Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/1_kfBlrj0LzMTfdFb_KLkZgnFUk.roa
File: 1_kfBlrj0LzMTfdFb_KLkZgnFUk.roa (raw, json)
Hash identifier: ibXJfaxTb/xqkKETUnL91mV3xtSjH1zXf1I1p62h1wY=
Subject key identifier: D7:F9:1F:06:5A:E3:D0:BC:CC:4D:F7:45:6F:F2:8B:91:98:27:15:49
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 19D3DDE1
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/1_kfBlrj0LzMTfdFb_KLkZgnFUk.roa
Signing time: Sat 01 Jan 2022 15:56:41 +0000
ROA not before: Sat 01 Jan 2022 15:56:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25151
IP address blocks: 45.134.223.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 433315297 (0x19d3dde1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jan 1 15:56:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d7f91f065ae3d0bccc4df7456ff28b9198271549
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:15:44:29:35:d4:1b:96:16:29:b1:40:b0:1e:
00:38:fc:ee:41:f9:a2:3b:18:41:bf:c6:d9:48:f7:
fd:43:11:f2:94:a7:33:cc:4d:e3:af:76:9d:07:10:
01:d5:e1:b9:fc:61:11:16:9c:66:01:b0:ac:a2:78:
e7:a4:90:28:79:ad:a3:e7:15:61:31:80:f9:d0:59:
25:01:30:77:71:c8:d2:41:ab:cd:19:45:3c:24:f7:
2b:fa:cc:0f:2a:75:72:51:46:0d:37:7a:af:43:2d:
d0:8f:f3:c5:e6:06:e7:ac:48:5c:06:93:08:2c:b3:
36:bc:bc:d1:ec:c9:93:42:0c:31:a3:d3:67:f8:ed:
80:34:60:a8:99:ba:9a:91:57:84:5d:08:73:4d:ab:
bd:86:fb:36:33:78:6c:de:06:70:69:91:4e:1b:b8:
48:f8:88:7d:65:a8:51:6d:88:38:10:d7:f7:45:d5:
81:00:75:e5:1e:5d:79:20:0c:cd:31:cd:c9:c0:e7:
bb:27:58:25:92:6d:30:85:cf:ba:c5:f9:3c:fc:ad:
8a:d3:ba:f8:1f:7c:93:55:f8:d5:84:58:83:3a:29:
a4:82:e2:71:81:b8:21:ce:ad:d5:08:f1:04:ca:56:
95:6a:dc:ec:e1:fa:13:53:fc:6e:6d:7b:12:e2:2f:
80:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:F9:1F:06:5A:E3:D0:BC:CC:4D:F7:45:6F:F2:8B:91:98:27:15:49
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/1_kfBlrj0LzMTfdFb_KLkZgnFUk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.134.223.0/24
Signature Algorithm: sha256WithRSAEncryption
13:3a:7d:48:39:bb:0a:e7:e0:d4:e9:ad:2f:7b:5f:eb:00:15:
06:ec:90:d3:63:87:04:0d:fc:39:81:f1:cd:cd:cc:e8:56:7b:
01:5d:83:a9:a9:54:7e:f8:cc:89:82:a5:67:d1:f5:78:eb:42:
9d:da:cd:a4:d2:78:17:d3:2f:e8:35:50:e3:5d:af:63:f6:ef:
6d:6b:ca:ba:dd:50:66:1a:07:f1:e8:92:e5:25:e8:1b:e7:30:
3b:2a:3b:7b:33:db:52:43:34:a9:96:4e:5f:6f:18:ea:f3:11:
5d:21:9e:d6:ea:d3:85:e2:22:b9:73:b6:fc:f6:d8:92:83:e9:
94:ae:ca:96:5d:9e:a8:22:10:15:d1:f5:e7:0b:d0:1a:db:d7:
14:af:04:0a:7c:e8:64:7e:20:8a:70:9a:8c:da:70:a6:72:0a:
be:a7:ae:db:3e:7f:73:76:9a:ea:6a:6d:68:c1:61:e7:52:b8:
39:a7:09:7e:4f:6a:6b:78:54:0f:99:65:41:75:6b:1e:4d:e5:
2b:7f:75:d3:5b:9b:1c:3a:04:18:53:42:50:3e:a9:97:7f:fc:
d9:6a:17:97:a6:95:f2:bf:a0:f8:10:cb:18:1d:a9:21:23:cb:
e6:03:19:fd:4f:0a:79:af:84:d2:46:84:43:57:fd:fc:d0:7a:
ee:8a:86:0d
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEGdPd4TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MTU1MDA5YzNkZTQyMWNjNGU2N2I5YTlhZTQyM2JiMzVkZTBiOTI2MB4XDTIyMDEw
MTE1NTY0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDdmOTFmMDY1YWUz
ZDBiY2NjNGRmNzQ1NmZmMjhiOTE5ODI3MTU0OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALcVRCk11BuWFimxQLAeADj87kH5ojsYQb/G2Uj3/UMR8pSn
M8xN4692nQcQAdXhufxhERacZgGwrKJ456SQKHmto+cVYTGA+dBZJQEwd3HI0kGr
zRlFPCT3K/rMDyp1clFGDTd6r0Mt0I/zxeYG56xIXAaTCCyzNry80ezJk0IMMaPT
Z/jtgDRgqJm6mpFXhF0Ic02rvYb7NjN4bN4GcGmRThu4SPiIfWWoUW2IOBDX90XV
gQB15R5deSAMzTHNycDnuydYJZJtMIXPusX5PPytitO6+B98k1X41YRYgzoppILi
cYG4Ic6t1QjxBMpWlWrc7OH6E1P8bm17EuIvgE8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTX+R8GWuPQvMxN90Vv8ouRmCcVSTAfBgNVHSMEGDAWgBSxVQCcPeQhzE5n
uamuQjuzXeC5JjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NWVUFuRDNrSWN4T1o3bXBya0k3czEzZ3VTWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTAvZGU5MDJjLTNkMTMtNDdkMS1hNWU2LTczODU2YWY0OWYzZS8x
LzFfa2ZCbHJqMEx6TVRmZEZiX0tMa1pnbkZVay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTAv
ZGU5MDJjLTNkMTMtNDdkMS1hNWU2LTczODU2YWY0OWYzZS8xL3NWVUFuRDNrSWN4
T1o3bXBya0k3czEzZ3VTWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC2G3zANBgkqhkiG9w0BAQsFAAOC
AQEAEzp9SDm7Cufg1OmtL3tf6wAVBuyQ02OHBA38OYHxzc3M6FZ7AV2DqalUfvjM
iYKlZ9H1eOtCndrNpNJ4F9Mv6DVQ412vY/bvbWvKut1QZhoH8eiS5SXoG+cwOyo7
ezPbUkM0qZZOX28Y6vMRXSGe1urTheIiuXO2/PbYkoPplK7Kll2eqCIQFdH15wvQ
GtvXFK8ECnzoZH4ginCajNpwpnIKvqeu2z5/c3aa6mptaMFh51K4OacJfk9qa3hU
D5llQXVrHk3lK39101ubHDoEGFNCUD6pl3/82WoXl6aV8r+g+BDLGB2pISPL5gMZ
/U8Kea+E0kaEQ1f9/NB67oqGDQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:32 2023 by rpki-client on console-fra.rpki-client.org