Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/ef4db0-b6c9-47aa-84c1-dc3769e8f6a1/1/IYDnDtQguSA1xErajMaucJ7g0tM.roa
File: IYDnDtQguSA1xErajMaucJ7g0tM.roa (raw, json)
Hash identifier: mvJJc5xp0Q4hqQlMlWNMyzOHtdHJFeo+Hy35u2Mua8U=
Subject key identifier: 21:80:E7:0E:D4:20:B9:20:35:C4:4A:DA:8C:C6:AE:70:9E:E0:D2:D3
Certificate issuer: /CN=c8d322beb7e363f4d4575e1e4feee5ccb84e1275
Certificate serial: 073919B1
Authority key identifier: C8:D3:22:BE:B7:E3:63:F4:D4:57:5E:1E:4F:EE:E5:CC:B8:4E:12:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yNMivrfjY_TUV14eT-7lzLhOEnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/ef4db0-b6c9-47aa-84c1-dc3769e8f6a1/1/IYDnDtQguSA1xErajMaucJ7g0tM.roa
Signing time: Sat 01 Jan 2022 10:05:40 +0000
ROA not before: Sat 01 Jan 2022 10:05:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200562
IP address blocks: 146.255.116.0/22 maxlen: 22
45.159.172.0/22 maxlen: 22
185.75.144.0/22 maxlen: 22
2a05:5300::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 121182641 (0x73919b1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8d322beb7e363f4d4575e1e4feee5ccb84e1275
Validity
Not Before: Jan 1 10:05:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2180e70ed420b92035c44ada8cc6ae709ee0d2d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:d1:91:d0:9c:7a:19:f6:a0:e5:25:97:a2:5f:
0d:83:ae:dc:16:bd:d4:b9:43:1c:b1:3b:61:85:9f:
17:37:47:dd:fe:d8:07:8b:8d:be:39:02:6e:9c:1f:
72:2f:99:24:f7:e4:f2:b6:f6:b4:f5:11:01:ef:59:
a7:45:20:22:0c:e8:63:18:b5:3c:fb:64:66:fc:58:
44:2a:d2:84:a7:27:76:13:56:cb:d0:a2:b4:5e:33:
54:28:d8:7a:bd:c1:f5:ab:dc:c3:b1:6a:a5:52:f0:
66:51:f5:40:25:23:67:19:32:04:f5:07:5a:d8:d1:
8e:27:b1:af:58:6f:c2:c1:34:60:dc:ea:11:49:0e:
36:25:2d:6f:36:5c:a1:b5:fa:85:4c:61:ba:a9:76:
56:af:80:27:62:f0:90:49:0c:fa:19:ff:f7:4d:97:
cc:57:be:f8:c5:2f:74:77:9f:75:06:cf:9b:ff:c7:
9f:d4:e1:ce:52:c9:1c:82:f4:fd:9a:f7:ac:03:70:
fc:20:be:18:84:97:22:a1:d7:62:e1:08:64:5e:bd:
08:c4:e7:87:52:c4:1c:37:9c:67:92:5b:f2:56:08:
75:68:43:21:7c:59:42:75:f2:ea:e1:e8:01:7b:6c:
fc:d1:e8:da:62:17:a3:74:ef:ed:f2:cf:d9:ce:46:
0e:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:80:E7:0E:D4:20:B9:20:35:C4:4A:DA:8C:C6:AE:70:9E:E0:D2:D3
X509v3 Authority Key Identifier:
keyid:C8:D3:22:BE:B7:E3:63:F4:D4:57:5E:1E:4F:EE:E5:CC:B8:4E:12:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yNMivrfjY_TUV14eT-7lzLhOEnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/ef4db0-b6c9-47aa-84c1-dc3769e8f6a1/1/IYDnDtQguSA1xErajMaucJ7g0tM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/ef4db0-b6c9-47aa-84c1-dc3769e8f6a1/1/yNMivrfjY_TUV14eT-7lzLhOEnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.172.0/22
146.255.116.0/22
185.75.144.0/22
IPv6:
2a05:5300::/29
Signature Algorithm: sha256WithRSAEncryption
7b:ae:93:d1:f4:21:33:15:0b:f0:89:c0:73:de:7c:d5:99:ee:
a9:af:00:d3:ed:44:b2:6b:37:f6:37:9b:7f:0f:8d:0e:b0:7b:
56:15:6a:67:95:46:34:14:e9:ac:42:00:17:a8:b8:34:d8:6d:
9d:55:5d:68:67:82:b7:6a:33:4b:0d:39:06:e0:04:f7:5d:e3:
55:f5:d8:16:77:70:1e:6c:ec:10:9d:e9:af:9e:ef:91:0a:f0:
68:40:4b:a7:50:7f:a1:fa:66:d8:66:c3:af:8b:80:fc:44:0c:
cf:d3:02:90:ad:b7:1b:86:e9:d6:96:19:1b:6d:aa:3a:0a:90:
87:45:81:cb:8e:0f:7d:12:17:25:3f:9f:74:99:c9:b8:de:b9:
de:ff:63:ad:9b:55:cf:0d:dd:f2:93:93:51:e1:ee:7e:7a:c5:
95:eb:72:6e:ac:16:2b:f8:17:c6:9a:c9:9d:98:c7:d9:67:c1:
ae:5e:87:c9:27:b9:08:5a:78:ae:d1:80:75:cf:c5:20:57:3b:
91:ab:55:bb:1f:d6:58:fd:06:74:6d:43:e0:52:fe:6d:3d:b9:
49:6f:62:a6:4e:c7:bc:79:23:c0:99:6d:d5:2a:0e:cb:4c:23:
24:f3:54:a9:7b:db:cd:71:3e:17:fe:5d:11:37:9a:1e:52:ba:
d6:a7:c6:08
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEBzkZsTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
OGQzMjJiZWI3ZTM2M2Y0ZDQ1NzVlMWU0ZmVlZTVjY2I4NGUxMjc1MB4XDTIyMDEw
MTEwMDU0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjE4MGU3MGVkNDIw
YjkyMDM1YzQ0YWRhOGNjNmFlNzA5ZWUwZDJkMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMXRkdCcehn2oOUll6JfDYOu3Ba91LlDHLE7YYWfFzdH3f7Y
B4uNvjkCbpwfci+ZJPfk8rb2tPURAe9Zp0UgIgzoYxi1PPtkZvxYRCrShKcndhNW
y9CitF4zVCjYer3B9avcw7FqpVLwZlH1QCUjZxkyBPUHWtjRjiexr1hvwsE0YNzq
EUkONiUtbzZcobX6hUxhuql2Vq+AJ2LwkEkM+hn/902XzFe++MUvdHefdQbPm//H
n9ThzlLJHIL0/Zr3rANw/CC+GISXIqHXYuEIZF69CMTnh1LEHDecZ5Jb8lYIdWhD
IXxZQnXy6uHoAXts/NHo2mIXo3Tv7fLP2c5GDucCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBQhgOcO1CC5IDXEStqMxq5wnuDS0zAfBgNVHSMEGDAWgBTI0yK+t+Nj9NRX
Xh5P7uXMuE4SdTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3lOTWl2cmZqWV9UVVYxNGVULTdsekxoT0VuVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTcvZWY0ZGIwLWI2YzktNDdhYS04NGMxLWRjMzc2OWU4ZjZhMS8x
L0lZRG5EdFFndVNBMXhFcmFqTWF1Y0o3ZzB0TS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTcv
ZWY0ZGIwLWI2YzktNDdhYS04NGMxLWRjMzc2OWU4ZjZhMS8xL3lOTWl2cmZqWV9U
VVYxNGVULTdsekxoT0VuVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEAi2frAMEApL/dAMEArlLkDANBAIA
AjAHAwUDKgVTADANBgkqhkiG9w0BAQsFAAOCAQEAe66T0fQhMxUL8InAc9581Znu
qa8A0+1Esms39jebfw+NDrB7VhVqZ5VGNBTprEIAF6i4NNhtnVVdaGeCt2ozSw05
BuAE913jVfXYFndwHmzsEJ3pr57vkQrwaEBLp1B/ofpm2GbDr4uA/EQMz9MCkK23
G4bp1pYZG22qOgqQh0WBy44PfRIXJT+fdJnJuN653v9jrZtVzw3d8pOTUeHufnrF
letybqwWK/gXxprJnZjH2WfBrl6HySe5CFp4rtGAdc/FIFc7katVux/WWP0GdG1D
4FL+bT25SW9ipk7HvHkjwJlt1SoOy0wjJPNUqXvbzXE+F/5dETeaHlK61qfGCA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:45 2023 by rpki-client on console-ams.rpki-client.org