Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/l9sh49VlHL7voSHUMm_NfUOC49g.roa
File: l9sh49VlHL7voSHUMm_NfUOC49g.roa (raw, json)
Hash identifier: 2uyk18B9sruJG7erSrnaDL/DHkSLTI5TIiN4VSTPnjI=
Subject key identifier: 97:DB:21:E3:D5:65:1C:BE:EF:A1:21:D4:32:6F:CD:7D:43:82:E3:D8
Certificate issuer: /CN=0c21b925b4c4bcc30f77c9c41ba8d040ac95dfc6
Certificate serial: 08A19894
Authority key identifier: 0C:21:B9:25:B4:C4:BC:C3:0F:77:C9:C4:1B:A8:D0:40:AC:95:DF:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DCG5JbTEvMMPd8nEG6jQQKyV38Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/l9sh49VlHL7voSHUMm_NfUOC49g.roa
Signing time: Mon 25 Apr 2022 09:47:26 +0000
ROA not before: Mon 25 Apr 2022 09:47:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51044
IP address blocks: 45.148.172.0/22 maxlen: 32
2a0f:600::/32 maxlen: 64
2a0f:600::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 144808084 (0x8a19894)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c21b925b4c4bcc30f77c9c41ba8d040ac95dfc6
Validity
Not Before: Apr 25 09:47:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=97db21e3d5651cbeefa121d4326fcd7d4382e3d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:08:70:74:28:92:30:38:41:b3:f4:f6:42:48:
b6:60:99:5d:71:b2:da:53:90:48:40:fc:16:d7:e4:
2e:49:8d:17:82:fa:a8:e7:fa:d4:2f:c7:02:ef:e7:
2f:b8:5f:dd:ca:f3:da:bc:ba:9b:8e:7a:b6:a1:3b:
a0:34:a0:a4:cf:ec:71:61:af:57:56:7e:3d:4d:1d:
b4:73:36:c5:92:65:c3:5b:7c:29:71:e0:7d:aa:81:
20:78:e7:d7:87:62:3b:15:ae:71:88:13:40:00:d2:
5f:58:b1:e7:4d:45:b6:cc:34:64:ad:df:95:d4:48:
7c:75:f8:6f:a7:dc:a4:6b:1b:6e:13:fa:ce:c9:34:
e1:b4:61:90:47:e4:5f:ab:26:29:c9:73:9b:96:32:
19:e0:f3:19:f3:99:33:0a:08:4b:cc:9a:fc:47:bd:
c1:9d:eb:d3:43:e2:b9:19:c9:de:db:ec:5d:4e:37:
2a:da:3e:dd:e4:42:a1:d8:4b:a6:4b:6a:aa:8b:70:
32:b0:11:fe:c6:bb:03:9b:56:27:bd:7d:28:65:01:
9e:a3:10:79:7a:f9:1c:b1:57:4a:62:1b:ee:61:c4:
40:0b:13:70:fb:aa:57:fc:6d:d9:e1:c0:7f:0e:75:
18:ed:99:66:a2:66:67:28:d4:d7:23:1d:2a:e9:28:
c2:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:DB:21:E3:D5:65:1C:BE:EF:A1:21:D4:32:6F:CD:7D:43:82:E3:D8
X509v3 Authority Key Identifier:
keyid:0C:21:B9:25:B4:C4:BC:C3:0F:77:C9:C4:1B:A8:D0:40:AC:95:DF:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DCG5JbTEvMMPd8nEG6jQQKyV38Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/l9sh49VlHL7voSHUMm_NfUOC49g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/DCG5JbTEvMMPd8nEG6jQQKyV38Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.148.172.0/22
IPv6:
2a0f:600::/29
Signature Algorithm: sha256WithRSAEncryption
ab:cc:f2:44:18:c8:77:d4:06:1d:78:6b:9a:52:91:02:6d:55:
63:6a:ee:a2:b6:7a:e6:67:e5:f6:3d:73:0e:de:a4:6f:19:f7:
9a:e1:89:ed:f1:70:9c:4c:8f:89:70:58:75:a2:6d:55:3c:53:
01:5d:43:e8:02:2d:d7:51:a5:fc:c6:5d:40:f0:90:da:2b:0a:
fe:36:9b:3a:84:5f:3f:1a:df:ca:d3:1a:5a:0c:e9:c9:a0:7c:
e2:87:38:10:37:d3:ee:f2:d6:1e:92:96:5e:f0:1f:0d:15:e0:
fc:ab:a3:c3:f8:ec:1f:00:8f:80:4d:be:ef:a7:7f:a9:ac:e2:
d5:f3:44:53:02:c2:66:55:28:03:00:9c:86:6f:13:24:ee:9a:
ce:73:37:3e:0b:39:79:65:1d:e1:12:1b:8f:bc:f2:81:c8:29:
b8:43:c1:98:c3:e7:d7:4b:cb:ce:a0:b1:61:27:e8:b7:a8:2a:
d4:0f:f5:cd:49:a7:27:04:95:38:1d:a1:64:e7:94:22:70:60:
59:fe:d5:91:ef:4a:89:3f:d6:fb:83:13:a2:bd:bf:03:5b:70:
5c:a8:81:55:ae:75:29:46:b7:f2:4b:8b:25:7a:66:de:f2:45:
af:07:da:e3:c3:e9:54:10:f5:36:c1:7b:a3:83:51:65:c3:f6:
ba:7b:e5:ec
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIECKGYlDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
YzIxYjkyNWI0YzRiY2MzMGY3N2M5YzQxYmE4ZDA0MGFjOTVkZmM2MB4XDTIyMDQy
NTA5NDcyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTdkYjIxZTNkNTY1
MWNiZWVmYTEyMWQ0MzI2ZmNkN2Q0MzgyZTNkODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ8IcHQokjA4QbP09kJItmCZXXGy2lOQSED8FtfkLkmNF4L6
qOf61C/HAu/nL7hf3crz2ry6m456tqE7oDSgpM/scWGvV1Z+PU0dtHM2xZJlw1t8
KXHgfaqBIHjn14diOxWucYgTQADSX1ix501Ftsw0ZK3fldRIfHX4b6fcpGsbbhP6
zsk04bRhkEfkX6smKclzm5YyGeDzGfOZMwoIS8ya/Ee9wZ3r00PiuRnJ3tvsXU43
Kto+3eRCodhLpktqqotwMrAR/sa7A5tWJ719KGUBnqMQeXr5HLFXSmIb7mHEQAsT
cPuqV/xt2eHAfw51GO2ZZqJmZyjU1yMdKukowl0CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSX2yHj1WUcvu+hIdQyb819Q4Lj2DAfBgNVHSMEGDAWgBQMIbkltMS8ww93
ycQbqNBArJXfxjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0RDRzVKYlRFdk1NUGQ4bkVHNmpRUUt5VjM4WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDMvYzBiZDY3LWY3ZGQtNGNlMi1hYjdlLWEzNDc1NjQxNThmOC8x
L2w5c2g0OVZsSEw3dm9TSFVNbV9OZlVPQzQ5Zy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDMv
YzBiZDY3LWY3ZGQtNGNlMi1hYjdlLWEzNDc1NjQxNThmOC8xL0RDRzVKYlRFdk1N
UGQ4bkVHNmpRUUt5VjM4WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAi2UrDANBAIAAjAHAwUDKg8GADAN
BgkqhkiG9w0BAQsFAAOCAQEAq8zyRBjId9QGHXhrmlKRAm1VY2ruorZ65mfl9j1z
Dt6kbxn3muGJ7fFwnEyPiXBYdaJtVTxTAV1D6AIt11Gl/MZdQPCQ2isK/jabOoRf
PxrfytMaWgzpyaB84oc4EDfT7vLWHpKWXvAfDRXg/Kujw/jsHwCPgE2+76d/qazi
1fNEUwLCZlUoAwCchm8TJO6aznM3Pgs5eWUd4RIbj7zygcgpuEPBmMPn10vLzqCx
YSfot6gq1A/1zUmnJwSVOB2hZOeUInBgWf7Vke9KiT/W+4MTor2/A1twXKiBVa51
KUa38kuLJXpm3vJFrwfa48PpVBD1NsF7o4NRZcP2unvl7A==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:22 2023 by rpki-client on console-ams.rpki-client.org