Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/bQHkFPDcLNHLPtS8EYqKPBAE7GU.roa
File: bQHkFPDcLNHLPtS8EYqKPBAE7GU.roa (raw, json)
Hash identifier: 6eS+jCedrutWf4NcZBZC0nnj7oF47Oddp4cr/yQ+JuQ=
Subject key identifier: 6D:01:E4:14:F0:DC:2C:D1:CB:3E:D4:BC:11:8A:8A:3C:10:04:EC:65
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 0182CB143698CE84AB53FBDE12AF6493474D
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/bQHkFPDcLNHLPtS8EYqKPBAE7GU.roa
Signing time: Tue 23 Aug 2022 14:21:15 +0000
ROA not before: Tue 23 Aug 2022 14:21:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205361
IP address blocks: 45.8.200.0/24 maxlen: 24
45.8.201.0/24 maxlen: 24
5.180.48.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:cb:14:36:98:ce:84:ab:53:fb:de:12:af:64:93:47:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Aug 23 14:21:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6d01e414f0dc2cd1cb3ed4bc118a8a3c1004ec65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:94:d0:d6:c0:cb:54:0b:d8:68:b8:8d:3e:4f:
ff:06:45:37:ab:8a:b5:85:13:84:cd:c8:77:94:e6:
26:b0:02:dd:40:11:7c:c8:bf:fa:bb:4c:92:8d:5f:
f1:42:d8:2a:ff:dd:28:ac:3b:b9:2f:d3:76:9c:42:
9f:6c:59:01:0a:63:db:3b:a1:f1:c8:d5:7f:f6:26:
34:43:d5:d7:3e:42:39:a2:3c:ae:16:cf:88:0f:43:
aa:bd:bf:42:0a:b8:d9:ac:63:70:66:f7:4a:b4:1f:
4f:1f:4e:6f:ed:7f:cf:ee:c7:17:2c:83:66:fb:7f:
50:2d:79:bf:21:22:69:b2:ed:cf:e4:dd:ed:17:4c:
d4:20:f4:80:46:95:46:3b:bf:e8:20:ec:8e:f3:36:
f2:87:54:37:92:f1:0d:1a:a9:6e:07:40:a7:14:7b:
7c:bc:84:6c:f8:54:ae:0a:fd:b0:61:bf:ef:23:78:
91:83:ce:32:98:e7:94:a6:6e:39:6b:cc:b4:39:2c:
6a:49:e8:6a:23:17:66:62:35:9b:fe:c7:b6:1a:89:
cc:dc:90:11:40:82:16:aa:1d:15:90:08:46:5a:e7:
e8:89:ba:6f:a8:46:66:c0:83:94:c1:c8:a1:3f:56:
d2:0c:d3:39:c5:9f:03:e9:36:ab:d6:d2:58:b8:17:
09:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:01:E4:14:F0:DC:2C:D1:CB:3E:D4:BC:11:8A:8A:3C:10:04:EC:65
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/bQHkFPDcLNHLPtS8EYqKPBAE7GU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.48.0/24
45.8.200.0/23
Signature Algorithm: sha256WithRSAEncryption
18:b3:94:65:f9:62:72:68:e3:f5:1e:06:c6:a2:c5:ca:47:a0:
eb:92:93:5c:1c:a8:85:5b:83:7c:39:d1:2f:f6:93:42:14:d9:
c6:c8:7c:0f:5d:1f:2e:75:19:04:c3:64:f5:de:5b:b2:b4:bd:
e1:c4:48:9f:7a:57:20:93:a9:2e:79:8b:66:b7:ca:f4:e3:4e:
93:b7:44:85:3e:9f:56:75:bc:d0:92:58:14:52:14:5a:3e:92:
a6:13:ff:77:a4:3a:2e:7e:ae:53:6b:9e:3c:4c:1e:33:c5:ce:
7f:26:b3:e9:1d:cc:ec:d4:c0:a1:da:f3:72:f7:2a:bc:26:b2:
d9:28:b5:8c:4a:f4:59:2c:bb:9f:55:4c:e2:c9:3c:5e:9c:83:
6f:32:1b:83:a6:11:7f:57:cc:df:c0:ab:cc:18:a9:d9:a7:b1:
37:a5:15:31:0c:fe:0f:45:67:3f:e3:2c:5f:e3:b8:e3:f3:a3:
e7:71:c5:89:75:35:6e:8c:62:66:52:18:ea:5c:bf:fb:88:61:
e9:68:64:d1:df:55:d6:77:10:a5:5e:1d:58:9f:c4:b1:16:e8:
f7:24:75:99:c3:df:fc:cf:3a:97:8f:19:cf:ac:d0:c2:a6:d2:
4c:2a:a7:ac:1b:4e:07:a7:12:1c:a0:65:0b:32:80:74:f4:c2:
8c:8d:c9:52
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYLLFDaYzoSrU/veEq9kk0dNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjIwODIzMTQyMTE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDAxZTQxNGYwZGMyY2QxY2IzZWQ0YmMxMThhOGEzYzEwMDRlYzY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp5TQ1sDLVAvYaLiNPk//BkU3q4q1
hROEzch3lOYmsALdQBF8yL/6u0ySjV/xQtgq/90orDu5L9N2nEKfbFkBCmPbO6Hx
yNV/9iY0Q9XXPkI5ojyuFs+ID0Oqvb9CCrjZrGNwZvdKtB9PH05v7X/P7scXLINm
+39QLXm/ISJpsu3P5N3tF0zUIPSARpVGO7/oIOyO8zbyh1Q3kvENGqluB0CnFHt8
vIRs+FSuCv2wYb/vI3iRg84ymOeUpm45a8y0OSxqSehqIxdmYjWb/se2GonM3JAR
QIIWqh0VkAhGWufoibpvqEZmwIOUwcihP1bSDNM5xZ8D6Tar1tJYuBcJdQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFG0B5BTw3CzRyz7UvBGKijwQBOxlMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvYlFIa0ZQRGNMTkhMUHRTOEVZcUtQQkFFN0dVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABbQwAwQB
LQjIMA0GCSqGSIb3DQEBCwUAA4IBAQAYs5Rl+WJyaOP1HgbGosXKR6DrkpNcHKiF
W4N8OdEv9pNCFNnGyHwPXR8udRkEw2T13luytL3hxEifelcgk6kueYtmt8r0406T
t0SFPp9WdbzQklgUUhRaPpKmE/93pDoufq5Ta548TB4zxc5/JrPpHczs1MCh2vNy
9yq8JrLZKLWMSvRZLLufVUziyTxenINvMhuDphF/V8zfwKvMGKnZp7E3pRUxDP4P
RWc/4yxf47jj86PnccWJdTVujGJmUhjqXL/7iGHpaGTR31XWdxClXh1Yn8SxFuj3
JHWZw9/8zzqXjxnPrNDCptJMKqesG04HpxIcoGULMoB09MKMjclS
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:22 2023 by rpki-client on console-ams.rpki-client.org