Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/ff0e61-1c92-418c-9267-d3a487295491/1/Q7ZqfG15e0paFKawgASJ5ONHPyY.roa
File: Q7ZqfG15e0paFKawgASJ5ONHPyY.roa (raw, json)
Hash identifier: raEcfSnCw1Z3CKDmexJfpqtVqEPLK62TMrrdEE5ggCw=
Subject key identifier: 43:B6:6A:7C:6D:79:7B:4A:5A:14:A6:B0:80:04:89:E4:E3:47:3F:26
Certificate issuer: /CN=8251e7fb6b960d406b2236d25e4e20e245359db2
Certificate serial: 084689F7
Authority key identifier: 82:51:E7:FB:6B:96:0D:40:6B:22:36:D2:5E:4E:20:E2:45:35:9D:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/glHn-2uWDUBrIjbSXk4g4kU1nbI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/ff0e61-1c92-418c-9267-d3a487295491/1/Q7ZqfG15e0paFKawgASJ5ONHPyY.roa
Signing time: Sat 01 Jan 2022 01:57:45 +0000
ROA not before: Sat 01 Jan 2022 01:57:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42040
IP address blocks: 45.13.152.0/24 maxlen: 24
45.13.153.0/24 maxlen: 24
45.13.155.0/24 maxlen: 24
45.13.154.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 138840567 (0x84689f7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8251e7fb6b960d406b2236d25e4e20e245359db2
Validity
Not Before: Jan 1 01:57:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=43b66a7c6d797b4a5a14a6b0800489e4e3473f26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:79:a1:1e:85:db:e5:52:38:4f:6a:37:ee:73:
9a:8f:a4:9b:d8:94:fb:40:ae:8b:b1:45:6b:cf:fc:
33:d2:cf:dc:a9:22:9a:d9:22:35:66:11:a4:a5:f4:
bb:75:49:83:49:42:40:2c:60:bd:b7:30:28:14:6c:
f2:fe:ad:5d:4d:33:d7:f4:03:e0:43:30:94:2c:e3:
36:1d:51:93:12:d5:a7:87:a2:84:24:fe:b9:8b:0c:
45:40:d9:fa:2d:d2:4e:2c:58:5d:be:7f:44:12:4e:
79:07:af:af:1a:31:28:6e:ca:04:65:74:34:6f:20:
2d:fc:5e:a0:64:a3:16:e9:9d:91:c7:5b:12:5a:51:
fc:34:9e:ee:f1:3f:2a:6e:60:bc:0b:5b:b5:45:ec:
cb:6e:b7:16:11:56:3b:01:4b:a9:e6:c4:57:e4:69:
e9:da:c6:d7:d4:23:a2:4d:30:f8:2b:f8:8a:27:93:
0f:2c:3c:a4:ac:a2:eb:a4:92:64:a3:04:5b:ea:a3:
cd:2f:56:8c:0f:5f:d9:f5:26:b1:f2:f4:58:6a:fb:
ab:57:94:f3:2d:e2:94:e0:37:b4:e8:f6:2b:51:de:
0b:c0:b2:35:3f:65:71:f5:6c:2c:68:32:35:84:6f:
bd:19:f4:73:ce:2e:00:9e:17:b5:98:b5:6f:e7:0b:
38:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:B6:6A:7C:6D:79:7B:4A:5A:14:A6:B0:80:04:89:E4:E3:47:3F:26
X509v3 Authority Key Identifier:
keyid:82:51:E7:FB:6B:96:0D:40:6B:22:36:D2:5E:4E:20:E2:45:35:9D:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/glHn-2uWDUBrIjbSXk4g4kU1nbI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/ff0e61-1c92-418c-9267-d3a487295491/1/Q7ZqfG15e0paFKawgASJ5ONHPyY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/ff0e61-1c92-418c-9267-d3a487295491/1/glHn-2uWDUBrIjbSXk4g4kU1nbI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.152.0/22
Signature Algorithm: sha256WithRSAEncryption
3c:61:64:41:d5:4b:28:3e:01:d1:1c:1b:4d:c4:36:5e:69:27:
65:ac:f7:1a:bb:ef:5f:0c:75:a0:23:7d:09:46:66:b1:4c:fc:
eb:b4:97:c2:f9:7a:63:b4:dc:87:26:88:b1:6a:ce:14:9a:ae:
e2:01:cb:76:82:31:a0:f5:d8:40:83:5a:55:04:aa:bd:c1:c8:
10:af:64:d1:be:1c:2b:b2:b1:e3:9a:9f:66:bf:dd:10:44:fe:
8c:d0:1f:73:35:5a:71:b0:d3:a6:9b:a6:b9:8a:a6:f8:9b:37:
32:1e:7c:a9:5b:38:20:e8:6a:63:42:e8:1f:9c:f3:8d:34:34:
fe:64:9a:25:06:77:e4:80:95:c6:c6:4c:b6:a3:1e:c3:83:f6:
3e:59:ea:ae:fe:ed:85:0e:fc:68:8e:49:0b:1b:9b:85:46:d3:
16:6c:a4:2a:27:c7:02:d7:fe:42:cd:fd:e1:bb:2e:3a:3a:df:
1f:72:55:69:df:fd:67:12:79:72:4d:e9:47:99:00:d4:59:38:
c0:b6:1e:3f:c9:4d:f1:6b:67:75:3d:81:60:d2:72:be:5a:fc:
ef:69:79:4f:47:5c:23:e7:f7:dc:ea:24:61:ef:fe:38:99:24:
66:9f:5d:0d:1d:08:9b:e9:b1:52:37:fa:b2:4b:9c:2e:50:19:
4e:ee:80:51
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECEaJ9zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MjUxZTdmYjZiOTYwZDQwNmIyMjM2ZDI1ZTRlMjBlMjQ1MzU5ZGIyMB4XDTIyMDEw
MTAxNTc0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDNiNjZhN2M2ZDc5
N2I0YTVhMTRhNmIwODAwNDg5ZTRlMzQ3M2YyNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALJ5oR6F2+VSOE9qN+5zmo+km9iU+0Cui7FFa8/8M9LP3Kki
mtkiNWYRpKX0u3VJg0lCQCxgvbcwKBRs8v6tXU0z1/QD4EMwlCzjNh1RkxLVp4ei
hCT+uYsMRUDZ+i3STixYXb5/RBJOeQevrxoxKG7KBGV0NG8gLfxeoGSjFumdkcdb
ElpR/DSe7vE/Km5gvAtbtUXsy263FhFWOwFLqebEV+Rp6drG19Qjok0w+Cv4iieT
Dyw8pKyi66SSZKMEW+qjzS9WjA9f2fUmsfL0WGr7q1eU8y3ilOA3tOj2K1HeC8Cy
NT9lcfVsLGgyNYRvvRn0c84uAJ4XtZi1b+cLODcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRDtmp8bXl7SloUprCABInk40c/JjAfBgNVHSMEGDAWgBSCUef7a5YNQGsi
NtJeTiDiRTWdsjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2dsSG4tMnVXRFVCcklqYlNYazRnNGtVMW5iSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjQvZmYwZTYxLTFjOTItNDE4Yy05MjY3LWQzYTQ4NzI5NTQ5MS8x
L1E3WnFmRzE1ZTBwYUZLYXdnQVNKNU9OSFB5WS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjQv
ZmYwZTYxLTFjOTItNDE4Yy05MjY3LWQzYTQ4NzI5NTQ5MS8xL2dsSG4tMnVXRFVC
cklqYlNYazRnNGtVMW5iSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi0NmDANBgkqhkiG9w0BAQsFAAOC
AQEAPGFkQdVLKD4B0RwbTcQ2XmknZaz3GrvvXwx1oCN9CUZmsUz867SXwvl6Y7Tc
hyaIsWrOFJqu4gHLdoIxoPXYQINaVQSqvcHIEK9k0b4cK7Kx45qfZr/dEET+jNAf
czVacbDTppumuYqm+Js3Mh58qVs4IOhqY0LoH5zzjTQ0/mSaJQZ35ICVxsZMtqMe
w4P2Plnqrv7thQ78aI5JCxubhUbTFmykKifHAtf+Qs394bsuOjrfH3JVad/9ZxJ5
ck3pR5kA1Fk4wLYeP8lN8WtndT2BYNJyvlr872l5T0dcI+f33OokYe/+OJkkZp9d
DR0Im+mxUjf6skucLlAZTu6AUQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:42 2024 by rpki-client on console-ams.rpki-client.org