Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/O_p_3CBdSWqE6rXADZNm5Jv-epE.roa
File: O_p_3CBdSWqE6rXADZNm5Jv-epE.roa (raw, json)
Hash identifier: Dyv1JeOlMmug4FaIVFSrPiccexBt7z0nvRqf5Oj6pBQ=
Subject key identifier: 3B:FA:7F:DC:20:5D:49:6A:84:EA:B5:C0:0D:93:66:E4:9B:FE:7A:91
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018538D8CFD86FE8CC55FA75571B037D3DE0
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/O_p_3CBdSWqE6rXADZNm5Jv-epE.roa
Signing time: Thu 22 Dec 2022 08:00:11 +0000
ROA not before: Thu 22 Dec 2022 08:00:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43260
IP address blocks: 85.209.120.0/23 maxlen: 24
45.13.188.0/24 maxlen: 24
77.83.38.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:38:d8:cf:d8:6f:e8:cc:55:fa:75:57:1b:03:7d:3d:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Dec 22 08:00:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3bfa7fdc205d496a84eab5c00d9366e49bfe7a91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:51:e1:57:1c:03:dc:55:50:04:3b:69:98:60:
9a:17:8f:22:7a:f8:80:98:b3:4e:26:10:bf:cd:7e:
6d:d5:6f:ce:0c:af:8b:79:19:28:a2:57:03:5f:d4:
ae:e1:0e:00:e3:80:a7:56:16:12:ab:74:31:61:3d:
ff:2f:f4:3f:07:e5:08:20:58:76:dd:cd:6e:63:58:
73:d6:9c:d5:66:be:26:71:a0:be:c0:cd:1d:bd:1e:
51:80:d1:37:fd:f3:55:8a:05:c7:1b:cc:a6:1b:e0:
e2:b6:20:a1:a6:62:68:f5:36:a1:3a:f1:76:4e:ce:
e9:45:67:ef:aa:62:12:d8:30:2a:12:35:9f:a3:19:
95:55:80:88:3f:2c:fb:65:91:4c:b8:0a:61:e9:52:
0c:ed:b7:46:53:f1:60:51:62:b0:c8:74:83:15:dd:
0c:e6:6f:6b:83:17:c1:fd:a9:64:50:a8:de:38:98:
53:f6:58:5a:60:10:06:d2:08:41:c5:ce:6b:f4:fb:
ce:4b:4a:ff:ec:68:b9:c7:f3:a5:27:aa:38:da:6f:
60:14:56:ef:1d:30:3d:62:7b:0e:be:86:77:e2:55:
f1:60:f5:54:3d:55:bc:0a:ae:f6:45:74:ac:ee:d7:
af:e8:90:ab:91:7a:c9:45:a6:47:5e:05:9f:d3:96:
24:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:FA:7F:DC:20:5D:49:6A:84:EA:B5:C0:0D:93:66:E4:9B:FE:7A:91
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/O_p_3CBdSWqE6rXADZNm5Jv-epE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.188.0/24
77.83.38.0/24
85.209.120.0/23
Signature Algorithm: sha256WithRSAEncryption
af:31:96:40:56:97:5c:c8:89:bc:2d:21:d0:bd:8f:cf:0c:bb:
50:2f:65:0f:f8:85:c4:46:17:82:e7:fd:e4:24:25:26:e3:7e:
3c:d8:fe:d3:b2:de:57:bd:ea:27:4f:ae:fa:df:9f:42:78:e6:
75:4d:18:c1:32:7f:5e:c3:57:49:ed:5d:95:c8:55:83:9c:5f:
8b:c2:06:57:d1:1a:cd:ae:aa:6e:e6:cc:b3:f7:51:d6:fb:c6:
8d:cb:3d:79:ef:f2:0a:29:e3:57:6b:26:b8:f1:c6:19:9c:c4:
e9:fc:2f:5c:d4:b4:8b:5d:6a:18:9c:15:9c:4a:9b:35:b7:da:
d5:cb:61:f3:67:42:59:3d:89:09:eb:e1:e7:20:d3:e5:9f:7d:
e3:a7:2a:d0:10:92:bc:d1:f4:ea:b0:f7:e3:d7:92:04:e1:5c:
5a:c1:6f:4e:4f:39:eb:4c:5e:39:e6:1e:b3:e8:46:bf:5e:28:
d8:19:d1:e5:52:2f:a4:c5:05:f7:8e:3a:fb:b8:5a:a2:08:7f:
35:ca:1a:3b:94:c8:1f:4e:e8:91:87:c4:7e:29:2e:fa:b9:8f:
5f:fd:f1:6f:fa:cb:5b:d2:ad:68:7b:d5:03:3e:b1:b1:9c:58:
52:59:f0:1c:7e:36:e1:9b:fa:a8:36:77:7b:e9:ee:a5:3c:2e:
66:5e:52:b9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYU42M/Yb+jMVfp1VxsDfT3gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjIxMjIyMDgwMDExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmZhN2ZkYzIwNWQ0OTZhODRlYWI1YzAwZDkzNjZlNDliZmU3YTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjFHhVxwD3FVQBDtpmGCaF48ieviA
mLNOJhC/zX5t1W/ODK+LeRkoolcDX9Su4Q4A44CnVhYSq3QxYT3/L/Q/B+UIIFh2
3c1uY1hz1pzVZr4mcaC+wM0dvR5RgNE3/fNVigXHG8ymG+DitiChpmJo9TahOvF2
Ts7pRWfvqmIS2DAqEjWfoxmVVYCIPyz7ZZFMuAph6VIM7bdGU/FgUWKwyHSDFd0M
5m9rgxfB/alkUKjeOJhT9lhaYBAG0ghBxc5r9PvOS0r/7Gi5x/OlJ6o42m9gFFbv
HTA9YnsOvoZ34lXxYPVUPVW8Cq72RXSs7tev6JCrkXrJRaZHXgWf05YkmQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDv6f9wgXUlqhOq1wA2TZuSb/nqRMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvT19wXzNDQmRTV3FFNnJYQURaTm01SnYtZXBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALQ28AwQA
TVMmAwQBVdF4MA0GCSqGSIb3DQEBCwUAA4IBAQCvMZZAVpdcyIm8LSHQvY/PDLtQ
L2UP+IXERheC5/3kJCUm43482P7Tst5XveonT676359CeOZ1TRjBMn9ew1dJ7V2V
yFWDnF+LwgZX0RrNrqpu5syz91HW+8aNyz157/IKKeNXaya48cYZnMTp/C9c1LSL
XWoYnBWcSps1t9rVy2HzZ0JZPYkJ6+HnINPln33jpyrQEJK80fTqsPfj15IE4Vxa
wW9OTznrTF455h6z6Ea/XijYGdHlUi+kxQX3jjr7uFqiCH81yho7lMgfTuiRh8R+
KS76uY9f/fFv+stb0q1oe9UDPrGxnFhSWfAcfjbhm/qoNnd76e6lPC5mXlK5
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:20 2023 by rpki-client on console-ams.rpki-client.org