Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/_1Affz3deYAO3NCAZKzWzZvnJO8.roa
File: _1Affz3deYAO3NCAZKzWzZvnJO8.roa (raw, json)
Hash identifier: L7178g4FpVpFh7b6HFJ39s7T3RTJHbKEgHh0fo4qx5M=
Subject key identifier: FF:50:1F:7F:3D:DD:79:80:0E:DC:D0:80:64:AC:D6:CD:9B:E7:24:EF
Certificate issuer: /CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
Certificate serial: 01891B036FA09814DDA406D453311E48D1A4
Authority key identifier: 82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/_1Affz3deYAO3NCAZKzWzZvnJO8.roa
Signing time: Mon 03 Jul 2023 09:09:17 +0000
ROA not before: Mon 03 Jul 2023 09:09:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42831
IP address blocks: 45.11.236.0/23 maxlen: 23
45.11.238.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:1b:03:6f:a0:98:14:dd:a4:06:d4:53:31:1e:48:d1:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
Validity
Not Before: Jul 3 09:09:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ff501f7f3ddd79800edcd08064acd6cd9be724ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:64:3d:60:73:eb:4f:fb:1b:74:3b:80:a2:cf:
48:c8:24:bf:fe:fd:d7:12:ab:38:ee:b1:42:79:ff:
3a:57:f8:ff:2c:f1:02:53:46:3f:52:47:35:37:da:
ac:8e:02:fa:cb:58:b3:b7:8f:0e:3d:ad:25:d0:07:
7f:b0:3f:0f:dc:f0:c0:72:9c:88:3e:ba:19:52:90:
1d:48:79:ed:c7:ca:b2:15:d0:45:a0:b3:7c:aa:f5:
85:5b:78:86:c0:66:f4:ac:6d:48:67:72:92:1e:44:
7b:79:fb:c6:2d:20:b8:c4:9d:65:c1:f5:c5:e2:08:
7a:6f:b1:87:58:8c:a3:73:34:aa:cb:1e:cc:dd:fe:
3d:fc:02:0d:be:0a:9a:e4:48:47:5a:68:c1:7c:ef:
96:06:a0:21:21:9b:bb:ad:f3:e0:4b:0d:32:36:e5:
f1:76:78:88:44:36:93:07:42:e1:cd:46:d9:19:34:
ca:1e:55:04:a9:96:60:99:ef:23:cc:c9:2a:bf:8e:
bc:e3:c5:24:73:c6:6b:ad:e2:18:81:26:b7:06:d1:
47:8e:73:06:4a:e5:e6:b5:15:fa:e9:29:54:fd:fc:
56:aa:d8:06:a7:07:cb:98:ac:88:6f:31:2f:ca:fa:
b7:76:51:c0:f6:01:6b:bd:2f:b6:75:34:15:e7:9f:
ec:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:50:1F:7F:3D:DD:79:80:0E:DC:D0:80:64:AC:D6:CD:9B:E7:24:EF
X509v3 Authority Key Identifier:
keyid:82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/_1Affz3deYAO3NCAZKzWzZvnJO8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.236.0/22
Signature Algorithm: sha256WithRSAEncryption
61:10:90:96:b4:f4:bf:cc:71:35:20:67:e5:70:9e:c1:56:e4:
de:90:26:3e:5f:d9:8a:07:b1:5c:5f:e6:eb:66:98:38:0e:09:
1d:16:91:de:e8:59:08:11:d6:bf:6a:f8:bc:51:f7:3b:7a:45:
37:3d:58:72:a6:22:e6:85:24:f1:cb:6f:11:1c:66:4c:a1:de:
eb:40:37:da:ed:f8:67:17:7d:32:83:ac:52:cc:f3:62:3f:00:
e2:6e:fa:ae:ac:88:62:34:a5:51:a8:2a:01:35:04:1c:46:e9:
99:70:ab:95:aa:0f:5a:9f:4e:fa:a3:78:23:59:09:20:91:44:
25:f3:3c:91:44:86:20:de:03:80:f0:35:e2:87:7f:0b:9b:e4:
e0:8f:92:22:8f:83:85:1c:8b:b5:95:73:42:b4:13:bb:77:01:
62:88:d2:ce:c6:46:b9:c1:e3:5b:77:62:71:c3:0e:05:37:05:
03:6a:75:2a:1a:31:b8:bc:12:13:af:1f:cd:bd:f3:e7:78:bb:
13:cb:83:b5:d6:01:7b:1a:4f:87:23:ea:78:83:14:67:4f:57:
f1:33:ca:a4:12:34:74:b9:4a:c5:6f:37:c6:1c:70:2b:e3:b3:
af:88:48:54:1d:ed:3b:7a:6a:d6:e1:ba:3e:06:f6:fb:05:8a:
74:11:b2:3a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYkbA2+gmBTdpAbUUzEeSNGkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyMWEzZjIxZmIwYzI5NGQ2ZDRhNTI5YjJmMWRiZDRiZDEx
MTliZDcwHhcNMjMwNzAzMDkwOTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjUwMWY3ZjNkZGQ3OTgwMGVkY2QwODA2NGFjZDZjZDliZTcyNGVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxGQ9YHPrT/sbdDuAos9IyCS//v3X
Eqs47rFCef86V/j/LPECU0Y/Ukc1N9qsjgL6y1izt48OPa0l0Ad/sD8P3PDAcpyI
ProZUpAdSHntx8qyFdBFoLN8qvWFW3iGwGb0rG1IZ3KSHkR7efvGLSC4xJ1lwfXF
4gh6b7GHWIyjczSqyx7M3f49/AINvgqa5EhHWmjBfO+WBqAhIZu7rfPgSw0yNuXx
dniIRDaTB0LhzUbZGTTKHlUEqZZgme8jzMkqv46848Ukc8ZrreIYgSa3BtFHjnMG
SuXmtRX66SlU/fxWqtgGpwfLmKyIbzEvyvq3dlHA9gFrvS+2dTQV55/sWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP9QH3893XmADtzQgGSs1s2b5yTvMB8GA1UdIwQY
MBaAFIIaPyH7DClNbUpSmy8dvUvREZvXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMt
YjZmMmFjODZlZjI3LzEvXzFBZmZ6M2RlWUFPM05DQVpLeld6WnZuSk84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMtYjZmMmFjODZlZjI3
LzEvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLQvsMA0G
CSqGSIb3DQEBCwUAA4IBAQBhEJCWtPS/zHE1IGflcJ7BVuTekCY+X9mKB7FcX+br
Zpg4DgkdFpHe6FkIEda/avi8Ufc7ekU3PVhypiLmhSTxy28RHGZMod7rQDfa7fhn
F30yg6xSzPNiPwDibvqurIhiNKVRqCoBNQQcRumZcKuVqg9an076o3gjWQkgkUQl
8zyRRIYg3gOA8DXih38Lm+Tgj5Iij4OFHIu1lXNCtBO7dwFiiNLOxka5weNbd2Jx
ww4FNwUDanUqGjG4vBITrx/NvfPneLsTy4O11gF7Gk+HI+p4gxRnT1fxM8qkEjR0
uUrFbzfGHHAr47OviEhUHe07emrW4bo+Bvb7BYp0EbI6
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:26:34 2025 by rpki-client