Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/e41698-e7ac-418c-b91d-2267968b652f/1/45cQ0P0zPqZYcmaW79G8KFwgE0M.roa
File: 45cQ0P0zPqZYcmaW79G8KFwgE0M.roa (raw, json)
Hash identifier: ktMyVdRRC1igO1mJkbYHWoof/NcYGN0zXaRGR76l+eo=
Subject key identifier: E3:97:10:D0:FD:33:3E:A6:58:72:66:96:EF:D1:BC:28:5C:20:13:43
Certificate issuer: /CN=c23642d1ab39d309ec5f33e4e8814adc3584825f
Certificate serial: 01847B106BF004429FF7E5D8C6C47C3991D9
Authority key identifier: C2:36:42:D1:AB:39:D3:09:EC:5F:33:E4:E8:81:4A:DC:35:84:82:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjZC0as50wnsXzPk6IFK3DWEgl8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/e41698-e7ac-418c-b91d-2267968b652f/1/45cQ0P0zPqZYcmaW79G8KFwgE0M.roa
Signing time: Tue 15 Nov 2022 11:33:04 +0000
ROA not before: Tue 15 Nov 2022 11:33:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39368
IP address blocks: 185.211.58.0/24 maxlen: 24
185.211.57.0/24 maxlen: 24
185.211.56.0/24 maxlen: 24
185.211.59.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:7b:10:6b:f0:04:42:9f:f7:e5:d8:c6:c4:7c:39:91:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c23642d1ab39d309ec5f33e4e8814adc3584825f
Validity
Not Before: Nov 15 11:33:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e39710d0fd333ea658726696efd1bc285c201343
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:fd:80:94:95:8b:46:cb:30:b1:01:7c:cd:db:
27:b2:41:09:0a:d6:45:77:a2:22:fe:30:ce:b5:ac:
35:e5:98:d0:0a:e3:88:81:c9:fd:20:fe:6a:97:cb:
f5:d7:05:07:c9:76:54:99:1b:55:db:82:65:8c:f0:
aa:f4:eb:ed:11:46:16:00:2e:b5:52:26:42:3c:f7:
dc:f2:ae:97:de:13:7f:93:07:e4:cb:35:db:b1:a4:
c4:dd:d4:a3:a8:5f:16:54:65:8b:14:c6:8e:95:f3:
44:52:80:8c:d8:83:b2:e5:3a:c3:ed:96:4c:4c:19:
1c:62:9f:e6:53:03:a6:db:b9:45:6b:b9:c6:51:1f:
fd:18:ea:9f:6a:01:32:e1:a4:be:93:00:7e:c2:d8:
1a:53:3c:d0:e6:0b:99:3d:2e:40:e1:76:3f:3d:93:
c8:b5:32:4e:d6:e9:eb:db:20:af:2a:c9:8a:99:07:
a5:b8:55:2d:e4:ed:95:2d:a3:13:5b:d6:84:e6:1b:
d0:03:ee:41:13:2c:16:53:de:0b:41:d8:21:b4:be:
2c:40:3d:86:f0:43:01:7d:c6:72:2b:88:6a:36:9c:
d3:72:de:93:81:64:a6:39:6f:73:83:16:bd:6b:56:
de:8d:2a:fc:40:d9:62:f4:36:ed:3e:e4:22:39:02:
81:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:97:10:D0:FD:33:3E:A6:58:72:66:96:EF:D1:BC:28:5C:20:13:43
X509v3 Authority Key Identifier:
keyid:C2:36:42:D1:AB:39:D3:09:EC:5F:33:E4:E8:81:4A:DC:35:84:82:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjZC0as50wnsXzPk6IFK3DWEgl8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/e41698-e7ac-418c-b91d-2267968b652f/1/45cQ0P0zPqZYcmaW79G8KFwgE0M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/e41698-e7ac-418c-b91d-2267968b652f/1/wjZC0as50wnsXzPk6IFK3DWEgl8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.211.56.0/22
Signature Algorithm: sha256WithRSAEncryption
7e:2a:3b:d4:1a:81:b2:ea:e1:72:2f:4e:f9:be:1a:fc:7e:63:
23:3c:42:32:95:b3:ad:3e:7f:78:06:9e:a1:bc:d6:23:33:ec:
97:b7:66:74:c4:2e:25:7b:f8:d7:55:1d:68:d0:a7:e2:08:70:
03:c0:aa:c3:5e:2e:8e:70:20:b6:62:1a:43:68:56:3f:01:d8:
0e:51:2d:82:0a:6f:73:d9:78:ba:5b:9f:3d:cf:2b:00:4a:57:
9f:f2:2c:22:4e:39:19:38:cc:00:f5:22:ad:94:6b:53:32:ab:
01:65:16:f9:c0:7c:3b:33:9a:35:65:e1:34:56:3e:06:6a:15:
fe:d4:3f:5a:fa:b1:a9:ac:75:a4:b0:c9:51:21:c5:21:b0:c9:
6b:92:9d:a0:41:e3:3e:56:9b:2b:a2:a7:83:d1:e8:c2:d9:d5:
7f:c4:16:f7:19:50:1c:96:a7:3b:c7:53:ce:ab:9c:3c:da:0c:
95:73:4c:23:b8:2e:af:c4:f2:64:73:ee:21:94:2d:3f:36:cd:
82:9e:a9:b1:f9:46:2e:0d:5c:9d:76:1b:1e:72:f6:5f:bf:a2:
23:cc:51:35:79:64:0e:25:cb:c9:32:d8:94:8b:5a:bc:8e:b4:
f9:62:d0:82:ed:59:e7:27:3e:cf:c5:03:52:78:f9:15:56:47:
40:bf:b3:43
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYR7EGvwBEKf9+XYxsR8OZHZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyMzY0MmQxYWIzOWQzMDllYzVmMzNlNGU4ODE0YWRjMzU4
NDgyNWYwHhcNMjIxMTE1MTEzMzA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzk3MTBkMGZkMzMzZWE2NTg3MjY2OTZlZmQxYmMyODVjMjAxMzQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2v2AlJWLRsswsQF8zdsnskEJCtZF
d6Ii/jDOtaw15ZjQCuOIgcn9IP5ql8v11wUHyXZUmRtV24JljPCq9OvtEUYWAC61
UiZCPPfc8q6X3hN/kwfkyzXbsaTE3dSjqF8WVGWLFMaOlfNEUoCM2IOy5TrD7ZZM
TBkcYp/mUwOm27lFa7nGUR/9GOqfagEy4aS+kwB+wtgaUzzQ5guZPS5A4XY/PZPI
tTJO1unr2yCvKsmKmQeluFUt5O2VLaMTW9aE5hvQA+5BEywWU94LQdghtL4sQD2G
8EMBfcZyK4hqNpzTct6TgWSmOW9zgxa9a1bejSr8QNli9DbtPuQiOQKBhwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOOXEND9Mz6mWHJmlu/RvChcIBNDMB8GA1UdIwQY
MBaAFMI2QtGrOdMJ7F8z5OiBStw1hIJfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2paQzBhczUwd25zWHpQazZJRkszRFdFZ2w4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9lNDE2OTgtZTdhYy00MThjLWI5MWQt
MjI2Nzk2OGI2NTJmLzEvNDVjUTBQMHpQcVpZY21hVzc5RzhLRndnRTBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9lNDE2OTgtZTdhYy00MThjLWI5MWQtMjI2Nzk2OGI2NTJm
LzEvd2paQzBhczUwd25zWHpQazZJRkszRFdFZ2w4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCudM4MA0G
CSqGSIb3DQEBCwUAA4IBAQB+KjvUGoGy6uFyL075vhr8fmMjPEIylbOtPn94Bp6h
vNYjM+yXt2Z0xC4le/jXVR1o0KfiCHADwKrDXi6OcCC2YhpDaFY/AdgOUS2CCm9z
2Xi6W589zysASlef8iwiTjkZOMwA9SKtlGtTMqsBZRb5wHw7M5o1ZeE0Vj4GahX+
1D9a+rGprHWksMlRIcUhsMlrkp2gQeM+VpsroqeD0ejC2dV/xBb3GVAclqc7x1PO
q5w82gyVc0wjuC6vxPJkc+4hlC0/Ns2Cnqmx+UYuDVyddhsecvZfv6IjzFE1eWQO
JcvJMtiUi1q8jrT5YtCC7VnnJz7PxQNSePkVVkdAv7ND
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:19 2024 by rpki-client on console-ams.rpki-client.org