Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/07b7f7-c41d-4917-b978-ef2d53b5a34d/1/xAmoXRQS29GwGytv55WMIdoxuNU.roa
File: xAmoXRQS29GwGytv55WMIdoxuNU.roa (raw, json)
Hash identifier: ktbfC7uxISD2uvQSZ4IV3jeW/vA9fH92watG7B53aqg=
Subject key identifier: C4:09:A8:5D:14:12:DB:D1:B0:1B:2B:6F:E7:95:8C:21:DA:31:B8:D5
Certificate issuer: /CN=884b5e16490b9a68d09fbcb45574350000149afa
Certificate serial: 06C2F8A7
Authority key identifier: 88:4B:5E:16:49:0B:9A:68:D0:9F:BC:B4:55:74:35:00:00:14:9A:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iEteFkkLmmjQn7y0VXQ1AAAUmvo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/07b7f7-c41d-4917-b978-ef2d53b5a34d/1/xAmoXRQS29GwGytv55WMIdoxuNU.roa
Signing time: Sat 01 Jan 2022 14:05:56 +0000
ROA not before: Sat 01 Jan 2022 14:05:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201188
IP address blocks: 45.151.184.0/24 maxlen: 24
45.151.184.0/22 maxlen: 22
45.151.185.0/24 maxlen: 24
45.151.186.0/24 maxlen: 24
45.151.187.0/24 maxlen: 24
2a0f:3500::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 113440935 (0x6c2f8a7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=884b5e16490b9a68d09fbcb45574350000149afa
Validity
Not Before: Jan 1 14:05:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c409a85d1412dbd1b01b2b6fe7958c21da31b8d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:b1:24:21:10:85:14:9a:20:3e:b0:3a:75:36:
4e:66:05:6d:11:64:a3:2b:7c:08:dc:3d:f6:3f:28:
01:26:ad:e2:7a:2c:63:ee:ec:c0:b8:63:87:3e:22:
3a:3f:6e:7b:af:d4:b3:10:c1:bb:99:c4:01:1b:e2:
50:3c:2a:b3:f1:89:f1:f4:37:56:d6:9d:1b:8b:31:
48:04:81:b4:04:53:7e:66:42:e5:1d:a3:88:ed:3c:
1f:5d:1c:68:31:37:ab:98:c9:f0:68:65:55:6c:c4:
09:5a:8d:f6:54:65:a1:38:f1:f3:06:76:50:8b:b9:
26:01:06:d2:29:cb:4e:1a:c0:88:6a:7c:07:38:f5:
6d:89:94:8e:d3:c3:ff:30:6e:2e:2d:08:83:72:44:
24:9b:b4:ad:ad:52:af:76:9f:31:f6:d7:6d:d3:72:
b0:de:62:45:32:d9:ff:14:22:a3:53:f6:77:10:d6:
c7:ae:b3:0a:fe:c5:1b:9d:8a:d7:77:d9:51:ff:07:
ce:e0:c0:d2:48:77:62:54:0d:f5:62:a9:bb:90:a5:
60:09:06:1f:f9:12:54:98:c3:e3:db:bb:bf:30:29:
ce:e3:90:9d:4a:87:27:99:39:2a:84:40:88:67:af:
da:f3:3d:4b:e4:5e:9d:83:37:b2:56:0c:10:ad:07:
12:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:09:A8:5D:14:12:DB:D1:B0:1B:2B:6F:E7:95:8C:21:DA:31:B8:D5
X509v3 Authority Key Identifier:
keyid:88:4B:5E:16:49:0B:9A:68:D0:9F:BC:B4:55:74:35:00:00:14:9A:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iEteFkkLmmjQn7y0VXQ1AAAUmvo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/07b7f7-c41d-4917-b978-ef2d53b5a34d/1/xAmoXRQS29GwGytv55WMIdoxuNU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/07b7f7-c41d-4917-b978-ef2d53b5a34d/1/iEteFkkLmmjQn7y0VXQ1AAAUmvo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.184.0/22
IPv6:
2a0f:3500::/29
Signature Algorithm: sha256WithRSAEncryption
02:04:6c:2d:1e:26:0f:c1:6e:27:d5:6c:9b:ce:26:ae:10:b5:
cc:e2:ff:e4:7a:4e:25:02:10:00:c2:f8:ce:17:fd:99:99:00:
1f:f6:cd:f6:1c:56:33:c2:b9:92:3b:1b:b9:4c:5b:ac:ad:b5:
3c:24:d0:3f:7a:9b:39:fe:f5:17:f3:95:df:15:0d:7a:cf:ec:
d2:9a:bf:ab:e7:56:65:62:15:7f:2a:cd:4b:72:61:d2:61:7b:
69:98:75:be:d5:2f:2b:72:d7:a9:2d:07:d4:ea:f8:57:27:0e:
16:9d:0a:07:ae:7b:48:21:bb:1c:da:9d:5c:41:76:17:4a:fe:
3c:dc:ec:2f:f7:e2:eb:20:57:08:f0:1e:e9:11:01:2c:1e:0d:
97:b7:46:4a:7f:04:5f:c7:a4:02:af:05:7d:c0:d9:12:96:b5:
cf:70:04:cd:82:f8:93:4c:d0:0c:4a:90:30:91:0b:3f:5a:25:
29:03:6f:c0:04:0b:cf:2b:01:ae:64:ea:ee:da:5f:28:3f:bb:
41:30:00:89:d4:82:61:99:20:24:cf:58:29:4d:1c:05:1d:d7:
10:36:a9:40:75:0b:63:a9:a7:ed:9a:ff:e7:cc:9f:91:46:5c:
58:4e:18:6e:2f:ba:6f:20:ec:44:ee:95:c1:03:c2:31:27:68:
78:ba:02:73
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEBsL4pzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ODRiNWUxNjQ5MGI5YTY4ZDA5ZmJjYjQ1NTc0MzUwMDAwMTQ5YWZhMB4XDTIyMDEw
MTE0MDU1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzQwOWE4NWQxNDEy
ZGJkMWIwMWIyYjZmZTc5NThjMjFkYTMxYjhkNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMOxJCEQhRSaID6wOnU2TmYFbRFkoyt8CNw99j8oASat4nos
Y+7swLhjhz4iOj9ue6/UsxDBu5nEARviUDwqs/GJ8fQ3VtadG4sxSASBtARTfmZC
5R2jiO08H10caDE3q5jJ8GhlVWzECVqN9lRloTjx8wZ2UIu5JgEG0inLThrAiGp8
Bzj1bYmUjtPD/zBuLi0Ig3JEJJu0ra1Sr3afMfbXbdNysN5iRTLZ/xQio1P2dxDW
x66zCv7FG52K13fZUf8HzuDA0kh3YlQN9WKpu5ClYAkGH/kSVJjD49u7vzApzuOQ
nUqHJ5k5KoRAiGev2vM9S+RenYM3slYMEK0HEh8CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBTECahdFBLb0bAbK2/nlYwh2jG41TAfBgNVHSMEGDAWgBSIS14WSQuaaNCf
vLRVdDUAABSa+jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2lFdGVGa2tMbW1qUW43eTBWWFExQUFBVW12by5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmEvMDdiN2Y3LWM0MWQtNDkxNy1iOTc4LWVmMmQ1M2I1YTM0ZC8x
L3hBbW9YUlFTMjlHd0d5dHY1NVdNSWRveHVOVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmEv
MDdiN2Y3LWM0MWQtNDkxNy1iOTc4LWVmMmQ1M2I1YTM0ZC8xL2lFdGVGa2tMbW1q
UW43eTBWWFExQUFBVW12by5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAi2XuDANBAIAAjAHAwUDKg81ADAN
BgkqhkiG9w0BAQsFAAOCAQEAAgRsLR4mD8FuJ9Vsm84mrhC1zOL/5HpOJQIQAML4
zhf9mZkAH/bN9hxWM8K5kjsbuUxbrK21PCTQP3qbOf71F/OV3xUNes/s0pq/q+dW
ZWIVfyrNS3Jh0mF7aZh1vtUvK3LXqS0H1Or4VycOFp0KB657SCG7HNqdXEF2F0r+
PNzsL/fi6yBXCPAe6REBLB4Nl7dGSn8EX8ekAq8FfcDZEpa1z3AEzYL4k0zQDEqQ
MJELP1olKQNvwAQLzysBrmTq7tpfKD+7QTAAidSCYZkgJM9YKU0cBR3XEDapQHUL
Y6mn7Zr/58yfkUZcWE4Ybi+6byDsRO6VwQPCMSdoeLoCcw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:36 2023 by rpki-client on console-ams.rpki-client.org