Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/a5f498-6c76-4230-93d1-a39e009627ef/1/MUpfM8ykx5w8-vGCWXjVQcCAR60.roa
File: MUpfM8ykx5w8-vGCWXjVQcCAR60.roa (raw, json)
Hash identifier: /fNQVwwKkr8m3au/8H4ckcz0s2tM5CxazZ+yO2kjZsc=
Subject key identifier: 31:4A:5F:33:CC:A4:C7:9C:3C:FA:F1:82:59:78:D5:41:C0:80:47:AD
Certificate issuer: /CN=e13d3fb6a863ac0fa4d1feefe3aec39ed8d3895c
Certificate serial: 057CD1DE
Authority key identifier: E1:3D:3F:B6:A8:63:AC:0F:A4:D1:FE:EF:E3:AE:C3:9E:D8:D3:89:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4T0_tqhjrA-k0f7v467DntjTiVw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/a5f498-6c76-4230-93d1-a39e009627ef/1/MUpfM8ykx5w8-vGCWXjVQcCAR60.roa
Signing time: Sat 01 Jan 2022 10:00:26 +0000
ROA not before: Sat 01 Jan 2022 10:00:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208170
IP address blocks: 45.156.103.0/24 maxlen: 24
45.156.100.0/24 maxlen: 24
45.156.101.0/24 maxlen: 24
45.156.100.0/22 maxlen: 22
45.156.102.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 92066270 (0x57cd1de)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e13d3fb6a863ac0fa4d1feefe3aec39ed8d3895c
Validity
Not Before: Jan 1 10:00:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=314a5f33cca4c79c3cfaf1825978d541c08047ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:0f:04:5f:78:a8:a6:75:ae:b6:38:8e:d6:2e:
58:42:89:d8:f3:ab:98:9c:e6:3f:fc:65:6e:cc:bb:
ed:49:df:ce:1f:8f:1a:fe:77:4c:71:10:74:87:15:
12:25:25:1a:e1:87:18:ba:51:24:f7:52:62:be:94:
9c:26:2f:f7:ef:67:6d:1d:99:28:13:ac:91:eb:e7:
61:06:f0:56:6a:b2:09:05:e7:92:8c:d7:54:69:62:
74:c8:0a:db:a6:38:29:4a:d3:96:35:97:05:69:54:
c1:01:ee:ce:74:fb:6c:84:85:0b:df:64:02:bc:41:
8a:f9:a2:d8:02:c8:e0:bb:b0:2d:af:60:1a:ff:da:
a3:cc:ae:c4:06:90:80:d3:e3:7d:a9:7d:31:0b:35:
6d:42:ef:aa:eb:e8:6d:5f:2d:3b:d9:42:3b:4a:a3:
24:49:96:8a:d3:9c:62:4e:ca:fe:9c:35:61:7b:92:
0d:28:0a:92:c1:6e:38:2e:35:91:9d:71:1a:8d:dc:
d7:7f:44:35:16:dd:51:c0:79:67:44:5a:e0:38:e1:
2c:13:50:cd:35:fe:85:7b:18:66:f2:07:a4:e4:cc:
8d:45:6f:98:40:98:80:30:96:7b:01:c0:27:9f:3b:
7c:29:30:f1:49:71:70:f2:e0:8e:1c:12:e2:dd:e1:
28:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:4A:5F:33:CC:A4:C7:9C:3C:FA:F1:82:59:78:D5:41:C0:80:47:AD
X509v3 Authority Key Identifier:
keyid:E1:3D:3F:B6:A8:63:AC:0F:A4:D1:FE:EF:E3:AE:C3:9E:D8:D3:89:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4T0_tqhjrA-k0f7v467DntjTiVw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/a5f498-6c76-4230-93d1-a39e009627ef/1/MUpfM8ykx5w8-vGCWXjVQcCAR60.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/a5f498-6c76-4230-93d1-a39e009627ef/1/4T0_tqhjrA-k0f7v467DntjTiVw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.100.0/22
Signature Algorithm: sha256WithRSAEncryption
b3:ec:3b:06:3b:36:fe:d0:6a:5c:bb:8a:e1:b6:2b:cf:13:e9:
95:74:6c:e9:c1:71:26:73:32:56:35:fe:3b:b0:c7:ee:d7:28:
dd:37:1e:b7:93:0e:4c:33:2d:23:61:a7:30:9a:6e:ae:cf:cd:
07:d2:40:95:ef:f1:0c:b0:f3:79:af:84:91:d6:10:83:40:98:
42:d1:2f:58:b3:87:13:e6:a2:ab:64:f5:e3:77:81:56:3e:ea:
2c:49:ca:f8:ca:fb:ef:a9:88:81:08:13:44:7b:fb:90:a1:30:
d1:4d:94:f2:f5:af:a7:08:4a:8c:99:49:fd:ec:8a:5f:87:b1:
f3:a2:83:e5:aa:ad:16:9a:48:f4:71:77:16:dc:73:e0:f4:68:
c6:49:5b:21:09:6f:6b:89:da:28:69:f4:16:99:5a:3b:10:48:
74:13:d0:ff:e2:ec:e7:c7:02:7a:95:51:1e:47:bf:44:e8:0d:
9d:e3:8c:38:ce:64:49:46:bf:b6:fa:16:0e:dc:e6:9c:ff:7c:
4c:e2:79:33:d4:df:61:96:fa:28:b9:ff:d6:3c:e3:d7:7d:22:
34:e4:9f:a1:20:28:84:97:5a:75:43:e3:84:98:6f:70:f1:17:
57:9d:88:ea:cc:69:d3:3f:35:af:a8:ae:b4:c6:4c:3d:04:33:
33:ea:42:87
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBXzR3jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
MTNkM2ZiNmE4NjNhYzBmYTRkMWZlZWZlM2FlYzM5ZWQ4ZDM4OTVjMB4XDTIyMDEw
MTEwMDAyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzE0YTVmMzNjY2E0
Yzc5YzNjZmFmMTgyNTk3OGQ1NDFjMDgwNDdhZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALcPBF94qKZ1rrY4jtYuWEKJ2POrmJzmP/xlbsy77Unfzh+P
Gv53THEQdIcVEiUlGuGHGLpRJPdSYr6UnCYv9+9nbR2ZKBOskevnYQbwVmqyCQXn
kozXVGlidMgK26Y4KUrTljWXBWlUwQHuznT7bISFC99kArxBivmi2ALI4LuwLa9g
Gv/ao8yuxAaQgNPjfal9MQs1bULvquvobV8tO9lCO0qjJEmWitOcYk7K/pw1YXuS
DSgKksFuOC41kZ1xGo3c139ENRbdUcB5Z0Ra4DjhLBNQzTX+hXsYZvIHpOTMjUVv
mECYgDCWewHAJ587fCkw8UlxcPLgjhwS4t3hKBECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQxSl8zzKTHnDz68YJZeNVBwIBHrTAfBgNVHSMEGDAWgBThPT+2qGOsD6TR
/u/jrsOe2NOJXDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzRUMF90cWhqckEtazBmN3Y0NjdEbnRqVGlWdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDYvYTVmNDk4LTZjNzYtNDIzMC05M2QxLWEzOWUwMDk2MjdlZi8x
L01VcGZNOHlreDV3OC12R0NXWGpWUWNDQVI2MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDYv
YTVmNDk4LTZjNzYtNDIzMC05M2QxLWEzOWUwMDk2MjdlZi8xLzRUMF90cWhqckEt
azBmN3Y0NjdEbnRqVGlWdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi2cZDANBgkqhkiG9w0BAQsFAAOC
AQEAs+w7Bjs2/tBqXLuK4bYrzxPplXRs6cFxJnMyVjX+O7DH7tco3Tcet5MOTDMt
I2GnMJpurs/NB9JAle/xDLDzea+EkdYQg0CYQtEvWLOHE+aiq2T143eBVj7qLEnK
+Mr776mIgQgTRHv7kKEw0U2U8vWvpwhKjJlJ/eyKX4ex86KD5aqtFppI9HF3Ftxz
4PRoxklbIQlva4naKGn0FplaOxBIdBPQ/+Ls58cCepVRHke/ROgNneOMOM5kSUa/
tvoWDtzmnP98TOJ5M9TfYZb6KLn/1jzj130iNOSfoSAohJdadUPjhJhvcPEXV52I
6sxp0z81r6iutMZMPQQzM+pChw==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:13 2023 by rpki-client on console.sobornost.net