Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/6ea8f7-cb4a-4e4e-ad79-ac87171f4e5c/1/5JhGUZJ0Jllf9zCs-yTcjKC1lyQ.roa
File: 5JhGUZJ0Jllf9zCs-yTcjKC1lyQ.roa (raw, json)
Hash identifier: fS5nxM5ZVjXVXhlGgRPGfKRQ60IOognYOyHUgFaXcx8=
Subject key identifier: E4:98:46:51:92:74:26:59:5F:F7:30:AC:FB:24:DC:8C:A0:B5:97:24
Certificate issuer: /CN=9eec34baf922028c3432f8f8f22bda6af86b77b2
Certificate serial: 077DCD97
Authority key identifier: 9E:EC:34:BA:F9:22:02:8C:34:32:F8:F8:F2:2B:DA:6A:F8:6B:77:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nuw0uvkiAow0Mvj48ivaavhrd7I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/6ea8f7-cb4a-4e4e-ad79-ac87171f4e5c/1/5JhGUZJ0Jllf9zCs-yTcjKC1lyQ.roa
Signing time: Sat 01 Jan 2022 04:01:36 +0000
ROA not before: Sat 01 Jan 2022 04:01:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 45.150.212.0/24 maxlen: 24
45.150.213.0/24 maxlen: 24
45.150.215.0/24 maxlen: 24
45.150.214.0/24 maxlen: 24
2a0f:100::/30 maxlen: 30
2a0f:104::/30 maxlen: 30
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 125685143 (0x77dcd97)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9eec34baf922028c3432f8f8f22bda6af86b77b2
Validity
Not Before: Jan 1 04:01:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e4984651927426595ff730acfb24dc8ca0b59724
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:15:ca:03:19:f1:f0:2f:15:3e:03:e4:d6:ec:
7f:f8:d2:e6:a8:61:1f:b7:fc:35:d1:39:f4:ce:7f:
90:f4:41:fe:66:53:3f:f1:2a:f1:44:58:79:66:db:
01:87:90:d4:02:02:70:90:44:2a:45:d1:e1:81:ce:
9e:83:4f:45:5c:e3:4c:65:2a:bd:7a:76:ff:19:fb:
b6:f7:80:44:78:c6:17:dc:b2:54:1b:95:ec:12:59:
74:c4:49:7d:87:00:78:c5:b9:8a:47:f4:4c:03:ea:
7d:4e:52:d0:5f:19:c4:18:a4:b1:4f:c3:98:b9:81:
cb:0a:79:da:14:ad:57:d5:4b:8f:53:d0:e4:bb:79:
48:3e:3f:e0:51:fc:b4:95:e5:9a:ca:ae:ce:75:3e:
e9:c1:36:a6:3e:17:82:d6:05:a7:1e:06:89:d9:09:
5f:c4:08:89:cc:1f:7b:bc:36:32:4a:c0:bf:38:4a:
91:f3:3a:db:e2:c3:ec:05:d8:74:29:3a:e5:24:fb:
98:11:67:33:7a:93:06:dd:1b:08:9e:f1:7f:05:78:
c2:f7:8a:bf:ce:26:df:c9:8e:42:3a:71:b1:7d:eb:
9b:b7:10:9d:3b:d5:56:7f:40:97:b7:f4:4f:06:81:
41:d8:41:0a:08:ec:2a:c9:25:99:08:9f:15:49:3c:
61:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:98:46:51:92:74:26:59:5F:F7:30:AC:FB:24:DC:8C:A0:B5:97:24
X509v3 Authority Key Identifier:
keyid:9E:EC:34:BA:F9:22:02:8C:34:32:F8:F8:F2:2B:DA:6A:F8:6B:77:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nuw0uvkiAow0Mvj48ivaavhrd7I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/6ea8f7-cb4a-4e4e-ad79-ac87171f4e5c/1/5JhGUZJ0Jllf9zCs-yTcjKC1lyQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/6ea8f7-cb4a-4e4e-ad79-ac87171f4e5c/1/nuw0uvkiAow0Mvj48ivaavhrd7I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.150.212.0/22
IPv6:
2a0f:100::/29
Signature Algorithm: sha256WithRSAEncryption
12:5d:bc:61:ed:b1:a0:ae:55:da:41:1a:73:c2:3b:1d:67:76:
ba:37:82:90:fa:a7:2e:53:60:06:b6:71:79:13:75:10:9c:f3:
9f:3b:b6:3d:2f:bf:d1:30:2c:83:25:96:3d:16:02:1a:e1:de:
07:ea:06:49:2c:2f:2b:37:6a:9d:b9:0b:74:3b:81:b6:64:30:
68:eb:48:bd:36:0e:2a:61:d6:35:6e:b7:91:b0:bf:7b:a3:ed:
5b:d0:d1:82:f9:c6:a9:ec:4f:bb:03:2f:97:df:41:84:64:08:
4e:f0:44:61:aa:f0:b4:02:d4:6a:53:f1:d8:ff:19:0d:bb:73:
5d:b0:a0:7b:8e:15:af:5b:76:5b:ba:ea:b1:22:68:96:6f:82:
92:39:33:1d:08:38:be:f2:b7:50:12:01:e5:b0:a8:93:ad:a0:
49:c1:c6:8c:6d:2f:5e:85:b3:71:8c:6b:cb:34:06:4a:e7:a2:
57:72:ae:3b:61:29:bd:ce:4d:ea:0e:9b:04:f5:25:c5:9f:3c:
96:ba:4e:5c:09:6a:ec:12:02:29:ac:d1:93:26:93:0b:80:86:
2f:38:c6:af:f5:e1:7c:83:21:83:bc:e1:76:a6:75:8e:cf:b5:
c6:e6:5f:fd:16:04:ae:ab:7d:76:65:81:0f:21:70:12:11:51:
6b:f6:81:8f
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEB33NlzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ZWVjMzRiYWY5MjIwMjhjMzQzMmY4ZjhmMjJiZGE2YWY4NmI3N2IyMB4XDTIyMDEw
MTA0MDEzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTQ5ODQ2NTE5Mjc0
MjY1OTVmZjczMGFjZmIyNGRjOGNhMGI1OTcyNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKYVygMZ8fAvFT4D5Nbsf/jS5qhhH7f8NdE59M5/kPRB/mZT
P/Eq8URYeWbbAYeQ1AICcJBEKkXR4YHOnoNPRVzjTGUqvXp2/xn7tveARHjGF9yy
VBuV7BJZdMRJfYcAeMW5ikf0TAPqfU5S0F8ZxBiksU/DmLmBywp52hStV9VLj1PQ
5Lt5SD4/4FH8tJXlmsquznU+6cE2pj4XgtYFpx4GidkJX8QIicwfe7w2MkrAvzhK
kfM62+LD7AXYdCk65ST7mBFnM3qTBt0bCJ7xfwV4wveKv84m38mOQjpxsX3rm7cQ
nTvVVn9Al7f0TwaBQdhBCgjsKsklmQifFUk8YeECAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBTkmEZRknQmWV/3MKz7JNyMoLWXJDAfBgNVHSMEGDAWgBSe7DS6+SICjDQy
+PjyK9pq+Gt3sjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L251dzB1dmtpQW93ME12ajQ4aXZhYXZocmQ3SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzQvNmVhOGY3LWNiNGEtNGU0ZS1hZDc5LWFjODcxNzFmNGU1Yy8x
LzVKaEdVWkowSmxsZjl6Q3MteVRjaktDMWx5US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzQv
NmVhOGY3LWNiNGEtNGU0ZS1hZDc5LWFjODcxNzFmNGU1Yy8xL251dzB1dmtpQW93
ME12ajQ4aXZhYXZocmQ3SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAi2W1DANBAIAAjAHAwUDKg8BADAN
BgkqhkiG9w0BAQsFAAOCAQEAEl28Ye2xoK5V2kEac8I7HWd2ujeCkPqnLlNgBrZx
eRN1EJzznzu2PS+/0TAsgyWWPRYCGuHeB+oGSSwvKzdqnbkLdDuBtmQwaOtIvTYO
KmHWNW63kbC/e6PtW9DRgvnGqexPuwMvl99BhGQITvBEYarwtALUalPx2P8ZDbtz
XbCge44Vr1t2W7rqsSJolm+CkjkzHQg4vvK3UBIB5bCok62gScHGjG0vXoWzcYxr
yzQGSueiV3KuO2Epvc5N6g6bBPUlxZ88lrpOXAlq7BICKazRkyaTC4CGLzjGr/Xh
fIMhg7zhdqZ1js+1xuZf/RYErqt9dmWBDyFwEhFRa/aBjw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:33 2023 by rpki-client on console-fra.rpki-client.org