Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/69ed29-af4e-4524-adfb-e15437380099/1/cRTd-7gnJnWy-L7lzZspyPitjLk.roa
File: cRTd-7gnJnWy-L7lzZspyPitjLk.roa (raw, json)
Hash identifier: mWYGtXekHujmkXPUX7YeuDbm2I7OgXTD6djbBJzClgU=
Subject key identifier: 71:14:DD:FB:B8:27:26:75:B2:F8:BE:E5:CD:9B:29:C8:F8:AD:8C:B9
Certificate issuer: /CN=83991afcd455eb1b174fcf89f8e10eaf7f70b355
Certificate serial: 0181F307D8EC2BF012C15D5AA08EEC4218D1
Authority key identifier: 83:99:1A:FC:D4:55:EB:1B:17:4F:CF:89:F8:E1:0E:AF:7F:70:B3:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g5ka_NRV6xsXT8-J-OEOr39ws1U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/69ed29-af4e-4524-adfb-e15437380099/1/cRTd-7gnJnWy-L7lzZspyPitjLk.roa
Signing time: Tue 12 Jul 2022 15:29:46 +0000
ROA not before: Tue 12 Jul 2022 15:29:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203020
IP address blocks: 45.67.4.0/22 maxlen: 32
92.119.168.0/22 maxlen: 32
213.173.60.0/22 maxlen: 32
2.58.76.0/22 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:f3:07:d8:ec:2b:f0:12:c1:5d:5a:a0:8e:ec:42:18:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83991afcd455eb1b174fcf89f8e10eaf7f70b355
Validity
Not Before: Jul 12 15:29:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7114ddfbb8272675b2f8bee5cd9b29c8f8ad8cb9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:d1:c5:e1:32:f7:5b:f4:d6:c4:c9:1b:bd:28:
17:6b:9f:ae:9b:aa:36:65:17:fd:5a:cd:d6:c5:50:
0f:a1:35:46:c0:20:33:e2:b6:62:dd:be:7d:2f:f3:
96:f3:0a:05:fc:ac:b7:39:66:c7:39:7d:90:dd:15:
43:9b:78:2c:fd:8f:ef:50:85:2c:d2:76:6a:6c:39:
86:80:ce:de:d4:25:d1:86:31:da:96:89:5c:fb:60:
c6:f4:24:38:5e:ce:32:f6:44:5d:d3:c8:c5:4e:be:
42:cb:c1:ca:c3:1c:e6:cb:4d:7f:2c:3e:5a:fb:ca:
3b:f8:65:f8:1a:05:d0:91:f2:2f:fc:12:2b:6b:50:
20:a3:bd:15:c1:c2:22:d8:6c:29:08:cd:a6:ac:b7:
22:99:b5:d5:37:98:64:cb:af:76:d6:69:eb:6f:7f:
49:9d:e4:30:2d:ee:6a:cc:85:69:58:9c:3b:16:e5:
5b:d9:36:eb:03:18:44:3a:c4:f6:8c:0d:91:0f:f2:
05:b3:91:0a:03:4e:80:10:ff:34:6f:66:c0:94:b1:
f1:00:7f:9e:00:42:90:12:e2:37:b1:37:2b:5d:df:
de:53:d8:ee:23:fa:d8:1a:ef:c6:d3:53:45:77:43:
63:9e:59:c8:27:01:36:9d:ca:9f:74:83:96:48:28:
4e:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:14:DD:FB:B8:27:26:75:B2:F8:BE:E5:CD:9B:29:C8:F8:AD:8C:B9
X509v3 Authority Key Identifier:
keyid:83:99:1A:FC:D4:55:EB:1B:17:4F:CF:89:F8:E1:0E:AF:7F:70:B3:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g5ka_NRV6xsXT8-J-OEOr39ws1U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/69ed29-af4e-4524-adfb-e15437380099/1/cRTd-7gnJnWy-L7lzZspyPitjLk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/69ed29-af4e-4524-adfb-e15437380099/1/g5ka_NRV6xsXT8-J-OEOr39ws1U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.76.0/22
45.67.4.0/22
92.119.168.0/22
213.173.60.0/22
Signature Algorithm: sha256WithRSAEncryption
41:24:d7:67:48:6e:8f:7a:30:81:cc:78:05:44:1e:fe:b1:c0:
ae:75:58:a8:36:18:69:de:bc:24:f1:d9:76:46:bb:ce:94:33:
49:56:22:c7:a8:ab:34:13:99:a9:3d:f6:30:7b:7e:70:67:11:
a3:a1:1d:e3:06:f3:3e:d9:b4:0c:7d:dd:c4:42:15:e1:71:d2:
32:78:b8:48:fb:b2:c4:8f:f8:34:47:bf:f1:fb:8e:78:b3:43:
e0:1a:5d:09:d9:dd:45:b7:4b:70:12:e0:33:92:84:49:bd:a7:
78:0d:b5:df:bc:0e:59:40:d5:db:0f:3f:e2:83:11:55:29:54:
94:9b:bb:e3:c0:25:e4:5b:c1:7f:ee:6b:76:2a:df:21:82:98:
27:44:d4:7e:ea:95:4d:76:59:47:1f:7e:cb:14:8b:93:6c:43:
5c:d3:12:d9:f3:52:98:94:ae:89:71:f4:2c:64:8e:09:e4:e2:
e9:70:e1:d3:ea:23:bd:ac:67:6b:f0:24:9b:e1:df:88:b7:cf:
14:14:fd:10:6e:5c:82:2d:10:3e:4b:11:29:f3:53:c4:ff:ca:
ec:74:36:0d:f7:39:22:90:75:58:7b:d6:b2:c6:c5:24:53:53:
24:8a:3e:5b:c5:b8:b9:c1:76:8e:bc:e8:d1:23:a9:38:04:e5:
76:c6:9c:d9
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYHzB9jsK/ASwV1aoI7sQhjRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzOTkxYWZjZDQ1NWViMWIxNzRmY2Y4OWY4ZTEwZWFmN2Y3
MGIzNTUwHhcNMjIwNzEyMTUyOTQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTE0ZGRmYmI4MjcyNjc1YjJmOGJlZTVjZDliMjljOGY4YWQ4Y2I5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmNHF4TL3W/TWxMkbvSgXa5+um6o2
ZRf9Ws3WxVAPoTVGwCAz4rZi3b59L/OW8woF/Ky3OWbHOX2Q3RVDm3gs/Y/vUIUs
0nZqbDmGgM7e1CXRhjHalolc+2DG9CQ4Xs4y9kRd08jFTr5Cy8HKwxzmy01/LD5a
+8o7+GX4GgXQkfIv/BIra1Ago70VwcIi2GwpCM2mrLcimbXVN5hky6921mnrb39J
neQwLe5qzIVpWJw7FuVb2TbrAxhEOsT2jA2RD/IFs5EKA06AEP80b2bAlLHxAH+e
AEKQEuI3sTcrXd/eU9juI/rYGu/G01NFd0NjnlnIJwE2ncqfdIOWSChOqQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHEU3fu4JyZ1svi+5c2bKcj4rYy5MB8GA1UdIwQY
MBaAFIOZGvzUVesbF0/PifjhDq9/cLNVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzVrYV9OUlY2eHNYVDgtSi1PRU9yMzl3czFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS82OWVkMjktYWY0ZS00NTI0LWFkZmIt
ZTE1NDM3MzgwMDk5LzEvY1JUZC03Z25Kbld5LUw3bHpac3B5UGl0akxrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS82OWVkMjktYWY0ZS00NTI0LWFkZmItZTE1NDM3MzgwMDk5
LzEvZzVrYV9OUlY2eHNYVDgtSi1PRU9yMzl3czFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCAjpMAwQC
LUMEAwQCXHeoAwQC1a08MA0GCSqGSIb3DQEBCwUAA4IBAQBBJNdnSG6PejCBzHgF
RB7+scCudVioNhhp3rwk8dl2RrvOlDNJViLHqKs0E5mpPfYwe35wZxGjoR3jBvM+
2bQMfd3EQhXhcdIyeLhI+7LEj/g0R7/x+454s0PgGl0J2d1Ft0twEuAzkoRJvad4
DbXfvA5ZQNXbDz/igxFVKVSUm7vjwCXkW8F/7mt2Kt8hgpgnRNR+6pVNdllHH37L
FIuTbENc0xLZ81KYlK6JcfQsZI4J5OLpcOHT6iO9rGdr8CSb4d+It88UFP0QblyC
LRA+SxEp81PE/8rsdDYN9zkikHVYe9ayxsUkU1Mkij5bxbi5wXaOvOjRI6k4BOV2
xpzZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:07 2024 by rpki-client on console-fra.rpki-client.org