Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/xSfafNMErOPs7QO77bdgIwRDlH0.roa
File: xSfafNMErOPs7QO77bdgIwRDlH0.roa (raw, json)
Hash identifier: 3ICYtki17IHj+Xv55Ow9e4/+TDOhh8iM4VMZBEVzIT4=
Subject key identifier: C5:27:DA:7C:D3:04:AC:E3:EC:ED:03:BB:ED:B7:60:23:04:43:94:7D
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 0184A1845D690839FA2C9E813599D253CCF9
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/xSfafNMErOPs7QO77bdgIwRDlH0.roa
Signing time: Tue 22 Nov 2022 22:45:17 +0000
ROA not before: Tue 22 Nov 2022 22:45:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207459
IP address blocks: 45.138.183.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:a1:84:5d:69:08:39:fa:2c:9e:81:35:99:d2:53:cc:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Nov 22 22:45:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c527da7cd304ace3eced03bbedb760230443947d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:ca:58:31:2f:ce:79:fa:9f:b8:fb:3e:02:59:
0a:8d:63:6c:a4:81:b3:6a:5e:ce:32:5a:26:7b:f4:
82:e6:7a:49:0e:62:29:8e:16:e2:c8:d6:ee:c1:7b:
ef:c8:73:19:62:38:af:cf:ed:23:56:27:80:a4:c8:
12:ca:ca:44:a7:c8:9b:e4:ca:51:02:7d:20:52:36:
35:85:13:18:57:25:4a:ee:11:44:c4:6b:5b:96:da:
28:17:5f:9a:e1:c0:53:8a:fb:64:36:6d:12:0c:98:
33:23:b5:ac:30:b3:71:7a:41:5a:dc:32:bd:04:47:
9e:0e:cb:7b:07:33:bd:ee:bc:c7:47:9f:8e:95:90:
0f:f7:80:4e:0e:44:de:59:4b:39:b3:9a:4d:27:45:
de:12:a0:57:05:a7:41:f5:ac:a2:0f:40:02:24:b4:
d9:3f:37:c8:0c:6c:b9:b0:6b:98:54:e9:1d:1c:c6:
25:1a:00:00:a6:32:ff:3c:c5:e4:2f:0f:db:c0:94:
57:73:65:e4:0f:1e:aa:10:3e:04:69:65:86:6d:b5:
27:2e:98:88:c2:cd:f6:1f:2a:fe:38:6a:c2:75:e8:
45:05:d0:26:bc:1e:da:83:5c:fb:bf:39:d7:b6:18:
27:c3:55:00:2c:8f:15:8c:3b:3b:5d:95:85:1a:b7:
6c:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:27:DA:7C:D3:04:AC:E3:EC:ED:03:BB:ED:B7:60:23:04:43:94:7D
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/xSfafNMErOPs7QO77bdgIwRDlH0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.138.183.0/24
Signature Algorithm: sha256WithRSAEncryption
bf:7e:9b:08:26:86:aa:dd:34:8c:d2:a7:fb:93:dd:4a:04:ea:
70:ce:2b:b1:74:e5:e3:55:04:3e:a0:71:be:2a:3e:a8:97:d6:
d1:88:98:c7:6a:1c:b5:32:0a:32:07:f9:1a:45:f1:8d:60:3f:
03:75:5d:a6:ab:86:0d:54:ba:f0:50:73:da:f9:92:a9:b6:3a:
59:36:6f:30:da:98:0f:0d:0e:bc:78:e0:8f:e9:fa:be:72:68:
17:a4:7e:04:87:97:cb:bc:a5:8c:e2:9b:9c:65:ff:56:d2:d3:
7e:7c:4b:c3:82:50:75:37:77:57:3c:30:3c:08:33:f6:10:9f:
a9:c9:d0:0d:0b:4d:18:31:9b:c5:a7:e7:39:cf:21:aa:b5:e6:
7b:ba:b6:84:dc:42:26:15:f6:57:62:cf:8b:a8:c7:62:b4:b0:
73:35:53:31:c1:44:bd:5c:68:93:b0:eb:c3:2c:20:f2:83:dd:
d1:fd:86:45:7b:a4:3e:07:4a:40:b1:55:79:d9:24:78:d7:b8:
3c:b8:f2:67:4b:3b:77:ef:d9:7e:9e:0e:e9:8b:41:26:9c:da:
04:ff:2d:03:d4:d4:08:cc:b3:1d:50:7e:10:5f:36:7a:f0:57:
6f:d9:9d:c6:42:b7:f5:ac:85:1c:76:f5:cd:53:25:72:6b:e0:
5c:21:23:6d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYShhF1pCDn6LJ6BNZnSU8z5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjIxMTIyMjI0NTE3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTI3ZGE3Y2QzMDRhY2UzZWNlZDAzYmJlZGI3NjAyMzA0NDM5NDdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlMpYMS/OefqfuPs+AlkKjWNspIGz
al7OMlome/SC5npJDmIpjhbiyNbuwXvvyHMZYjivz+0jVieApMgSyspEp8ib5MpR
An0gUjY1hRMYVyVK7hFExGtbltooF1+a4cBTivtkNm0SDJgzI7WsMLNxekFa3DK9
BEeeDst7BzO97rzHR5+OlZAP94BODkTeWUs5s5pNJ0XeEqBXBadB9ayiD0ACJLTZ
PzfIDGy5sGuYVOkdHMYlGgAApjL/PMXkLw/bwJRXc2XkDx6qED4EaWWGbbUnLpiI
ws32Hyr+OGrCdehFBdAmvB7ag1z7vznXthgnw1UALI8VjDs7XZWFGrds7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMUn2nzTBKzj7O0Du+23YCMEQ5R9MB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEveFNmYWZOTUVyT1BzN1FPNzdiZGdJd1JEbEgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYq3MA0G
CSqGSIb3DQEBCwUAA4IBAQC/fpsIJoaq3TSM0qf7k91KBOpwziuxdOXjVQQ+oHG+
Kj6ol9bRiJjHahy1MgoyB/kaRfGNYD8DdV2mq4YNVLrwUHPa+ZKptjpZNm8w2pgP
DQ68eOCP6fq+cmgXpH4Eh5fLvKWM4pucZf9W0tN+fEvDglB1N3dXPDA8CDP2EJ+p
ydANC00YMZvFp+c5zyGqteZ7uraE3EImFfZXYs+LqMditLBzNVMxwUS9XGiTsOvD
LCDyg93R/YZFe6Q+B0pAsVV52SR417g8uPJnSzt379l+ng7pi0EmnNoE/y0D1NQI
zLMdUH4QXzZ68Fdv2Z3GQrf1rIUcdvXNUyVya+BcISNt
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:21 2023 by rpki-client on console-ams.rpki-client.org