Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/pHWrD3GuL28SUBIR1MdHfYdEsGc.roa
File: pHWrD3GuL28SUBIR1MdHfYdEsGc.roa (raw, json)
Hash identifier: J9m0tfbGyE/uQt9PzmCJp22fZMclMkZE7guvX8r0xzg=
Subject key identifier: A4:75:AB:0F:71:AE:2F:6F:12:50:12:11:D4:C7:47:7D:87:44:B0:67
Certificate issuer: /CN=b1af12f5ca75c922a4aa5dacb49c04a93237f4ed
Certificate serial: 01849D88736EC50F7FDA21F60B1D56EEFC0E
Authority key identifier: B1:AF:12:F5:CA:75:C9:22:A4:AA:5D:AC:B4:9C:04:A9:32:37:F4:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sa8S9cp1ySKkql2stJwEqTI39O0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/pHWrD3GuL28SUBIR1MdHfYdEsGc.roa
Signing time: Tue 22 Nov 2022 04:11:16 +0000
ROA not before: Tue 22 Nov 2022 04:11:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34665
IP address blocks: 45.143.202.0/24 maxlen: 24
92.63.202.0/24 maxlen: 24
185.156.75.0/24 maxlen: 24
2a0e:e5c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:9d:88:73:6e:c5:0f:7f:da:21:f6:0b:1d:56:ee:fc:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1af12f5ca75c922a4aa5dacb49c04a93237f4ed
Validity
Not Before: Nov 22 04:11:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a475ab0f71ae2f6f12501211d4c7477d8744b067
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:3b:b1:ce:c8:c6:b5:bf:2f:04:ae:4d:74:28:
e2:c5:df:68:a1:60:b7:9a:7d:51:41:0b:3c:47:fb:
24:33:3a:a9:61:41:b6:95:6d:4d:d6:56:45:be:1f:
f1:d9:90:ba:73:f5:f7:f2:88:5f:76:da:c6:13:2c:
c7:33:6a:35:eb:d3:91:6a:29:11:65:b1:2f:92:9d:
87:28:9e:e9:91:f4:49:5c:fe:56:de:b9:5c:b1:10:
b8:4e:84:ce:e0:ea:e5:33:f8:03:52:4d:dd:80:e2:
b0:8e:d0:f1:0d:e7:f9:21:5d:53:a5:67:72:3f:00:
9a:47:a3:5d:59:cd:4f:e0:7d:7f:95:dc:dd:f7:f9:
bc:c6:db:24:47:64:e0:7f:8f:0f:31:a0:36:b4:cd:
54:0f:42:d0:20:d5:16:9c:f1:d1:64:68:8a:95:7c:
0b:15:8c:1c:ff:43:f9:30:64:a6:5e:72:a5:85:58:
6c:bc:d8:c5:2a:e6:96:8b:b9:f6:7a:17:0e:47:78:
24:97:28:aa:87:69:ca:1b:83:e4:e4:f0:37:5d:b1:
80:a8:83:79:e2:8f:a6:7b:ee:f7:b6:18:9a:3a:79:
57:5d:21:ae:73:a2:ad:42:c7:64:37:b1:e8:df:c0:
f4:29:e8:2e:88:16:b2:4c:c3:ec:88:23:79:b3:41:
1d:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:75:AB:0F:71:AE:2F:6F:12:50:12:11:D4:C7:47:7D:87:44:B0:67
X509v3 Authority Key Identifier:
keyid:B1:AF:12:F5:CA:75:C9:22:A4:AA:5D:AC:B4:9C:04:A9:32:37:F4:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sa8S9cp1ySKkql2stJwEqTI39O0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/pHWrD3GuL28SUBIR1MdHfYdEsGc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/sa8S9cp1ySKkql2stJwEqTI39O0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.202.0/24
92.63.202.0/24
185.156.75.0/24
IPv6:
2a0e:e5c0::/29
Signature Algorithm: sha256WithRSAEncryption
84:1c:b5:2c:77:2b:08:78:7f:d6:28:73:17:78:82:7d:5b:b9:
23:85:83:c2:a9:15:98:eb:37:ea:5e:1c:1c:40:05:69:60:8a:
b8:18:c2:1b:2c:94:5f:ad:8f:b6:1d:7d:a7:5e:72:19:e5:9e:
e0:60:8d:5f:25:07:86:01:a8:35:df:ff:4b:84:6c:32:e2:1e:
2c:9f:d5:d1:0f:bd:45:b0:b7:33:d2:ba:61:24:13:a5:f8:a9:
9b:b1:99:6d:a9:a8:34:00:b6:4c:b8:0e:57:00:93:68:e9:ea:
b2:4d:3d:9c:d7:79:af:34:cb:6a:b7:0c:e3:a3:55:4d:24:5f:
62:67:5e:51:86:86:ef:6a:81:ac:88:dd:ba:bc:80:de:23:61:
d4:01:f4:7b:8f:43:84:b9:08:40:4b:6f:79:75:94:83:c0:8c:
2a:95:af:3b:6c:b6:31:7a:8d:0e:54:26:bc:70:8c:3f:c2:81:
84:a6:31:b1:74:e9:59:63:37:72:ca:72:83:ee:c2:13:7c:a5:
8f:e2:7c:69:0c:28:61:7e:4e:98:54:52:38:2e:4d:f0:ef:e0:
e2:fe:a9:01:e4:9e:22:51:5d:43:2a:1f:af:df:dd:4d:9b:25:
16:57:53:cd:49:a4:42:a9:df:5e:59:da:51:04:da:97:f3:6c:
47:f3:ce:ff
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYSdiHNuxQ9/2iH2Cx1W7vwOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYWYxMmY1Y2E3NWM5MjJhNGFhNWRhY2I0OWMwNGE5MzIz
N2Y0ZWQwHhcNMjIxMTIyMDQxMTE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDc1YWIwZjcxYWUyZjZmMTI1MDEyMTFkNGM3NDc3ZDg3NDRiMDY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzjuxzsjGtb8vBK5NdCjixd9ooWC3
mn1RQQs8R/skMzqpYUG2lW1N1lZFvh/x2ZC6c/X38ohfdtrGEyzHM2o169ORaikR
ZbEvkp2HKJ7pkfRJXP5W3rlcsRC4ToTO4OrlM/gDUk3dgOKwjtDxDef5IV1TpWdy
PwCaR6NdWc1P4H1/ldzd9/m8xtskR2Tgf48PMaA2tM1UD0LQINUWnPHRZGiKlXwL
FYwc/0P5MGSmXnKlhVhsvNjFKuaWi7n2ehcOR3gklyiqh2nKG4Pk5PA3XbGAqIN5
4o+me+73thiaOnlXXSGuc6KtQsdkN7Ho38D0KeguiBayTMPsiCN5s0EdIwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFKR1qw9xri9vElASEdTHR32HRLBnMB8GA1UdIwQY
MBaAFLGvEvXKdckipKpdrLScBKkyN/TtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2E4UzljcDF5U0trcWwyc3RKd0VxVEkzOU8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9jYmNmNjgtN2NiZi00N2YwLTgyZWUt
NTc2MGVmYmNjNjU0LzEvcEhXckQzR3VMMjhTVUJJUjFNZEhmWWRFc0djLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9jYmNmNjgtN2NiZi00N2YwLTgyZWUtNTc2MGVmYmNjNjU0
LzEvc2E4UzljcDF5U0trcWwyc3RKd0VxVEkzOU8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQALY/KAwQA
XD/KAwQAuZxLMA0EAgACMAcDBQMqDuXAMA0GCSqGSIb3DQEBCwUAA4IBAQCEHLUs
dysIeH/WKHMXeIJ9W7kjhYPCqRWY6zfqXhwcQAVpYIq4GMIbLJRfrY+2HX2nXnIZ
5Z7gYI1fJQeGAag13/9LhGwy4h4sn9XRD71FsLcz0rphJBOl+KmbsZltqag0ALZM
uA5XAJNo6eqyTT2c13mvNMtqtwzjo1VNJF9iZ15RhobvaoGsiN26vIDeI2HUAfR7
j0OEuQhAS295dZSDwIwqla87bLYxeo0OVCa8cIw/woGEpjGxdOlZYzdyynKD7sIT
fKWP4nxpDChhfk6YVFI4Lk3w7+Di/qkB5J4iUV1DKh+v391NmyUWV1PNSaRCqd9e
WdpRBNqX82xH887/
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:01 2023 by rpki-client on console-ams.rpki-client.org