Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/9F7uNvjJxCv2j8tgPQbSdnaB7Rk.roa
File: 9F7uNvjJxCv2j8tgPQbSdnaB7Rk.roa (raw, json)
Hash identifier: w/UNtNnyR5OiVJRIT4zJWwa+n029joYAfE79wBsQnVQ=
Subject key identifier: F4:5E:EE:36:F8:C9:C4:2B:F6:8F:CB:60:3D:06:D2:76:76:81:ED:19
Certificate issuer: /CN=e754c347d68d15493de71bb962f0a567e134d603
Certificate serial: 1AAB9FAB
Authority key identifier: E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/9F7uNvjJxCv2j8tgPQbSdnaB7Rk.roa
Signing time: Sat 01 Jan 2022 12:02:41 +0000
ROA not before: Sat 01 Jan 2022 12:02:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 40676
IP address blocks: 162.217.251.0/24 maxlen: 24
155.254.62.0/24 maxlen: 24
107.161.174.0/24 maxlen: 24
107.161.175.0/24 maxlen: 24
107.181.133.0/24 maxlen: 24
107.181.135.0/24 maxlen: 24
2a07:9944:1b::/48 maxlen: 48
2a07:9944:1c::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 447455147 (0x1aab9fab)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e754c347d68d15493de71bb962f0a567e134d603
Validity
Not Before: Jan 1 12:02:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f45eee36f8c9c42bf68fcb603d06d2767681ed19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:58:e5:91:02:a3:a3:6b:cb:aa:5b:64:25:dc:
8c:38:09:d8:7c:31:29:13:ff:91:75:d8:97:41:d5:
e2:4b:c4:65:7a:25:f7:95:9d:59:c6:46:c9:44:a2:
c7:a8:16:64:26:a5:3e:52:81:98:a4:ca:cd:78:a2:
79:1c:da:bb:6b:bd:36:8e:51:3c:fe:0e:a0:a1:06:
0f:af:99:56:9f:7a:36:94:5b:2d:b7:69:22:19:22:
07:6a:b3:9a:a8:84:5e:ea:a9:73:af:00:ce:d4:77:
57:ec:12:b3:55:a9:05:49:74:51:b5:07:a0:1e:1c:
a5:a9:e8:0a:8d:9b:a4:a8:87:10:98:e2:26:f1:cb:
0c:43:e4:75:d9:2e:ff:1e:bf:19:38:0c:7c:0a:95:
5b:4e:2f:98:6b:5a:c6:bd:92:e4:50:62:04:68:fa:
43:54:c2:ce:af:1c:ed:31:74:01:eb:83:79:1d:47:
c2:51:3f:f2:f4:f1:99:0c:e7:9d:6e:1b:d8:a4:2a:
e5:2f:7d:ba:a4:16:c3:19:f3:f2:7d:5c:bd:22:49:
9e:30:f9:b5:9a:10:5c:36:36:9b:76:82:c2:b2:16:
15:44:13:53:c5:4d:06:fb:b4:60:96:cd:c4:d0:da:
5b:74:e2:f5:c2:2f:d8:e7:ec:ce:f4:7c:6c:20:91:
a6:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:5E:EE:36:F8:C9:C4:2B:F6:8F:CB:60:3D:06:D2:76:76:81:ED:19
X509v3 Authority Key Identifier:
keyid:E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/9F7uNvjJxCv2j8tgPQbSdnaB7Rk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/51TDR9aNFUk95xu5YvClZ-E01gM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
107.161.174.0/23
107.181.133.0/24
107.181.135.0/24
155.254.62.0/24
162.217.251.0/24
IPv6:
2a07:9944:1b::-2a07:9944:1c:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
91:8a:32:fd:1d:05:64:62:cc:25:bc:7e:1d:b6:05:53:ad:a3:
1a:a6:79:57:72:a2:48:df:e5:bf:08:72:9f:eb:37:5a:67:74:
14:0e:55:a9:f8:0d:6f:67:eb:de:8b:74:bc:38:f5:45:db:7c:
f5:5e:0a:5f:23:ee:b0:a4:3a:e7:92:a0:d3:53:76:31:6d:9f:
bf:e9:30:88:6b:29:45:50:92:70:96:53:9a:6d:fb:46:95:04:
cc:c2:21:99:f0:19:9c:34:c7:3d:f9:61:c4:2e:4c:4e:ea:ef:
61:7b:3b:55:93:98:b2:84:e5:38:33:c7:fc:e0:bb:63:a3:49:
f2:51:9e:ed:52:7b:57:ea:51:18:4c:78:fc:2b:83:46:1e:fa:
0c:bb:df:3d:ce:48:4b:a5:47:3a:19:f5:b6:ee:c8:7d:2b:8b:
10:b3:37:71:d1:49:9b:75:1c:41:61:c0:37:0c:3c:4e:f2:9f:
5e:26:04:cb:32:cc:df:96:6c:77:55:f5:ce:df:12:7f:0a:d2:
20:b4:87:e5:74:a2:79:f9:62:67:f6:a1:92:72:0b:12:67:56:
5a:c3:da:18:02:b7:9e:b3:eb:4f:77:b6:aa:c5:09:b7:e8:49:
06:53:28:02:5f:bb:d6:ef:f3:1a:75:fc:09:e1:9e:de:44:05:
5e:da:c6:01
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgIEGqufqzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
NzU0YzM0N2Q2OGQxNTQ5M2RlNzFiYjk2MmYwYTU2N2UxMzRkNjAzMB4XDTIyMDEw
MTEyMDI0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjQ1ZWVlMzZmOGM5
YzQyYmY2OGZjYjYwM2QwNmQyNzY3NjgxZWQxOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJJY5ZECo6Nry6pbZCXcjDgJ2HwxKRP/kXXYl0HV4kvEZXol
95WdWcZGyUSix6gWZCalPlKBmKTKzXiieRzau2u9No5RPP4OoKEGD6+ZVp96NpRb
LbdpIhkiB2qzmqiEXuqpc68AztR3V+wSs1WpBUl0UbUHoB4cpanoCo2bpKiHEJji
JvHLDEPkddku/x6/GTgMfAqVW04vmGtaxr2S5FBiBGj6Q1TCzq8c7TF0AeuDeR1H
wlE/8vTxmQznnW4b2KQq5S99uqQWwxnz8n1cvSJJnjD5tZoQXDY2m3aCwrIWFUQT
U8VNBvu0YJbNxNDaW3Ti9cIv2OfszvR8bCCRplkCAwEAAaOCAj0wggI5MB0GA1Ud
DgQWBBT0Xu42+MnEK/aPy2A9BtJ2doHtGTAfBgNVHSMEGDAWgBTnVMNH1o0VST3n
G7li8KVn4TTWAzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzUxVERSOWFORlVrOTV4dTVZdkNsWi1FMDFnTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjAvNDZkYjNhLWE1NzMtNGYyOC1iNDNiLTM3YjYyZDIyMzkyNC8x
LzlGN3VOdmpKeEN2Mmo4dGdQUWJTZG5hQjdSay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjAv
NDZkYjNhLWE1NzMtNGYyOC1iNDNiLTM3YjYyZDIyMzkyNC8xLzUxVERSOWFORlVr
OTV4dTVZdkNsWi1FMDFnTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBT
BggrBgEFBQcBBwEB/wREMEIwJAQCAAEwHgMEAWuhrgMEAGu1hQMEAGu1hwMEAJv+
PgMEAKLZ+zAaBAIAAjAUMBIDBwAqB5lEABsDBwAqB5lEABwwDQYJKoZIhvcNAQEL
BQADggEBAJGKMv0dBWRizCW8fh22BVOtoxqmeVdyokjf5b8Icp/rN1pndBQOVan4
DW9n696LdLw49UXbfPVeCl8j7rCkOueSoNNTdjFtn7/pMIhrKUVQknCWU5pt+0aV
BMzCIZnwGZw0xz35YcQuTE7q72F7O1WTmLKE5Tgzx/zgu2OjSfJRnu1Se1fqURhM
ePwrg0Ye+gy73z3OSEulRzoZ9bbuyH0rixCzN3HRSZt1HEFhwDcMPE7yn14mBMsy
zN+WbHdV9c7fEn8K0iC0h+V0onn5Ymf2oZJyCxJnVlrD2hgCt56z6093tqrFCbfo
SQZTKAJfu9bv8xp1/Anhnt5EBV7axgE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:53 2024 by rpki-client on console-ams.rpki-client.org