Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/36d6e4-8d77-48d5-afb6-e0ac7263db12/1/F0RfSZoz-KNnewyVSbKR1k7xgSs.roa
File: F0RfSZoz-KNnewyVSbKR1k7xgSs.roa (raw, json)
Hash identifier: XNl4u/zZFZ7G5gaOH5egAnD/djXfM8GdB2q4o4/BDyE=
Subject key identifier: 17:44:5F:49:9A:33:F8:A3:67:7B:0C:95:49:B2:91:D6:4E:F1:81:2B
Certificate issuer: /CN=3de2681dda00702a7597a71257e14f7a725e890e
Certificate serial: 0184427BA5B5791042902BFAAED30643D846
Authority key identifier: 3D:E2:68:1D:DA:00:70:2A:75:97:A7:12:57:E1:4F:7A:72:5E:89:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PeJoHdoAcCp1l6cSV-FPenJeiQ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/36d6e4-8d77-48d5-afb6-e0ac7263db12/1/F0RfSZoz-KNnewyVSbKR1k7xgSs.roa
Signing time: Fri 04 Nov 2022 11:51:50 +0000
ROA not before: Fri 04 Nov 2022 11:51:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206024
IP address blocks: 145.43.254.0/23 maxlen: 23
145.43.253.0/24 maxlen: 24
145.43.252.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:42:7b:a5:b5:79:10:42:90:2b:fa:ae:d3:06:43:d8:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3de2681dda00702a7597a71257e14f7a725e890e
Validity
Not Before: Nov 4 11:51:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=17445f499a33f8a3677b0c9549b291d64ef1812b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:96:a3:2d:65:5a:f5:8b:06:6b:7c:62:f1:35:
c4:9a:ed:31:f8:e5:40:ca:0c:fa:54:79:ea:4c:96:
20:b4:5a:db:bf:0c:71:ef:fa:e9:00:50:9a:84:5f:
23:6e:de:26:2a:66:c4:2c:c3:7a:82:8c:ab:ae:f1:
70:14:29:8c:e2:f3:6c:98:4e:aa:64:82:0f:2e:70:
4f:fe:ed:2c:ce:bc:99:5a:26:ad:b8:96:d7:41:14:
b2:4b:02:8d:17:01:93:bd:4a:f0:47:43:2c:af:50:
a5:0d:1e:f3:b2:c3:40:53:7d:36:ce:b5:f1:16:e5:
4f:61:b4:8b:ac:21:6f:fe:0f:8c:f0:fa:f0:7c:55:
79:9a:3d:ae:0a:66:88:2e:d1:3f:d9:ec:d0:eb:bf:
58:39:e6:a7:87:bc:e9:5d:cb:19:b5:35:fe:26:73:
fd:62:3f:9a:39:fe:92:cb:f0:5c:eb:14:ca:9b:1d:
03:8d:3d:04:7b:8a:35:16:f1:e0:53:57:68:f8:42:
0d:d9:90:fc:9a:58:ac:70:27:19:9c:9d:d3:5e:f5:
b3:6c:a2:52:dd:6b:fc:7b:69:2d:5e:aa:60:62:98:
5d:c4:09:56:1d:10:00:78:a2:93:4a:f1:b4:17:91:
6f:eb:f2:c8:38:c5:ae:f6:4f:4a:96:e7:d5:a2:3c:
b8:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:44:5F:49:9A:33:F8:A3:67:7B:0C:95:49:B2:91:D6:4E:F1:81:2B
X509v3 Authority Key Identifier:
keyid:3D:E2:68:1D:DA:00:70:2A:75:97:A7:12:57:E1:4F:7A:72:5E:89:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PeJoHdoAcCp1l6cSV-FPenJeiQ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/36d6e4-8d77-48d5-afb6-e0ac7263db12/1/F0RfSZoz-KNnewyVSbKR1k7xgSs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/36d6e4-8d77-48d5-afb6-e0ac7263db12/1/PeJoHdoAcCp1l6cSV-FPenJeiQ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.43.252.0/22
Signature Algorithm: sha256WithRSAEncryption
5e:73:4f:ac:3b:87:fe:8e:76:1d:40:55:cf:05:f6:4a:5c:d7:
c0:20:d0:9b:3f:07:71:cb:a1:a8:6c:e7:ef:4a:41:ce:55:92:
97:42:01:58:46:90:45:e9:fe:10:bb:2a:cd:70:f8:f3:86:82:
38:c4:16:94:5d:71:0b:9a:3d:dd:d1:4a:35:be:fd:02:2b:cd:
ba:3f:13:8e:41:35:13:96:a0:ec:ba:93:ca:84:d7:21:f6:05:
e7:49:e8:66:7f:3a:84:75:0e:de:34:99:a8:ab:19:e7:b9:04:
9f:82:ff:96:2d:68:d0:5d:9d:67:0c:0f:46:8b:48:6d:56:23:
87:18:51:8c:a7:6a:45:d6:00:b3:6a:5e:94:f5:94:90:b8:a3:
a7:d4:97:8d:fa:73:15:34:b8:48:0d:2d:14:f8:af:3d:e1:bb:
76:ac:db:25:f8:00:e0:bb:9e:bd:1d:1d:38:1c:51:dc:fc:00:
17:18:56:5f:62:c0:4f:45:8a:2b:eb:5c:3e:e3:4b:95:b2:1d:
32:0f:59:1d:75:5f:9c:1c:c5:d1:a4:f7:64:76:9d:2c:1d:cd:
cb:ae:0e:36:6f:62:df:77:9a:ab:f9:ce:9a:3e:e1:07:0a:52:
e1:98:38:3f:88:a8:f5:41:b4:67:20:84:52:eb:85:96:c0:e7:
ba:a3:34:77
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYRCe6W1eRBCkCv6rtMGQ9hGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkZTI2ODFkZGEwMDcwMmE3NTk3YTcxMjU3ZTE0ZjdhNzI1
ZTg5MGUwHhcNMjIxMTA0MTE1MTUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzQ0NWY0OTlhMzNmOGEzNjc3YjBjOTU0OWIyOTFkNjRlZjE4MTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApJajLWVa9YsGa3xi8TXEmu0x+OVA
ygz6VHnqTJYgtFrbvwxx7/rpAFCahF8jbt4mKmbELMN6goyrrvFwFCmM4vNsmE6q
ZIIPLnBP/u0szryZWiatuJbXQRSySwKNFwGTvUrwR0Msr1ClDR7zssNAU302zrXx
FuVPYbSLrCFv/g+M8PrwfFV5mj2uCmaILtE/2ezQ679YOeanh7zpXcsZtTX+JnP9
Yj+aOf6Sy/Bc6xTKmx0DjT0Ee4o1FvHgU1do+EIN2ZD8mliscCcZnJ3TXvWzbKJS
3Wv8e2ktXqpgYphdxAlWHRAAeKKTSvG0F5Fv6/LIOMWu9k9KlufVojy4ywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBdEX0maM/ijZ3sMlUmykdZO8YErMB8GA1UdIwQY
MBaAFD3iaB3aAHAqdZenElfhT3pyXokOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGVKb0hkb0FjQ3AxbDZjU1YtRlBlbkplaVE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS8zNmQ2ZTQtOGQ3Ny00OGQ1LWFmYjYt
ZTBhYzcyNjNkYjEyLzEvRjBSZlNab3otS05uZXd5VlNiS1Ixazd4Z1NzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS8zNmQ2ZTQtOGQ3Ny00OGQ1LWFmYjYtZTBhYzcyNjNkYjEy
LzEvUGVKb0hkb0FjQ3AxbDZjU1YtRlBlbkplaVE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCkSv8MA0G
CSqGSIb3DQEBCwUAA4IBAQBec0+sO4f+jnYdQFXPBfZKXNfAINCbPwdxy6GobOfv
SkHOVZKXQgFYRpBF6f4QuyrNcPjzhoI4xBaUXXELmj3d0Uo1vv0CK826PxOOQTUT
lqDsupPKhNch9gXnSehmfzqEdQ7eNJmoqxnnuQSfgv+WLWjQXZ1nDA9Gi0htViOH
GFGMp2pF1gCzal6U9ZSQuKOn1JeN+nMVNLhIDS0U+K894bt2rNsl+ADgu569HR04
HFHc/AAXGFZfYsBPRYor61w+40uVsh0yD1kddV+cHMXRpPdkdp0sHc3Lrg42b2Lf
d5qr+c6aPuEHClLhmDg/iKj1QbRnIIRS64WWwOe6ozR3
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:56:35 2024 by rpki-client on console-ams.rpki-client.org