Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/b2JRqaOoRTXALwgCTUIytC1KuQw.roa
File: b2JRqaOoRTXALwgCTUIytC1KuQw.roa (raw, json)
Hash identifier: WgZ23FOrg79fIYQL43XzxW1I6QAK5rjTMpUSMliiZ6w=
Subject key identifier: 6F:62:51:A9:A3:A8:45:35:C0:2F:08:02:4D:42:32:B4:2D:4A:B9:0C
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 0183B652E0BDF9D16FFC73A03920C5A56337
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/b2JRqaOoRTXALwgCTUIytC1KuQw.roa
Signing time: Sat 08 Oct 2022 06:40:28 +0000
ROA not before: Sat 08 Oct 2022 06:40:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212477
IP address blocks: 45.140.140.0/22 maxlen: 24
45.137.206.0/24 maxlen: 24
45.140.188.0/22 maxlen: 24
45.137.204.0/23 maxlen: 24
45.137.207.0/24 maxlen: 24
45.140.213.0/24 maxlen: 24
45.140.212.0/24 maxlen: 24
2a07:e345:100::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:b6:52:e0:bd:f9:d1:6f:fc:73:a0:39:20:c5:a5:63:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Oct 8 06:40:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6f6251a9a3a84535c02f08024d4232b42d4ab90c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:ed:be:b9:46:00:b0:a4:f5:7a:9a:d4:ff:47:
3c:bd:8e:d7:e3:35:bd:01:1d:4a:3f:d3:a3:0c:52:
b0:21:31:0b:4e:12:8f:fe:61:6a:51:67:3d:07:40:
43:4c:12:de:5f:97:e9:a3:f8:fd:5d:6c:f6:5f:d3:
af:6a:45:42:0e:63:3d:ff:94:10:5a:a9:54:d3:75:
94:3e:48:76:a2:01:72:a8:42:bf:22:6d:6a:30:c4:
5e:fc:98:b6:7b:3d:e5:75:fc:99:f9:50:64:f8:ef:
80:b6:c0:0a:45:43:bd:e0:4d:09:6e:eb:a7:fc:6d:
45:39:1a:90:92:50:f3:a7:98:ba:6e:86:f7:f1:9f:
72:18:a8:ac:1f:b9:74:2f:fe:2d:56:5c:4f:a2:3b:
0f:de:31:8b:c2:04:22:33:6b:3c:13:69:5d:31:14:
a3:4e:0f:fa:b1:72:ac:3e:a0:b0:57:a0:e7:9d:c1:
2f:64:fb:e9:61:fe:c1:4e:9e:f6:23:ef:aa:b8:c6:
78:c3:1c:d8:cc:83:cd:18:a0:2e:08:17:20:34:fb:
0c:93:ad:4e:ea:ac:de:18:14:c4:31:37:7c:49:92:
bb:56:b0:0e:f1:31:40:3d:8a:8d:96:55:d7:a2:f4:
9e:7d:d6:7d:d7:d8:39:a3:3c:2c:6c:c4:fd:66:3f:
84:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:62:51:A9:A3:A8:45:35:C0:2F:08:02:4D:42:32:B4:2D:4A:B9:0C
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/b2JRqaOoRTXALwgCTUIytC1KuQw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.204.0/22
45.140.140.0/22
45.140.188.0/22
45.140.212.0/23
IPv6:
2a07:e345:100::/40
Signature Algorithm: sha256WithRSAEncryption
06:aa:c6:5b:d8:88:41:f8:c7:65:7c:c8:57:ca:f5:0b:98:d0:
d7:9e:5b:f8:26:28:74:54:e7:1a:65:77:87:5a:59:6d:47:ca:
ad:cb:52:a4:96:fd:49:35:3b:c2:91:28:85:71:87:b4:66:b4:
df:08:2d:03:ec:ef:f0:24:ac:67:a2:40:23:fc:01:78:ad:c8:
22:8e:0e:9c:a2:5f:db:f5:7e:09:18:80:a1:2e:02:20:f7:42:
fd:21:42:84:52:09:c4:95:0c:f8:d8:af:f2:ea:13:78:61:2f:
e9:29:47:da:10:a4:dd:20:1c:e3:9b:94:2d:b4:e2:c4:29:8d:
01:00:e4:64:2e:7c:c4:bb:ff:a4:09:ab:e2:5c:82:0a:2b:e9:
f9:9e:d2:dd:72:1e:2f:8a:6e:1c:3f:96:11:23:93:43:62:4b:
91:59:f9:22:bd:e8:14:9a:34:06:80:59:50:97:c6:ea:b4:80:
80:a6:94:e8:d4:40:fc:02:e6:02:0e:f7:5a:90:5e:54:05:ee:
0f:08:32:8f:6d:5d:88:38:48:b1:f2:f7:ad:0a:2b:e1:81:fa:
91:9a:91:46:c9:79:1a:1a:34:bd:55:e1:15:9e:5b:17:da:3f:
7d:16:17:37:a2:df:2e:10:9a:fd:95:2d:fe:fd:63:55:f5:48:
df:c1:31:27
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYO2UuC9+dFv/HOgOSDFpWM3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjIxMDA4MDY0MDI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjYyNTFhOWEzYTg0NTM1YzAyZjA4MDI0ZDQyMzJiNDJkNGFiOTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiu2+uUYAsKT1eprU/0c8vY7X4zW9
AR1KP9OjDFKwITELThKP/mFqUWc9B0BDTBLeX5fpo/j9XWz2X9OvakVCDmM9/5QQ
WqlU03WUPkh2ogFyqEK/Im1qMMRe/Ji2ez3ldfyZ+VBk+O+AtsAKRUO94E0Jbuun
/G1FORqQklDzp5i6bob38Z9yGKisH7l0L/4tVlxPojsP3jGLwgQiM2s8E2ldMRSj
Tg/6sXKsPqCwV6DnncEvZPvpYf7BTp72I++quMZ4wxzYzIPNGKAuCBcgNPsMk61O
6qzeGBTEMTd8SZK7VrAO8TFAPYqNllXXovSefdZ919g5ozwsbMT9Zj+E6QIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFG9iUamjqEU1wC8IAk1CMrQtSrkMMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvYjJKUnFhT29SVFhBTHdnQ1RVSXl0QzFLdVF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAeBAIAATAYAwQCLYnMAwQC
LYyMAwQCLYy8AwQBLYzUMA4EAgACMAgDBgAqB+NFATANBgkqhkiG9w0BAQsFAAOC
AQEABqrGW9iIQfjHZXzIV8r1C5jQ155b+CYodFTnGmV3h1pZbUfKrctSpJb9STU7
wpEohXGHtGa03wgtA+zv8CSsZ6JAI/wBeK3IIo4OnKJf2/V+CRiAoS4CIPdC/SFC
hFIJxJUM+Niv8uoTeGEv6SlH2hCk3SAc45uULbTixCmNAQDkZC58xLv/pAmr4lyC
Civp+Z7S3XIeL4puHD+WESOTQ2JLkVn5Ir3oFJo0BoBZUJfG6rSAgKaU6NRA/ALm
Ag73WpBeVAXuDwgyj21diDhIsfL3rQor4YH6kZqRRsl5Gho0vVXhFZ5bF9o/fRYX
N6LfLhCa/ZUt/v1jVfVI38ExJw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:32 2023 by rpki-client on console-fra.rpki-client.org