Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/a28dde-8ed6-4d3d-9ba0-6d615f3e14f5/1/Q0RzenbbJ-IdDpRQcskFL_0wNLM.roa
File: Q0RzenbbJ-IdDpRQcskFL_0wNLM.roa (raw, json)
Hash identifier: OMBzblHS47TX5DEiftHeFuMwqmBiT0XtktUXn9qEcQ0=
Subject key identifier: 43:44:73:7A:76:DB:27:E2:1D:0E:94:50:72:C9:05:2F:FD:30:34:B3
Certificate issuer: /CN=ed6b53ca307043427ef4eac89c77c1ba13f6f02e
Certificate serial: 01821020EEB0BD2D95959C470137928993D8
Authority key identifier: ED:6B:53:CA:30:70:43:42:7E:F4:EA:C8:9C:77:C1:BA:13:F6:F0:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7WtTyjBwQ0J-9OrInHfBuhP28C4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/a28dde-8ed6-4d3d-9ba0-6d615f3e14f5/1/Q0RzenbbJ-IdDpRQcskFL_0wNLM.roa
Signing time: Mon 18 Jul 2022 07:06:09 +0000
ROA not before: Mon 18 Jul 2022 07:06:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208839
IP address blocks: 45.13.140.0/22 maxlen: 22
2a0e:ed00::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:10:20:ee:b0:bd:2d:95:95:9c:47:01:37:92:89:93:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ed6b53ca307043427ef4eac89c77c1ba13f6f02e
Validity
Not Before: Jul 18 07:06:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4344737a76db27e21d0e945072c9052ffd3034b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:7f:3c:e5:17:43:2a:d5:d6:7e:1d:f2:de:2d:
8f:3a:de:db:c8:ca:b9:df:e9:c2:71:62:c8:e6:4c:
61:ff:b5:2e:85:1a:b1:a8:bb:11:f9:57:5d:b2:69:
14:58:37:93:f2:19:4e:20:1b:6a:f2:c5:41:63:3b:
10:4a:f4:a4:c2:76:04:c7:88:c9:af:b9:d8:a0:f7:
66:92:0b:0f:b4:6b:a5:ae:b0:7c:99:c9:09:80:89:
f5:e6:a3:2e:3a:b6:3c:0e:be:92:90:dc:3a:d3:1f:
cc:99:ab:81:68:9b:29:1d:e2:f8:3a:59:63:6e:76:
13:0a:b0:ad:ba:14:fb:fb:35:0f:7d:ec:24:54:92:
5d:52:28:65:ce:17:3c:b0:26:ba:e9:b2:5e:9f:56:
08:ba:aa:dd:f2:bf:9d:82:c6:68:46:a9:ff:5f:82:
8f:81:4a:76:d1:a3:92:dc:c6:83:16:28:85:45:84:
af:da:0f:06:4f:5b:1e:f4:a0:58:f2:97:40:4d:33:
29:ea:30:8c:dd:43:a0:44:46:13:ae:46:49:f6:1f:
3b:b3:c4:b2:13:f6:07:de:05:2a:10:6f:39:7d:77:
59:1a:e4:ad:85:8d:a9:d3:9b:8b:7c:8c:3c:2c:29:
ae:02:4e:21:ce:2c:af:77:48:55:47:d7:dd:f5:ff:
89:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:44:73:7A:76:DB:27:E2:1D:0E:94:50:72:C9:05:2F:FD:30:34:B3
X509v3 Authority Key Identifier:
keyid:ED:6B:53:CA:30:70:43:42:7E:F4:EA:C8:9C:77:C1:BA:13:F6:F0:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7WtTyjBwQ0J-9OrInHfBuhP28C4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/a28dde-8ed6-4d3d-9ba0-6d615f3e14f5/1/Q0RzenbbJ-IdDpRQcskFL_0wNLM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/a28dde-8ed6-4d3d-9ba0-6d615f3e14f5/1/7WtTyjBwQ0J-9OrInHfBuhP28C4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.140.0/22
IPv6:
2a0e:ed00::/29
Signature Algorithm: sha256WithRSAEncryption
48:02:ee:8e:15:d3:8d:fd:a3:4f:71:7e:10:9d:55:fe:d4:5a:
35:2e:69:72:17:b7:e3:e4:e7:8e:32:03:10:7b:86:49:56:9f:
7d:2d:fb:9c:5f:ba:0b:75:ae:50:3f:25:81:95:8e:03:dd:27:
9c:a1:94:0c:94:72:8c:3c:1e:92:98:95:87:01:13:c3:15:5f:
86:5b:be:cb:9e:17:13:ed:33:43:ab:9c:b6:59:51:9f:57:5d:
db:09:aa:e4:fd:bd:1f:de:73:e4:2e:ac:cb:96:7a:7d:5e:4a:
71:8d:2a:4e:3e:6f:46:df:b2:cf:77:b7:68:84:a0:51:49:72:
98:a1:39:09:57:bd:b4:72:28:e0:42:f5:dc:26:d5:2f:14:58:
65:1a:af:ba:15:ea:9a:e0:0e:09:07:20:ae:47:08:9d:6f:01:
15:1a:a0:c6:bb:ee:97:fe:d8:1c:54:15:3a:f6:c4:d6:42:6f:
79:4a:c2:85:30:09:19:9f:97:7e:f6:b8:c2:48:e9:f7:dd:60:
de:fb:15:ac:d2:2c:8c:c8:b9:b9:e6:e6:54:a2:fa:b1:5a:61:
05:cd:59:70:cb:27:ff:e3:e3:cd:0a:1a:59:28:7a:df:05:1b:
02:31:f3:0b:12:09:05:b0:cc:9f:b4:4d:e2:45:f7:8c:6b:b4:
45:d2:c1:45
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYIQIO6wvS2VlZxHATeSiZPYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkNmI1M2NhMzA3MDQzNDI3ZWY0ZWFjODljNzdjMWJhMTNm
NmYwMmUwHhcNMjIwNzE4MDcwNjA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzQ0NzM3YTc2ZGIyN2UyMWQwZTk0NTA3MmM5MDUyZmZkMzAzNGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqX885RdDKtXWfh3y3i2POt7byMq5
3+nCcWLI5kxh/7UuhRqxqLsR+VddsmkUWDeT8hlOIBtq8sVBYzsQSvSkwnYEx4jJ
r7nYoPdmkgsPtGulrrB8mckJgIn15qMuOrY8Dr6SkNw60x/MmauBaJspHeL4Ollj
bnYTCrCtuhT7+zUPfewkVJJdUihlzhc8sCa66bJen1YIuqrd8r+dgsZoRqn/X4KP
gUp20aOS3MaDFiiFRYSv2g8GT1se9KBY8pdATTMp6jCM3UOgREYTrkZJ9h87s8Sy
E/YH3gUqEG85fXdZGuSthY2p05uLfIw8LCmuAk4hziyvd0hVR9fd9f+JrQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFENEc3p22yfiHQ6UUHLJBS/9MDSzMB8GA1UdIwQY
MBaAFO1rU8owcENCfvTqyJx3wboT9vAuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1d0VHlqQndRMEotOU9ySW5IZkJ1aFAyOEM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9hMjhkZGUtOGVkNi00ZDNkLTliYTAt
NmQ2MTVmM2UxNGY1LzEvUTBSemVuYmJKLUlkRHBSUWNza0ZMXzB3TkxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9hMjhkZGUtOGVkNi00ZDNkLTliYTAtNmQ2MTVmM2UxNGY1
LzEvN1d0VHlqQndRMEotOU9ySW5IZkJ1aFAyOEM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLQ2MMA0E
AgACMAcDBQMqDu0AMA0GCSqGSIb3DQEBCwUAA4IBAQBIAu6OFdON/aNPcX4QnVX+
1Fo1LmlyF7fj5OeOMgMQe4ZJVp99LfucX7oLda5QPyWBlY4D3SecoZQMlHKMPB6S
mJWHARPDFV+GW77LnhcT7TNDq5y2WVGfV13bCark/b0f3nPkLqzLlnp9XkpxjSpO
Pm9G37LPd7dohKBRSXKYoTkJV720cijgQvXcJtUvFFhlGq+6Feqa4A4JByCuRwid
bwEVGqDGu+6X/tgcVBU69sTWQm95SsKFMAkZn5d+9rjCSOn33WDe+xWs0iyMyLm5
5uZUovqxWmEFzVlwyyf/4+PNChpZKHrfBRsCMfMLEgkFsMyftE3iRfeMa7RF0sFF
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:54 2023 by rpki-client on console-fra.rpki-client.org