Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/237106-d08d-4aa0-ac82-f60af2a82060/1/tmAQDX8WtqsXji-AP1DAWTEKecE.roa
File: tmAQDX8WtqsXji-AP1DAWTEKecE.roa (raw, json)
Hash identifier: bp3xyGb+rsDxp+sybVmJIXWp7l+RS54oBpImknWf1yU=
Subject key identifier: B6:60:10:0D:7F:16:B6:AB:17:8E:2F:80:3F:50:C0:59:31:0A:79:C1
Certificate issuer: /CN=39732dcd0c35426144f9f026754179dfaebe8958
Certificate serial: 0608C02D
Authority key identifier: 39:73:2D:CD:0C:35:42:61:44:F9:F0:26:75:41:79:DF:AE:BE:89:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OXMtzQw1QmFE-fAmdUF5366-iVg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/237106-d08d-4aa0-ac82-f60af2a82060/1/tmAQDX8WtqsXji-AP1DAWTEKecE.roa
Signing time: Sat 01 Jan 2022 07:02:34 +0000
ROA not before: Sat 01 Jan 2022 07:02:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59909
IP address blocks: 45.90.76.0/22 maxlen: 24
2a0c:b5c0::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101236781 (0x608c02d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39732dcd0c35426144f9f026754179dfaebe8958
Validity
Not Before: Jan 1 07:02:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b660100d7f16b6ab178e2f803f50c059310a79c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:6d:8b:cc:35:6a:90:13:c5:30:63:c9:b8:d7:
ca:7f:3d:4f:d3:24:f7:08:d3:aa:8c:14:71:2a:2c:
3d:c3:91:44:80:a3:32:d1:ef:49:54:51:c6:bc:65:
1f:82:9c:91:ab:42:5f:3a:e4:23:5b:cf:95:4b:d1:
27:38:a3:8a:23:a1:19:b3:68:f8:2b:5d:75:d3:82:
7d:aa:2f:46:34:7f:06:7c:82:c9:40:34:10:1d:b1:
2c:56:5d:bd:70:5b:57:05:b0:c8:d3:f9:9a:65:06:
94:63:a5:39:98:91:ad:c0:a8:5e:bf:e8:8b:8b:8d:
8d:cf:6d:0a:38:5a:5b:c8:fa:01:38:0d:3d:49:78:
c4:3a:eb:b9:0a:4e:7c:d1:3a:9b:f9:f1:4d:9f:d6:
19:87:e0:68:80:c4:d7:1a:d7:0a:c6:4f:4f:a4:f3:
33:0b:c8:a8:2b:a0:d3:71:45:a1:04:bb:bc:cf:64:
f9:eb:dc:64:60:e1:ba:15:77:33:57:c5:40:04:52:
55:7d:b3:4e:52:92:39:01:15:e4:ff:65:c6:bf:82:
26:ab:bd:aa:08:d7:8c:48:4c:a9:73:af:2b:c7:5a:
6a:94:20:a7:e6:7f:ae:5d:ff:e7:b0:6b:9d:c7:47:
8a:7a:0c:c9:12:05:64:78:fe:3c:63:19:29:02:24:
ec:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:60:10:0D:7F:16:B6:AB:17:8E:2F:80:3F:50:C0:59:31:0A:79:C1
X509v3 Authority Key Identifier:
keyid:39:73:2D:CD:0C:35:42:61:44:F9:F0:26:75:41:79:DF:AE:BE:89:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OXMtzQw1QmFE-fAmdUF5366-iVg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/237106-d08d-4aa0-ac82-f60af2a82060/1/tmAQDX8WtqsXji-AP1DAWTEKecE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/237106-d08d-4aa0-ac82-f60af2a82060/1/OXMtzQw1QmFE-fAmdUF5366-iVg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.76.0/22
IPv6:
2a0c:b5c0::/29
Signature Algorithm: sha256WithRSAEncryption
1c:bb:7c:cc:15:96:70:0e:99:5d:29:43:01:42:ff:7f:66:4d:
9b:46:c1:1c:73:fb:5f:1e:fb:26:04:60:cf:54:51:53:35:88:
6d:d4:a8:58:ef:92:b2:7d:c3:26:6a:cc:06:62:d1:48:24:de:
32:03:1f:cf:12:e9:25:0a:45:4d:df:e1:06:7b:3e:3e:68:6e:
e9:e2:4b:29:5f:52:e2:85:f4:f8:e3:db:24:43:1e:a4:f7:39:
d1:02:6c:e9:dc:c3:07:2e:85:5c:0b:cb:97:0b:d8:47:16:12:
40:83:98:44:c1:11:17:00:bb:b3:65:a7:50:ce:8e:61:0e:b0:
75:40:b4:a0:b4:d2:7d:5e:5b:99:4a:dc:1e:21:4f:87:d7:f8:
35:7b:37:38:00:71:d6:03:02:2d:10:7b:bb:2d:48:69:ac:ed:
31:44:6c:3e:a1:70:ad:0d:9f:bd:60:78:79:66:99:80:c6:2a:
fb:34:32:66:d8:0f:40:e8:5f:26:d0:8a:2e:fd:cb:fc:f5:10:
3f:9f:13:a0:b3:ee:68:1e:3c:dc:67:26:a8:15:08:71:ae:10:
1e:34:a0:f9:de:0a:26:91:1a:cb:6d:f9:8a:c3:81:ae:43:12:
f7:bc:ec:de:84:0d:3c:50:bf:18:e6:08:28:a6:b2:51:bb:de:
de:f2:5e:5e
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEBgjALTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
OTczMmRjZDBjMzU0MjYxNDRmOWYwMjY3NTQxNzlkZmFlYmU4OTU4MB4XDTIyMDEw
MTA3MDIzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjY2MDEwMGQ3ZjE2
YjZhYjE3OGUyZjgwM2Y1MGMwNTkzMTBhNzljMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALFti8w1apATxTBjybjXyn89T9Mk9wjTqowUcSosPcORRICj
MtHvSVRRxrxlH4KckatCXzrkI1vPlUvRJzijiiOhGbNo+CtdddOCfaovRjR/BnyC
yUA0EB2xLFZdvXBbVwWwyNP5mmUGlGOlOZiRrcCoXr/oi4uNjc9tCjhaW8j6ATgN
PUl4xDrruQpOfNE6m/nxTZ/WGYfgaIDE1xrXCsZPT6TzMwvIqCug03FFoQS7vM9k
+evcZGDhuhV3M1fFQARSVX2zTlKSOQEV5P9lxr+CJqu9qgjXjEhMqXOvK8daapQg
p+Z/rl3/57BrncdHinoMyRIFZHj+PGMZKQIk7HECAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBS2YBANfxa2qxeOL4A/UMBZMQp5wTAfBgNVHSMEGDAWgBQ5cy3NDDVCYUT5
8CZ1QXnfrr6JWDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L09YTXR6UXcxUW1GRS1mQW1kVUY1MzY2LWlWZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTcvMjM3MTA2LWQwOGQtNGFhMC1hYzgyLWY2MGFmMmE4MjA2MC8x
L3RtQVFEWDhXdHFzWGppLUFQMURBV1RFS2VjRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTcv
MjM3MTA2LWQwOGQtNGFhMC1hYzgyLWY2MGFmMmE4MjA2MC8xL09YTXR6UXcxUW1G
RS1mQW1kVUY1MzY2LWlWZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAi1aTDANBAIAAjAHAwUDKgy1wDAN
BgkqhkiG9w0BAQsFAAOCAQEAHLt8zBWWcA6ZXSlDAUL/f2ZNm0bBHHP7Xx77JgRg
z1RRUzWIbdSoWO+Ssn3DJmrMBmLRSCTeMgMfzxLpJQpFTd/hBns+Pmhu6eJLKV9S
4oX0+OPbJEMepPc50QJs6dzDBy6FXAvLlwvYRxYSQIOYRMERFwC7s2WnUM6OYQ6w
dUC0oLTSfV5bmUrcHiFPh9f4NXs3OABx1gMCLRB7uy1IaaztMURsPqFwrQ2fvWB4
eWaZgMYq+zQyZtgPQOhfJtCKLv3L/PUQP58ToLPuaB483GcmqBUIca4QHjSg+d4K
JpEay235isOBrkMS97zs3oQNPFC/GOYIKKayUbve3vJeXg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:56 2024 by rpki-client on console-ams.rpki-client.org