Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/DX9rharg97cLFS1KDEfYmRMYnX4.roa
File: DX9rharg97cLFS1KDEfYmRMYnX4.roa (raw, json)
Hash identifier: eT/xSRy9jMXfvNVRICKVQ3Jw/SxioVe5VBWL+xZ2Lb0=
Subject key identifier: 0D:7F:6B:85:AA:E0:F7:B7:0B:15:2D:4A:0C:47:D8:99:13:18:9D:7E
Certificate issuer: /CN=e754c347d68d15493de71bb962f0a567e134d603
Certificate serial: 1AE1529C
Authority key identifier: E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/DX9rharg97cLFS1KDEfYmRMYnX4.roa
Signing time: Thu 20 Jan 2022 14:13:58 +0000
ROA not before: Thu 20 Jan 2022 14:13:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 198.105.124.0/22 maxlen: 24
198.105.126.0/24 maxlen: 24
155.254.36.0/22 maxlen: 24
45.43.68.0/22 maxlen: 24
107.181.128.0/22 maxlen: 24
107.181.140.0/22 maxlen: 24
107.181.152.0/24 maxlen: 24
198.105.100.0/22 maxlen: 24
198.105.116.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 450974364 (0x1ae1529c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e754c347d68d15493de71bb962f0a567e134d603
Validity
Not Before: Jan 20 14:13:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0d7f6b85aae0f7b70b152d4a0c47d89913189d7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:0e:be:b7:9a:5a:e0:33:c7:10:0f:8d:ac:0f:
e3:f9:86:69:a8:a8:e6:74:38:0d:ec:cb:61:e3:39:
58:a7:17:6e:f5:0b:08:f9:09:1c:15:a7:af:3d:21:
b0:87:4b:5a:96:34:fe:d1:55:b2:62:09:e4:ae:d4:
cb:af:90:b4:f0:f7:41:5d:bf:7b:94:97:b0:14:76:
38:10:ec:c5:c1:26:aa:6c:21:15:10:f7:70:cb:08:
0b:91:82:58:90:53:ed:1b:c8:2f:27:d0:87:12:44:
93:e9:4d:c8:12:a8:82:7d:2d:a8:fb:51:ed:eb:4e:
9c:9b:1a:0c:87:a8:cd:83:9d:aa:c0:cb:97:92:04:
63:99:20:b5:5d:8d:61:3a:9a:08:09:58:37:d1:97:
4b:3b:f7:45:37:63:47:df:92:fe:8f:c4:82:8d:5a:
9d:d5:4e:ce:6a:3c:7e:2e:12:26:aa:ed:42:98:89:
e0:15:2a:c8:c3:bb:10:d1:a2:ad:77:9a:cc:1b:69:
01:de:7f:53:3d:99:c8:59:e1:0c:76:ed:18:8f:1b:
15:a7:66:17:37:7f:d2:c4:07:80:3d:b4:ec:fe:79:
5d:a0:62:78:45:16:db:64:ba:ca:bd:49:15:ca:e3:
89:e0:d6:f8:cb:f1:70:14:68:1b:19:46:c2:07:c2:
93:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:7F:6B:85:AA:E0:F7:B7:0B:15:2D:4A:0C:47:D8:99:13:18:9D:7E
X509v3 Authority Key Identifier:
keyid:E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/DX9rharg97cLFS1KDEfYmRMYnX4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/51TDR9aNFUk95xu5YvClZ-E01gM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.68.0/22
107.181.128.0/22
107.181.140.0/22
107.181.152.0/24
155.254.36.0/22
198.105.100.0/22
198.105.116.0/22
198.105.124.0/22
Signature Algorithm: sha256WithRSAEncryption
90:73:72:61:d1:8d:50:6f:9f:40:1b:10:ad:fb:98:dc:00:73:
31:73:f9:e6:25:34:fb:81:4b:fb:b3:dd:d1:e4:57:e8:66:60:
da:f5:d2:06:b8:e0:99:c7:06:37:d8:72:14:32:39:e5:54:c8:
7b:e6:c7:55:31:27:5c:91:9b:32:ea:f9:11:0e:4a:3b:f2:a0:
f1:b1:75:32:8b:f8:ee:06:12:27:2a:99:4e:2d:d5:5e:55:ec:
23:37:db:9b:d3:6e:b8:4f:43:bf:27:7e:b7:a8:83:de:76:92:
2f:ed:55:22:8e:0f:7c:94:57:c1:ba:0a:76:39:39:a5:0c:e9:
ec:3d:49:49:4e:16:0e:6c:e4:f6:0b:8d:df:58:ae:19:a8:c6:
fa:28:af:ae:df:6d:8b:21:a9:3f:4c:1c:d0:84:0f:7a:5e:5c:
c6:99:0b:ae:64:e2:b7:54:3d:cf:4d:05:a6:74:e6:84:50:4a:
8d:11:22:ae:30:28:39:86:9a:84:9a:c6:e5:b0:a1:96:ab:a1:
16:36:5e:fc:1e:7a:e0:9f:28:56:2c:a4:b3:0f:76:14:58:e1:
e5:b0:ba:95:d4:d2:63:c8:90:5c:31:f0:35:af:7c:0c:1b:f9:
89:19:61:75:34:ed:ff:a1:9c:a9:e4:84:eb:37:7e:37:3e:53:
21:6b:f8:c6
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgIEGuFSnDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
NzU0YzM0N2Q2OGQxNTQ5M2RlNzFiYjk2MmYwYTU2N2UxMzRkNjAzMB4XDTIyMDEy
MDE0MTM1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGQ3ZjZiODVhYWUw
ZjdiNzBiMTUyZDRhMGM0N2Q4OTkxMzE4OWQ3ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJEOvreaWuAzxxAPjawP4/mGaaio5nQ4DezLYeM5WKcXbvUL
CPkJHBWnrz0hsIdLWpY0/tFVsmIJ5K7Uy6+QtPD3QV2/e5SXsBR2OBDsxcEmqmwh
FRD3cMsIC5GCWJBT7RvILyfQhxJEk+lNyBKogn0tqPtR7etOnJsaDIeozYOdqsDL
l5IEY5kgtV2NYTqaCAlYN9GXSzv3RTdjR9+S/o/Ego1andVOzmo8fi4SJqrtQpiJ
4BUqyMO7ENGirXeazBtpAd5/Uz2ZyFnhDHbtGI8bFadmFzd/0sQHgD207P55XaBi
eEUW22S6yr1JFcrjieDW+MvxcBRoGxlGwgfCk7MCAwEAAaOCAjMwggIvMB0GA1Ud
DgQWBBQNf2uFquD3twsVLUoMR9iZExidfjAfBgNVHSMEGDAWgBTnVMNH1o0VST3n
G7li8KVn4TTWAzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzUxVERSOWFORlVrOTV4dTVZdkNsWi1FMDFnTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjAvNDZkYjNhLWE1NzMtNGYyOC1iNDNiLTM3YjYyZDIyMzkyNC8x
L0RYOXJoYXJnOTdjTEZTMUtERWZZbVJNWW5YNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjAv
NDZkYjNhLWE1NzMtNGYyOC1iNDNiLTM3YjYyZDIyMzkyNC8xLzUxVERSOWFORlVr
OTV4dTVZdkNsWi1FMDFnTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBJ
BggrBgEFBQcBBwEB/wQ6MDgwNgQCAAEwMAMEAi0rRAMEAmu1gAMEAmu1jAMEAGu1
mAMEApv+JAMEAsZpZAMEAsZpdAMEAsZpfDANBgkqhkiG9w0BAQsFAAOCAQEAkHNy
YdGNUG+fQBsQrfuY3ABzMXP55iU0+4FL+7Pd0eRX6GZg2vXSBrjgmccGN9hyFDI5
5VTIe+bHVTEnXJGbMur5EQ5KO/Kg8bF1Mov47gYSJyqZTi3VXlXsIzfbm9NuuE9D
vyd+t6iD3naSL+1VIo4PfJRXwboKdjk5pQzp7D1JSU4WDmzk9guN31iuGajG+iiv
rt9tiyGpP0wc0IQPel5cxpkLrmTit1Q9z00FpnTmhFBKjREirjAoOYaahJrG5bCh
lquhFjZe/B564J8oViyksw92FFjh5bC6ldTSY8iQXDHwNa98DBv5iRlhdTTt/6Gc
qeSE6zd+Nz5TIWv4xg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:04 2024 by rpki-client on console-fra.rpki-client.org