Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/feece0-3226-41d6-9461-edefbc24c822/1/RRFNJaTK77rmOulyMXv5v8RKm70.roa
File: RRFNJaTK77rmOulyMXv5v8RKm70.roa (raw, json)
Hash identifier: c97T2XO7EMgcr/V4f/MMCj6i/4x1CFU45c1jzPAX+mQ=
Subject key identifier: 45:11:4D:25:A4:CA:EF:BA:E6:3A:E9:72:31:7B:F9:BF:C4:4A:9B:BD
Certificate issuer: /CN=998674263fccd07f684e1e199302eeefe783fb3d
Certificate serial: 0183654D03E46D958072BBF90BA12936408A
Authority key identifier: 99:86:74:26:3F:CC:D0:7F:68:4E:1E:19:93:02:EE:EF:E7:83:FB:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mYZ0Jj_M0H9oTh4ZkwLu7-eD-z0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/feece0-3226-41d6-9461-edefbc24c822/1/RRFNJaTK77rmOulyMXv5v8RKm70.roa
Signing time: Thu 22 Sep 2022 13:04:49 +0000
ROA not before: Thu 22 Sep 2022 13:04:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208429
IP address blocks: 45.137.164.0/22 maxlen: 22
2a0e:a440::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:65:4d:03:e4:6d:95:80:72:bb:f9:0b:a1:29:36:40:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=998674263fccd07f684e1e199302eeefe783fb3d
Validity
Not Before: Sep 22 13:04:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=45114d25a4caefbae63ae972317bf9bfc44a9bbd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:e4:a4:a3:cc:c4:65:4b:8a:4e:e4:b2:e1:b3:
c9:6b:3d:b4:ee:69:3a:11:e2:44:f3:77:89:86:55:
de:d6:63:50:22:90:ac:96:15:c2:4c:21:a0:ac:bd:
f8:b0:ff:26:fd:ca:05:94:e9:6e:4a:94:fb:22:c9:
f4:d2:ec:ca:ea:ad:d6:32:d3:e9:a7:85:4c:e4:cf:
f6:7c:58:ec:aa:51:0c:22:5a:8f:b4:2d:37:c7:49:
71:2d:35:5d:e5:21:26:a0:5a:7f:19:54:fe:45:dd:
2f:c2:e0:72:76:ff:ce:7d:d5:97:04:79:db:fd:c0:
15:9c:b7:a5:17:0d:63:07:ba:35:b9:c8:75:94:99:
3f:31:bc:91:25:46:31:e6:ad:38:58:0a:95:ed:30:
87:bb:9f:d3:c5:fe:3f:74:3b:37:d1:85:1a:fa:cb:
03:c3:bf:0d:44:50:ec:96:98:c0:aa:31:ba:f2:d5:
03:38:b6:9b:11:cf:e3:91:14:33:1f:f7:da:58:43:
0a:17:a4:67:bc:94:66:31:59:7c:2e:db:ce:77:d0:
5d:4c:dc:cd:e1:4b:a6:21:8a:c6:48:69:29:d0:58:
d9:89:b6:c7:9f:7a:36:ab:b6:fd:55:7b:57:e0:f6:
c7:e0:ff:94:96:65:a0:7f:0d:b6:a8:e1:0e:76:63:
5e:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:11:4D:25:A4:CA:EF:BA:E6:3A:E9:72:31:7B:F9:BF:C4:4A:9B:BD
X509v3 Authority Key Identifier:
keyid:99:86:74:26:3F:CC:D0:7F:68:4E:1E:19:93:02:EE:EF:E7:83:FB:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mYZ0Jj_M0H9oTh4ZkwLu7-eD-z0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/feece0-3226-41d6-9461-edefbc24c822/1/RRFNJaTK77rmOulyMXv5v8RKm70.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/feece0-3226-41d6-9461-edefbc24c822/1/mYZ0Jj_M0H9oTh4ZkwLu7-eD-z0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.164.0/22
IPv6:
2a0e:a440::/29
Signature Algorithm: sha256WithRSAEncryption
98:88:a9:38:e1:8b:0b:69:1a:15:08:57:90:a6:d0:2a:be:6f:
6f:3c:f1:59:26:2c:73:23:3c:dd:d0:b4:cf:b0:2d:60:f6:48:
b4:2b:2d:5d:d4:b5:73:d1:c3:49:16:f5:df:d6:37:ac:fd:6c:
97:6b:e3:32:32:9c:63:76:98:e7:d8:9b:62:f5:9c:f2:92:c1:
bb:ab:de:73:77:94:7c:b8:a9:6c:70:7a:fd:b1:e9:8d:06:a9:
ac:ac:1a:53:48:9f:f6:5c:0e:ea:f5:cb:3e:fc:cf:0a:3f:cc:
bc:b4:31:89:48:aa:06:e4:47:b6:ba:17:73:d4:8e:95:ff:57:
ca:3b:84:36:35:0f:31:3e:d1:0b:89:d2:22:5c:2e:5a:bb:1c:
b2:11:0b:a7:83:ba:02:84:9b:e4:e2:c8:96:27:e7:c0:ba:a5:
b4:f1:bd:f3:05:9e:64:4e:6a:4d:1e:92:77:3a:ba:d2:fe:c4:
0f:c6:0c:55:d1:99:11:c2:8d:ef:b5:a1:75:aa:28:13:75:e6:
69:f5:53:20:89:5c:93:c6:b5:5b:12:b5:c3:99:2e:2c:c6:13:
ca:5d:74:34:92:58:b1:26:3a:0b:d4:55:85:e2:16:3e:76:64:
6b:a4:95:89:13:f1:46:6f:8c:66:09:bd:d4:3a:b1:9b:7f:cc:
10:3a:28:2b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYNlTQPkbZWAcrv5C6EpNkCKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5ODY3NDI2M2ZjY2QwN2Y2ODRlMWUxOTkzMDJlZWVmZTc4
M2ZiM2QwHhcNMjIwOTIyMTMwNDQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTExNGQyNWE0Y2FlZmJhZTYzYWU5NzIzMTdiZjliZmM0NGE5YmJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmOSko8zEZUuKTuSy4bPJaz207mk6
EeJE83eJhlXe1mNQIpCslhXCTCGgrL34sP8m/coFlOluSpT7Isn00uzK6q3WMtPp
p4VM5M/2fFjsqlEMIlqPtC03x0lxLTVd5SEmoFp/GVT+Rd0vwuBydv/OfdWXBHnb
/cAVnLelFw1jB7o1uch1lJk/MbyRJUYx5q04WAqV7TCHu5/Txf4/dDs30YUa+ssD
w78NRFDslpjAqjG68tUDOLabEc/jkRQzH/faWEMKF6RnvJRmMVl8LtvOd9BdTNzN
4UumIYrGSGkp0FjZibbHn3o2q7b9VXtX4PbH4P+UlmWgfw22qOEOdmNeDwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEURTSWkyu+65jrpcjF7+b/ESpu9MB8GA1UdIwQY
MBaAFJmGdCY/zNB/aE4eGZMC7u/ng/s9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVlaMEpqX00wSDlvVGg0Wmt3THU3LWVELXowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy9mZWVjZTAtMzIyNi00MWQ2LTk0NjEt
ZWRlZmJjMjRjODIyLzEvUlJGTkphVEs3N3JtT3VseU1YdjV2OFJLbTcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy9mZWVjZTAtMzIyNi00MWQ2LTk0NjEtZWRlZmJjMjRjODIy
LzEvbVlaMEpqX00wSDlvVGg0Wmt3THU3LWVELXowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLYmkMA0E
AgACMAcDBQMqDqRAMA0GCSqGSIb3DQEBCwUAA4IBAQCYiKk44YsLaRoVCFeQptAq
vm9vPPFZJixzIzzd0LTPsC1g9ki0Ky1d1LVz0cNJFvXf1jes/WyXa+MyMpxjdpjn
2Jti9ZzyksG7q95zd5R8uKlscHr9semNBqmsrBpTSJ/2XA7q9cs+/M8KP8y8tDGJ
SKoG5Ee2uhdz1I6V/1fKO4Q2NQ8xPtELidIiXC5auxyyEQung7oChJvk4siWJ+fA
uqW08b3zBZ5kTmpNHpJ3OrrS/sQPxgxV0ZkRwo3vtaF1qigTdeZp9VMgiVyTxrVb
ErXDmS4sxhPKXXQ0klixJjoL1FWF4hY+dmRrpJWJE/FGb4xmCb3UOrGbf8wQOigr
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:05 2023 by rpki-client on console-fra.rpki-client.org