Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/w3KhexaHoo5lui0FxENUhld_rf0.roa
File: w3KhexaHoo5lui0FxENUhld_rf0.roa (raw, json)
Hash identifier: CF1gak9IJfhA21IRlA2vC081otJkP95jobz+k97sF+A=
Subject key identifier: C3:72:A1:7B:16:87:A2:8E:65:BA:2D:05:C4:43:54:86:57:7F:AD:FD
Certificate issuer: /CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Certificate serial: 08944CD5
Authority key identifier: 44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/w3KhexaHoo5lui0FxENUhld_rf0.roa
Signing time: Mon 21 Mar 2022 13:15:34 +0000
ROA not before: Mon 21 Mar 2022 13:15:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207651
IP address blocks: 45.10.41.0/24 maxlen: 24
45.10.42.0/24 maxlen: 24
45.10.43.0/24 maxlen: 24
45.10.40.0/24 maxlen: 24
88.218.168.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 143936725 (0x8944cd5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Validity
Not Before: Mar 21 13:15:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c372a17b1687a28e65ba2d05c4435486577fadfd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:ff:d3:64:77:dd:12:9a:ba:21:3f:b9:b8:5b:
34:34:40:a4:05:7d:af:7a:40:68:b0:bf:7f:9e:79:
f6:5e:47:61:4d:58:d6:5c:48:e9:4e:f7:0a:68:fa:
ba:a3:1d:e8:11:8e:f7:14:e6:68:86:81:28:5c:ab:
53:95:52:3c:d1:64:7a:8e:f9:4c:16:d8:8a:96:15:
c9:f6:f2:1c:ff:a4:e5:47:82:d9:d8:6c:d0:ed:b1:
ab:d3:f9:b7:97:55:63:7c:56:d8:19:0e:b0:7a:c8:
f2:52:28:ea:cd:cb:9b:0d:4e:0f:f2:2e:7e:f5:c6:
08:29:55:5f:62:92:3e:97:31:0d:d4:3a:61:e8:cf:
0e:4f:1c:34:2b:96:4a:e8:cf:0d:80:3d:83:0d:e7:
3c:c9:d7:72:98:bd:6e:f8:44:24:2f:ef:03:30:20:
2a:a7:64:36:3f:e4:6c:3d:c8:d1:a2:1e:eb:04:36:
d5:49:69:e1:b0:4e:0d:a2:43:cd:93:ff:56:59:e6:
eb:5f:e2:69:26:e1:5e:ff:e6:eb:26:b3:e6:9d:78:
8e:67:28:75:21:fb:73:79:93:7b:76:c8:1b:1f:f9:
c0:57:e8:c4:bf:e7:83:c6:66:ae:20:e3:76:4d:4b:
77:0f:76:36:60:87:b6:a7:6c:19:c1:33:9f:73:6c:
44:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:72:A1:7B:16:87:A2:8E:65:BA:2D:05:C4:43:54:86:57:7F:AD:FD
X509v3 Authority Key Identifier:
keyid:44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/w3KhexaHoo5lui0FxENUhld_rf0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.40.0/22
88.218.168.0/22
Signature Algorithm: sha256WithRSAEncryption
35:bc:e3:b4:a9:7f:98:27:59:ec:f3:df:66:48:02:40:58:f8:
a4:74:1e:46:2a:30:43:73:e6:15:28:d7:21:9b:b0:5c:c5:99:
72:e7:b8:df:de:87:f7:84:b3:4d:a4:5c:23:e2:3c:e1:7e:56:
9c:46:c7:29:53:96:46:e2:24:f3:23:56:81:30:12:42:ab:d6:
d1:c9:b3:a6:46:8d:24:7c:aa:a3:2c:e7:c4:e4:24:b3:39:8d:
0f:d4:43:e0:3d:b6:f3:8d:c2:cb:ce:5c:24:fa:41:3b:7f:44:
a0:40:29:35:c4:ac:2a:3f:65:1c:2e:b1:42:ca:5e:9c:bf:89:
b9:6b:87:16:e3:a6:b6:62:da:d1:be:0e:7a:86:6e:9b:28:37:
6b:9e:09:fe:49:d7:bc:64:50:4f:d9:05:68:b8:98:29:48:aa:
a8:48:64:26:1c:91:b5:94:3f:ce:42:31:ce:9c:35:21:32:73:
51:54:24:50:f4:17:2d:29:b9:32:c5:85:b5:30:19:a3:b4:fb:
04:0d:0b:56:fc:63:89:fb:54:dd:e9:f9:de:fe:f8:40:46:de:
e0:be:53:97:92:ca:e7:e5:1c:2a:44:e3:2b:7f:60:e1:1c:d2:
9a:37:3b:45:c0:b2:b5:21:bd:ef:6e:af:cd:ee:74:43:ad:47:
44:8c:24:e1
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIECJRM1TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
NDU5ZWMyYTVmZDUzOTA5YzUyMzlmNGNjOGQ2ZDMyOWEyNzc5YmIxMB4XDTIyMDMy
MTEzMTUzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzM3MmExN2IxNjg3
YTI4ZTY1YmEyZDA1YzQ0MzU0ODY1NzdmYWRmZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALL/02R33RKauiE/ubhbNDRApAV9r3pAaLC/f5559l5HYU1Y
1lxI6U73Cmj6uqMd6BGO9xTmaIaBKFyrU5VSPNFkeo75TBbYipYVyfbyHP+k5UeC
2dhs0O2xq9P5t5dVY3xW2BkOsHrI8lIo6s3Lmw1OD/IufvXGCClVX2KSPpcxDdQ6
YejPDk8cNCuWSujPDYA9gw3nPMnXcpi9bvhEJC/vAzAgKqdkNj/kbD3I0aIe6wQ2
1Ulp4bBODaJDzZP/Vlnm61/iaSbhXv/m6yaz5p14jmcodSH7c3mTe3bIGx/5wFfo
xL/ng8ZmriDjdk1Ldw92NmCHtqdsGcEzn3NsRJECAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTDcqF7FoeijmW6LQXEQ1SGV3+t/TAfBgNVHSMEGDAWgBREWewqX9U5CcUj
n0zI1tMponebsTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1JGbnNLbF9WT1FuRkk1OU15TmJUS2FKM203RS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTcvZjBhZTYyLWMxMDctNDNjZS1hOGE5LTZiNDM3MjYwMjA5Ni8x
L3czS2hleGFIb281bHVpMEZ4RU5VaGxkX3JmMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTcv
ZjBhZTYyLWMxMDctNDNjZS1hOGE5LTZiNDM3MjYwMjA5Ni8xL1JGbnNLbF9WT1Fu
Rkk1OU15TmJUS2FKM203RS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAi0KKAMEAljaqDANBgkqhkiG9w0B
AQsFAAOCAQEANbzjtKl/mCdZ7PPfZkgCQFj4pHQeRiowQ3PmFSjXIZuwXMWZcue4
396H94SzTaRcI+I84X5WnEbHKVOWRuIk8yNWgTASQqvW0cmzpkaNJHyqoyznxOQk
szmND9RD4D22843Cy85cJPpBO39EoEApNcSsKj9lHC6xQspenL+JuWuHFuOmtmLa
0b4OeoZumyg3a54J/knXvGRQT9kFaLiYKUiqqEhkJhyRtZQ/zkIxzpw1ITJzUVQk
UPQXLSm5MsWFtTAZo7T7BA0LVvxjiftU3en53v74QEbe4L5Tl5LK5+UcKkTjK39g
4RzSmjc7RcCytSG9726vze50Q61HRIwk4Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:59 2024 by rpki-client on console-ams.rpki-client.org