Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/cdc995-9a91-4ec1-aede-f6e0f7d17440/1/KAjW3QHdGl_VvXtFV-9zaS6zuH8.roa
File: KAjW3QHdGl_VvXtFV-9zaS6zuH8.roa (raw, json)
Hash identifier: /wc3tLmpJ6+jdv1ehuZtmLSx3lt6fOx60dWIgbWWsN4=
Subject key identifier: 28:08:D6:DD:01:DD:1A:5F:D5:BD:7B:45:57:EF:73:69:2E:B3:B8:7F
Certificate issuer: /CN=f9103893fc31e9d94d265aba90cc7dd57bc23767
Certificate serial: 01261310
Authority key identifier: F9:10:38:93:FC:31:E9:D9:4D:26:5A:BA:90:CC:7D:D5:7B:C2:37:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-RA4k_wx6dlNJlq6kMx91XvCN2c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/cdc995-9a91-4ec1-aede-f6e0f7d17440/1/KAjW3QHdGl_VvXtFV-9zaS6zuH8.roa
Signing time: Sat 01 Jan 2022 08:04:06 +0000
ROA not before: Sat 01 Jan 2022 08:04:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208897
IP address blocks: 45.15.132.0/22 maxlen: 22
45.15.132.0/24 maxlen: 24
45.15.134.0/24 maxlen: 24
45.15.135.0/24 maxlen: 24
45.15.133.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19272464 (0x1261310)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f9103893fc31e9d94d265aba90cc7dd57bc23767
Validity
Not Before: Jan 1 08:04:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2808d6dd01dd1a5fd5bd7b4557ef73692eb3b87f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:24:a1:95:43:26:76:e0:8a:a0:7a:c2:77:d1:
00:68:a4:07:28:31:f7:c0:4c:4d:a6:b2:ac:01:31:
6c:af:2e:6e:02:e6:23:f2:86:7c:42:5b:af:1e:16:
e0:69:5c:23:40:f5:cf:30:59:6d:8f:41:6d:fb:93:
51:ee:f1:2c:2d:10:51:ac:e5:da:64:3f:3d:44:f2:
32:e0:ee:11:98:f7:e5:4a:f1:f2:b4:45:bb:49:53:
2e:79:e0:38:8c:d1:6d:27:df:5a:ec:71:44:a2:d4:
b6:b9:4e:97:d3:f6:53:fa:aa:3d:c0:85:3e:ea:1e:
48:1a:81:23:66:98:36:2f:28:9c:8e:be:b3:29:98:
08:35:d8:d1:55:02:1f:fa:1f:da:34:c6:28:34:01:
25:6e:ff:c3:d0:db:29:e4:01:c5:81:e0:0c:4b:88:
ea:a4:dd:09:3b:36:69:6b:f6:0c:d0:e7:40:24:cc:
16:17:1a:31:50:63:73:31:a3:fb:4c:79:ae:ad:84:
94:7c:f4:3d:8b:90:bc:30:73:c2:3f:e8:10:6f:50:
e3:d8:4a:89:7b:33:c3:3b:01:5a:ff:1e:49:ea:b3:
83:27:24:75:eb:3c:a8:ae:49:03:28:68:1a:ac:e4:
21:a8:24:31:7b:04:a0:16:97:0e:31:df:75:35:4d:
d7:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:08:D6:DD:01:DD:1A:5F:D5:BD:7B:45:57:EF:73:69:2E:B3:B8:7F
X509v3 Authority Key Identifier:
keyid:F9:10:38:93:FC:31:E9:D9:4D:26:5A:BA:90:CC:7D:D5:7B:C2:37:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-RA4k_wx6dlNJlq6kMx91XvCN2c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/cdc995-9a91-4ec1-aede-f6e0f7d17440/1/KAjW3QHdGl_VvXtFV-9zaS6zuH8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/cdc995-9a91-4ec1-aede-f6e0f7d17440/1/1-RA4k_wx6dlNJlq6kMx91XvCN2c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.132.0/22
Signature Algorithm: sha256WithRSAEncryption
af:00:7d:88:a8:fa:1e:2d:9b:43:55:7e:65:00:61:cc:df:7a:
8d:74:64:c8:73:b8:da:6a:54:24:68:3f:48:8a:2c:8d:a0:6b:
d9:bf:60:fa:2a:71:db:ab:b6:c0:5a:90:28:ff:8c:57:3c:b7:
81:7d:29:dd:06:4a:9d:38:f6:9d:61:20:e4:98:fd:8c:07:35:
26:70:9e:60:02:f7:f4:3d:39:0d:f7:4e:21:bb:84:63:3b:ca:
51:dc:d2:e6:13:4d:50:76:5a:84:00:42:10:8e:0f:00:55:95:
c7:ac:05:96:2a:7b:3c:2b:e8:c5:90:b7:f9:32:01:05:d4:fe:
1b:6b:3a:94:5f:28:f5:b8:15:48:e3:6c:1e:4d:0d:7f:f8:1b:
23:3a:61:e0:ca:88:e4:0a:00:d6:2e:41:3f:76:ad:fa:5e:35:
b9:fa:ae:b3:1b:be:37:4e:dd:33:25:12:e8:82:15:8a:9f:00:
ad:26:be:64:bf:54:60:e4:0c:2e:c1:49:12:de:f9:9e:a3:19:
ff:03:e9:44:64:52:73:5c:23:8b:51:4b:ba:44:b9:d6:15:ed:
5e:30:e4:cb:35:ea:19:91:ea:67:ce:b4:48:ff:d3:d3:86:19:
f3:d1:e3:52:22:ed:6d:a5:8b:7e:7f:f5:2b:1d:65:75:c4:88:
0b:1f:ea:5d
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIEASYTEDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
OTEwMzg5M2ZjMzFlOWQ5NGQyNjVhYmE5MGNjN2RkNTdiYzIzNzY3MB4XDTIyMDEw
MTA4MDQwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjgwOGQ2ZGQwMWRk
MWE1ZmQ1YmQ3YjQ1NTdlZjczNjkyZWIzYjg3ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL0koZVDJnbgiqB6wnfRAGikBygx98BMTaayrAExbK8ubgLm
I/KGfEJbrx4W4GlcI0D1zzBZbY9BbfuTUe7xLC0QUazl2mQ/PUTyMuDuEZj35Urx
8rRFu0lTLnngOIzRbSffWuxxRKLUtrlOl9P2U/qqPcCFPuoeSBqBI2aYNi8onI6+
symYCDXY0VUCH/of2jTGKDQBJW7/w9DbKeQBxYHgDEuI6qTdCTs2aWv2DNDnQCTM
FhcaMVBjczGj+0x5rq2ElHz0PYuQvDBzwj/oEG9Q49hKiXszwzsBWv8eSeqzgyck
des8qK5JAyhoGqzkIagkMXsEoBaXDjHfdTVN190CAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBQoCNbdAd0aX9W9e0VX73NpLrO4fzAfBgNVHSMEGDAWgBT5EDiT/DHp2U0m
WrqQzH3Ve8I3ZzAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtUkE0a193eDZkbE5KbHE2a014OTFYdkNOMmMuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzk4L2NkYzk5NS05YTkxLTRlYzEtYWVkZS1mNmUwZjdkMTc0NDAv
MS9LQWpXM1FIZEdsX1Z2WHRGVi05emFTNnp1SDgucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzk4
L2NkYzk5NS05YTkxLTRlYzEtYWVkZS1mNmUwZjdkMTc0NDAvMS8xLVJBNGtfd3g2
ZGxOSmxxNmtNeDkxWHZDTjJjLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLQ+EMA0GCSqGSIb3DQEBCwUA
A4IBAQCvAH2IqPoeLZtDVX5lAGHM33qNdGTIc7jaalQkaD9IiiyNoGvZv2D6KnHb
q7bAWpAo/4xXPLeBfSndBkqdOPadYSDkmP2MBzUmcJ5gAvf0PTkN904hu4RjO8pR
3NLmE01QdlqEAEIQjg8AVZXHrAWWKns8K+jFkLf5MgEF1P4bazqUXyj1uBVI42we
TQ1/+BsjOmHgyojkCgDWLkE/dq36XjW5+q6zG743Tt0zJRLoghWKnwCtJr5kv1Rg
5AwuwUkS3vmeoxn/A+lEZFJzXCOLUUu6RLnWFe1eMOTLNeoZkepnzrRI/9PThhnz
0eNSIu1tpYt+f/UrHWV1xIgLH+pd
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:48 2023 by rpki-client on console-fra.rpki-client.org