Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/JDqfTI2XtrNSdf4XQJQkt_7vPYE.roa
File: JDqfTI2XtrNSdf4XQJQkt_7vPYE.roa (raw, json)
Hash identifier: Y9PZ7JjtH2GOdodpdRrW4qcacDrZlBnNQK7+/q9Z3n0=
Subject key identifier: 24:3A:9F:4C:8D:97:B6:B3:52:75:FE:17:40:94:24:B7:FE:EF:3D:81
Certificate issuer: /CN=28107ab6921ef8cb2deca3eb766478cff3e5fc6d
Certificate serial: 01854BE82164BFE86A02ECAE7D4F62745D18
Authority key identifier: 28:10:7A:B6:92:1E:F8:CB:2D:EC:A3:EB:76:64:78:CF:F3:E5:FC:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/JDqfTI2XtrNSdf4XQJQkt_7vPYE.roa
Signing time: Mon 26 Dec 2022 00:49:42 +0000
ROA not before: Mon 26 Dec 2022 00:49:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 0
IP address blocks: 45.150.172.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:4b:e8:21:64:bf:e8:6a:02:ec:ae:7d:4f:62:74:5d:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28107ab6921ef8cb2deca3eb766478cff3e5fc6d
Validity
Not Before: Dec 26 00:49:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=243a9f4c8d97b6b35275fe17409424b7feef3d81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:ca:7a:8d:a1:7e:a8:ed:f5:7a:c1:35:c3:ac:
15:be:66:c5:9d:1d:b2:a2:1e:be:c0:5e:21:ba:f9:
b7:4f:ac:bb:3d:c1:d9:7a:e8:15:9e:db:ae:b8:bb:
6a:f2:1b:79:6e:21:ca:fe:b7:42:ec:70:cf:3d:95:
82:ca:98:b0:21:73:51:db:b6:b7:62:24:83:fb:e4:
a1:86:a1:7c:05:e0:de:09:bc:b9:21:6c:ba:11:64:
5a:a4:a6:0b:73:e9:29:dc:a3:e7:54:16:99:5c:ef:
35:5b:e5:fc:56:fd:9d:45:1d:c8:22:d1:bc:12:07:
5b:41:a6:e2:19:bc:bd:9b:37:c6:99:8f:1a:43:d8:
2e:94:55:71:f1:36:3a:85:8a:34:c2:41:7c:6f:69:
4b:5b:39:4e:db:71:05:07:2b:b5:9b:b9:f9:35:ce:
cd:02:f5:64:b4:43:7e:fa:c1:4e:cb:89:48:7d:a7:
a6:52:0c:e6:ba:99:7b:a6:31:b5:fc:77:56:0d:b4:
5c:7a:90:d2:2d:a6:a2:a4:b4:4a:d1:56:de:3f:1e:
bb:30:68:b9:b9:c0:0e:c0:80:ed:c5:22:60:a8:1e:
87:9f:25:a5:86:3d:73:61:76:59:9a:e9:c1:66:67:
72:fb:1b:f5:c2:ff:80:70:74:50:8d:74:56:91:46:
1e:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:3A:9F:4C:8D:97:B6:B3:52:75:FE:17:40:94:24:B7:FE:EF:3D:81
X509v3 Authority Key Identifier:
keyid:28:10:7A:B6:92:1E:F8:CB:2D:EC:A3:EB:76:64:78:CF:F3:E5:FC:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/JDqfTI2XtrNSdf4XQJQkt_7vPYE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.150.172.0/24
Signature Algorithm: sha256WithRSAEncryption
58:c7:a2:82:56:f1:5f:47:e0:dd:e7:28:ab:6b:e7:30:24:c4:
ce:9e:cd:ad:0e:b8:f8:57:a1:66:5c:00:65:a5:6e:1d:6b:e0:
e3:01:48:c5:e3:a9:a9:72:9c:79:4d:39:8e:ed:c7:fe:a8:4e:
06:19:6a:2d:a4:34:d7:61:4b:81:77:21:40:4a:3e:40:60:bc:
08:49:c8:71:2d:38:17:68:23:e2:a2:8f:30:6e:44:7f:01:08:
a7:8c:38:ec:c5:ae:83:85:59:c7:4f:93:03:68:c7:79:4b:7d:
66:c1:9a:99:5d:66:4f:6f:77:ce:77:be:c1:a1:74:01:34:45:
5b:e2:6f:5d:49:0a:9a:9d:cd:32:eb:3a:06:f2:61:c3:41:aa:
a6:e7:47:9e:61:02:8c:70:92:fa:c4:44:1f:4c:9b:74:bd:fc:
ec:86:79:44:94:b4:ea:f9:17:ec:d9:e7:95:cf:14:57:28:ef:
27:01:6a:f0:2a:06:59:e1:f5:b5:9b:2c:ba:0c:14:fb:4f:5b:
3d:fd:d4:9b:9a:97:c5:3d:48:24:35:bc:51:0a:23:56:f6:33:
a6:f9:f1:92:40:cf:84:79:9c:d2:d1:e5:6b:ca:36:03:a1:ad:
c2:81:02:aa:54:cc:d5:3c:e8:a6:2f:4d:80:be:06:df:f7:1a:
2f:60:b7:ec
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVL6CFkv+hqAuyufU9idF0YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MTA3YWI2OTIxZWY4Y2IyZGVjYTNlYjc2NjQ3OGNmZjNl
NWZjNmQwHhcNMjIxMjI2MDA0OTQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDNhOWY0YzhkOTdiNmIzNTI3NWZlMTc0MDk0MjRiN2ZlZWYzZDgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAncp6jaF+qO31esE1w6wVvmbFnR2y
oh6+wF4huvm3T6y7PcHZeugVntuuuLtq8ht5biHK/rdC7HDPPZWCypiwIXNR27a3
YiSD++ShhqF8BeDeCby5IWy6EWRapKYLc+kp3KPnVBaZXO81W+X8Vv2dRR3IItG8
EgdbQabiGby9mzfGmY8aQ9gulFVx8TY6hYo0wkF8b2lLWzlO23EFByu1m7n5Nc7N
AvVktEN++sFOy4lIfaemUgzmupl7pjG1/HdWDbRcepDSLaaipLRK0VbePx67MGi5
ucAOwIDtxSJgqB6HnyWlhj1zYXZZmunBZmdy+xv1wv+AcHRQjXRWkUYeNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCQ6n0yNl7azUnX+F0CUJLf+7z2BMB8GA1UdIwQY
MBaAFCgQeraSHvjLLeyj63ZkeM/z5fxtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0JCNnRwSWUtTXN0N0tQcmRtUjR6X1BsX0cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8wODgyNmUtNzdkMC00MzdiLWExYzIt
YzBmYjNlZjc2NDBlLzEvSkRxZlRJMlh0ck5TZGY0WFFKUWt0Xzd2UFlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8wODgyNmUtNzdkMC00MzdiLWExYzItYzBmYjNlZjc2NDBl
LzEvS0JCNnRwSWUtTXN0N0tQcmRtUjR6X1BsX0cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZasMA0G
CSqGSIb3DQEBCwUAA4IBAQBYx6KCVvFfR+Dd5yira+cwJMTOns2tDrj4V6FmXABl
pW4da+DjAUjF46mpcpx5TTmO7cf+qE4GGWotpDTXYUuBdyFASj5AYLwISchxLTgX
aCPioo8wbkR/AQinjDjsxa6DhVnHT5MDaMd5S31mwZqZXWZPb3fOd77BoXQBNEVb
4m9dSQqanc0y6zoG8mHDQaqm50eeYQKMcJL6xEQfTJt0vfzshnlElLTq+Rfs2eeV
zxRXKO8nAWrwKgZZ4fW1myy6DBT7T1s9/dSbmpfFPUgkNbxRCiNW9jOm+fGSQM+E
eZzS0eVryjYDoa3CgQKqVMzVPOimL02Avgbf9xovYLfs
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:15 2023 by rpki-client on console-ams.rpki-client.org