Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/94b66e-3e0d-4332-ab4f-770f8eab2ae7/1/cJJlgraePX4x63HygyUeWpzkr5g.roa
File: cJJlgraePX4x63HygyUeWpzkr5g.roa (raw, json)
Hash identifier: 5MUQL2rbkPMMO9ehRaP6fwIDpjNUGBsS9uCM7BrbbZ4=
Subject key identifier: 70:92:65:82:B6:9E:3D:7E:31:EB:71:F2:83:25:1E:5A:9C:E4:AF:98
Certificate issuer: /CN=6832c32d2259013991260d530d9120031aaefcd0
Certificate serial: 018382AE0D8C70BB384CEF4C5F9815B5F948
Authority key identifier: 68:32:C3:2D:22:59:01:39:91:26:0D:53:0D:91:20:03:1A:AE:FC:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aDLDLSJZATmRJg1TDZEgAxqu_NA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/94b66e-3e0d-4332-ab4f-770f8eab2ae7/1/cJJlgraePX4x63HygyUeWpzkr5g.roa
Signing time: Wed 28 Sep 2022 05:59:48 +0000
ROA not before: Wed 28 Sep 2022 05:59:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 33915
IP address blocks: 145.46.255.0/24 maxlen: 24
145.46.191.0/24 maxlen: 24
145.46.192.0/18 maxlen: 18
145.46.128.0/18 maxlen: 18
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:82:ae:0d:8c:70:bb:38:4c:ef:4c:5f:98:15:b5:f9:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6832c32d2259013991260d530d9120031aaefcd0
Validity
Not Before: Sep 28 05:59:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=70926582b69e3d7e31eb71f283251e5a9ce4af98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:65:04:0d:e8:3a:8e:47:63:b0:cf:9e:ad:06:
8c:20:0a:26:f3:26:7c:50:a4:50:46:73:50:7f:3c:
77:02:99:3a:00:c8:b2:91:66:25:40:f8:b0:d2:83:
59:8e:f4:19:28:69:9e:62:d2:ae:0b:38:f9:50:d3:
73:ab:fc:4f:28:7a:5b:7b:77:56:8f:c2:6e:5b:df:
cf:5a:4c:99:85:cb:e7:e3:e7:ca:ea:5e:f0:bc:c0:
7d:de:2e:4f:b9:29:01:93:6d:a3:4e:13:2f:c8:d8:
78:b8:04:c9:8c:44:5f:0f:fa:2c:61:bf:fd:34:8e:
e4:3f:35:97:6d:92:43:8d:46:a1:3e:3c:dc:00:3c:
d2:85:a9:cc:f6:d2:3e:42:6e:56:a3:fb:31:8b:03:
75:0a:dd:a4:d7:ef:bf:70:d9:07:80:4f:db:6c:97:
eb:d5:82:a0:86:a3:2e:e1:ee:d2:69:30:02:25:4f:
9b:87:48:18:2b:b8:c7:4f:30:2c:b4:66:fa:0c:cf:
01:9e:76:a1:00:68:df:33:b1:ba:d7:68:4b:15:70:
c6:c5:f8:e6:b9:89:6c:24:a7:95:24:60:38:24:58:
b6:a1:13:74:fc:40:3a:36:3d:04:d2:14:a7:c5:77:
0e:bd:97:73:44:50:20:cc:14:e9:e2:69:f6:e0:7d:
2c:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:92:65:82:B6:9E:3D:7E:31:EB:71:F2:83:25:1E:5A:9C:E4:AF:98
X509v3 Authority Key Identifier:
keyid:68:32:C3:2D:22:59:01:39:91:26:0D:53:0D:91:20:03:1A:AE:FC:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aDLDLSJZATmRJg1TDZEgAxqu_NA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/94b66e-3e0d-4332-ab4f-770f8eab2ae7/1/cJJlgraePX4x63HygyUeWpzkr5g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/94b66e-3e0d-4332-ab4f-770f8eab2ae7/1/aDLDLSJZATmRJg1TDZEgAxqu_NA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.46.128.0/17
Signature Algorithm: sha256WithRSAEncryption
97:57:cd:a2:08:d4:22:12:03:13:c5:60:ec:e2:a7:08:ac:aa:
04:53:ff:77:b5:7a:4b:7b:54:12:f4:c1:c5:45:d3:c8:72:4b:
ba:b8:8a:8b:1e:ee:2d:ef:32:7c:25:9c:56:23:0a:27:8c:72:
0f:05:8c:61:9f:36:6a:43:8e:da:4a:70:c2:ff:d6:9a:0e:0d:
fb:ca:79:a8:c3:cc:c8:31:af:d6:13:a2:20:59:f9:0e:e9:10:
38:a0:15:f9:74:01:b5:3e:cc:f3:04:7c:b3:c3:a2:f2:3d:28:
21:ab:7d:1f:bd:5c:12:cf:39:c6:bb:e2:2d:51:95:70:7f:f8:
8d:2f:d3:b6:5e:e2:07:17:61:a1:26:ee:c8:89:84:04:11:ae:
d1:73:62:32:fd:22:77:54:1e:65:99:c1:fa:1e:e3:71:91:cd:
62:6c:55:50:bb:d1:36:67:9e:09:2e:95:f6:be:96:58:ea:8c:
a9:f9:93:2d:c7:b8:fd:93:9e:83:3b:4c:5c:1c:c4:18:6f:cd:
8b:53:5f:08:9b:28:ac:da:29:ea:e3:38:34:bb:05:f0:c5:06:
5b:d8:eb:4a:9a:b5:5a:5f:a6:86:cf:37:cc:fc:6e:5f:e4:8d:
a0:5d:9f:ae:06:c5:1f:f6:06:1f:19:1a:ef:b9:31:e7:6d:11:
d7:01:90:7c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYOCrg2McLs4TO9MX5gVtflIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MzJjMzJkMjI1OTAxMzk5MTI2MGQ1MzBkOTEyMDAzMWFh
ZWZjZDAwHhcNMjIwOTI4MDU1OTQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDkyNjU4MmI2OWUzZDdlMzFlYjcxZjI4MzI1MWU1YTljZTRhZjk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgmUEDeg6jkdjsM+erQaMIAom8yZ8
UKRQRnNQfzx3Apk6AMiykWYlQPiw0oNZjvQZKGmeYtKuCzj5UNNzq/xPKHpbe3dW
j8JuW9/PWkyZhcvn4+fK6l7wvMB93i5PuSkBk22jThMvyNh4uATJjERfD/osYb/9
NI7kPzWXbZJDjUahPjzcADzShanM9tI+Qm5Wo/sxiwN1Ct2k1++/cNkHgE/bbJfr
1YKghqMu4e7SaTACJU+bh0gYK7jHTzAstGb6DM8BnnahAGjfM7G612hLFXDGxfjm
uYlsJKeVJGA4JFi2oRN0/EA6Nj0E0hSnxXcOvZdzRFAgzBTp4mn24H0sSwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHCSZYK2nj1+Metx8oMlHlqc5K+YMB8GA1UdIwQY
MBaAFGgywy0iWQE5kSYNUw2RIAMarvzQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYURMRExTSlpBVG1SSmcxVERaRWdBeHF1X05BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC85NGI2NmUtM2UwZC00MzMyLWFiNGYt
NzcwZjhlYWIyYWU3LzEvY0pKbGdyYWVQWDR4NjNIeWd5VWVXcHprcjVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC85NGI2NmUtM2UwZC00MzMyLWFiNGYtNzcwZjhlYWIyYWU3
LzEvYURMRExTSlpBVG1SSmcxVERaRWdBeHF1X05BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQHkS6AMA0G
CSqGSIb3DQEBCwUAA4IBAQCXV82iCNQiEgMTxWDs4qcIrKoEU/93tXpLe1QS9MHF
RdPIcku6uIqLHu4t7zJ8JZxWIwonjHIPBYxhnzZqQ47aSnDC/9aaDg37ynmow8zI
Ma/WE6IgWfkO6RA4oBX5dAG1PszzBHyzw6LyPSghq30fvVwSzznGu+ItUZVwf/iN
L9O2XuIHF2GhJu7IiYQEEa7Rc2Iy/SJ3VB5lmcH6HuNxkc1ibFVQu9E2Z54JLpX2
vpZY6oyp+ZMtx7j9k56DO0xcHMQYb82LU18Imyis2inq4zg0uwXwxQZb2OtKmrVa
X6aGzzfM/G5f5I2gXZ+uBsUf9gYfGRrvuTHnbRHXAZB8
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:25 2023 by rpki-client on console-ams.rpki-client.org