Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/143d29-cf72-4d01-918c-16afc4dffdd4/1/YnRuBEK8XryURb0P0OK7lqiiFgk.roa
File: YnRuBEK8XryURb0P0OK7lqiiFgk.roa (raw, json)
Hash identifier: R8I2zv3WA/L/idnkP+E8T8Epun18fEplUUhywyAgK6c=
Subject key identifier: 62:74:6E:04:42:BC:5E:BC:94:45:BD:0F:D0:E2:BB:96:A8:A2:16:09
Certificate issuer: /CN=3a00807698f0b097d69ab3926917d1dcc838a624
Certificate serial: 05373D67
Authority key identifier: 3A:00:80:76:98:F0:B0:97:D6:9A:B3:92:69:17:D1:DC:C8:38:A6:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OgCAdpjwsJfWmrOSaRfR3Mg4piQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/143d29-cf72-4d01-918c-16afc4dffdd4/1/YnRuBEK8XryURb0P0OK7lqiiFgk.roa
Signing time: Sat 01 Jan 2022 11:58:01 +0000
ROA not before: Sat 01 Jan 2022 11:58:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 134823
IP address blocks: 45.11.78.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 87506279 (0x5373d67)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a00807698f0b097d69ab3926917d1dcc838a624
Validity
Not Before: Jan 1 11:58:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=62746e0442bc5ebc9445bd0fd0e2bb96a8a21609
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:27:a5:89:b2:fe:72:ae:04:30:55:2e:d1:69:
fc:d5:70:89:f4:0e:da:19:41:56:a3:25:99:2b:aa:
b1:72:11:58:dd:d8:c9:83:6a:c0:54:9f:d8:dd:90:
d0:f7:60:48:40:78:5f:16:ce:05:35:20:76:8c:93:
48:42:a6:6f:28:6c:d2:cb:2f:38:3d:e2:ee:a8:3a:
ae:da:45:72:bf:0c:7e:62:c7:b7:f0:08:37:e5:b8:
7d:42:d0:cb:3f:b0:b9:a7:1b:8a:e6:33:08:a8:e3:
45:24:db:1c:a4:3d:f3:d9:2b:31:61:05:e8:a8:a2:
8c:2e:aa:9d:9e:24:54:7e:dd:f5:14:45:3a:93:20:
c1:c2:e6:df:e6:91:7e:57:8c:43:55:8f:33:06:29:
d2:9a:3e:d5:64:fa:17:c3:d4:ba:fe:b4:3a:83:14:
0d:1c:ba:ab:70:e2:22:cf:f3:4a:12:aa:df:9b:26:
4d:1f:dd:4a:5e:98:9b:4d:dc:6b:96:d3:d3:ac:0b:
bf:74:79:04:dc:9f:92:53:3f:d1:6b:67:bd:e4:fa:
00:6c:06:b9:e5:d3:a0:5a:79:a1:19:25:77:2c:11:
a6:a4:fd:8b:6b:38:52:2a:18:ee:80:31:f6:0c:cc:
76:9a:80:de:f5:cd:9e:13:c6:cc:25:31:be:4e:2f:
1f:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:74:6E:04:42:BC:5E:BC:94:45:BD:0F:D0:E2:BB:96:A8:A2:16:09
X509v3 Authority Key Identifier:
keyid:3A:00:80:76:98:F0:B0:97:D6:9A:B3:92:69:17:D1:DC:C8:38:A6:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OgCAdpjwsJfWmrOSaRfR3Mg4piQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/143d29-cf72-4d01-918c-16afc4dffdd4/1/YnRuBEK8XryURb0P0OK7lqiiFgk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/143d29-cf72-4d01-918c-16afc4dffdd4/1/OgCAdpjwsJfWmrOSaRfR3Mg4piQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.78.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:7d:58:c3:89:46:58:42:1d:34:e1:fb:3e:6e:c6:e4:88:e6:
c5:89:c3:d3:5a:5d:45:08:8a:32:81:97:d7:76:ed:f5:ac:a4:
8e:d3:ee:e0:7e:95:af:05:cb:c0:5f:40:e2:4c:fe:e5:35:6f:
9b:80:bd:95:79:bd:df:6c:aa:50:81:f6:51:7a:f1:ad:f9:fc:
f2:61:46:a5:1f:64:fa:dc:13:ab:b9:f7:86:e2:7e:fa:9f:10:
5c:6c:6d:5a:96:e5:f8:2d:52:17:8e:71:1d:7b:cb:c4:ed:48:
96:43:2a:1f:5b:30:2d:a3:1c:47:7d:f1:0b:ea:bb:61:d0:99:
be:64:c1:88:55:b1:84:da:a5:c4:33:05:e4:cf:6f:4e:40:96:
9c:44:92:7c:1c:72:d5:2c:f8:ab:40:b9:a0:8b:a8:71:7f:45:
e5:cb:12:6a:8e:7e:39:0f:3a:89:80:b2:dd:56:17:55:fd:94:
68:47:eb:53:bd:67:c9:be:0f:b7:55:ba:c4:93:c7:ff:97:0b:
5c:36:7d:8a:e7:f6:71:ca:52:39:9a:bd:47:dc:c0:84:ae:46:
f3:38:62:7c:5c:cc:e3:72:8d:f4:99:be:49:77:57:2e:21:5c:
7c:bc:27:81:2f:bb:f9:2a:54:97:00:ae:40:9e:80:da:c2:d5:
3e:83:80:75
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBTc9ZzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YTAwODA3Njk4ZjBiMDk3ZDY5YWIzOTI2OTE3ZDFkY2M4MzhhNjI0MB4XDTIyMDEw
MTExNTgwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjI3NDZlMDQ0MmJj
NWViYzk0NDViZDBmZDBlMmJiOTZhOGEyMTYwOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALInpYmy/nKuBDBVLtFp/NVwifQO2hlBVqMlmSuqsXIRWN3Y
yYNqwFSf2N2Q0PdgSEB4XxbOBTUgdoyTSEKmbyhs0ssvOD3i7qg6rtpFcr8MfmLH
t/AIN+W4fULQyz+wuacbiuYzCKjjRSTbHKQ989krMWEF6KiijC6qnZ4kVH7d9RRF
OpMgwcLm3+aRfleMQ1WPMwYp0po+1WT6F8PUuv60OoMUDRy6q3DiIs/zShKq35sm
TR/dSl6Ym03ca5bT06wLv3R5BNyfklM/0WtnveT6AGwGueXToFp5oRkldywRpqT9
i2s4UioY7oAx9gzMdpqA3vXNnhPGzCUxvk4vH7ECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRidG4EQrxevJRFvQ/Q4ruWqKIWCTAfBgNVHSMEGDAWgBQ6AIB2mPCwl9aa
s5JpF9HcyDimJDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L09nQ0FkcGp3c0pmV21yT1NhUmZSM01nNHBpUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmEvMTQzZDI5LWNmNzItNGQwMS05MThjLTE2YWZjNGRmZmRkNC8x
L1luUnVCRUs4WHJ5VVJiMFAwT0s3bHFpaUZnay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmEv
MTQzZDI5LWNmNzItNGQwMS05MThjLTE2YWZjNGRmZmRkNC8xL09nQ0FkcGp3c0pm
V21yT1NhUmZSM01nNHBpUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC0LTjANBgkqhkiG9w0BAQsFAAOC
AQEAG31Yw4lGWEIdNOH7Pm7G5IjmxYnD01pdRQiKMoGX13bt9aykjtPu4H6VrwXL
wF9A4kz+5TVvm4C9lXm932yqUIH2UXrxrfn88mFGpR9k+twTq7n3huJ++p8QXGxt
Wpbl+C1SF45xHXvLxO1IlkMqH1swLaMcR33xC+q7YdCZvmTBiFWxhNqlxDMF5M9v
TkCWnESSfBxy1Sz4q0C5oIuocX9F5csSao5+OQ86iYCy3VYXVf2UaEfrU71nyb4P
t1W6xJPH/5cLXDZ9iuf2ccpSOZq9R9zAhK5G8zhifFzM43KN9Jm+SXdXLiFcfLwn
gS+7+SpUlwCuQJ6A2sLVPoOAdQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:43 2024 by rpki-client on console-ams.rpki-client.org