Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/2ae7c3-98a5-4cda-9bae-ba645f19915a/1/U6neN4sR1-wpewsx9kFctlSEIz4.roa
File: U6neN4sR1-wpewsx9kFctlSEIz4.roa (raw, json)
Hash identifier: FUJFk8gXbPKWrdmMNfYQVQo/XAQ17RCNBeicYh6a3Zk=
Subject key identifier: 53:A9:DE:37:8B:11:D7:EC:29:7B:0B:31:F6:41:5C:B6:54:84:23:3E
Certificate issuer: /CN=e88c04771e2bfac8f60f1b4c9cbd093aafea974e
Certificate serial: 0184AFF09BA54FBB120D2C629EFD4D3B56B2
Authority key identifier: E8:8C:04:77:1E:2B:FA:C8:F6:0F:1B:4C:9C:BD:09:3A:AF:EA:97:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6IwEdx4r-sj2DxtMnL0JOq_ql04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/2ae7c3-98a5-4cda-9bae-ba645f19915a/1/U6neN4sR1-wpewsx9kFctlSEIz4.roa
Signing time: Fri 25 Nov 2022 17:58:11 +0000
ROA not before: Fri 25 Nov 2022 17:58:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208259
IP address blocks: 45.129.104.0/24 maxlen: 24
45.129.107.0/24 maxlen: 24
2a0e:47c7:1000::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:af:f0:9b:a5:4f:bb:12:0d:2c:62:9e:fd:4d:3b:56:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e88c04771e2bfac8f60f1b4c9cbd093aafea974e
Validity
Not Before: Nov 25 17:58:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=53a9de378b11d7ec297b0b31f6415cb65484233e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:4f:42:9f:62:9d:af:bd:8f:d6:a9:4a:6a:0a:
58:43:a2:11:3a:84:12:74:da:ae:6d:1c:c2:81:b7:
09:e8:af:69:89:dd:ff:a8:0a:3d:c6:42:ec:32:ea:
8e:08:be:f8:46:26:95:f0:97:9a:11:60:b8:05:fb:
a3:01:83:c8:0f:39:d6:d1:29:14:d8:89:2d:3c:3a:
4b:de:50:a1:5d:e7:a2:f7:57:60:3f:86:3b:98:82:
94:8b:0e:37:72:1d:a6:2c:c3:d8:c2:7f:31:cb:90:
24:9a:1a:4c:d5:6b:03:7d:03:be:33:64:31:11:2d:
f9:51:ea:d0:0b:a5:64:e8:83:50:10:8c:b7:6e:ac:
1d:b7:bc:26:7b:9e:30:6b:ac:45:97:c6:d8:95:87:
a1:55:3b:ed:97:cc:6a:7e:33:1b:57:8e:a4:3a:64:
7d:9e:4a:b2:9a:36:ac:20:55:85:8f:34:90:13:c1:
1e:25:48:65:41:60:fa:79:c9:0b:2c:0f:30:e9:9e:
d2:99:f1:31:46:b4:cd:91:a4:49:ec:fb:47:51:53:
d3:de:7a:f2:bb:03:6d:0e:48:81:a0:b3:06:e2:16:
c6:c1:4b:d7:90:28:77:5e:95:a9:8a:a8:ff:00:43:
7d:eb:2e:b9:e6:02:09:43:2c:f7:d7:99:2c:a5:0a:
ce:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:A9:DE:37:8B:11:D7:EC:29:7B:0B:31:F6:41:5C:B6:54:84:23:3E
X509v3 Authority Key Identifier:
keyid:E8:8C:04:77:1E:2B:FA:C8:F6:0F:1B:4C:9C:BD:09:3A:AF:EA:97:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6IwEdx4r-sj2DxtMnL0JOq_ql04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/2ae7c3-98a5-4cda-9bae-ba645f19915a/1/U6neN4sR1-wpewsx9kFctlSEIz4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/2ae7c3-98a5-4cda-9bae-ba645f19915a/1/6IwEdx4r-sj2DxtMnL0JOq_ql04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.104.0/24
45.129.107.0/24
IPv6:
2a0e:47c7:1000::/48
Signature Algorithm: sha256WithRSAEncryption
36:ac:84:70:71:4e:ab:b6:0c:43:47:c5:54:d1:d8:3e:50:d9:
54:82:eb:18:09:d2:71:0a:1f:a4:38:bb:8d:9b:44:f7:db:15:
87:9f:27:77:fc:a5:d1:70:ec:b3:f1:f5:df:d4:da:24:6d:7c:
15:14:7c:2b:8f:2d:04:03:b4:c9:d2:ef:77:d5:4f:6e:59:48:
6e:3d:96:37:aa:b0:5d:4b:df:a0:e4:66:21:1a:22:5d:02:b2:
9e:44:49:bc:c4:d2:e1:8a:95:6f:62:bc:cf:5d:04:01:29:f4:
7e:73:ef:b0:8f:dc:e0:ae:5b:60:d2:46:0b:15:da:dd:a6:86:
2c:44:2b:68:ca:b4:f6:21:a7:27:14:ab:34:51:27:13:cb:a6:
bc:47:e6:c1:73:e0:63:86:31:17:40:e8:9c:35:4b:a6:06:e0:
9e:22:d7:63:b7:eb:30:a5:b8:18:9b:74:27:80:78:0d:b1:40:
5c:cd:48:06:66:43:52:b9:c1:2e:24:59:8f:a6:d7:f8:c7:6d:
7a:b6:f8:41:56:39:51:20:62:e8:20:0e:e2:13:b3:7b:a6:1e:
c6:ae:3b:4f:9e:6e:fd:39:f4:0d:2e:d3:5b:aa:59:1b:90:cf:
f6:04:20:ef:2e:55:b2:72:7f:8e:ee:0e:2e:0f:66:a7:3e:ad:
f1:83:5c:b4
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYSv8JulT7sSDSxinv1NO1ayMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4OGMwNDc3MWUyYmZhYzhmNjBmMWI0YzljYmQwOTNhYWZl
YTk3NGUwHhcNMjIxMTI1MTc1ODExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2E5ZGUzNzhiMTFkN2VjMjk3YjBiMzFmNjQxNWNiNjU0ODQyMzNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgU9Cn2Kdr72P1qlKagpYQ6IROoQS
dNqubRzCgbcJ6K9pid3/qAo9xkLsMuqOCL74RiaV8JeaEWC4BfujAYPIDznW0SkU
2IktPDpL3lChXeei91dgP4Y7mIKUiw43ch2mLMPYwn8xy5AkmhpM1WsDfQO+M2Qx
ES35UerQC6Vk6INQEIy3bqwdt7wme54wa6xFl8bYlYehVTvtl8xqfjMbV46kOmR9
nkqymjasIFWFjzSQE8EeJUhlQWD6eckLLA8w6Z7SmfExRrTNkaRJ7PtHUVPT3nry
uwNtDkiBoLMG4hbGwUvXkCh3XpWpiqj/AEN96y655gIJQyz315kspQrOlQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFFOp3jeLEdfsKXsLMfZBXLZUhCM+MB8GA1UdIwQY
MBaAFOiMBHceK/rI9g8bTJy9CTqv6pdOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkl3RWR4NHItc2oyRHh0TW5MMEpPcV9xbDA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi8yYWU3YzMtOThhNS00Y2RhLTliYWUt
YmE2NDVmMTk5MTVhLzEvVTZuZU40c1IxLXdwZXdzeDlrRmN0bFNFSXo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi8yYWU3YzMtOThhNS00Y2RhLTliYWUtYmE2NDVmMTk5MTVh
LzEvNkl3RWR4NHItc2oyRHh0TW5MMEpPcV9xbDA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQALYFoAwQA
LYFrMA8EAgACMAkDBwAqDkfHEAAwDQYJKoZIhvcNAQELBQADggEBADashHBxTqu2
DENHxVTR2D5Q2VSC6xgJ0nEKH6Q4u42bRPfbFYefJ3f8pdFw7LPx9d/U2iRtfBUU
fCuPLQQDtMnS73fVT25ZSG49ljeqsF1L36DkZiEaIl0Csp5ESbzE0uGKlW9ivM9d
BAEp9H5z77CP3OCuW2DSRgsV2t2mhixEK2jKtPYhpycUqzRRJxPLprxH5sFz4GOG
MRdA6Jw1S6YG4J4i12O36zCluBibdCeAeA2xQFzNSAZmQ1K5wS4kWY+m1/jHbXq2
+EFWOVEgYuggDuITs3umHsauO0+ebv059A0u01uqWRuQz/YEIO8uVbJyf47uDi4P
Zqc+rfGDXLQ=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:00 2023 by rpki-client on console-fra.rpki-client.org