Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/45c689-afaa-4da3-a942-93194eb6108d/1/i-iTCQ-817JnxwHEaJWp1jwjHic.roa
File: i-iTCQ-817JnxwHEaJWp1jwjHic.roa (raw, json)
Hash identifier: j1m1utsv5l8q8xJbLcotVX6dXK6gx1A3hhUE4V3YQ7A=
Subject key identifier: 8B:E8:93:09:0F:BC:D7:B2:67:C7:01:C4:68:95:A9:D6:3C:23:1E:27
Certificate issuer: /CN=6e6d7bcabfcc308d420053c482a0d59fb1282e30
Certificate serial: 0183AD71199E9EB2EB9A2D0B9ED605DDA35D
Authority key identifier: 6E:6D:7B:CA:BF:CC:30:8D:42:00:53:C4:82:A0:D5:9F:B1:28:2E:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bm17yr_MMI1CAFPEgqDVn7EoLjA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/45c689-afaa-4da3-a942-93194eb6108d/1/i-iTCQ-817JnxwHEaJWp1jwjHic.roa
Signing time: Thu 06 Oct 2022 13:16:53 +0000
ROA not before: Thu 06 Oct 2022 13:16:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 0
IP address blocks: 145.219.64.0/18 maxlen: 18
145.219.0.0/21 maxlen: 21
145.219.18.0/23 maxlen: 23
145.219.20.0/22 maxlen: 22
145.219.128.0/17 maxlen: 17
145.219.24.0/21 maxlen: 21
193.176.255.0/24 maxlen: 24
145.219.32.0/19 maxlen: 19
2a04:b0c4::/30 maxlen: 30
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:ad:71:19:9e:9e:b2:eb:9a:2d:0b:9e:d6:05:dd:a3:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e6d7bcabfcc308d420053c482a0d59fb1282e30
Validity
Not Before: Oct 6 13:16:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8be893090fbcd7b267c701c46895a9d63c231e27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:9d:40:56:7e:42:b3:74:48:a1:a1:b8:a0:77:
f1:bc:67:b3:52:1e:60:73:b8:05:51:f9:5e:68:44:
a5:a4:dd:c6:31:6e:92:06:73:e3:3e:b4:a2:9b:fd:
51:c4:6b:74:e4:1d:97:5c:27:b9:dd:13:36:34:34:
b4:d7:37:9c:03:cf:c0:9a:9f:2f:5a:37:9b:43:61:
01:d6:04:df:66:4c:e3:ac:d5:0a:c4:5b:b9:e6:ce:
5a:50:e6:8b:0e:ea:df:25:a2:ba:7c:76:83:bd:10:
d2:4d:44:cc:26:45:12:06:84:1c:a1:51:fe:6b:9a:
30:c9:a9:3f:64:24:c2:92:b8:6b:84:74:ad:83:09:
42:7a:c2:85:f0:5c:81:b6:87:91:85:bc:d3:73:14:
47:50:5a:b4:21:69:9c:8b:a1:18:ca:49:9a:8d:7d:
1c:49:49:45:3e:a3:6d:c6:ae:d8:6d:b9:73:ed:29:
ab:b8:cf:03:d6:db:f9:fc:7d:e8:0e:a8:53:70:38:
55:13:5e:f8:16:f6:ed:1f:e2:dd:07:78:f8:f5:9c:
ab:f4:8e:91:10:b2:a4:af:3a:8c:ea:86:b5:be:a9:
56:67:a1:08:b4:68:78:b9:ed:93:81:67:09:d6:15:
c5:4f:8c:20:9e:c7:80:44:9c:7e:9a:8b:5d:33:8e:
23:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:E8:93:09:0F:BC:D7:B2:67:C7:01:C4:68:95:A9:D6:3C:23:1E:27
X509v3 Authority Key Identifier:
keyid:6E:6D:7B:CA:BF:CC:30:8D:42:00:53:C4:82:A0:D5:9F:B1:28:2E:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bm17yr_MMI1CAFPEgqDVn7EoLjA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/45c689-afaa-4da3-a942-93194eb6108d/1/i-iTCQ-817JnxwHEaJWp1jwjHic.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/45c689-afaa-4da3-a942-93194eb6108d/1/bm17yr_MMI1CAFPEgqDVn7EoLjA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.219.0.0/21
145.219.18.0-145.219.255.255
193.176.255.0/24
IPv6:
2a04:b0c4::/30
Signature Algorithm: sha256WithRSAEncryption
82:21:9e:5e:99:1f:56:e9:e8:87:d0:40:da:cb:17:08:28:a5:
57:4c:d9:5d:25:ba:49:55:18:4a:7e:07:aa:92:92:ae:0d:7e:
61:11:d4:0c:79:e3:40:37:8e:8b:e5:83:fd:aa:12:96:56:c1:
48:ab:b8:c0:b6:d7:1d:13:bc:0a:9c:30:13:33:dd:62:b9:e2:
cb:01:9a:af:75:e9:25:e3:b0:ab:ee:10:e7:80:88:e3:70:1f:
b9:92:c3:51:8a:70:18:ba:67:3f:ae:e9:0d:fb:69:60:eb:93:
09:1b:b8:51:56:ab:31:5a:fe:c9:96:a0:81:a9:9f:a5:63:17:
83:e6:6d:b4:f2:2e:de:70:e4:30:ae:29:80:9a:f8:27:4c:69:
90:06:74:e7:65:94:99:71:df:dc:06:38:9b:c6:11:aa:d5:c4:
98:93:9f:d5:b3:ce:51:07:02:c3:f0:d9:ac:f8:10:37:39:38:
ee:82:f1:4c:67:21:51:a0:51:2c:d6:df:42:ce:0c:cf:c7:8b:
10:ba:06:a4:58:1e:b8:d1:c9:c4:8c:34:27:5c:22:1a:89:e8:
35:fd:10:b5:ce:6d:0d:8c:8c:33:6c:50:2e:35:ea:0a:e1:cf:
0d:da:b9:9d:58:92:cf:cb:ce:bf:6b:1e:64:ed:b2:6e:f9:a1:
e4:bb:83:32
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYOtcRmenrLrmi0LntYF3aNdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlNmQ3YmNhYmZjYzMwOGQ0MjAwNTNjNDgyYTBkNTlmYjEy
ODJlMzAwHhcNMjIxMDA2MTMxNjUzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmU4OTMwOTBmYmNkN2IyNjdjNzAxYzQ2ODk1YTlkNjNjMjMxZTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl51AVn5Cs3RIoaG4oHfxvGezUh5g
c7gFUfleaESlpN3GMW6SBnPjPrSim/1RxGt05B2XXCe53RM2NDS01zecA8/Amp8v
WjebQ2EB1gTfZkzjrNUKxFu55s5aUOaLDurfJaK6fHaDvRDSTUTMJkUSBoQcoVH+
a5owyak/ZCTCkrhrhHStgwlCesKF8FyBtoeRhbzTcxRHUFq0IWmci6EYykmajX0c
SUlFPqNtxq7Ybblz7SmruM8D1tv5/H3oDqhTcDhVE174FvbtH+LdB3j49Zyr9I6R
ELKkrzqM6oa1vqlWZ6EItGh4ue2TgWcJ1hXFT4wgnseARJx+motdM44jtQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFIvokwkPvNeyZ8cBxGiVqdY8Ix4nMB8GA1UdIwQY
MBaAFG5te8q/zDCNQgBTxIKg1Z+xKC4wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm0xN3lyX01NSTFDQUZQRWdxRFZuN0VvTGpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy80NWM2ODktYWZhYS00ZGEzLWE5NDIt
OTMxOTRlYjYxMDhkLzEvaS1pVENRLTgxN0pueHdIRWFKV3AxandqSGljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy80NWM2ODktYWZhYS00ZGEzLWE5NDItOTMxOTRlYjYxMDhk
LzEvYm0xN3lyX01NSTFDQUZQRWdxRFZuN0VvTGpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAfBAIAATAZAwQDkdsAMAsD
BAGR2xIDAwKR2AMEAMGw/zANBAIAAjAHAwUCKgSwxDANBgkqhkiG9w0BAQsFAAOC
AQEAgiGeXpkfVunoh9BA2ssXCCilV0zZXSW6SVUYSn4HqpKSrg1+YRHUDHnjQDeO
i+WD/aoSllbBSKu4wLbXHRO8CpwwEzPdYrniywGar3XpJeOwq+4Q54CI43AfuZLD
UYpwGLpnP67pDftpYOuTCRu4UVarMVr+yZaggamfpWMXg+ZttPIu3nDkMK4pgJr4
J0xpkAZ052WUmXHf3AY4m8YRqtXEmJOf1bPOUQcCw/DZrPgQNzk47oLxTGchUaBR
LNbfQs4Mz8eLELoGpFgeuNHJxIw0J1wiGonoNf0Qtc5tDYyMM2xQLjXqCuHPDdq5
nViSz8vOv2seZO2ybvmh5LuDMg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:32 2023 by rpki-client on console-ams.rpki-client.org