Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/UkQGsxE9mG8vqeUG_KVvOD3aTeI.roa
File: UkQGsxE9mG8vqeUG_KVvOD3aTeI.roa (raw, json)
Hash identifier: i4vv3dggUkjG7lR956bUHRO6bpJxQb32WA9RpWM/ssM=
Subject key identifier: 52:44:06:B3:11:3D:98:6F:2F:A9:E5:06:FC:A5:6F:38:3D:DA:4D:E2
Certificate issuer: /CN=0db67c5c7fa7fe2492eec37cf427642b71d425b0
Certificate serial: 01762F5D
Authority key identifier: 0D:B6:7C:5C:7F:A7:FE:24:92:EE:C3:7C:F4:27:64:2B:71:D4:25:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DbZ8XH-n_iSS7sN89CdkK3HUJbA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/UkQGsxE9mG8vqeUG_KVvOD3aTeI.roa
Signing time: Mon 24 Jan 2022 02:35:03 +0000
ROA not before: Mon 24 Jan 2022 02:35:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201106
IP address blocks: 45.142.156.0/24 maxlen: 32
45.142.157.0/24 maxlen: 32
45.154.212.0/22 maxlen: 32
45.142.158.0/23 maxlen: 32
45.150.164.0/22 maxlen: 32
45.151.132.0/22 maxlen: 32
45.145.74.0/23 maxlen: 32
45.145.72.0/23 maxlen: 32
45.150.226.0/23 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 24522589 (0x1762f5d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0db67c5c7fa7fe2492eec37cf427642b71d425b0
Validity
Not Before: Jan 24 02:35:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=524406b3113d986f2fa9e506fca56f383dda4de2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:6c:12:b5:91:79:2c:95:70:4f:4f:c9:82:ff:
8c:55:ae:a0:85:21:45:97:52:33:4a:75:b6:33:7d:
90:4d:af:7f:75:29:bb:e5:ff:cd:00:b5:18:65:dd:
ff:47:97:27:d4:42:83:0c:73:1d:e1:3c:6c:cf:2c:
35:58:58:35:59:43:78:d8:31:8e:59:b2:8e:8f:f2:
b5:e8:3f:e2:d5:a0:bd:31:1a:48:26:77:3d:c8:8b:
c6:81:f3:96:9d:04:32:2e:87:85:19:03:93:aa:2b:
96:a0:28:2d:d9:07:7d:42:e7:33:71:75:a2:3b:3d:
b7:d2:d4:d0:7e:75:10:3f:02:93:3a:1e:67:64:0f:
e5:88:18:85:bb:b8:1b:fa:5e:4f:7d:de:91:2c:73:
50:e5:2b:f5:31:c8:76:c2:11:f8:96:71:d5:84:46:
c7:6f:0e:f1:d6:73:de:8b:a0:68:7b:17:79:0c:b3:
92:cd:b6:b6:4d:40:19:a2:07:0d:32:98:eb:39:1e:
d3:f9:fa:eb:a1:9e:d8:8c:d2:fa:96:ff:88:8d:14:
8c:1d:5f:f3:75:a0:4b:6c:9a:02:4a:b6:df:2f:77:
d7:cb:ad:b8:06:0c:09:00:06:4d:ce:03:43:2c:8d:
7b:aa:5b:21:9c:70:bd:4e:af:28:df:2c:8b:bc:e5:
72:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:44:06:B3:11:3D:98:6F:2F:A9:E5:06:FC:A5:6F:38:3D:DA:4D:E2
X509v3 Authority Key Identifier:
keyid:0D:B6:7C:5C:7F:A7:FE:24:92:EE:C3:7C:F4:27:64:2B:71:D4:25:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DbZ8XH-n_iSS7sN89CdkK3HUJbA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/UkQGsxE9mG8vqeUG_KVvOD3aTeI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/DbZ8XH-n_iSS7sN89CdkK3HUJbA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.156.0/22
45.145.72.0/22
45.150.164.0/22
45.150.226.0/23
45.151.132.0/22
45.154.212.0/22
Signature Algorithm: sha256WithRSAEncryption
3a:1c:73:eb:b8:41:cc:a1:bc:53:55:e4:d2:37:f1:66:ff:28:
f0:8e:87:79:a2:98:82:d0:76:07:ff:af:34:68:64:a2:c8:d7:
ec:ee:25:7c:84:f2:94:1c:e3:c4:7e:47:49:60:a7:61:3c:c8:
2e:4c:f5:25:35:c2:39:84:20:eb:9c:5e:ca:65:10:e5:94:ab:
e9:3d:37:32:22:3b:a2:21:09:84:e4:62:ed:bc:80:d8:2c:19:
7b:22:4a:8c:92:35:48:06:ce:26:03:ef:13:38:d5:2d:f9:97:
c2:7d:43:1e:80:b9:87:e9:53:52:0b:fd:5a:58:97:43:77:2b:
94:23:51:8d:a7:9d:8a:26:9f:1e:48:d3:8d:c2:87:10:ac:98:
57:ae:f7:1b:5f:92:4c:56:7b:07:ef:0b:15:6e:53:8f:a3:1d:
75:4c:bb:f9:a6:2e:90:05:ef:16:f7:c6:b7:ff:5c:3e:04:71:
97:02:6d:1f:34:1e:a7:f3:84:e2:d1:37:0f:96:dd:81:19:92:
4d:b5:7e:53:f7:5e:9b:b2:96:27:4e:2b:24:d9:fc:69:c6:1a:
eb:59:87:7b:a0:ba:8e:51:a6:71:4f:e6:2e:e0:0e:42:d3:d0:
42:9c:7e:21:4f:7d:62:ff:87:00:51:03:02:dc:77:ae:11:fa:
d0:76:b6:78
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIEAXYvXTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ZGI2N2M1YzdmYTdmZTI0OTJlZWMzN2NmNDI3NjQyYjcxZDQyNWIwMB4XDTIyMDEy
NDAyMzUwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTI0NDA2YjMxMTNk
OTg2ZjJmYTllNTA2ZmNhNTZmMzgzZGRhNGRlMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMxsErWReSyVcE9PyYL/jFWuoIUhRZdSM0p1tjN9kE2vf3Up
u+X/zQC1GGXd/0eXJ9RCgwxzHeE8bM8sNVhYNVlDeNgxjlmyjo/yteg/4tWgvTEa
SCZ3PciLxoHzlp0EMi6HhRkDk6orlqAoLdkHfULnM3F1ojs9t9LU0H51ED8Ckzoe
Z2QP5YgYhbu4G/peT33ekSxzUOUr9THIdsIR+JZx1YRGx28O8dZz3ougaHsXeQyz
ks22tk1AGaIHDTKY6zke0/n666Ge2IzS+pb/iI0UjB1f83WgS2yaAkq23y9318ut
uAYMCQAGTc4DQyyNe6pbIZxwvU6vKN8si7zlcnUCAwEAAaOCAicwggIjMB0GA1Ud
DgQWBBRSRAazET2Yby+p5Qb8pW84PdpN4jAfBgNVHSMEGDAWgBQNtnxcf6f+JJLu
w3z0J2QrcdQlsDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0RiWjhYSC1uX2lTUzdzTjg5Q2RrSzNIVUpiQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTkvMGYzNzU3LWYwZWQtNGU3ZS05MzI5LWIwM2RmOTk2ZTQ4MS8x
L1VrUUdzeEU5bUc4dnFlVUdfS1Z2T0QzYVRlSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTkv
MGYzNzU3LWYwZWQtNGU3ZS05MzI5LWIwM2RmOTk2ZTQ4MS8xL0RiWjhYSC1uX2lT
UzdzTjg5Q2RrSzNIVUpiQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9
BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEAi2OnAMEAi2RSAMEAi2WpAMEAS2W
4gMEAi2XhAMEAi2a1DANBgkqhkiG9w0BAQsFAAOCAQEAOhxz67hBzKG8U1Xk0jfx
Zv8o8I6HeaKYgtB2B/+vNGhkosjX7O4lfITylBzjxH5HSWCnYTzILkz1JTXCOYQg
65xeymUQ5ZSr6T03MiI7oiEJhORi7byA2CwZeyJKjJI1SAbOJgPvEzjVLfmXwn1D
HoC5h+lTUgv9WliXQ3crlCNRjaediiafHkjTjcKHEKyYV673G1+STFZ7B+8LFW5T
j6MddUy7+aYukAXvFvfGt/9cPgRxlwJtHzQep/OE4tE3D5bdgRmSTbV+U/dem7KW
J04rJNn8acYa61mHe6C6jlGmcU/mLuAOQtPQQpx+IU99Yv+HAFEDAtx3rhH60Ha2
eA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:55 2023 by rpki-client on console-fra.rpki-client.org