Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/piho-6e8e4w1S2OOwiR4EPKiKGo.roa
File: piho-6e8e4w1S2OOwiR4EPKiKGo.roa (raw, json)
Hash identifier: /1YYBHZ60DS91id8Od/ZMlrFwLRzcJJmLclnyuM8x2s=
Subject key identifier: A6:28:68:FB:A7:BC:7B:8C:35:4B:63:8E:C2:24:78:10:F2:A2:28:6A
Certificate issuer: /CN=23446da7a70bce773ec2bc1655aae30c3c18412c
Certificate serial: 0181F000C0A0330D5B0512524546D152CDF8
Authority key identifier: 23:44:6D:A7:A7:0B:CE:77:3E:C2:BC:16:55:AA:E3:0C:3C:18:41:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I0Rtp6cLznc-wrwWVarjDDwYQSw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/piho-6e8e4w1S2OOwiR4EPKiKGo.roa
Signing time: Tue 12 Jul 2022 01:23:09 +0000
ROA not before: Tue 12 Jul 2022 01:23:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9009
IP address blocks: 45.153.238.0/24 maxlen: 24
45.153.237.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:f0:00:c0:a0:33:0d:5b:05:12:52:45:46:d1:52:cd:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23446da7a70bce773ec2bc1655aae30c3c18412c
Validity
Not Before: Jul 12 01:23:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a62868fba7bc7b8c354b638ec2247810f2a2286a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:63:41:d4:58:a1:73:c9:c8:cd:7c:74:4d:2c:
91:2d:4a:04:34:72:0f:fa:96:fe:16:e2:8b:4a:2e:
ff:71:86:9b:eb:74:83:e3:c9:c4:64:f7:c7:e5:fd:
b1:32:e6:15:8d:76:e3:cf:63:42:7b:21:cf:4d:6e:
77:fc:90:c7:b7:bb:b8:05:b1:f1:70:c6:7f:b9:8c:
b2:43:6f:cd:0d:40:34:e8:f2:8e:4e:46:f0:36:42:
d3:d1:34:fb:da:7d:4d:fd:34:12:30:79:52:28:d5:
f7:b5:85:b3:a7:ac:f4:1f:ff:ec:cb:48:c1:bb:c2:
3a:2e:90:0f:cd:f3:ee:a1:14:43:7b:13:9d:ff:c5:
c9:9d:c4:cf:14:c7:3a:d6:3b:76:a6:4c:df:0b:c4:
1f:ad:7b:6c:a8:48:15:89:a6:fe:7a:cf:b7:b3:62:
cb:16:fd:b6:14:21:37:2b:93:b9:d4:c3:a3:46:78:
ca:5e:4c:26:cc:29:50:57:e3:c8:a8:d7:5e:4c:bc:
70:d2:a7:73:bd:66:75:36:54:da:8d:ba:14:2c:3d:
4a:6b:a0:4e:c9:04:f0:81:c4:1f:e2:05:64:53:85:
2e:a3:6e:39:e1:b8:4c:15:e6:77:88:2a:b0:62:a9:
e7:83:66:fc:42:f5:56:09:17:79:d7:13:6d:56:21:
ea:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:28:68:FB:A7:BC:7B:8C:35:4B:63:8E:C2:24:78:10:F2:A2:28:6A
X509v3 Authority Key Identifier:
keyid:23:44:6D:A7:A7:0B:CE:77:3E:C2:BC:16:55:AA:E3:0C:3C:18:41:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I0Rtp6cLznc-wrwWVarjDDwYQSw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/piho-6e8e4w1S2OOwiR4EPKiKGo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/I0Rtp6cLznc-wrwWVarjDDwYQSw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.237.0-45.153.238.255
Signature Algorithm: sha256WithRSAEncryption
86:94:c8:5d:3b:c6:b9:63:85:c4:9c:4c:f2:36:43:1a:ca:f1:
92:d2:91:6b:e9:9b:31:01:05:c2:91:45:d3:a7:a2:e6:ce:b7:
ea:d4:31:d6:d7:d5:e3:41:77:b5:1d:e0:c6:02:dc:95:04:2c:
22:a1:f0:f7:b8:2c:5b:e3:b5:b1:ad:e7:0f:9d:75:bf:36:03:
27:ff:c0:e9:6e:ca:11:cd:29:0b:e0:a7:a7:23:37:98:29:c0:
0b:95:ef:77:99:dd:4e:74:06:61:50:76:89:02:4a:11:b9:6b:
be:67:12:00:fc:af:16:f1:04:91:7c:1e:7a:a1:f2:90:74:b3:
1b:4d:93:02:06:e9:93:6f:26:61:af:a7:3a:15:98:d6:b8:e5:
3e:8b:ce:84:15:d6:80:a2:e3:07:3a:32:9b:be:68:ca:88:cd:
0a:49:8a:74:8e:0c:2d:4f:61:a8:ab:7d:7b:40:81:7d:24:17:
13:ef:b6:1d:cc:11:b1:97:00:55:43:36:49:b2:26:ad:12:a0:
ed:24:75:a1:9a:7e:af:91:ab:93:9a:9e:99:34:82:78:5f:78:
81:90:25:8d:6b:9a:95:06:d9:55:4f:64:c4:fc:af:ba:9f:b4:
ef:87:d1:52:62:16:42:c4:13:ee:ff:e1:bf:ca:82:d0:28:71:
e3:bf:ba:d5
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYHwAMCgMw1bBRJSRUbRUs34MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNDQ2ZGE3YTcwYmNlNzczZWMyYmMxNjU1YWFlMzBjM2Mx
ODQxMmMwHhcNMjIwNzEyMDEyMzA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjI4NjhmYmE3YmM3YjhjMzU0YjYzOGVjMjI0NzgxMGYyYTIyODZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgmNB1Fihc8nIzXx0TSyRLUoENHIP
+pb+FuKLSi7/cYab63SD48nEZPfH5f2xMuYVjXbjz2NCeyHPTW53/JDHt7u4BbHx
cMZ/uYyyQ2/NDUA06PKOTkbwNkLT0TT72n1N/TQSMHlSKNX3tYWzp6z0H//sy0jB
u8I6LpAPzfPuoRRDexOd/8XJncTPFMc61jt2pkzfC8QfrXtsqEgViab+es+3s2LL
Fv22FCE3K5O51MOjRnjKXkwmzClQV+PIqNdeTLxw0qdzvWZ1NlTajboULD1Ka6BO
yQTwgcQf4gVkU4Uuo2454bhMFeZ3iCqwYqnng2b8QvVWCRd51xNtViHqlwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFKYoaPunvHuMNUtjjsIkeBDyoihqMB8GA1UdIwQY
MBaAFCNEbaenC853PsK8FlWq4ww8GEEsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTBSdHA2Y0x6bmMtd3J3V1ZhcmpERHdZUVN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9mMzU0OWYtMThmNy00OGIwLTkwMWQt
MjVjYzlkNmNmYmI5LzEvcGloby02ZThlNHcxUzJPT3dpUjRFUEtpS0dvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9mMzU0OWYtMThmNy00OGIwLTkwMWQtMjVjYzlkNmNmYmI5
LzEvSTBSdHA2Y0x6bmMtd3J3V1ZhcmpERHdZUVN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAAtme0D
BAAtme4wDQYJKoZIhvcNAQELBQADggEBAIaUyF07xrljhcScTPI2QxrK8ZLSkWvp
mzEBBcKRRdOnoubOt+rUMdbX1eNBd7Ud4MYC3JUELCKh8Pe4LFvjtbGt5w+ddb82
Ayf/wOluyhHNKQvgp6cjN5gpwAuV73eZ3U50BmFQdokCShG5a75nEgD8rxbxBJF8
Hnqh8pB0sxtNkwIG6ZNvJmGvpzoVmNa45T6LzoQV1oCi4wc6Mpu+aMqIzQpJinSO
DC1PYairfXtAgX0kFxPvth3MEbGXAFVDNkmyJq0SoO0kdaGafq+Rq5Oanpk0gnhf
eIGQJY1rmpUG2VVPZMT8r7qftO+H0VJiFkLEE+7/4b/KgtAoceO/utU=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:03 2023 by rpki-client on console-ams.rpki-client.org