Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/SHYtzDfr9mT_EVehhiyWHtujoro.roa
File: SHYtzDfr9mT_EVehhiyWHtujoro.roa (raw, json)
Hash identifier: iI5sYnxn0OOsgh796n9RHE13h0+TZ0Su662S10JXV2o=
Subject key identifier: 48:76:2D:CC:37:EB:F6:64:FF:11:57:A1:86:2C:96:1E:DB:A3:A2:BA
Certificate issuer: /CN=23446da7a70bce773ec2bc1655aae30c3c18412c
Certificate serial: 0184810FC32598234462AB79D7D3ACAE7024
Authority key identifier: 23:44:6D:A7:A7:0B:CE:77:3E:C2:BC:16:55:AA:E3:0C:3C:18:41:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I0Rtp6cLznc-wrwWVarjDDwYQSw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/SHYtzDfr9mT_EVehhiyWHtujoro.roa
Signing time: Wed 16 Nov 2022 15:30:04 +0000
ROA not before: Wed 16 Nov 2022 15:30:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9009
IP address blocks: 45.153.238.0/24 maxlen: 24
45.153.236.0/24 maxlen: 24
45.153.237.0/24 maxlen: 24
77.83.71.0/24 maxlen: 24
84.252.84.0/23 maxlen: 23
45.11.232.0/24 maxlen: 24
84.252.86.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:81:0f:c3:25:98:23:44:62:ab:79:d7:d3:ac:ae:70:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23446da7a70bce773ec2bc1655aae30c3c18412c
Validity
Not Before: Nov 16 15:30:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=48762dcc37ebf664ff1157a1862c961edba3a2ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:77:27:da:e9:1b:c4:c5:28:d3:4e:67:e5:f9:
a9:ef:eb:25:08:d5:5b:23:05:fd:83:a1:9e:4a:b6:
86:dd:2d:e4:a0:df:38:ff:74:b3:64:59:04:e6:f2:
5a:07:fd:3c:b4:76:b0:da:45:ea:77:39:e6:ac:50:
8a:4a:7c:f1:84:25:be:5d:f3:76:d3:d2:08:39:66:
6e:f8:06:cb:bd:d1:1a:f2:9d:d0:e0:51:ad:c2:c9:
d8:dc:7c:17:85:f6:f8:53:af:c1:0b:af:42:8e:a2:
e9:e6:71:17:af:e6:67:bb:63:cd:7f:48:5b:40:f6:
24:d8:53:9a:6b:c3:e6:a6:1a:18:e5:f9:f6:b0:9a:
3a:1b:b6:98:38:28:80:c7:cd:65:e9:df:67:60:45:
4d:3a:9b:a5:c1:3a:3d:a0:91:6c:36:97:91:f6:42:
ff:52:2d:86:f9:05:f1:56:30:2e:23:43:71:d7:79:
7a:a0:63:97:4a:9a:74:2f:d5:31:b0:c8:3b:60:d9:
07:a7:d5:cf:33:a6:25:76:66:3c:03:40:27:80:d9:
b7:6d:d5:5f:f4:df:b6:0a:94:5e:54:e6:84:d6:48:
ff:05:69:a8:fe:5b:da:74:6d:c6:08:e4:5b:74:81:
65:73:b6:54:9c:0a:a1:90:35:b1:ea:47:a7:7f:da:
e8:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:76:2D:CC:37:EB:F6:64:FF:11:57:A1:86:2C:96:1E:DB:A3:A2:BA
X509v3 Authority Key Identifier:
keyid:23:44:6D:A7:A7:0B:CE:77:3E:C2:BC:16:55:AA:E3:0C:3C:18:41:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I0Rtp6cLznc-wrwWVarjDDwYQSw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/SHYtzDfr9mT_EVehhiyWHtujoro.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/I0Rtp6cLznc-wrwWVarjDDwYQSw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.232.0/24
45.153.236.0-45.153.238.255
77.83.71.0/24
84.252.84.0/22
Signature Algorithm: sha256WithRSAEncryption
b8:fd:2a:ae:5b:1e:4e:92:d2:28:e6:e7:7d:06:78:77:35:f6:
14:9c:cb:cd:a0:5b:1f:a4:a5:f2:f2:2c:cc:df:17:a5:e6:aa:
7c:f9:54:af:f1:91:13:69:c3:37:94:a4:3c:ca:ef:61:38:da:
14:50:10:49:3a:52:ae:3c:3e:37:2c:8c:f9:af:c6:dc:bc:61:
74:66:93:10:fd:31:c9:fb:b4:b0:6b:b8:85:e8:67:0a:e5:62:
6b:c5:db:01:55:8a:48:c3:6d:3d:bb:1e:33:48:bf:78:51:3d:
f1:26:5d:86:80:f8:61:58:7d:66:05:8f:7e:b3:01:8e:87:1a:
a7:37:fc:64:83:d4:02:a9:70:1b:0e:c8:c7:13:bc:0b:7e:3e:
8f:fb:97:4e:fe:7a:1f:ff:01:7c:6b:9d:db:69:ed:c9:26:fc:
68:1b:5f:ed:95:82:76:a7:10:b1:83:3d:b8:21:cd:ed:8d:d0:
4b:90:51:a1:47:1a:73:cb:c7:07:cd:5e:9e:58:22:af:6c:a4:
03:c1:51:3f:ba:0c:a7:3c:44:bf:86:ca:4f:06:50:82:a8:e5:
9e:5a:b9:08:1b:6a:cc:95:a0:98:e3:bd:9c:1b:ac:5d:ef:15:
20:61:ac:00:e4:74:79:3b:7a:8a:83:33:63:49:85:7f:ba:3f:
fe:37:0d:98
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYSBD8MlmCNEYqt519OsrnAkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNDQ2ZGE3YTcwYmNlNzczZWMyYmMxNjU1YWFlMzBjM2Mx
ODQxMmMwHhcNMjIxMTE2MTUzMDA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODc2MmRjYzM3ZWJmNjY0ZmYxMTU3YTE4NjJjOTYxZWRiYTNhMmJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoXcn2ukbxMUo005n5fmp7+slCNVb
IwX9g6GeSraG3S3koN84/3SzZFkE5vJaB/08tHaw2kXqdznmrFCKSnzxhCW+XfN2
09IIOWZu+AbLvdEa8p3Q4FGtwsnY3HwXhfb4U6/BC69CjqLp5nEXr+Znu2PNf0hb
QPYk2FOaa8PmphoY5fn2sJo6G7aYOCiAx81l6d9nYEVNOpulwTo9oJFsNpeR9kL/
Ui2G+QXxVjAuI0Nx13l6oGOXSpp0L9UxsMg7YNkHp9XPM6YldmY8A0AngNm3bdVf
9N+2CpReVOaE1kj/BWmo/lvadG3GCORbdIFlc7ZUnAqhkDWx6kenf9ro+wIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFEh2Lcw36/Zk/xFXoYYslh7bo6K6MB8GA1UdIwQY
MBaAFCNEbaenC853PsK8FlWq4ww8GEEsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTBSdHA2Y0x6bmMtd3J3V1ZhcmpERHdZUVN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9mMzU0OWYtMThmNy00OGIwLTkwMWQt
MjVjYzlkNmNmYmI5LzEvU0hZdHpEZnI5bVRfRVZlaGhpeVdIdHVqb3JvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9mMzU0OWYtMThmNy00OGIwLTkwMWQtMjVjYzlkNmNmYmI5
LzEvSTBSdHA2Y0x6bmMtd3J3V1ZhcmpERHdZUVN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQALQvoMAwD
BAItmewDBAAtme4DBABNU0cDBAJU/FQwDQYJKoZIhvcNAQELBQADggEBALj9Kq5b
Hk6S0ijm530GeHc19hScy82gWx+kpfLyLMzfF6Xmqnz5VK/xkRNpwzeUpDzK72E4
2hRQEEk6Uq48PjcsjPmvxty8YXRmkxD9Mcn7tLBruIXoZwrlYmvF2wFVikjDbT27
HjNIv3hRPfEmXYaA+GFYfWYFj36zAY6HGqc3/GSD1AKpcBsOyMcTvAt+Po/7l07+
eh//AXxrndtp7ckm/GgbX+2VgnanELGDPbghze2N0EuQUaFHGnPLxwfNXp5YIq9s
pAPBUT+6DKc8RL+Gyk8GUIKo5Z5auQgbasyVoJjjvZwbrF3vFSBhrADkdHk7eoqD
M2NJhX+6P/43DZg=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:03 2023 by rpki-client on console-ams.rpki-client.org