Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/b4f49b-75e5-4864-908e-6a3df01a3236/1/QOftegbN3ZMMnNYqdcM5uiKk_6U.roa
File: QOftegbN3ZMMnNYqdcM5uiKk_6U.roa (raw, json)
Hash identifier: 4wofLlq2czL/wFpRcgMHM8lBZQAEVHaKlvnv6qRz4wQ=
Subject key identifier: 40:E7:ED:7A:06:CD:DD:93:0C:9C:D6:2A:75:C3:39:BA:22:A4:FF:A5
Certificate issuer: /CN=51a0d9825103d9da4761efa91a60ea2ca758d003
Certificate serial: 0184F632E29ED7AC07E527EC4210A754FEDB
Authority key identifier: 51:A0:D9:82:51:03:D9:DA:47:61:EF:A9:1A:60:EA:2C:A7:58:D0:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UaDZglED2dpHYe-pGmDqLKdY0AM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/b4f49b-75e5-4864-908e-6a3df01a3236/1/QOftegbN3ZMMnNYqdcM5uiKk_6U.roa
Signing time: Fri 09 Dec 2022 09:24:00 +0000
ROA not before: Fri 09 Dec 2022 09:24:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16509
IP address blocks: 45.156.96.0/24 maxlen: 24
45.156.98.0/24 maxlen: 24
45.156.97.0/24 maxlen: 24
45.156.99.0/24 maxlen: 24
2a0f:1c80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:f6:32:e2:9e:d7:ac:07:e5:27:ec:42:10:a7:54:fe:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=51a0d9825103d9da4761efa91a60ea2ca758d003
Validity
Not Before: Dec 9 09:24:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=40e7ed7a06cddd930c9cd62a75c339ba22a4ffa5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:87:dd:e9:fd:66:f6:21:b4:58:a6:27:26:c8:
6e:c2:29:5d:60:e3:15:9a:c7:1a:d9:fd:20:30:8b:
cf:a7:04:20:30:f7:88:28:b4:6a:ca:10:98:c5:16:
2a:9a:9e:08:d2:3e:b0:56:ee:62:81:08:db:6b:5a:
11:35:9a:4e:ef:36:67:3f:e3:b0:07:44:ff:63:77:
1e:1e:9e:2d:07:c9:b0:50:29:42:91:69:c3:18:0b:
4e:6b:9a:dc:bc:5e:b4:be:97:e7:8e:93:66:20:14:
94:f0:9f:ae:c5:dd:32:87:24:27:03:2e:a9:f0:d4:
fc:e2:eb:8f:ad:4e:e1:5a:6d:73:f4:dd:d4:f3:15:
8f:04:47:f2:39:00:99:07:5b:e9:28:aa:25:32:22:
05:81:38:38:3a:bd:86:ee:7c:9b:ee:eb:47:f8:34:
15:21:c7:53:6a:3b:18:6b:fd:6c:43:8f:85:c1:20:
17:31:d6:76:82:62:69:11:17:cf:f4:ca:19:72:63:
9f:e1:9a:5b:e9:6d:6c:aa:dc:2d:b0:6d:f8:c9:bd:
1f:2a:cf:dc:b1:af:25:0b:3d:7a:b0:55:84:ba:5b:
12:2c:cb:57:8a:b6:b2:90:c4:40:c9:62:82:2c:8d:
10:1b:b2:ed:dd:d5:30:eb:01:97:16:e3:31:c2:46:
ae:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:E7:ED:7A:06:CD:DD:93:0C:9C:D6:2A:75:C3:39:BA:22:A4:FF:A5
X509v3 Authority Key Identifier:
keyid:51:A0:D9:82:51:03:D9:DA:47:61:EF:A9:1A:60:EA:2C:A7:58:D0:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UaDZglED2dpHYe-pGmDqLKdY0AM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/b4f49b-75e5-4864-908e-6a3df01a3236/1/QOftegbN3ZMMnNYqdcM5uiKk_6U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/b4f49b-75e5-4864-908e-6a3df01a3236/1/UaDZglED2dpHYe-pGmDqLKdY0AM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.96.0/22
IPv6:
2a0f:1c80::/29
Signature Algorithm: sha256WithRSAEncryption
42:f5:90:a2:0d:0e:9b:20:19:2a:17:cb:02:0f:64:36:61:02:
06:6a:b2:88:02:17:ab:ad:98:1c:70:8d:70:a8:8f:62:45:f8:
16:79:d2:7a:ee:5a:b7:4b:34:9b:06:94:6f:78:3e:d3:01:13:
fd:b4:7b:10:4d:41:f2:aa:4c:bd:17:b7:25:57:81:34:d5:32:
27:96:e6:8d:01:b5:35:ef:04:03:28:d7:04:cf:4f:d5:34:8c:
a4:4a:41:c3:12:7b:37:3e:35:93:25:28:97:a6:0a:df:20:4a:
0d:63:12:a7:97:87:57:11:b3:5d:23:f8:1f:ac:f6:5e:54:6f:
8c:74:af:da:97:c3:22:a9:e9:b4:21:58:77:6f:11:02:31:5b:
90:62:b0:1a:d7:cd:78:28:5c:db:89:28:5a:89:04:9a:1a:e5:
8c:5c:c8:f2:22:1f:44:f5:20:c0:64:9b:7e:07:6b:48:80:2d:
f4:55:1f:82:b0:aa:8b:a7:d2:fd:97:4a:c8:3c:6e:2f:12:c9:
ac:68:89:9f:f9:b0:dd:84:75:52:ce:7f:0c:99:c8:4e:b6:31:
3e:76:7a:b3:78:4d:26:35:64:bb:d6:06:e9:4f:d0:a1:00:e5:
ea:c8:18:c9:c6:26:6c:98:3b:ea:2c:98:70:13:fd:18:fa:13:
53:e9:f2:bb
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYT2MuKe16wH5SfsQhCnVP7bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxYTBkOTgyNTEwM2Q5ZGE0NzYxZWZhOTFhNjBlYTJjYTc1
OGQwMDMwHhcNMjIxMjA5MDkyNDAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGU3ZWQ3YTA2Y2RkZDkzMGM5Y2Q2MmE3NWMzMzliYTIyYTRmZmE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmYfd6f1m9iG0WKYnJshuwildYOMV
msca2f0gMIvPpwQgMPeIKLRqyhCYxRYqmp4I0j6wVu5igQjba1oRNZpO7zZnP+Ow
B0T/Y3ceHp4tB8mwUClCkWnDGAtOa5rcvF60vpfnjpNmIBSU8J+uxd0yhyQnAy6p
8NT84uuPrU7hWm1z9N3U8xWPBEfyOQCZB1vpKKolMiIFgTg4Or2G7nyb7utH+DQV
IcdTajsYa/1sQ4+FwSAXMdZ2gmJpERfP9MoZcmOf4Zpb6W1sqtwtsG34yb0fKs/c
sa8lCz16sFWEulsSLMtXiraykMRAyWKCLI0QG7Lt3dUw6wGXFuMxwkauAQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEDn7XoGzd2TDJzWKnXDOboipP+lMB8GA1UdIwQY
MBaAFFGg2YJRA9naR2HvqRpg6iynWNADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWFEWmdsRUQyZHBIWWUtcEdtRHFMS2RZMEFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC9iNGY0OWItNzVlNS00ODY0LTkwOGUt
NmEzZGYwMWEzMjM2LzEvUU9mdGVnYk4zWk1Nbk5ZcWRjTTV1aUtrXzZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC9iNGY0OWItNzVlNS00ODY0LTkwOGUtNmEzZGYwMWEzMjM2
LzEvVWFEWmdsRUQyZHBIWWUtcEdtRHFMS2RZMEFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLZxgMA0E
AgACMAcDBQMqDxyAMA0GCSqGSIb3DQEBCwUAA4IBAQBC9ZCiDQ6bIBkqF8sCD2Q2
YQIGarKIAherrZgccI1wqI9iRfgWedJ67lq3SzSbBpRveD7TARP9tHsQTUHyqky9
F7clV4E01TInluaNAbU17wQDKNcEz0/VNIykSkHDEns3PjWTJSiXpgrfIEoNYxKn
l4dXEbNdI/gfrPZeVG+MdK/al8Miqem0IVh3bxECMVuQYrAa1814KFzbiShaiQSa
GuWMXMjyIh9E9SDAZJt+B2tIgC30VR+CsKqLp9L9l0rIPG4vEsmsaImf+bDdhHVS
zn8MmchOtjE+dnqzeE0mNWS71gbpT9ChAOXqyBjJxiZsmDvqLJhwE/0Y+hNT6fK7
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:28 2024 by rpki-client on console-fra.rpki-client.org