Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/9f18f8-96c4-4b23-931f-d5f047c29190/1/8krpu6NMtYKyuYRpn2z2ocjSO7M.roa
File: 8krpu6NMtYKyuYRpn2z2ocjSO7M.roa (raw, json)
Hash identifier: 3R8sMWyeMuoELGg37z5QZvKe6w2rHrHwmDqk+6pntP4=
Subject key identifier: F2:4A:E9:BB:A3:4C:B5:82:B2:B9:84:69:9F:6C:F6:A1:C8:D2:3B:B3
Certificate issuer: /CN=33358b451ee0fe85b004a0564f8310fb211c95fa
Certificate serial: 0791BA7C
Authority key identifier: 33:35:8B:45:1E:E0:FE:85:B0:04:A0:56:4F:83:10:FB:21:1C:95:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MzWLRR7g_oWwBKBWT4MQ-yEclfo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/9f18f8-96c4-4b23-931f-d5f047c29190/1/8krpu6NMtYKyuYRpn2z2ocjSO7M.roa
Signing time: Sat 01 Jan 2022 12:59:50 +0000
ROA not before: Sat 01 Jan 2022 12:59:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 64425
IP address blocks: 45.148.123.0/24 maxlen: 24
45.148.120.0/24 maxlen: 24
45.148.121.0/24 maxlen: 24
45.148.122.0/24 maxlen: 24
2a0f:5e05::/32 maxlen: 32
2a0f:5e03::/32 maxlen: 32
2a0f:5e07::/32 maxlen: 32
2a0f:5e01::/32 maxlen: 32
2a0f:5e04::/32 maxlen: 32
2a0f:5e02::/32 maxlen: 32
2a0f:5e00::/32 maxlen: 32
2a0f:5e06::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 126990972 (0x791ba7c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33358b451ee0fe85b004a0564f8310fb211c95fa
Validity
Not Before: Jan 1 12:59:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f24ae9bba34cb582b2b984699f6cf6a1c8d23bb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:df:b6:be:67:bc:46:eb:42:85:3e:8e:05:38:
3c:65:d8:20:f7:84:a1:6e:75:0c:60:3c:c7:29:5f:
00:3f:8f:22:40:0e:10:fa:4f:90:d5:38:f1:f8:de:
a0:2b:f6:d6:a8:84:51:b0:e1:0d:73:23:df:18:d9:
4c:37:aa:3e:51:05:cd:24:1b:ff:99:39:6e:5a:99:
25:6e:21:d3:08:da:7c:bc:e6:3f:2d:11:c4:20:2e:
9a:bf:70:22:b4:d8:0a:e6:1f:fa:08:53:83:ac:6f:
a0:7c:56:64:cc:3c:d8:00:78:e5:50:79:c2:e2:55:
68:f7:ec:c0:06:54:3a:e3:18:b6:ba:3c:5b:f3:d2:
5e:9d:b5:e7:c9:12:22:c2:74:a1:80:ad:ae:87:87:
bc:61:64:99:bc:8c:b8:7e:ec:eb:15:02:2a:d3:c6:
fb:f7:0f:e6:d0:8b:dc:76:04:29:61:3c:fd:51:0a:
86:41:73:93:40:75:78:88:ff:17:e7:8e:21:0b:8c:
a1:a5:6a:32:57:71:ca:ab:1b:6f:76:7a:e3:f9:8e:
f1:b1:28:b8:61:84:6e:44:3f:ce:7d:2a:e9:0e:51:
9f:14:b2:c3:b1:07:e7:04:84:f7:46:fd:69:75:31:
e8:43:21:29:4e:f2:ea:74:a4:db:51:59:ee:c3:0f:
71:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:4A:E9:BB:A3:4C:B5:82:B2:B9:84:69:9F:6C:F6:A1:C8:D2:3B:B3
X509v3 Authority Key Identifier:
keyid:33:35:8B:45:1E:E0:FE:85:B0:04:A0:56:4F:83:10:FB:21:1C:95:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MzWLRR7g_oWwBKBWT4MQ-yEclfo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/9f18f8-96c4-4b23-931f-d5f047c29190/1/8krpu6NMtYKyuYRpn2z2ocjSO7M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/9f18f8-96c4-4b23-931f-d5f047c29190/1/MzWLRR7g_oWwBKBWT4MQ-yEclfo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.148.120.0/22
IPv6:
2a0f:5e00::/29
Signature Algorithm: sha256WithRSAEncryption
a3:c9:23:3d:56:60:fa:00:ba:17:da:1f:cc:d4:e5:a0:d0:35:
b1:db:ee:68:8e:f1:7a:de:2b:bc:18:9b:96:d1:3c:ba:85:f8:
1f:bc:7e:3d:70:a6:ed:bb:45:61:94:b7:fd:31:17:20:f8:50:
57:fe:5b:61:30:11:43:ab:48:35:3e:8c:a3:5a:ca:00:db:86:
dd:a0:af:58:49:80:96:b8:99:40:f1:46:ba:05:f3:17:6d:dc:
99:e3:c7:a4:c0:7c:d1:c8:50:48:2f:c8:6c:74:ba:23:50:7b:
df:4c:56:df:e4:db:97:d6:90:80:cf:59:33:90:0a:79:00:5b:
39:66:73:a1:5f:aa:98:0d:5e:e6:f1:c3:83:bd:03:c5:f0:13:
22:a3:1a:2c:56:6a:bb:16:01:cb:b0:99:39:44:98:98:9b:77:
d0:5b:03:24:c6:f8:d5:4e:d1:d4:36:87:6e:a5:bc:66:9b:48:
5d:3a:db:0c:b1:d8:13:61:59:c1:42:7c:fa:25:f3:b3:6d:92:
cd:64:8d:e1:bf:75:a8:b8:f9:83:26:8f:8b:b8:2b:b7:81:fa:
dc:0c:75:bf:d7:dd:6c:e8:fa:e0:71:3f:b3:90:3b:f4:36:fd:
ad:8d:66:9e:78:7f:d0:e3:e4:29:02:3f:97:3a:6e:ef:ad:dc:
8d:fc:f6:f6
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEB5G6fDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MzM1OGI0NTFlZTBmZTg1YjAwNGEwNTY0ZjgzMTBmYjIxMWM5NWZhMB4XDTIyMDEw
MTEyNTk1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjI0YWU5YmJhMzRj
YjU4MmIyYjk4NDY5OWY2Y2Y2YTFjOGQyM2JiMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANzftr5nvEbrQoU+jgU4PGXYIPeEoW51DGA8xylfAD+PIkAO
EPpPkNU48fjeoCv21qiEUbDhDXMj3xjZTDeqPlEFzSQb/5k5blqZJW4h0wjafLzm
Py0RxCAumr9wIrTYCuYf+ghTg6xvoHxWZMw82AB45VB5wuJVaPfswAZUOuMYtro8
W/PSXp2158kSIsJ0oYCtroeHvGFkmbyMuH7s6xUCKtPG+/cP5tCL3HYEKWE8/VEK
hkFzk0B1eIj/F+eOIQuMoaVqMldxyqsbb3Z64/mO8bEouGGEbkQ/zn0q6Q5RnxSy
w7EH5wSE90b9aXUx6EMhKU7y6nSk21FZ7sMPcSMCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBTySum7o0y1grK5hGmfbPahyNI7szAfBgNVHSMEGDAWgBQzNYtFHuD+hbAE
oFZPgxD7IRyV+jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L016V0xSUjdnX29Xd0JLQldUNE1RLXlFY2xmby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzEvOWYxOGY4LTk2YzQtNGIyMy05MzFmLWQ1ZjA0N2MyOTE5MC8x
LzhrcnB1Nk5NdFlLeXVZUnBuMnoyb2NqU083TS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzEv
OWYxOGY4LTk2YzQtNGIyMy05MzFmLWQ1ZjA0N2MyOTE5MC8xL016V0xSUjdnX29X
d0JLQldUNE1RLXlFY2xmby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAi2UeDANBAIAAjAHAwUDKg9eADAN
BgkqhkiG9w0BAQsFAAOCAQEAo8kjPVZg+gC6F9ofzNTloNA1sdvuaI7xet4rvBib
ltE8uoX4H7x+PXCm7btFYZS3/TEXIPhQV/5bYTARQ6tINT6Mo1rKANuG3aCvWEmA
lriZQPFGugXzF23cmePHpMB80chQSC/IbHS6I1B730xW3+Tbl9aQgM9ZM5AKeQBb
OWZzoV+qmA1e5vHDg70DxfATIqMaLFZquxYBy7CZOUSYmJt30FsDJMb41U7R1DaH
bqW8ZptIXTrbDLHYE2FZwUJ8+iXzs22SzWSN4b91qLj5gyaPi7grt4H63Ax1v9fd
bOj64HE/s5A79Db9rY1mnnh/0OPkKQI/lzpu763cjfz29g==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:24 2023 by rpki-client on console-fra.rpki-client.org