Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/iTfzLMVDJu0hT2gvHzuaQtYql38.roa
File: iTfzLMVDJu0hT2gvHzuaQtYql38.roa (raw, json)
Hash identifier: WHVngT5T2Uj6Os/NX0vm+kFQTkFH9Dnr+LDPIpJrepY=
Subject key identifier: 89:37:F3:2C:C5:43:26:ED:21:4F:68:2F:1F:3B:9A:42:D6:2A:97:7F
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 0183FF17B5E08CA245E9EBC1C483351DE8C6
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/iTfzLMVDJu0hT2gvHzuaQtYql38.roa
Signing time: Sat 22 Oct 2022 09:48:07 +0000
ROA not before: Sat 22 Oct 2022 09:48:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57029
IP address blocks: 45.94.168.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:ff:17:b5:e0:8c:a2:45:e9:eb:c1:c4:83:35:1d:e8:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Oct 22 09:48:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8937f32cc54326ed214f682f1f3b9a42d62a977f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:01:8d:5d:8f:ac:19:a2:3e:70:b1:0c:94:11:
f8:73:d5:71:d5:ee:10:59:6b:d1:95:c5:73:70:9c:
4a:27:59:11:15:f0:d5:b4:ab:ec:3f:3a:9f:5d:52:
dd:4d:1f:d3:71:8a:da:9c:96:7a:59:8d:3e:15:b5:
85:0b:b8:69:53:ee:30:6e:44:80:f2:38:26:3a:df:
59:23:af:26:df:c2:c4:b3:c3:2e:ca:76:29:ee:dd:
df:48:7c:3d:a3:30:16:6e:fe:9a:1c:cc:bb:a9:89:
76:0e:09:1c:52:d5:ac:b4:40:5e:79:ab:4c:60:ea:
9b:4e:e7:fa:be:4f:84:93:58:96:22:5c:03:7e:45:
3e:d5:b2:d1:2f:04:1a:f0:3b:a4:a3:a5:9b:29:94:
00:c0:0c:18:f1:cb:ba:f0:4c:3e:90:34:0f:f1:43:
b2:e0:c9:be:18:15:b3:25:19:4e:f1:30:9e:e1:2a:
ad:47:3c:81:6f:26:77:bb:c8:1a:64:ac:89:39:27:
9b:e9:f7:e6:3b:17:cc:95:49:35:6a:64:55:97:67:
8b:21:cc:f0:de:60:96:f1:cc:4f:cd:ba:71:5c:d7:
3e:28:9c:03:5d:0c:b5:d4:40:96:e2:ab:43:fe:70:
72:66:33:fa:95:c4:c9:74:5d:d9:69:87:d1:ef:4c:
29:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:37:F3:2C:C5:43:26:ED:21:4F:68:2F:1F:3B:9A:42:D6:2A:97:7F
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/iTfzLMVDJu0hT2gvHzuaQtYql38.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.168.0/22
Signature Algorithm: sha256WithRSAEncryption
1a:fd:7d:44:bc:58:cb:66:54:14:66:30:3d:f1:e2:2a:bf:f8:
20:8f:14:35:09:62:d1:e9:1d:e4:76:ad:e8:0f:34:ae:cc:66:
d4:4f:07:6f:1b:82:86:9a:d4:19:44:0f:01:8a:a7:23:9d:b8:
18:ba:8d:ee:d1:db:fa:97:62:52:02:04:03:07:00:1e:6f:5b:
9a:39:13:ae:d5:a8:61:24:c2:ca:5e:da:cb:14:df:6a:86:8e:
48:3d:74:e4:8c:16:5e:8d:b1:48:fb:15:3c:d6:f8:ab:38:8a:
63:78:de:54:22:d2:b2:02:fb:c1:25:fa:99:41:61:79:da:90:
bb:ff:11:8f:ff:2b:2b:2c:46:b3:a6:4b:6a:d0:da:46:2b:76:
b0:8a:84:fb:e0:a9:e8:68:99:95:a5:4d:c9:ef:04:0c:d9:02:
54:54:c4:e9:ce:de:f5:45:46:e4:19:17:d1:91:c0:7c:98:f6:
53:af:4e:e9:9e:1d:97:9a:67:be:6a:8a:b8:f6:cf:63:87:b4:
d6:c2:3f:48:19:81:75:15:18:12:f2:c6:fa:13:ab:1f:bf:08:
cc:c6:ea:40:b3:88:8c:67:2d:20:e1:7d:81:b3:4f:53:39:d3:
25:cf:d8:b9:9d:ae:40:d3:5c:8a:bd:34:74:74:04:41:6c:41:
13:c4:c1:5c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYP/F7XgjKJF6evBxIM1HejGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjIxMDIyMDk0ODA3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTM3ZjMyY2M1NDMyNmVkMjE0ZjY4MmYxZjNiOWE0MmQ2MmE5NzdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2QGNXY+sGaI+cLEMlBH4c9Vx1e4Q
WWvRlcVzcJxKJ1kRFfDVtKvsPzqfXVLdTR/TcYranJZ6WY0+FbWFC7hpU+4wbkSA
8jgmOt9ZI68m38LEs8MuynYp7t3fSHw9ozAWbv6aHMy7qYl2DgkcUtWstEBeeatM
YOqbTuf6vk+Ek1iWIlwDfkU+1bLRLwQa8Duko6WbKZQAwAwY8cu68Ew+kDQP8UOy
4Mm+GBWzJRlO8TCe4SqtRzyBbyZ3u8gaZKyJOSeb6ffmOxfMlUk1amRVl2eLIczw
3mCW8cxPzbpxXNc+KJwDXQy11ECW4qtD/nByZjP6lcTJdF3ZaYfR70wpTQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIk38yzFQybtIU9oLx87mkLWKpd/MB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvaVRmekxNVkRKdTBoVDJndkh6dWFRdFlxbDM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLV6oMA0G
CSqGSIb3DQEBCwUAA4IBAQAa/X1EvFjLZlQUZjA98eIqv/ggjxQ1CWLR6R3kdq3o
DzSuzGbUTwdvG4KGmtQZRA8BiqcjnbgYuo3u0dv6l2JSAgQDBwAeb1uaOROu1ahh
JMLKXtrLFN9qho5IPXTkjBZejbFI+xU81virOIpjeN5UItKyAvvBJfqZQWF52pC7
/xGP/ysrLEazpktq0NpGK3awioT74KnoaJmVpU3J7wQM2QJUVMTpzt71RUbkGRfR
kcB8mPZTr07pnh2Xmme+aoq49s9jh7TWwj9IGYF1FRgS8sb6E6sfvwjMxupAs4iM
Zy0g4X2Bs09TOdMlz9i5na5A01yKvTR0dARBbEETxMFc
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:19 2024 by rpki-client on console-ams.rpki-client.org