Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/On56-fiL3mexiaKZAmaiSoh69EQ.roa
File: On56-fiL3mexiaKZAmaiSoh69EQ.roa (raw, json)
Hash identifier: x18mgJVUu/0nPKCuGUPzovICRMH0qyse85kRr0RuoLw=
Subject key identifier: 3A:7E:7A:F9:F8:8B:DE:67:B1:89:A2:99:02:66:A2:4A:88:7A:F4:44
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 0932AC2B
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/On56-fiL3mexiaKZAmaiSoh69EQ.roa
Signing time: Sat 01 Jan 2022 06:00:24 +0000
ROA not before: Sat 01 Jan 2022 06:00:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 23422
IP address blocks: 152.89.252.0/24 maxlen: 24
45.10.21.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 154315819 (0x932ac2b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: Jan 1 06:00:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3a7e7af9f88bde67b189a2990266a24a887af444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:8d:39:a2:e0:62:85:71:30:88:79:b2:4c:44:
72:8f:e8:42:50:ae:34:d6:d3:6f:16:28:85:73:36:
9a:e8:18:e5:04:b6:01:f8:15:40:c0:aa:a2:07:06:
96:92:a7:70:53:e4:86:61:63:05:65:36:20:7d:b0:
b4:ab:d2:cf:77:1d:c3:30:cd:fb:92:74:14:8a:94:
25:66:22:d6:73:d4:8a:2a:e3:ee:42:21:01:52:61:
73:10:f3:95:d5:83:6a:0c:ed:0d:ef:d8:d0:db:21:
42:ae:e1:c4:74:76:f5:88:e3:9c:9c:87:dc:af:b4:
09:5a:1a:26:3d:02:46:9b:a4:9a:c6:49:d9:ef:6d:
9b:79:44:8d:d2:8c:95:1c:a9:6d:9b:67:53:8a:90:
6b:51:08:3d:05:e0:82:6e:50:c7:ce:5e:49:32:48:
54:f4:30:58:1a:ce:d1:08:f0:39:c8:ba:a7:db:e8:
30:f9:e3:63:0e:25:2c:58:73:be:12:b4:7f:4f:4c:
f4:ab:43:51:1e:f8:a7:b7:7e:eb:09:54:5b:5f:4f:
1b:c1:82:c7:c4:13:9c:b7:1d:7f:49:13:ad:22:99:
a4:3b:5f:95:40:99:aa:c5:25:ae:39:3c:41:82:7f:
65:69:f7:27:39:6a:29:a6:fd:b4:88:7c:5a:48:6d:
df:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:7E:7A:F9:F8:8B:DE:67:B1:89:A2:99:02:66:A2:4A:88:7A:F4:44
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/On56-fiL3mexiaKZAmaiSoh69EQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.21.0/24
152.89.252.0/24
Signature Algorithm: sha256WithRSAEncryption
17:e6:81:71:0e:e8:93:86:e9:09:cf:5c:6a:66:81:17:87:19:
36:93:d0:aa:69:2e:9a:91:01:90:43:90:b4:b8:9c:10:17:12:
42:d5:50:93:1e:e6:7b:69:ec:a0:7d:a5:bc:19:8a:18:a0:45:
8f:d8:8d:35:1f:c8:f1:02:e7:66:1c:50:dc:99:05:19:f2:b5:
38:96:58:1c:91:66:a5:d0:d4:18:be:2e:bd:5c:6b:54:41:b6:
0b:11:06:7d:e0:82:ab:86:a7:7c:c0:bd:84:5b:fa:10:dd:8f:
c0:b5:5c:08:e0:20:85:dc:5a:d2:c4:99:75:53:e3:16:42:31:
89:ed:8a:65:d1:7f:c7:50:27:d6:ee:a5:98:90:40:1e:25:c6:
97:62:b9:26:8c:8a:07:eb:92:15:5f:32:17:66:60:c6:80:2c:
f8:8c:43:3d:ad:dd:80:8e:10:4a:2e:29:ee:37:c6:95:11:3d:
e9:06:d3:71:86:d5:e7:c5:01:7a:1b:f3:07:b9:ff:fa:a3:75:
89:66:68:50:da:a5:9d:31:d1:47:8e:fc:89:82:35:2f:7c:53:
3e:d4:30:10:79:a7:ec:99:7f:9a:e4:ec:fd:07:fa:d5:ea:c5:
c9:d7:11:d6:d1:a6:50:dd:25:90:f4:20:2b:c1:e1:55:f4:90:
d8:a8:df:7f
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIECTKsKzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
YjA0MTViZmM0M2IzOGU5Y2ZkMWExMjk5NTIwMmU4NzYzNzUyZmRlMB4XDTIyMDEw
MTA2MDAyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2E3ZTdhZjlmODhi
ZGU2N2IxODlhMjk5MDI2NmEyNGE4ODdhZjQ0NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANiNOaLgYoVxMIh5skxEco/oQlCuNNbTbxYohXM2mugY5QS2
AfgVQMCqogcGlpKncFPkhmFjBWU2IH2wtKvSz3cdwzDN+5J0FIqUJWYi1nPUiirj
7kIhAVJhcxDzldWDagztDe/Y0NshQq7hxHR29YjjnJyH3K+0CVoaJj0CRpukmsZJ
2e9tm3lEjdKMlRypbZtnU4qQa1EIPQXggm5Qx85eSTJIVPQwWBrO0QjwOci6p9vo
MPnjYw4lLFhzvhK0f09M9KtDUR74p7d+6wlUW19PG8GCx8QTnLcdf0kTrSKZpDtf
lUCZqsUlrjk8QYJ/ZWn3JzlqKab9tIh8Wkht32kCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQ6fnr5+IveZ7GJopkCZqJKiHr0RDAfBgNVHSMEGDAWgBQbBBW/xDs46c/R
oSmVIC6HY3Uv3jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0d3UVZ2OFE3T09uUDBhRXBsU0F1aDJOMUw5NC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTYvMDk0MDgxLThhZWItNDJiZi1hNTc4LWEzY2EwZGI4MzI1NC8x
L09uNTYtZmlMM21leGlhS1pBbWFpU29oNjlFUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTYv
MDk0MDgxLThhZWItNDJiZi1hNTc4LWEzY2EwZGI4MzI1NC8xL0d3UVZ2OFE3T09u
UDBhRXBsU0F1aDJOMUw5NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAC0KFQMEAJhZ/DANBgkqhkiG9w0B
AQsFAAOCAQEAF+aBcQ7ok4bpCc9camaBF4cZNpPQqmkumpEBkEOQtLicEBcSQtVQ
kx7me2nsoH2lvBmKGKBFj9iNNR/I8QLnZhxQ3JkFGfK1OJZYHJFmpdDUGL4uvVxr
VEG2CxEGfeCCq4anfMC9hFv6EN2PwLVcCOAghdxa0sSZdVPjFkIxie2KZdF/x1An
1u6lmJBAHiXGl2K5JoyKB+uSFV8yF2ZgxoAs+IxDPa3dgI4QSi4p7jfGlRE96QbT
cYbV58UBehvzB7n/+qN1iWZoUNqlnTHRR478iYI1L3xTPtQwEHmn7Jl/muTs/Qf6
1erFydcR1tGmUN0lkPQgK8HhVfSQ2Kjffw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:30 2023 by rpki-client on console-fra.rpki-client.org