Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/w2mOgMon8681Jx_GNNv6H46XLhQ.roa
File: w2mOgMon8681Jx_GNNv6H46XLhQ.roa (raw, json)
Hash identifier: STTBAPVR4ntXgO7a/+d2PH6IabI22lmffmZFOsUUzHM=
Subject key identifier: C3:69:8E:80:CA:27:F3:AF:35:27:1F:C6:34:DB:FA:1F:8E:97:2E:14
Certificate issuer: /CN=23446da7a70bce773ec2bc1655aae30c3c18412c
Certificate serial: 0423C9EA
Authority key identifier: 23:44:6D:A7:A7:0B:CE:77:3E:C2:BC:16:55:AA:E3:0C:3C:18:41:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I0Rtp6cLznc-wrwWVarjDDwYQSw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/w2mOgMon8681Jx_GNNv6H46XLhQ.roa
Signing time: Sat 01 Jan 2022 05:57:22 +0000
ROA not before: Sat 01 Jan 2022 05:57:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9009
IP address blocks: 45.153.238.0/24 maxlen: 24
45.153.236.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 69454314 (0x423c9ea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23446da7a70bce773ec2bc1655aae30c3c18412c
Validity
Not Before: Jan 1 05:57:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c3698e80ca27f3af35271fc634dbfa1f8e972e14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:03:89:58:d1:b7:37:0f:3e:ac:e4:e7:04:35:
cd:45:1d:8e:e1:7d:d5:ac:dc:01:89:1a:96:c4:3e:
46:02:0d:d8:0e:9d:83:26:17:fa:ad:32:40:87:09:
6e:2e:63:13:a2:0a:fb:b0:23:5d:47:39:dc:fb:ae:
64:b5:cb:d8:12:3d:47:ed:df:9c:de:44:11:19:0a:
a2:7e:5a:12:55:9c:f3:70:3e:30:53:c5:b0:fb:9d:
79:d9:e6:65:36:67:b7:49:5b:86:a7:14:d2:e1:2c:
6b:c5:82:0b:f6:03:92:8e:ce:83:57:ba:15:e4:0e:
7d:dd:6d:cb:85:0c:2b:e6:b8:91:23:c3:88:54:09:
1a:8d:c6:d7:a2:62:48:2e:00:5a:55:95:d1:4d:6e:
7b:34:d7:55:ed:73:1f:88:3e:61:da:55:c4:38:5f:
e5:ef:59:43:f4:b8:63:73:92:52:50:56:4c:0b:ea:
00:8b:7e:c7:17:0c:53:e8:c3:5a:11:e0:ca:32:f7:
29:ee:9a:e8:0f:8e:13:a1:1a:d6:57:e1:6f:45:9e:
d1:ac:ed:2a:5c:bc:c8:79:62:56:dd:47:fd:cc:d4:
7e:1c:6d:b9:85:01:89:9b:cd:ec:d4:a2:de:08:fc:
f7:0c:af:90:c8:29:bb:be:0a:ad:5b:2f:d2:69:ba:
77:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:69:8E:80:CA:27:F3:AF:35:27:1F:C6:34:DB:FA:1F:8E:97:2E:14
X509v3 Authority Key Identifier:
keyid:23:44:6D:A7:A7:0B:CE:77:3E:C2:BC:16:55:AA:E3:0C:3C:18:41:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I0Rtp6cLznc-wrwWVarjDDwYQSw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/w2mOgMon8681Jx_GNNv6H46XLhQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/I0Rtp6cLznc-wrwWVarjDDwYQSw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.236.0-45.153.238.255
Signature Algorithm: sha256WithRSAEncryption
10:cd:11:a6:71:e4:02:64:e4:2a:19:81:b7:75:fc:d5:61:ba:
52:b4:c9:6a:67:67:ea:79:1e:20:08:e3:fb:90:46:09:63:a2:
3e:84:23:0e:7e:53:7b:d2:d5:bb:d9:1e:4b:1b:90:17:b0:74:
e8:12:73:14:16:73:c9:2e:34:8b:0c:f3:0e:03:ff:b0:48:5a:
49:89:79:51:c7:04:3b:c5:28:03:3e:fd:33:52:f6:31:7d:fe:
d5:f7:b2:b7:4f:0f:46:c5:28:e1:6c:01:42:2d:60:11:23:26:
96:0e:5f:82:0d:00:f2:8b:4d:5d:39:0a:0a:36:7e:38:2e:2d:
4a:b8:9c:88:f2:bd:0f:82:2f:98:47:63:91:c0:ff:51:08:f4:
05:d5:8d:bc:e2:36:f9:ae:4c:49:60:06:fa:55:6a:f8:c6:7d:
b4:f6:0a:4a:86:4d:91:8f:04:6c:41:fc:55:d5:9f:9e:eb:16:
b9:82:ec:67:46:3d:f3:a4:c0:8c:e5:8f:63:b4:11:2d:0e:f7:
6e:f5:88:e8:46:81:89:ab:40:05:b9:8e:e5:82:80:99:cb:f1:
a5:d3:b4:f4:6d:7c:af:f7:6f:aa:dd:cf:cd:78:ca:4e:9d:d3:
de:56:cb:87:73:d8:41:a7:51:36:39:5a:ad:da:c8:94:ef:42:
29:f7:f2:29
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEBCPJ6jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MzQ0NmRhN2E3MGJjZTc3M2VjMmJjMTY1NWFhZTMwYzNjMTg0MTJjMB4XDTIyMDEw
MTA1NTcyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzM2OThlODBjYTI3
ZjNhZjM1MjcxZmM2MzRkYmZhMWY4ZTk3MmUxNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKoDiVjRtzcPPqzk5wQ1zUUdjuF91azcAYkalsQ+RgIN2A6d
gyYX+q0yQIcJbi5jE6IK+7AjXUc53PuuZLXL2BI9R+3fnN5EERkKon5aElWc83A+
MFPFsPudednmZTZnt0lbhqcU0uEsa8WCC/YDko7Og1e6FeQOfd1ty4UMK+a4kSPD
iFQJGo3G16JiSC4AWlWV0U1uezTXVe1zH4g+YdpVxDhf5e9ZQ/S4Y3OSUlBWTAvq
AIt+xxcMU+jDWhHgyjL3Ke6a6A+OE6Ea1lfhb0We0aztKly8yHliVt1H/czUfhxt
uYUBiZvN7NSi3gj89wyvkMgpu74KrVsv0mm6d0MCAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBTDaY6AyifzrzUnH8Y02/ofjpcuFDAfBgNVHSMEGDAWgBQjRG2npwvOdz7C
vBZVquMMPBhBLDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0kwUnRwNmNMem5jLXdyd1dWYXJqRER3WVFTdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWMvZjM1NDlmLTE4ZjctNDhiMC05MDFkLTI1Y2M5ZDZjZmJiOS8x
L3cybU9nTW9uODY4MUp4X0dOTnY2SDQ2WExoUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWMv
ZjM1NDlmLTE4ZjctNDhiMC05MDFkLTI1Y2M5ZDZjZmJiOS8xL0kwUnRwNmNMem5j
LXdyd1dWYXJqRER3WVFTdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQCLZnsAwQALZnuMA0GCSqGSIb3
DQEBCwUAA4IBAQAQzRGmceQCZOQqGYG3dfzVYbpStMlqZ2fqeR4gCOP7kEYJY6I+
hCMOflN70tW72R5LG5AXsHToEnMUFnPJLjSLDPMOA/+wSFpJiXlRxwQ7xSgDPv0z
UvYxff7V97K3Tw9GxSjhbAFCLWARIyaWDl+CDQDyi01dOQoKNn44Li1KuJyI8r0P
gi+YR2ORwP9RCPQF1Y284jb5rkxJYAb6VWr4xn209gpKhk2RjwRsQfxV1Z+e6xa5
guxnRj3zpMCM5Y9jtBEtDvdu9YjoRoGJq0AFuY7lgoCZy/Gl07T0bXyv92+q3c/N
eMpOndPeVsuHc9hBp1E2OVqt2siU70Ip9/Ip
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:07 2023 by rpki-client on console-fra.rpki-client.org