Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/pZGKLjNOTrAer3MVjuZkVdBH3qo.roa
File: pZGKLjNOTrAer3MVjuZkVdBH3qo.roa (raw, json)
Hash identifier: BQ69ETnczU1PcrCv6+qoi0CIqiOVXxDJfEqvUNeZxe8=
Subject key identifier: A5:91:8A:2E:33:4E:4E:B0:1E:AF:73:15:8E:E6:64:55:D0:47:DE:AA
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 076E590B
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/pZGKLjNOTrAer3MVjuZkVdBH3qo.roa
Signing time: Fri 04 Feb 2022 09:58:20 +0000
ROA not before: Fri 04 Feb 2022 09:58:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208485
IP address blocks: 45.9.30.0/24 maxlen: 24
45.144.215.0/24 maxlen: 24
45.132.180.0/24 maxlen: 24
45.88.139.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 124672267 (0x76e590b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Feb 4 09:58:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a5918a2e334e4eb01eaf73158ee66455d047deaa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:9e:17:66:f3:2b:6d:b0:58:86:53:fe:62:72:
a1:7d:4c:37:5e:3f:13:18:95:5f:86:c1:1a:ec:aa:
e3:96:8e:ba:57:2b:c0:7d:ce:74:8a:dc:c5:41:3c:
b7:33:64:46:cd:8d:d7:c4:96:a2:ba:83:ea:9e:76:
61:f1:ef:34:bc:06:14:54:17:9e:a9:da:cd:09:74:
99:55:64:31:23:df:82:fa:e3:b5:f4:c0:b5:9b:da:
1d:b1:eb:d7:85:22:53:98:91:b2:d9:62:58:39:92:
8a:de:a5:5e:2c:0a:6b:af:56:bb:7b:1b:08:03:be:
b7:23:0f:2c:d9:8b:6c:84:33:58:61:3e:50:22:96:
0d:3e:d5:7d:2d:05:a5:18:e4:e4:4b:a4:de:8c:90:
44:37:66:ca:85:da:fa:68:cc:ea:59:79:68:be:88:
ba:e1:c5:c5:0b:75:d9:e2:4d:9a:cd:eb:2e:2b:c6:
a0:a6:01:4b:af:f3:88:d0:50:09:0b:f6:e4:a3:80:
9a:1f:fb:8d:8e:ee:cd:9a:1d:d5:91:6e:d1:a7:6e:
e8:3e:47:f1:d9:61:05:6f:f2:fd:35:0d:8a:71:cb:
54:0d:f4:7e:e8:31:49:eb:eb:ea:03:f7:52:b1:7e:
19:91:de:4c:38:5f:46:10:18:63:78:fb:7f:2e:22:
1e:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:91:8A:2E:33:4E:4E:B0:1E:AF:73:15:8E:E6:64:55:D0:47:DE:AA
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/pZGKLjNOTrAer3MVjuZkVdBH3qo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.30.0/24
45.88.139.0/24
45.132.180.0/24
45.144.215.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:f8:12:53:12:cb:7b:33:72:07:86:a5:59:a1:ad:93:9f:92:
cd:22:f6:ce:e2:af:fb:da:6e:d7:10:58:ef:73:cb:00:d2:bd:
ce:6c:7b:07:bf:21:50:19:2e:1e:ee:28:c8:f9:28:9a:1c:19:
7f:69:f8:1a:28:78:53:88:02:ff:c6:79:f8:54:b6:2d:5d:d6:
63:5c:10:8c:0e:0f:bf:de:b5:fc:e3:a9:3b:54:58:40:e6:b4:
b6:f0:51:bf:a8:df:0e:38:66:f2:e7:cc:7e:f3:17:b7:0c:19:
d1:76:e9:25:4b:1e:1a:bc:42:20:09:91:61:e7:76:27:e5:5c:
65:2f:2e:ba:c8:a7:88:c9:9c:ce:67:6a:52:99:f3:1f:98:ba:
6a:10:32:61:48:02:9c:93:88:34:38:89:58:e1:c5:dc:b9:51:
3b:0d:10:e9:b9:3f:d3:12:18:a4:57:00:f1:2b:40:db:81:ee:
ce:38:cb:6e:bb:59:59:c2:5b:2a:d5:29:a0:64:3d:cd:d9:d3:
85:e8:0d:8c:56:2b:f0:cb:40:2d:e0:f5:96:e0:2b:c2:2a:a6:
d4:ce:4f:37:e5:ce:e3:93:63:0a:cc:1d:cf:ab:eb:a1:37:5f:
06:75:ba:40:65:9e:0f:51:ef:ec:04:cd:c6:96:00:f0:d3:4e:
3e:dc:8d:0f
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEB25ZCzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ZDJhNDc4YmIwYjA4ZTY2MWIwYjJmOWZiZTg5MzViYzljMmEyOGExMB4XDTIyMDIw
NDA5NTgyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTU5MThhMmUzMzRl
NGViMDFlYWY3MzE1OGVlNjY0NTVkMDQ3ZGVhYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKOeF2bzK22wWIZT/mJyoX1MN14/ExiVX4bBGuyq45aOulcr
wH3OdIrcxUE8tzNkRs2N18SWorqD6p52YfHvNLwGFFQXnqnazQl0mVVkMSPfgvrj
tfTAtZvaHbHr14UiU5iRstliWDmSit6lXiwKa69Wu3sbCAO+tyMPLNmLbIQzWGE+
UCKWDT7VfS0FpRjk5Euk3oyQRDdmyoXa+mjM6ll5aL6IuuHFxQt12eJNms3rLivG
oKYBS6/ziNBQCQv25KOAmh/7jY7uzZod1ZFu0adu6D5H8dlhBW/y/TUNinHLVA30
fugxSevr6gP3UrF+GZHeTDhfRhAYY3j7fy4iHssCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBSlkYouM05OsB6vcxWO5mRV0EfeqjAfBgNVHSMEGDAWgBSdKkeLsLCOZhsL
L5++iTW8nCoooTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L25TcEhpN0N3am1ZYkN5LWZ2b2sxdkp3cUtLRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTYvNjYzZGY1LTU4MGMtNGYyYy1hNjZjLWVlZjM1MTFmNmM2MC8x
L3BaR0tMak5PVHJBZXIzTVZqdVprVmRCSDNxby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTYv
NjYzZGY1LTU4MGMtNGYyYy1hNjZjLWVlZjM1MTFmNmM2MC8xL25TcEhpN0N3am1Z
YkN5LWZ2b2sxdkp3cUtLRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAC0JHgMEAC1YiwMEAC2EtAMEAC2Q
1zANBgkqhkiG9w0BAQsFAAOCAQEAjvgSUxLLezNyB4alWaGtk5+SzSL2zuKv+9pu
1xBY73PLANK9zmx7B78hUBkuHu4oyPkomhwZf2n4Gih4U4gC/8Z5+FS2LV3WY1wQ
jA4Pv961/OOpO1RYQOa0tvBRv6jfDjhm8ufMfvMXtwwZ0XbpJUseGrxCIAmRYed2
J+VcZS8uusiniMmczmdqUpnzH5i6ahAyYUgCnJOINDiJWOHF3LlROw0Q6bk/0xIY
pFcA8StA24HuzjjLbrtZWcJbKtUpoGQ9zdnThegNjFYr8MtALeD1luArwiqm1M5P
N+XO45NjCswdz6vroTdfBnW6QGWeD1Hv7ATNxpYA8NNOPtyNDw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:33 2023 by rpki-client on console-fra.rpki-client.org