Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/rX7Zalw0xKfktIVe65ipec5kMPY.roa
File: rX7Zalw0xKfktIVe65ipec5kMPY.roa (raw, json)
Hash identifier: 1Hcm5QKqb3nrybY+KhqDfRXfkvvH+3BdWogxdPMJQ7U=
Subject key identifier: AD:7E:D9:6A:5C:34:C4:A7:E4:B4:85:5E:EB:98:A9:79:CE:64:30:F6
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 01850F4628730433968189BDF4412A00ECEB
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/rX7Zalw0xKfktIVe65ipec5kMPY.roa
Signing time: Wed 14 Dec 2022 06:15:33 +0000
ROA not before: Wed 14 Dec 2022 06:15:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203363
IP address blocks: 2.58.203.0/24 maxlen: 24
45.67.84.0/24 maxlen: 24
45.67.85.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:0f:46:28:73:04:33:96:81:89:bd:f4:41:2a:00:ec:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: Dec 14 06:15:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ad7ed96a5c34c4a7e4b4855eeb98a979ce6430f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:b3:79:b7:8e:5c:08:3b:b0:2c:1e:8b:36:32:
09:77:94:37:5b:fc:b2:78:fd:b1:7d:28:23:74:5f:
cf:44:b1:f7:b5:7d:ef:58:12:28:ea:c2:92:58:5f:
9a:99:2c:bf:da:f6:44:2e:1a:2d:c8:e7:17:6e:00:
0f:a2:64:92:9e:93:0d:1d:96:cf:bf:c1:4c:36:7a:
16:46:1c:28:cb:6f:9b:68:3e:cf:67:39:65:f1:8b:
17:49:3b:83:4d:d6:be:57:03:21:d5:c6:7b:f6:55:
cd:ad:77:be:d8:a8:a8:2e:91:d0:fd:84:57:82:a4:
e0:a3:8a:a2:38:b2:a5:32:20:be:da:ef:f1:61:67:
d1:66:e8:9d:6e:7d:90:82:03:1a:bd:9a:13:d5:bd:
f7:94:74:b1:af:16:78:7a:55:09:82:41:02:fe:b4:
26:6a:aa:11:da:d7:94:ae:dd:f3:87:0f:24:7e:e5:
d1:b8:fd:5e:91:37:43:0c:b9:f3:bc:02:31:aa:2c:
7d:c0:94:56:18:a0:9f:a2:8e:dd:11:0e:68:42:b1:
8a:e1:c3:ff:c7:0e:e9:6b:16:8b:d8:f1:bd:9c:c9:
f3:96:61:82:26:97:2c:86:8a:fc:06:94:68:e6:fa:
1b:16:c2:9d:5b:cf:9b:be:3f:6d:60:2f:81:9f:17:
6a:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:7E:D9:6A:5C:34:C4:A7:E4:B4:85:5E:EB:98:A9:79:CE:64:30:F6
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/rX7Zalw0xKfktIVe65ipec5kMPY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.203.0/24
45.67.84.0/23
Signature Algorithm: sha256WithRSAEncryption
a0:da:40:0f:a2:4d:dd:63:67:5f:05:68:26:5b:d6:37:11:9b:
16:c9:e8:a8:99:52:21:83:cd:e9:36:1c:0f:c1:21:75:6e:da:
94:b9:cf:1a:60:11:94:93:ab:ee:0d:fe:61:60:5a:5e:c5:67:
64:67:d2:41:fd:80:c0:2b:13:56:a6:48:33:a9:0e:30:6c:8a:
76:61:44:db:48:2f:e5:81:8b:9c:18:d7:6a:84:dd:11:85:5c:
a9:85:07:c3:16:79:95:e3:42:87:14:bd:25:fd:91:9b:ec:df:
cd:89:68:6e:d7:d1:a4:01:2a:63:53:76:12:b7:08:f5:6c:c3:
0c:a1:2d:36:0f:3c:66:ae:d5:40:3e:de:df:2f:04:75:68:d2:
b8:e3:64:69:07:d6:6a:4e:f0:61:d7:51:df:4a:a9:78:1a:fb:
d9:cb:26:ea:30:0b:f1:aa:32:c4:7d:16:fd:83:8b:06:f4:9c:
b3:f2:0b:c9:2a:53:b4:f3:b8:cd:bb:7b:56:75:be:6c:82:bc:
a0:25:64:c8:e5:ec:7c:46:bc:10:37:c4:9f:75:4b:e6:94:b8:
03:53:2d:ea:c5:4e:cc:20:3c:93:05:0e:bf:c8:1d:b0:ca:a4:
e4:7e:95:07:e7:d1:ec:36:e1:70:68:1a:2a:39:18:46:25:e1:
b0:cd:9c:25
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYUPRihzBDOWgYm99EEqAOzrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjIxMjE0MDYxNTMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDdlZDk2YTVjMzRjNGE3ZTRiNDg1NWVlYjk4YTk3OWNlNjQzMGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA47N5t45cCDuwLB6LNjIJd5Q3W/yy
eP2xfSgjdF/PRLH3tX3vWBIo6sKSWF+amSy/2vZELhotyOcXbgAPomSSnpMNHZbP
v8FMNnoWRhwoy2+baD7PZzll8YsXSTuDTda+VwMh1cZ79lXNrXe+2KioLpHQ/YRX
gqTgo4qiOLKlMiC+2u/xYWfRZuidbn2QggMavZoT1b33lHSxrxZ4elUJgkEC/rQm
aqoR2teUrt3zhw8kfuXRuP1ekTdDDLnzvAIxqix9wJRWGKCfoo7dEQ5oQrGK4cP/
xw7paxaL2PG9nMnzlmGCJpcshor8BpRo5vobFsKdW8+bvj9tYC+BnxdqRwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFK1+2WpcNMSn5LSFXuuYqXnOZDD2MB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvclg3WmFsdzB4S2ZrdElWZTY1aXBlYzVrTVBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAAjrLAwQB
LUNUMA0GCSqGSIb3DQEBCwUAA4IBAQCg2kAPok3dY2dfBWgmW9Y3EZsWyeiomVIh
g83pNhwPwSF1btqUuc8aYBGUk6vuDf5hYFpexWdkZ9JB/YDAKxNWpkgzqQ4wbIp2
YUTbSC/lgYucGNdqhN0RhVyphQfDFnmV40KHFL0l/ZGb7N/NiWhu19GkASpjU3YS
twj1bMMMoS02DzxmrtVAPt7fLwR1aNK442RpB9ZqTvBh11HfSql4GvvZyybqMAvx
qjLEfRb9g4sG9Jyz8gvJKlO087jNu3tWdb5sgrygJWTI5ex8RrwQN8SfdUvmlLgD
Uy3qxU7MIDyTBQ6/yB2wyqTkfpUH59HsNuFwaBoqORhGJeGwzZwl
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:28 2024 by rpki-client on console-fra.rpki-client.org