Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/7f1275-12fc-4397-9e3b-edf6cad1249d/1/3XRYAmiJzV3y3Ny_2hOQMBDUdZo.roa
File: 3XRYAmiJzV3y3Ny_2hOQMBDUdZo.roa (raw, json)
Hash identifier: 9Hvf9enkrjIdmwRddOYTNbyr5Wh3qoDA8YL8Cj8n5Eg=
Subject key identifier: DD:74:58:02:68:89:CD:5D:F2:DC:DC:BF:DA:13:90:30:10:D4:75:9A
Certificate issuer: /CN=c3831edc0ba07c7e34aba701c3573d8e72af18fe
Certificate serial: 07CAB6A1
Authority key identifier: C3:83:1E:DC:0B:A0:7C:7E:34:AB:A7:01:C3:57:3D:8E:72:AF:18:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w4Me3AugfH40q6cBw1c9jnKvGP4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/7f1275-12fc-4397-9e3b-edf6cad1249d/1/3XRYAmiJzV3y3Ny_2hOQMBDUdZo.roa
Signing time: Sat 01 Jan 2022 13:57:00 +0000
ROA not before: Sat 01 Jan 2022 13:57:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208569
IP address blocks: 45.128.10.0/24 maxlen: 24
45.128.8.0/22 maxlen: 22
45.128.11.0/24 maxlen: 24
45.128.8.0/24 maxlen: 24
45.128.9.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 130725537 (0x7cab6a1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3831edc0ba07c7e34aba701c3573d8e72af18fe
Validity
Not Before: Jan 1 13:57:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dd7458026889cd5df2dcdcbfda13903010d4759a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:01:c9:62:21:2a:31:3e:16:40:06:66:2e:67:
95:53:62:a7:8c:90:eb:4c:21:85:cd:4c:ec:96:7b:
7f:4c:91:76:46:1d:f3:0e:9d:fc:37:a8:97:89:35:
4e:a2:87:93:f7:13:9f:bc:30:a2:31:b7:27:9c:20:
6a:71:a9:31:19:94:58:5d:c6:8e:d3:a2:01:ea:47:
46:84:c9:3e:23:9e:7e:c4:21:65:13:d1:72:76:8c:
cf:1e:d4:d6:68:d1:5f:b7:57:51:31:9e:f3:04:ad:
49:78:46:48:29:94:00:c1:8f:d5:f1:60:0c:72:95:
a4:71:81:3e:f9:a4:f3:e7:ba:d6:fb:3c:39:2e:81:
2e:3c:54:35:64:09:0b:f2:22:02:a8:0a:5c:82:91:
d8:94:30:1c:4b:8f:f5:13:eb:02:34:bb:8f:25:62:
da:92:af:df:15:ed:f0:06:76:b6:07:18:c2:59:31:
c3:b5:1b:26:c8:96:29:f4:ff:ff:86:96:16:80:8a:
59:8d:9f:48:a4:fc:b2:c4:f1:7c:f7:c8:7f:92:6d:
3a:10:45:a4:02:fd:31:b4:23:11:59:71:5a:6f:46:
35:aa:aa:ff:1e:c8:6c:0b:4e:b5:79:67:6a:fd:92:
e0:a6:63:85:22:78:34:8c:d1:e9:ae:f5:91:62:97:
3b:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:74:58:02:68:89:CD:5D:F2:DC:DC:BF:DA:13:90:30:10:D4:75:9A
X509v3 Authority Key Identifier:
keyid:C3:83:1E:DC:0B:A0:7C:7E:34:AB:A7:01:C3:57:3D:8E:72:AF:18:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w4Me3AugfH40q6cBw1c9jnKvGP4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/7f1275-12fc-4397-9e3b-edf6cad1249d/1/3XRYAmiJzV3y3Ny_2hOQMBDUdZo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/7f1275-12fc-4397-9e3b-edf6cad1249d/1/w4Me3AugfH40q6cBw1c9jnKvGP4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.8.0/22
Signature Algorithm: sha256WithRSAEncryption
9c:1d:cc:31:3d:bb:ea:7c:7a:d8:23:72:8c:be:cd:fe:c4:f6:
33:0b:cd:5f:cf:14:a9:9d:53:50:82:83:9a:b2:b9:25:29:e7:
ae:1d:18:0c:c6:2f:05:d0:02:48:dd:05:ad:a6:c4:dc:af:79:
4a:bc:d5:41:42:e3:5b:db:2a:c3:4f:59:55:95:83:9d:5a:39:
37:d2:e0:4b:a1:ec:e7:c7:d2:0a:d0:c9:85:fc:07:7e:fb:1b:
d7:bd:6a:54:c0:90:33:cd:33:21:e0:3d:7f:da:0f:05:a3:5f:
f0:26:db:ba:9d:48:43:ab:5d:1d:50:a0:f9:1d:9c:2c:1a:da:
53:91:b9:32:dc:34:3f:a4:d1:5e:d4:a4:1e:5d:2c:59:9a:48:
f0:b0:d0:b3:46:83:32:c5:42:e5:4b:70:b2:59:ea:a8:a2:6d:
e6:34:2c:ae:3b:0c:29:46:b9:8d:96:be:a2:e1:83:16:77:1b:
d8:10:6c:69:6a:3f:93:3e:4f:cf:2e:cc:1f:4e:67:c9:cc:c3:
cd:29:aa:54:f4:b2:9b:76:ea:8d:20:da:f5:11:55:64:0b:76:
70:09:14:83:26:c5:21:8e:19:5c:29:95:c7:43:98:ff:ea:8e:
32:94:92:1c:f1:2c:42:c1:07:04:ca:c0:c1:73:bd:5e:76:7d:
bd:91:9e:ed
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEB8q2oTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
MzgzMWVkYzBiYTA3YzdlMzRhYmE3MDFjMzU3M2Q4ZTcyYWYxOGZlMB4XDTIyMDEw
MTEzNTcwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGQ3NDU4MDI2ODg5
Y2Q1ZGYyZGNkY2JmZGExMzkwMzAxMGQ0NzU5YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM8ByWIhKjE+FkAGZi5nlVNip4yQ60whhc1M7JZ7f0yRdkYd
8w6d/Deol4k1TqKHk/cTn7wwojG3J5wganGpMRmUWF3GjtOiAepHRoTJPiOefsQh
ZRPRcnaMzx7U1mjRX7dXUTGe8wStSXhGSCmUAMGP1fFgDHKVpHGBPvmk8+e61vs8
OS6BLjxUNWQJC/IiAqgKXIKR2JQwHEuP9RPrAjS7jyVi2pKv3xXt8AZ2tgcYwlkx
w7UbJsiWKfT//4aWFoCKWY2fSKT8ssTxfPfIf5JtOhBFpAL9MbQjEVlxWm9GNaqq
/x7IbAtOtXlnav2S4KZjhSJ4NIzR6a71kWKXO6UCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTddFgCaInNXfLc3L/aE5AwENR1mjAfBgNVHSMEGDAWgBTDgx7cC6B8fjSr
pwHDVz2Ocq8Y/jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3c0TWUzQXVnZkg0MHE2Y0J3MWM5am5LdkdQNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTkvN2YxMjc1LTEyZmMtNDM5Ny05ZTNiLWVkZjZjYWQxMjQ5ZC8x
LzNYUllBbWlKelYzeTNOeV8yaE9RTUJEVWRaby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTkv
N2YxMjc1LTEyZmMtNDM5Ny05ZTNiLWVkZjZjYWQxMjQ5ZC8xL3c0TWUzQXVnZkg0
MHE2Y0J3MWM5am5LdkdQNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi2ACDANBgkqhkiG9w0BAQsFAAOC
AQEAnB3MMT276nx62CNyjL7N/sT2MwvNX88UqZ1TUIKDmrK5JSnnrh0YDMYvBdAC
SN0FrabE3K95SrzVQULjW9sqw09ZVZWDnVo5N9LgS6Hs58fSCtDJhfwHfvsb171q
VMCQM80zIeA9f9oPBaNf8Cbbup1IQ6tdHVCg+R2cLBraU5G5Mtw0P6TRXtSkHl0s
WZpI8LDQs0aDMsVC5UtwslnqqKJt5jQsrjsMKUa5jZa+ouGDFncb2BBsaWo/kz5P
zy7MH05nyczDzSmqVPSym3bqjSDa9RFVZAt2cAkUgybFIY4ZXCmVx0OY/+qOMpSS
HPEsQsEHBMrAwXO9XnZ9vZGe7Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:08 2024 by rpki-client on console-fra.rpki-client.org