Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/a5980d-65f4-4573-9759-33415967c213/1/8jh4h8KkEPDu2KmiopvQKw9jm3k.roa
File: 8jh4h8KkEPDu2KmiopvQKw9jm3k.roa (raw, json)
Hash identifier: dHcI3CTAoGVBSQaU2qqiRoquhViMNOItWmnSzgW+U1c=
Subject key identifier: F2:38:78:87:C2:A4:10:F0:EE:D8:A9:A2:A2:9B:D0:2B:0F:63:9B:79
Certificate issuer: /CN=2326eeeadd4c0ee55b3594a596e67220819c18d5
Certificate serial: 0843C2CC
Authority key identifier: 23:26:EE:EA:DD:4C:0E:E5:5B:35:94:A5:96:E6:72:20:81:9C:18:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Iybu6t1MDuVbNZSlluZyIIGcGNU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/a5980d-65f4-4573-9759-33415967c213/1/8jh4h8KkEPDu2KmiopvQKw9jm3k.roa
Signing time: Wed 02 Feb 2022 22:55:42 +0000
ROA not before: Wed 02 Feb 2022 22:55:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51519
IP address blocks: 45.132.233.0/24 maxlen: 24
45.132.232.0/22 maxlen: 22
45.132.235.0/24 maxlen: 24
2a0e:73c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 138658508 (0x843c2cc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2326eeeadd4c0ee55b3594a596e67220819c18d5
Validity
Not Before: Feb 2 22:55:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f2387887c2a410f0eed8a9a2a29bd02b0f639b79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:38:53:a0:e4:27:53:e3:58:02:6d:07:cd:4c:
d1:16:79:c8:99:5d:c1:80:f8:51:2e:c9:53:83:06:
1d:76:fb:c4:ce:32:8f:f6:51:95:cc:2a:94:aa:97:
11:ca:a8:36:eb:c2:ae:ec:a3:72:68:a8:f9:bb:cf:
08:c1:d3:2b:5d:0b:3c:78:46:64:0a:05:9b:5b:47:
26:62:59:76:5c:23:1c:e4:e3:99:f1:d3:06:25:3a:
a0:4d:d3:a8:1e:e3:1a:0e:a6:d9:61:c7:f2:ae:b5:
21:63:41:1f:53:5d:03:0a:93:19:fc:2a:a4:06:16:
86:27:36:e8:db:f0:de:e7:3f:a6:39:5f:c0:e7:d1:
c8:cc:3a:78:a6:18:fe:ce:91:17:5d:d9:92:57:0d:
5f:11:2f:52:98:f5:f9:77:2e:f8:1c:a4:31:bc:fd:
e5:eb:95:35:85:18:0c:32:07:63:a1:d0:2d:14:73:
cf:b1:bb:15:ad:8c:5a:dd:58:72:fe:c6:e1:4e:ac:
b5:23:9a:68:c0:2b:01:24:ef:12:5f:c9:c8:2e:a6:
38:b3:f2:c8:9b:0a:a7:62:01:39:c3:26:9f:4e:0e:
12:28:6e:65:6d:3b:0b:ae:5f:91:fb:09:cd:43:5d:
00:a8:da:5e:c1:9b:03:d6:d5:91:4a:99:80:48:cd:
1c:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:38:78:87:C2:A4:10:F0:EE:D8:A9:A2:A2:9B:D0:2B:0F:63:9B:79
X509v3 Authority Key Identifier:
keyid:23:26:EE:EA:DD:4C:0E:E5:5B:35:94:A5:96:E6:72:20:81:9C:18:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Iybu6t1MDuVbNZSlluZyIIGcGNU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/a5980d-65f4-4573-9759-33415967c213/1/8jh4h8KkEPDu2KmiopvQKw9jm3k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/a5980d-65f4-4573-9759-33415967c213/1/Iybu6t1MDuVbNZSlluZyIIGcGNU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.232.0/22
IPv6:
2a0e:73c0::/29
Signature Algorithm: sha256WithRSAEncryption
19:75:b4:ea:92:43:4a:94:f1:a0:16:d6:31:5b:c9:77:6a:f2:
6a:09:a8:c2:70:ab:5d:36:17:8f:9f:61:0b:8c:ac:6b:ac:a7:
a9:27:bc:87:8f:67:f3:5a:f1:ed:14:47:2c:b2:cb:e0:83:c5:
8d:80:43:ce:60:a6:ff:8c:2c:6c:87:c9:59:4f:1e:46:a2:2a:
dd:23:d6:e0:21:a4:1a:9d:16:f0:ea:3d:af:31:80:e0:96:4d:
26:8a:61:e9:58:f0:98:b4:6f:8d:c2:ee:38:d1:8d:8a:72:f4:
5d:06:4c:4d:56:6f:1b:8e:88:51:7d:17:b0:90:0e:79:77:4a:
32:43:89:8d:37:77:fe:91:6c:82:66:14:b9:23:9b:40:db:67:
d6:16:e4:ae:b6:ce:d5:e2:c4:85:d0:41:f3:cf:9f:1f:1a:f3:
17:34:66:f1:70:93:ab:5c:7f:6d:a8:4f:90:63:47:8f:25:61:
a0:44:07:a6:97:1b:0d:1a:09:dd:63:45:e9:46:53:e7:b9:7e:
6f:09:ed:9b:b2:a8:08:96:56:57:41:a3:06:54:e0:4f:4a:bd:
75:c6:e2:93:2b:7a:f8:77:67:95:5d:81:70:7d:5a:ce:99:03:
e2:85:9c:1b:fb:64:a1:52:27:0d:18:97:ce:0a:58:15:81:17:
c8:05:19:bd
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIECEPCzDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MzI2ZWVlYWRkNGMwZWU1NWIzNTk0YTU5NmU2NzIyMDgxOWMxOGQ1MB4XDTIyMDIw
MjIyNTU0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjIzODc4ODdjMmE0
MTBmMGVlZDhhOWEyYTI5YmQwMmIwZjYzOWI3OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOE4U6DkJ1PjWAJtB81M0RZ5yJldwYD4US7JU4MGHXb7xM4y
j/ZRlcwqlKqXEcqoNuvCruyjcmio+bvPCMHTK10LPHhGZAoFm1tHJmJZdlwjHOTj
mfHTBiU6oE3TqB7jGg6m2WHH8q61IWNBH1NdAwqTGfwqpAYWhic26Nvw3uc/pjlf
wOfRyMw6eKYY/s6RF13ZklcNXxEvUpj1+Xcu+BykMbz95euVNYUYDDIHY6HQLRRz
z7G7Fa2MWt1Ycv7G4U6stSOaaMArASTvEl/JyC6mOLPyyJsKp2IBOcMmn04OEihu
ZW07C65fkfsJzUNdAKjaXsGbA9bVkUqZgEjNHN0CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBTyOHiHwqQQ8O7YqaKim9ArD2ObeTAfBgNVHSMEGDAWgBQjJu7q3UwO5Vs1
lKWW5nIggZwY1TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0l5YnU2dDFNRHVWYk5aU2xsdVp5SUlHY0dOVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmIvYTU5ODBkLTY1ZjQtNDU3My05NzU5LTMzNDE1OTY3YzIxMy8x
LzhqaDRoOEtrRVBEdTJLbWlvcHZRS3c5am0zay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmIv
YTU5ODBkLTY1ZjQtNDU3My05NzU5LTMzNDE1OTY3YzIxMy8xL0l5YnU2dDFNRHVW
Yk5aU2xsdVp5SUlHY0dOVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAi2E6DANBAIAAjAHAwUDKg5zwDAN
BgkqhkiG9w0BAQsFAAOCAQEAGXW06pJDSpTxoBbWMVvJd2ryagmownCrXTYXj59h
C4ysa6ynqSe8h49n81rx7RRHLLLL4IPFjYBDzmCm/4wsbIfJWU8eRqIq3SPW4CGk
Gp0W8Oo9rzGA4JZNJoph6VjwmLRvjcLuONGNinL0XQZMTVZvG46IUX0XsJAOeXdK
MkOJjTd3/pFsgmYUuSObQNtn1hbkrrbO1eLEhdBB88+fHxrzFzRm8XCTq1x/bahP
kGNHjyVhoEQHppcbDRoJ3WNF6UZT57l+bwntm7KoCJZWV0GjBlTgT0q9dcbikyt6
+HdnlV2BcH1azpkD4oWcG/tkoVInDRiXzgpYFYEXyAUZvQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:37 2024 by rpki-client on console-fra.rpki-client.org