Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/mdzsbbNImT06ItfwYhGcTvunyKQ.roa
File: mdzsbbNImT06ItfwYhGcTvunyKQ.roa (raw, json)
Hash identifier: 5VyomTO84k3Btj+JONlA+8CTPlfZkVkAAiFMY/rq9Ww=
Subject key identifier: 99:DC:EC:6D:B3:48:99:3D:3A:22:D7:F0:62:11:9C:4E:FB:A7:C8:A4
Certificate issuer: /CN=347b487848fff63533d87c324ecc51c2c3ea2adb
Certificate serial: 031A2479
Authority key identifier: 34:7B:48:78:48:FF:F6:35:33:D8:7C:32:4E:CC:51:C2:C3:EA:2A:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NHtIeEj_9jUz2HwyTsxRwsPqKts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/mdzsbbNImT06ItfwYhGcTvunyKQ.roa
Signing time: Sat 01 Jan 2022 13:59:20 +0000
ROA not before: Sat 01 Jan 2022 13:59:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 133199
IP address blocks: 45.144.139.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 52044921 (0x31a2479)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=347b487848fff63533d87c324ecc51c2c3ea2adb
Validity
Not Before: Jan 1 13:59:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=99dcec6db348993d3a22d7f062119c4efba7c8a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:c5:c2:ca:11:15:c8:96:01:0b:fa:83:ca:79:
6d:7c:0d:6c:f0:85:e0:40:ff:3b:67:38:4f:e9:fe:
b0:18:f2:94:1b:ed:51:1a:5a:04:a2:43:a4:17:ec:
18:a1:cc:34:1e:ea:fa:a2:48:9f:e1:a4:01:6f:0a:
f8:c4:0c:da:e3:db:3a:ce:df:42:e2:d2:f5:56:a5:
8f:b5:3d:2b:48:87:6f:a2:9c:c5:6d:6f:6e:f1:e9:
5f:2a:f7:b7:ab:49:79:64:4e:0b:9d:20:bb:4c:af:
20:8b:4d:97:d5:10:a4:a7:7f:2c:2b:fd:07:49:9c:
1d:8d:a3:4f:8b:33:a6:c2:64:24:a4:8d:e5:b6:eb:
44:3a:b5:cb:f5:0c:2b:2c:51:54:eb:c8:f1:80:e4:
97:ad:b0:c1:37:37:b1:fe:d1:29:50:9b:c2:67:9b:
b8:71:79:ed:2f:11:91:0a:fa:f6:1a:f1:49:1f:34:
fc:81:e2:50:7e:d8:4c:81:66:c4:b0:1a:8b:d9:57:
71:68:02:d5:c4:75:6a:5d:f8:90:5f:9f:e5:7a:9a:
84:db:67:38:c5:35:dc:78:29:2b:04:75:de:f5:e0:
0d:6d:d9:16:d5:a0:d9:c1:f7:b7:58:cd:43:f4:7d:
e8:55:d9:94:c0:98:00:cf:72:ec:5a:61:e3:a8:99:
cb:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:DC:EC:6D:B3:48:99:3D:3A:22:D7:F0:62:11:9C:4E:FB:A7:C8:A4
X509v3 Authority Key Identifier:
keyid:34:7B:48:78:48:FF:F6:35:33:D8:7C:32:4E:CC:51:C2:C3:EA:2A:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NHtIeEj_9jUz2HwyTsxRwsPqKts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/mdzsbbNImT06ItfwYhGcTvunyKQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/NHtIeEj_9jUz2HwyTsxRwsPqKts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.139.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:8f:63:c8:d7:b0:d6:79:e1:b4:b5:60:d6:32:8e:a4:31:8c:
c6:b5:cc:ec:e3:ff:ee:ea:c3:f6:04:d4:5b:77:46:f3:ac:2c:
ea:0a:47:a6:4f:3b:7f:72:50:46:76:09:05:f1:f1:46:52:82:
54:01:4d:b3:1a:dc:5c:20:c4:cb:cf:00:10:b0:a3:fd:79:19:
b0:e5:2d:15:b7:81:c2:05:13:95:c6:aa:bd:2c:9a:ae:49:d7:
41:e6:ff:ab:f0:18:43:c7:61:e6:97:56:82:fe:59:10:73:35:
02:79:91:7a:84:30:77:cc:80:3e:5c:f3:92:e4:3c:9e:c6:8a:
9b:3a:e2:f5:32:a0:3f:24:8c:04:df:a1:54:08:57:88:da:e9:
2d:aa:f7:a9:fa:06:fd:83:3b:b6:cd:5b:81:31:91:47:9c:32:
75:35:ba:4f:09:1c:18:ca:e2:28:f6:bc:34:cc:58:b4:63:01:
91:52:55:2e:d6:20:94:83:10:c6:fa:c9:cb:a3:c2:bf:4c:a5:
76:1b:d2:81:ae:66:a8:20:2b:1c:3a:b4:9a:ab:69:20:e7:ac:
ac:2b:56:14:fe:d9:61:cd:99:02:27:3b:05:df:06:88:d7:a0:
d5:d9:78:dd:e7:39:41:05:84:84:56:3a:46:ce:5f:2e:49:17:
09:c3:7b:2a
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAxokeTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NDdiNDg3ODQ4ZmZmNjM1MzNkODdjMzI0ZWNjNTFjMmMzZWEyYWRiMB4XDTIyMDEw
MTEzNTkyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTlkY2VjNmRiMzQ4
OTkzZDNhMjJkN2YwNjIxMTljNGVmYmE3YzhhNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKPFwsoRFciWAQv6g8p5bXwNbPCF4ED/O2c4T+n+sBjylBvt
URpaBKJDpBfsGKHMNB7q+qJIn+GkAW8K+MQM2uPbOs7fQuLS9Valj7U9K0iHb6Kc
xW1vbvHpXyr3t6tJeWROC50gu0yvIItNl9UQpKd/LCv9B0mcHY2jT4szpsJkJKSN
5bbrRDq1y/UMKyxRVOvI8YDkl62wwTc3sf7RKVCbwmebuHF57S8RkQr69hrxSR80
/IHiUH7YTIFmxLAai9lXcWgC1cR1al34kF+f5XqahNtnOMU13HgpKwR13vXgDW3Z
FtWg2cH3t1jNQ/R96FXZlMCYAM9y7Fph46iZy98CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSZ3Oxts0iZPToi1/BiEZxO+6fIpDAfBgNVHSMEGDAWgBQ0e0h4SP/2NTPY
fDJOzFHCw+oq2zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05IdEllRWpfOWpVejJId3lUc3hSd3NQcUt0cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjcvYmM3MTIyLTRkMWItNDZhNy1hZWNiLTIzMGIzYjcyYTE3NS8x
L21kenNiYk5JbVQwNkl0ZndZaEdjVHZ1bnlLUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjcv
YmM3MTIyLTRkMWItNDZhNy1hZWNiLTIzMGIzYjcyYTE3NS8xL05IdEllRWpfOWpV
ejJId3lUc3hSd3NQcUt0cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC2QizANBgkqhkiG9w0BAQsFAAOC
AQEAXY9jyNew1nnhtLVg1jKOpDGMxrXM7OP/7urD9gTUW3dG86ws6gpHpk87f3JQ
RnYJBfHxRlKCVAFNsxrcXCDEy88AELCj/XkZsOUtFbeBwgUTlcaqvSyarknXQeb/
q/AYQ8dh5pdWgv5ZEHM1AnmReoQwd8yAPlzzkuQ8nsaKmzri9TKgPySMBN+hVAhX
iNrpLar3qfoG/YM7ts1bgTGRR5wydTW6TwkcGMriKPa8NMxYtGMBkVJVLtYglIMQ
xvrJy6PCv0yldhvSga5mqCArHDq0mqtpIOesrCtWFP7ZYc2ZAic7Bd8GiNeg1dl4
3ec5QQWEhFY6Rs5fLkkXCcN7Kg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:31 2023 by rpki-client on console-fra.rpki-client.org