Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/b4f49b-75e5-4864-908e-6a3df01a3236/1/iW14Vo0RKnnC0Au2r40duRwkHpk.roa
File: iW14Vo0RKnnC0Au2r40duRwkHpk.roa (raw, json)
Hash identifier: p4JOuqMWX5719i/QZ/wPGhtBZ9F+vIyOB5NpbUIL4tk=
Subject key identifier: 89:6D:78:56:8D:11:2A:79:C2:D0:0B:B6:AF:8D:1D:B9:1C:24:1E:99
Certificate issuer: /CN=51a0d9825103d9da4761efa91a60ea2ca758d003
Certificate serial: 0184F632E216975C3F2B9E285F6663DB4773
Authority key identifier: 51:A0:D9:82:51:03:D9:DA:47:61:EF:A9:1A:60:EA:2C:A7:58:D0:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UaDZglED2dpHYe-pGmDqLKdY0AM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/b4f49b-75e5-4864-908e-6a3df01a3236/1/iW14Vo0RKnnC0Au2r40duRwkHpk.roa
Signing time: Fri 09 Dec 2022 09:24:00 +0000
ROA not before: Fri 09 Dec 2022 09:24:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 14618
IP address blocks: 45.156.97.0/24 maxlen: 24
45.156.98.0/24 maxlen: 24
45.156.96.0/24 maxlen: 24
45.156.99.0/24 maxlen: 24
2a0f:1c80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:f6:32:e2:16:97:5c:3f:2b:9e:28:5f:66:63:db:47:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=51a0d9825103d9da4761efa91a60ea2ca758d003
Validity
Not Before: Dec 9 09:24:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=896d78568d112a79c2d00bb6af8d1db91c241e99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:ca:5f:ae:84:df:5f:4f:b5:9f:00:bc:0e:69:
6f:a9:3e:8f:b2:b4:f1:3f:f2:51:69:4c:d9:1d:40:
b9:35:d5:76:6f:db:a6:50:60:de:ba:bc:fd:a7:5f:
20:cb:98:8a:af:f9:99:8d:46:7d:5f:ce:ab:5a:b1:
6f:f6:76:b3:03:66:6e:86:d9:bb:90:ff:a8:22:27:
1f:2f:65:e9:a0:ca:11:ef:59:bb:44:09:84:54:11:
f9:71:7f:31:4a:ca:73:f4:5b:47:d3:ba:d6:f8:5e:
19:48:95:93:13:e5:ae:3d:ee:f8:6d:5b:34:63:51:
aa:00:92:e5:e6:94:4f:eb:3b:52:b2:c0:a0:dc:31:
d9:e2:d6:b8:a0:06:91:9d:d2:b2:66:d9:9b:02:c1:
f1:c0:d6:81:59:92:36:96:61:2d:d9:0c:4b:61:01:
54:d9:3e:61:43:98:a9:1e:cb:04:fe:12:6d:c7:93:
c0:86:9f:c3:7d:18:7f:34:ff:92:f1:52:e2:bd:69:
dd:91:bd:6d:a1:93:8a:33:af:a5:d4:c5:b4:50:65:
be:de:97:68:46:9a:4d:f7:a9:73:e6:bd:d4:d3:e7:
ff:fc:31:33:b2:c9:2f:b4:0d:85:c7:b9:a6:bc:99:
5a:bf:9c:af:b5:b6:1c:ab:15:12:7e:47:0d:d7:c0:
2b:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:6D:78:56:8D:11:2A:79:C2:D0:0B:B6:AF:8D:1D:B9:1C:24:1E:99
X509v3 Authority Key Identifier:
keyid:51:A0:D9:82:51:03:D9:DA:47:61:EF:A9:1A:60:EA:2C:A7:58:D0:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UaDZglED2dpHYe-pGmDqLKdY0AM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/b4f49b-75e5-4864-908e-6a3df01a3236/1/iW14Vo0RKnnC0Au2r40duRwkHpk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/b4f49b-75e5-4864-908e-6a3df01a3236/1/UaDZglED2dpHYe-pGmDqLKdY0AM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.96.0/22
IPv6:
2a0f:1c80::/29
Signature Algorithm: sha256WithRSAEncryption
65:dc:9b:98:95:4e:1f:98:a2:3e:1f:84:74:d6:7b:79:2a:4e:
97:47:3f:12:52:7a:75:be:3b:75:68:69:eb:38:48:b2:26:8b:
17:06:04:2c:57:55:2f:17:96:ec:2c:ba:cd:7f:0a:7a:68:18:
d3:2e:c2:7b:ef:b7:67:6f:f4:96:80:8d:d4:e7:e0:4a:ef:e5:
0d:1f:f1:79:ae:f2:7f:f7:44:55:a7:c6:ae:85:d3:36:b9:9b:
4d:a9:d7:12:1a:a1:c2:ca:a2:6b:b1:10:d4:ef:4e:ad:43:15:
e8:f8:d3:96:8b:99:1d:6e:86:98:03:9b:20:48:bc:e0:09:71:
96:8a:9a:cf:ed:f6:46:e1:67:90:59:f5:08:a0:7f:8f:63:75:
56:ae:25:27:67:13:8b:90:d3:5a:52:11:19:9d:48:94:9c:5f:
a5:58:f7:26:c4:06:b4:12:55:a8:3b:d5:ae:b7:e9:72:6e:5c:
ad:a4:61:dc:5f:be:d9:92:4d:6f:66:7e:e1:4f:27:bf:98:5f:
13:be:4d:e3:5d:17:b8:81:40:6c:4a:55:ee:8b:82:06:7c:2e:
1c:78:1e:bc:9c:27:34:00:b3:65:b2:f2:2c:a5:2a:bf:52:34:
35:cd:8b:3d:a9:72:5c:b2:d1:6b:f2:c3:68:3b:6e:e4:01:27:
b0:ac:6d:19
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYT2MuIWl1w/K54oX2Zj20dzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxYTBkOTgyNTEwM2Q5ZGE0NzYxZWZhOTFhNjBlYTJjYTc1
OGQwMDMwHhcNMjIxMjA5MDkyNDAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTZkNzg1NjhkMTEyYTc5YzJkMDBiYjZhZjhkMWRiOTFjMjQxZTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoMpfroTfX0+1nwC8DmlvqT6PsrTx
P/JRaUzZHUC5NdV2b9umUGDeurz9p18gy5iKr/mZjUZ9X86rWrFv9nazA2Zuhtm7
kP+oIicfL2XpoMoR71m7RAmEVBH5cX8xSspz9FtH07rW+F4ZSJWTE+WuPe74bVs0
Y1GqAJLl5pRP6ztSssCg3DHZ4ta4oAaRndKyZtmbAsHxwNaBWZI2lmEt2QxLYQFU
2T5hQ5ipHssE/hJtx5PAhp/DfRh/NP+S8VLivWndkb1toZOKM6+l1MW0UGW+3pdo
RppN96lz5r3U0+f//DEzsskvtA2Fx7mmvJlav5yvtbYcqxUSfkcN18ArVQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIlteFaNESp5wtALtq+NHbkcJB6ZMB8GA1UdIwQY
MBaAFFGg2YJRA9naR2HvqRpg6iynWNADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWFEWmdsRUQyZHBIWWUtcEdtRHFMS2RZMEFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC9iNGY0OWItNzVlNS00ODY0LTkwOGUt
NmEzZGYwMWEzMjM2LzEvaVcxNFZvMFJLbm5DMEF1MnI0MGR1UndrSHBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC9iNGY0OWItNzVlNS00ODY0LTkwOGUtNmEzZGYwMWEzMjM2
LzEvVWFEWmdsRUQyZHBIWWUtcEdtRHFMS2RZMEFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLZxgMA0E
AgACMAcDBQMqDxyAMA0GCSqGSIb3DQEBCwUAA4IBAQBl3JuYlU4fmKI+H4R01nt5
Kk6XRz8SUnp1vjt1aGnrOEiyJosXBgQsV1UvF5bsLLrNfwp6aBjTLsJ777dnb/SW
gI3U5+BK7+UNH/F5rvJ/90RVp8auhdM2uZtNqdcSGqHCyqJrsRDU706tQxXo+NOW
i5kdboaYA5sgSLzgCXGWiprP7fZG4WeQWfUIoH+PY3VWriUnZxOLkNNaUhEZnUiU
nF+lWPcmxAa0ElWoO9Wut+lyblytpGHcX77Zkk1vZn7hTye/mF8Tvk3jXRe4gUBs
SlXui4IGfC4ceB68nCc0ALNlsvIspSq/UjQ1zYs9qXJcstFr8sNoO27kASewrG0Z
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:28 2024 by rpki-client on console-fra.rpki-client.org