Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/0a429b-a454-428b-bb88-88b58d02b2a1/1/Q6hbbW8Z_CmHEK_9buA-SKYnrrs.roa
File: Q6hbbW8Z_CmHEK_9buA-SKYnrrs.roa (raw, json)
Hash identifier: edl3oQ2ZYwj2DIybH+iVksmfRkc0eRcwypsWwhrS7+M=
Subject key identifier: 43:A8:5B:6D:6F:19:FC:29:87:10:AF:FD:6E:E0:3E:48:A6:27:AE:BB
Certificate issuer: /CN=9a50853a24a8c762234e8913a4a5b2985c331dad
Certificate serial: 04255DFB
Authority key identifier: 9A:50:85:3A:24:A8:C7:62:23:4E:89:13:A4:A5:B2:98:5C:33:1D:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mlCFOiSox2IjTokTpKWymFwzHa0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/0a429b-a454-428b-bb88-88b58d02b2a1/1/Q6hbbW8Z_CmHEK_9buA-SKYnrrs.roa
Signing time: Sat 01 Jan 2022 13:56:48 +0000
ROA not before: Sat 01 Jan 2022 13:56:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208288
IP address blocks: 45.147.112.0/24 maxlen: 24
45.147.112.0/23 maxlen: 23
45.147.112.0/22 maxlen: 22
45.147.113.0/24 maxlen: 24
45.147.115.0/24 maxlen: 24
45.147.114.0/23 maxlen: 23
45.147.114.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 69557755 (0x4255dfb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a50853a24a8c762234e8913a4a5b2985c331dad
Validity
Not Before: Jan 1 13:56:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=43a85b6d6f19fc298710affd6ee03e48a627aebb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:fa:ff:25:9d:c9:ab:a0:53:e5:c7:89:ce:8f:
d3:30:c7:ef:e8:67:d0:12:fa:5e:f8:5e:2c:e1:c3:
ae:5c:8b:98:9e:63:1d:f4:d9:9a:57:3b:49:6a:d1:
bf:da:b4:04:db:17:f9:07:e6:ae:3b:58:92:9b:3d:
b5:73:56:04:b8:41:c3:20:e1:fa:8c:09:45:b9:c9:
54:f7:4b:f0:8a:6f:32:48:97:3c:c7:63:15:9b:1f:
bc:05:d6:29:d2:bb:ab:08:8e:8f:f2:e9:c1:41:37:
aa:e2:3e:0c:ab:32:d1:5b:22:1e:10:27:a6:66:52:
29:c9:89:11:e7:4f:57:f9:89:6d:64:d3:e0:cd:21:
70:a9:31:be:37:77:74:74:0d:46:8b:e1:2a:c4:2c:
8a:fe:96:dd:e3:49:d3:3d:61:34:7a:d1:af:ae:a3:
78:da:e4:71:c9:2c:6c:bb:9f:eb:af:e2:bf:47:7c:
02:01:f1:ed:7c:31:f4:06:4c:2b:19:44:1f:d8:61:
bc:65:3c:c8:8f:5a:12:be:41:27:fd:c9:64:6c:6f:
44:bb:b3:32:02:55:68:c4:1e:c2:30:ba:d8:d5:7d:
bf:77:92:ce:c3:97:ed:52:37:ca:05:5f:0b:46:c8:
bd:56:4c:cf:c2:59:92:1d:26:79:57:46:af:4a:8d:
04:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:A8:5B:6D:6F:19:FC:29:87:10:AF:FD:6E:E0:3E:48:A6:27:AE:BB
X509v3 Authority Key Identifier:
keyid:9A:50:85:3A:24:A8:C7:62:23:4E:89:13:A4:A5:B2:98:5C:33:1D:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mlCFOiSox2IjTokTpKWymFwzHa0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/0a429b-a454-428b-bb88-88b58d02b2a1/1/Q6hbbW8Z_CmHEK_9buA-SKYnrrs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/0a429b-a454-428b-bb88-88b58d02b2a1/1/mlCFOiSox2IjTokTpKWymFwzHa0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.147.112.0/22
Signature Algorithm: sha256WithRSAEncryption
09:49:48:ef:50:a8:0a:1a:29:14:b5:08:7c:10:f6:c3:7a:4c:
d3:ac:de:9e:b3:b2:ac:2d:3f:e1:3f:4a:84:f2:85:ce:27:38:
9f:02:55:c6:7b:07:27:d0:29:44:73:e6:53:f3:89:09:58:aa:
a0:06:18:a7:77:ad:73:91:c3:e2:f2:50:80:eb:9e:ac:1e:28:
0a:fb:7b:76:fa:f3:5f:26:1f:d2:7c:90:43:5e:3f:8a:e3:43:
0b:8f:6c:0a:b8:2c:d1:cf:24:c5:ef:3d:7e:08:df:70:24:6d:
a2:98:8f:9b:8b:c2:8b:82:6d:96:cd:db:12:a2:52:e7:84:8d:
cc:02:4b:80:3b:34:c9:0a:9f:91:c5:33:a1:c1:e2:cd:48:6e:
cc:01:8c:03:d5:15:c6:e2:ef:8d:5c:76:91:0f:e8:ee:68:67:
f0:76:10:5d:6a:ce:7a:60:24:46:00:e0:cf:51:ff:f9:59:28:
fe:d2:f4:5a:be:6f:7f:3a:15:02:d5:b2:a4:bb:94:68:cf:9b:
12:3a:d9:fe:aa:92:5e:ac:a4:14:1a:43:6c:d3:41:3e:65:15:
ab:af:8f:27:40:5f:cf:32:35:bc:60:9d:57:3b:44:1c:ca:9b:
1d:a9:e3:a9:6e:e0:3b:48:be:45:d2:e3:b6:8f:79:a6:2a:16:
2d:7f:4c:a3
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBCVd+zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
YTUwODUzYTI0YThjNzYyMjM0ZTg5MTNhNGE1YjI5ODVjMzMxZGFkMB4XDTIyMDEw
MTEzNTY0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDNhODViNmQ2ZjE5
ZmMyOTg3MTBhZmZkNmVlMDNlNDhhNjI3YWViYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ/6/yWdyaugU+XHic6P0zDH7+hn0BL6XvheLOHDrlyLmJ5j
HfTZmlc7SWrRv9q0BNsX+QfmrjtYkps9tXNWBLhBwyDh+owJRbnJVPdL8IpvMkiX
PMdjFZsfvAXWKdK7qwiOj/LpwUE3quI+DKsy0VsiHhAnpmZSKcmJEedPV/mJbWTT
4M0hcKkxvjd3dHQNRovhKsQsiv6W3eNJ0z1hNHrRr66jeNrkccksbLuf66/iv0d8
AgHx7Xwx9AZMKxlEH9hhvGU8yI9aEr5BJ/3JZGxvRLuzMgJVaMQewjC62NV9v3eS
zsOX7VI3ygVfC0bIvVZMz8JZkh0meVdGr0qNBAsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRDqFttbxn8KYcQr/1u4D5IpieuuzAfBgNVHSMEGDAWgBSaUIU6JKjHYiNO
iROkpbKYXDMdrTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21sQ0ZPaVNveDJJalRva1RwS1d5bUZ3ekhhMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjEvMGE0MjliLWE0NTQtNDI4Yi1iYjg4LTg4YjU4ZDAyYjJhMS8x
L1E2aGJiVzhaX0NtSEVLXzlidUEtU0tZbnJycy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjEv
MGE0MjliLWE0NTQtNDI4Yi1iYjg4LTg4YjU4ZDAyYjJhMS8xL21sQ0ZPaVNveDJJ
alRva1RwS1d5bUZ3ekhhMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi2TcDANBgkqhkiG9w0BAQsFAAOC
AQEACUlI71CoChopFLUIfBD2w3pM06zenrOyrC0/4T9KhPKFzic4nwJVxnsHJ9Ap
RHPmU/OJCViqoAYYp3etc5HD4vJQgOuerB4oCvt7dvrzXyYf0nyQQ14/iuNDC49s
Crgs0c8kxe89fgjfcCRtopiPm4vCi4Jtls3bEqJS54SNzAJLgDs0yQqfkcUzocHi
zUhuzAGMA9UVxuLvjVx2kQ/o7mhn8HYQXWrOemAkRgDgz1H/+Vko/tL0Wr5vfzoV
AtWypLuUaM+bEjrZ/qqSXqykFBpDbNNBPmUVq6+PJ0BfzzI1vGCdVztEHMqbHanj
qW7gO0i+RdLjto95pioWLX9Mow==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:14 2024 by rpki-client on console-fra.rpki-client.org