Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/lYfKk0sOdQVZ1C7LMYU2x8CLkps.roa
File: lYfKk0sOdQVZ1C7LMYU2x8CLkps.roa (raw, json)
Hash identifier: hEMKO5uCobvmNcIAM/hmGJgRJIh5zSMsByd+BHAZTiU=
Subject key identifier: 95:87:CA:93:4B:0E:75:05:59:D4:2E:CB:31:85:36:C7:C0:8B:92:9B
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 0183F9DF0249D0389723E7159750876B0A1A
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/lYfKk0sOdQVZ1C7LMYU2x8CLkps.roa
Signing time: Fri 21 Oct 2022 09:28:05 +0000
ROA not before: Fri 21 Oct 2022 09:28:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 36351
IP address blocks: 45.145.248.0/24 maxlen: 24
45.128.198.0/24 maxlen: 24
2a0f:2740::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:f9:df:02:49:d0:38:97:23:e7:15:97:50:87:6b:0a:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Oct 21 09:28:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9587ca934b0e750559d42ecb318536c7c08b929b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:0f:de:d3:af:60:50:84:c6:06:09:29:3a:2f:
5c:12:de:1e:96:cb:00:50:45:13:69:8c:69:42:75:
3f:2c:b3:0e:f9:93:e1:fe:49:9b:6d:25:cd:83:ef:
e9:af:ef:bf:22:01:9d:25:7f:eb:e4:1d:73:9f:00:
02:4f:e0:a2:24:17:71:69:96:5e:88:31:9b:b9:e2:
74:ec:e0:f4:9a:12:78:a1:0a:e9:09:ac:93:05:4e:
b5:55:be:5f:82:2e:3f:3e:9e:2c:3e:20:b6:6a:bc:
de:00:b9:75:db:35:cf:93:54:d7:0d:00:98:5c:d4:
18:48:c4:f7:85:cb:31:ed:4a:7a:90:5b:e2:d4:12:
ac:0e:2f:37:45:2d:60:f9:0f:b4:94:bb:0d:e5:e2:
ed:3d:62:f1:b9:d5:ab:f0:c4:da:04:6f:c7:56:15:
4c:65:c0:d6:8e:da:79:77:f2:22:f1:f3:9d:6b:1f:
7a:8f:89:d2:35:7b:f5:50:dd:0f:c9:06:6a:14:8f:
15:e5:df:67:ec:51:9d:32:12:24:89:7f:45:d5:45:
f2:5f:64:cb:51:74:0d:e0:f6:b5:3a:a5:22:90:8f:
62:5d:01:64:38:1d:d8:a5:32:e7:69:fd:14:ce:87:
6e:70:0e:ae:b9:f8:bc:c9:e2:65:c8:e0:9a:87:0d:
49:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:87:CA:93:4B:0E:75:05:59:D4:2E:CB:31:85:36:C7:C0:8B:92:9B
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/lYfKk0sOdQVZ1C7LMYU2x8CLkps.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.198.0/24
45.145.248.0/24
IPv6:
2a0f:2740::/29
Signature Algorithm: sha256WithRSAEncryption
63:88:47:8f:0d:e2:b9:7c:ec:28:ae:b8:3c:f8:7c:63:a2:a1:
1d:a4:f0:11:01:60:c2:a6:81:11:68:b1:44:11:81:66:1d:8c:
e4:e1:52:36:8c:97:ca:9c:d2:52:be:e3:b8:10:b6:f5:ba:40:
fd:84:c8:90:4c:5f:0d:af:8e:e9:61:97:49:4e:a2:10:51:eb:
2d:9d:95:89:1d:5f:71:b4:b6:84:f0:2c:26:dc:3a:e9:bf:30:
b5:ce:d4:eb:86:22:55:f5:c8:39:e4:76:78:e5:8d:67:66:f9:
50:9e:de:64:08:49:d2:6d:ea:ea:9b:2b:30:af:10:2a:d0:16:
e5:f4:b5:b9:2c:d5:4e:5c:a2:c8:bd:13:06:d6:ea:5b:7b:90:
13:e3:55:df:75:70:a9:c6:14:9d:13:1d:48:83:33:b0:40:d8:
0e:69:dd:31:f9:23:c8:b6:d0:98:ea:57:c9:4e:cb:b4:59:50:
47:75:84:bd:a7:79:83:23:90:c4:e4:e6:6f:63:d3:0b:08:f2:
5c:dd:86:73:b9:7c:72:ff:cc:60:82:cf:cd:10:3b:76:34:80:
ff:63:68:25:48:db:96:8d:c4:48:7f:98:5b:69:d7:ac:00:fb:
5c:5d:1b:b5:db:03:12:56:2f:84:ee:73:7c:80:31:d6:cf:45:
b5:2f:e1:60
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYP53wJJ0DiXI+cVl1CHawoaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjIxMDIxMDkyODA1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTg3Y2E5MzRiMGU3NTA1NTlkNDJlY2IzMTg1MzZjN2MwOGI5MjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjg/e069gUITGBgkpOi9cEt4elssA
UEUTaYxpQnU/LLMO+ZPh/kmbbSXNg+/pr++/IgGdJX/r5B1znwACT+CiJBdxaZZe
iDGbueJ07OD0mhJ4oQrpCayTBU61Vb5fgi4/Pp4sPiC2arzeALl12zXPk1TXDQCY
XNQYSMT3hcsx7Up6kFvi1BKsDi83RS1g+Q+0lLsN5eLtPWLxudWr8MTaBG/HVhVM
ZcDWjtp5d/Ii8fOdax96j4nSNXv1UN0PyQZqFI8V5d9n7FGdMhIkiX9F1UXyX2TL
UXQN4Pa1OqUikI9iXQFkOB3YpTLnaf0UzoducA6uufi8yeJlyOCahw1JZQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJWHypNLDnUFWdQuyzGFNsfAi5KbMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvbFlmS2swc09kUVZaMUM3TE1ZVTJ4OENMa3BzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQALYDGAwQA
LZH4MA0EAgACMAcDBQMqDydAMA0GCSqGSIb3DQEBCwUAA4IBAQBjiEePDeK5fOwo
rrg8+HxjoqEdpPARAWDCpoERaLFEEYFmHYzk4VI2jJfKnNJSvuO4ELb1ukD9hMiQ
TF8Nr47pYZdJTqIQUestnZWJHV9xtLaE8Cwm3DrpvzC1ztTrhiJV9cg55HZ45Y1n
ZvlQnt5kCEnSberqmyswrxAq0Bbl9LW5LNVOXKLIvRMG1upbe5AT41XfdXCpxhSd
Ex1IgzOwQNgOad0x+SPIttCY6lfJTsu0WVBHdYS9p3mDI5DE5OZvY9MLCPJc3YZz
uXxy/8xggs/NEDt2NID/Y2glSNuWjcRIf5hbadesAPtcXRu12wMSVi+E7nN8gDHW
z0W1L+Fg
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:33 2023 by rpki-client on console-fra.rpki-client.org