7:e6:55:5b:0a:1c:85:ee:4e:cd:
82:3d:f5:1d:2a:84:79:3a:a4:b0:74:6e:6a:b2:2e:e6:92:56:
9d:ec:da:9f:5c:db:bf:c2:c0:6d:bb:2d:07:97:91:2b:f1:9b:
a1:24:7e:17:a7:51:4f:d7:1b:a1:38:e4:0d:67:95:5e:87:4b:
d6:fd:e9:35:ff:28:46:f9:fa:3b:91:f3:d2:7d:a7:5f:7a:d5:
97:24:cd:b6:11:f2:f7:d0:65:8d:57:64:e5:5b:31:54:18:85:
f2:99:ca:f0:f6:6d:e3:69:db:c9:65:4e:75:7d:d0:2a:5b:30:
01:06:80:6d:33:11:b4:e7:b4:cf:54:30:90:36:b2:2d:46:f9:
c2:4a:dc:ae:bf:8d:ff:51:13:43:a7:7a:93:c1:6c:c4:26:d4:
83:d6:d6:99:58:45:5a:13:f1:78:9e:cc:60:7c:64:bd:ac:71:
a3:36:c0:2b:43:42:f7:3b:6e:d9:c4:63:e3:e2:ca:f3:a3:21:
25:09:08:96:95:e2:ef:79:87:2e:de:a0:fa:c1:93:f3:31:a3:
0e:bf:6c:1d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYQIwE+r1TiEsra2vZfTVhxtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTllYzJhNWZkNTM5MDljNTIzOWY0Y2M4ZDZkMzI5YTI3
NzliYjEwHhcNMjIxMDI0MDY0ODUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjE4OTY1MzE1MjZkZjIwM2RkYzdiZDRjNWViMjY1NDQ2MDQ4MjlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApE1ANgrz7R/B3Pi5Xibb5ixcESqd
quE2I1CK+NDUgqR4TT4ugufE3vwiOewWeV4WJU21jz7v3brOIjqLqS/bkyNt5eVy
r2Pp6SXJx1C/s1qTf40KUDkbHaX6MWbYp3qt9QR9ByhzsYUtpz4LWRL+YmyNUWZS
j1bX+6bI0/CxsKbMwBUp21ZGWq94v2fZ3xNfLRHsfFmJpCj91i+G6s6GSUozb5P6
r3mDOUBoTzDYVTIhxqN9ycMvzPlp7iD9S424/iNXF75rfSXqMC20idfkU8dnIxLc
aL3v3EIBjoFQghqjVnQfin2jA2c9NoZf32kQl6HdfzCbNgIg0QLGCkaLGQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHsYllMVJt8gPdx71MXrJlRGBIKaMB8GA1UdIwQY
MBaAFERZ7Cpf1TkJxSOfTMjW0ymid5uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTkt
NmI0MzcyNjAyMDk2LzEvZXhpV1V4VW0zeUE5M0h2VXhlc21WRVlFZ3BvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTktNmI0MzcyNjAyMDk2
LzEvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLZeIAwQC
U6vwAwQAVDYkMA0GCSqGSIb3DQEBCwUAA4IBAQBQUsZESESeFfUwsazZFQIYJlxZ
WozsV/cKmUs+P+TfNEFdQ4o8q5zni9SfAdfmVVsKHIXuTs2CPfUdKoR5OqSwdG5q
si7mklad7NqfXNu/wsBtuy0Hl5Er8ZuhJH4Xp1FP1xuhOOQNZ5Veh0vW/ek1/yhG
+fo7kfPSfadfetWXJM22EfL30GWNV2TlWzFUGIXymcrw9m3jadvJZU51fdAqWzAB
BoBtMxG057TPVDCQNrItRvnCStyuv43/URNDp3qTwWzEJtSD1taZWEVaE/F4nsxg
fGS9rHGjNsArQ0L3O27ZxGPj4srzoyElCQiWleLveYcu3qD6wZPzMaMOv2wd
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:58 2024 by rpki-client on console-ams.rpki-client.org