Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/25c95e-7f27-4d69-856d-a38b6795fb24/1/iz1KfddqHAzVjIGjesdO9QKVw3c.roa
File: iz1KfddqHAzVjIGjesdO9QKVw3c.roa (raw, json)
Hash identifier: RcDJfElTebMCylQQev1JHuTC6x/8HNmpWYDpf1g0KhM=
Subject key identifier: 8B:3D:4A:7D:D7:6A:1C:0C:D5:8C:81:A3:7A:C7:4E:F5:02:95:C3:77
Certificate issuer: /CN=d5e6733fa239c5fb0c438c82f7c230f55d478cb1
Certificate serial: 018432B7FF8EA9C5F90A7085181F575968F1
Authority key identifier: D5:E6:73:3F:A2:39:C5:FB:0C:43:8C:82:F7:C2:30:F5:5D:47:8C:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1eZzP6I5xfsMQ4yC98Iw9V1HjLE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/25c95e-7f27-4d69-856d-a38b6795fb24/1/iz1KfddqHAzVjIGjesdO9QKVw3c.roa
Signing time: Tue 01 Nov 2022 10:23:49 +0000
ROA not before: Tue 01 Nov 2022 10:23:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200019
IP address blocks: 45.81.253.0/24 maxlen: 24
45.81.255.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:32:b7:ff:8e:a9:c5:f9:0a:70:85:18:1f:57:59:68:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5e6733fa239c5fb0c438c82f7c230f55d478cb1
Validity
Not Before: Nov 1 10:23:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8b3d4a7dd76a1c0cd58c81a37ac74ef50295c377
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:97:3e:c6:ab:b3:21:6b:fc:c7:89:87:f7:3d:
3a:51:5b:fc:a5:04:c4:f0:4e:18:82:9a:3a:c9:5c:
cd:68:3b:7c:e8:0c:04:19:4b:8f:89:fc:8c:d5:86:
52:a4:78:c5:01:3e:e6:28:f0:47:7a:6c:b5:7e:d4:
08:f5:e7:94:92:69:d5:8f:c4:ea:67:25:20:cd:2a:
57:5d:5f:a0:d1:11:d2:f9:da:b9:b3:31:4c:c6:cb:
4f:3e:29:dd:04:f9:2e:af:3b:8c:17:6e:28:88:dd:
14:59:d9:50:8b:08:2e:4e:62:b7:3e:4b:cb:e6:37:
f0:b6:23:ad:aa:69:3e:b5:8a:b2:19:a7:47:98:66:
06:0e:c4:d7:8f:73:aa:5e:d5:20:aa:86:fa:04:c8:
98:d6:e5:17:a4:ca:f0:6d:b2:89:a4:5e:59:f7:1d:
69:f8:78:b7:34:f8:eb:b5:d7:bb:35:c6:0a:b4:93:
c1:c0:ab:b4:6c:6f:35:6f:3c:09:06:f3:ea:4c:0a:
6c:22:fa:eb:1a:28:29:95:03:83:db:f7:e5:ea:9e:
f3:af:29:81:ef:55:08:82:d9:9f:78:fa:9b:4b:24:
5a:10:ab:1e:e8:6f:c9:af:ea:cb:0c:42:db:b7:e7:
d5:a5:bf:d9:93:b4:46:29:ab:bd:2e:d8:91:db:02:
67:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:3D:4A:7D:D7:6A:1C:0C:D5:8C:81:A3:7A:C7:4E:F5:02:95:C3:77
X509v3 Authority Key Identifier:
keyid:D5:E6:73:3F:A2:39:C5:FB:0C:43:8C:82:F7:C2:30:F5:5D:47:8C:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1eZzP6I5xfsMQ4yC98Iw9V1HjLE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/25c95e-7f27-4d69-856d-a38b6795fb24/1/iz1KfddqHAzVjIGjesdO9QKVw3c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/25c95e-7f27-4d69-856d-a38b6795fb24/1/1eZzP6I5xfsMQ4yC98Iw9V1HjLE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.253.0/24
45.81.255.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:83:91:3a:79:37:7e:e0:9c:72:3a:75:79:59:ce:54:c5:9c:
08:3d:40:9c:11:e8:20:b2:08:8c:dc:b0:1f:a3:26:e2:ad:47:
51:21:c0:88:2b:a5:7b:b2:98:ac:35:ec:32:19:81:e7:e7:8b:
1e:dd:77:bf:82:8a:86:03:dc:53:07:2e:94:db:1c:3c:75:7b:
25:fe:68:01:a1:61:a8:c7:e9:59:40:fc:11:0b:9a:0f:15:da:
93:6a:ca:4a:a1:f0:6d:cb:40:14:af:7d:80:fd:94:91:02:75:
86:f2:2c:59:11:ba:ba:96:1f:86:ef:8e:b5:76:c7:6a:39:16:
01:09:3e:e5:13:d7:88:7c:51:a7:31:f8:84:f2:75:62:01:45:
5b:38:79:87:16:ed:19:b6:37:c9:64:25:8c:eb:e5:ba:0c:7e:
cd:5a:48:4c:eb:aa:2f:2d:fe:c6:f9:85:f6:9f:65:bd:d6:b2:
71:53:59:f9:3d:13:f4:74:cd:f6:1c:84:74:54:f5:78:12:67:
b2:6e:67:9b:4a:27:59:db:86:8b:47:d8:a4:20:a2:56:d4:a7:
53:1c:c8:4b:f9:61:77:f8:ff:31:c2:9c:27:89:50:2e:03:bf:
dd:db:f5:1c:7a:43:16:d4:e4:f8:8b:f5:a9:70:d9:13:22:a6:
25:fe:a7:e4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYQyt/+OqcX5CnCFGB9XWWjxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1ZTY3MzNmYTIzOWM1ZmIwYzQzOGM4MmY3YzIzMGY1NWQ0
NzhjYjEwHhcNMjIxMTAxMTAyMzQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjNkNGE3ZGQ3NmExYzBjZDU4YzgxYTM3YWM3NGVmNTAyOTVjMzc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx5c+xquzIWv8x4mH9z06UVv8pQTE
8E4Ygpo6yVzNaDt86AwEGUuPifyM1YZSpHjFAT7mKPBHemy1ftQI9eeUkmnVj8Tq
ZyUgzSpXXV+g0RHS+dq5szFMxstPPindBPkurzuMF24oiN0UWdlQiwguTmK3PkvL
5jfwtiOtqmk+tYqyGadHmGYGDsTXj3OqXtUgqob6BMiY1uUXpMrwbbKJpF5Z9x1p
+Hi3NPjrtde7NcYKtJPBwKu0bG81bzwJBvPqTApsIvrrGigplQOD2/fl6p7zrymB
71UIgtmfePqbSyRaEKse6G/Jr+rLDELbt+fVpb/Zk7RGKau9LtiR2wJntQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIs9Sn3XahwM1YyBo3rHTvUClcN3MB8GA1UdIwQY
MBaAFNXmcz+iOcX7DEOMgvfCMPVdR4yxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWVaelA2STV4ZnNNUTR5Qzk4SXc5VjFIakxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS8yNWM5NWUtN2YyNy00ZDY5LTg1NmQt
YTM4YjY3OTVmYjI0LzEvaXoxS2ZkZHFIQXpWaklHamVzZE85UUtWdzNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS8yNWM5NWUtN2YyNy00ZDY5LTg1NmQtYTM4YjY3OTVmYjI0
LzEvMWVaelA2STV4ZnNNUTR5Qzk4SXc5VjFIakxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALVH9AwQA
LVH/MA0GCSqGSIb3DQEBCwUAA4IBAQBrg5E6eTd+4JxyOnV5Wc5UxZwIPUCcEegg
sgiM3LAfoybirUdRIcCIK6V7spisNewyGYHn54se3Xe/goqGA9xTBy6U2xw8dXsl
/mgBoWGox+lZQPwRC5oPFdqTaspKofBty0AUr32A/ZSRAnWG8ixZEbq6lh+G7461
dsdqORYBCT7lE9eIfFGnMfiE8nViAUVbOHmHFu0ZtjfJZCWM6+W6DH7NWkhM66ov
Lf7G+YX2n2W91rJxU1n5PRP0dM32HIR0VPV4EmeybmebSidZ24aLR9ikIKJW1KdT
HMhL+WF3+P8xwpwniVAuA7/d2/UcekMW1OT4i/WpcNkTIqYl/qfk
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:15 2024 by rpki-client on console-fra.rpki-client.org