Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/Nd6ls4sqy5Awhdjwt1i9JcU0hWY.roa
File: Nd6ls4sqy5Awhdjwt1i9JcU0hWY.roa (raw, json)
Hash identifier: K24yQlgu9qLAbSpCJsaXMbJRQWGTq90948JxSlvi6zg=
Subject key identifier: 35:DE:A5:B3:8B:2A:CB:90:30:85:D8:F0:B7:58:BD:25:C5:34:85:66
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 1402F7E6
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/Nd6ls4sqy5Awhdjwt1i9JcU0hWY.roa
Signing time: Mon 14 Feb 2022 07:37:26 +0000
ROA not before: Mon 14 Feb 2022 07:37:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209896
IP address blocks: 45.86.20.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 335738854 (0x1402f7e6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Feb 14 07:37:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=35dea5b38b2acb903085d8f0b758bd25c5348566
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:a5:7a:23:a3:ae:43:6e:cf:2d:0d:79:19:4a:
d3:84:6f:bb:38:98:6a:af:35:fd:f5:9a:fa:9e:8c:
66:91:6f:16:e7:8f:98:00:0d:20:d2:f1:6d:64:50:
67:e4:e1:e1:14:74:de:6b:38:db:f5:f7:3f:6d:35:
21:58:97:36:97:68:90:8e:c9:30:fe:15:78:2c:3c:
00:5a:22:d6:21:0a:e9:86:2b:4c:43:b3:db:6b:f4:
c1:e0:36:69:fd:3d:8b:12:2d:14:09:eb:fd:5d:72:
22:81:06:90:0d:cb:54:9f:ea:1c:b0:1a:80:a0:b1:
11:17:06:e2:41:dd:d0:cf:65:db:35:78:77:11:bb:
9d:00:da:27:a9:b8:fa:c8:5b:cd:d9:34:ae:2d:91:
2e:86:90:da:b6:c0:f4:c7:d3:f3:07:42:6e:cd:82:
e1:09:0d:21:42:35:a2:9f:b4:6a:46:b6:bf:59:9b:
0d:0d:2c:8c:f9:3b:36:7b:42:30:f8:56:41:6a:da:
07:1b:48:48:1a:5a:62:dc:30:ee:6a:38:54:42:ca:
08:f9:56:c9:96:60:86:71:77:73:c6:bb:19:9a:8b:
cb:d6:fa:12:04:ec:84:98:d8:65:77:d0:a3:78:93:
0e:a9:3d:94:8c:cc:a5:17:ff:6a:e0:ec:1a:3d:37:
78:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:DE:A5:B3:8B:2A:CB:90:30:85:D8:F0:B7:58:BD:25:C5:34:85:66
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/Nd6ls4sqy5Awhdjwt1i9JcU0hWY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.20.0/22
Signature Algorithm: sha256WithRSAEncryption
7d:b3:35:7c:44:40:e2:22:a1:f7:da:bc:f7:e9:cf:dd:21:c4:
53:d4:80:e9:66:7f:ad:c6:ff:46:d5:c1:ab:3c:d9:fe:7a:4c:
74:aa:b2:38:f9:81:2e:43:18:57:ce:4d:a7:dc:de:e1:fd:9b:
b4:9d:1c:03:a4:46:ab:df:09:17:4f:35:d0:e1:e3:7f:53:5d:
3a:ce:40:c5:e9:0b:ba:15:36:ae:89:81:88:96:c5:a0:5e:2a:
4f:59:4e:bd:36:11:4a:9f:6e:de:9a:09:3e:80:1c:1f:1e:00:
0c:dd:7b:72:01:96:60:6c:e0:30:cd:08:fd:73:3d:99:6c:b3:
02:b4:61:c0:08:d5:de:d4:ac:84:9f:7f:db:24:56:91:df:41:
93:99:6e:30:d0:25:c4:a7:8c:03:e9:9b:84:a3:4f:fe:a5:13:
14:41:1a:a6:0a:8e:64:28:7e:0a:61:50:33:4a:1e:aa:ec:23:
3f:8d:82:52:b7:2e:66:36:19:62:6e:40:ff:ff:f0:93:4a:50:
6a:5e:70:c0:9a:5c:c9:c4:4e:8d:2d:44:6c:da:d9:10:fa:36:
38:8b:44:43:eb:9d:d4:43:84:f0:9d:ae:43:48:d8:a3:3a:11:
3d:df:1f:e9:f6:36:1b:b0:5b:25:8b:c8:2b:31:bc:0e:75:01:
61:36:c1:6d
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEFAL35jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
YmFiMzA2ODM4NTllYzdlMDIwNmZlOTI2NTM2M2U4ZTM5NzFhOWE4MB4XDTIyMDIx
NDA3MzcyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzVkZWE1YjM4YjJh
Y2I5MDMwODVkOGYwYjc1OGJkMjVjNTM0ODU2NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMGleiOjrkNuzy0NeRlK04RvuziYaq81/fWa+p6MZpFvFueP
mAANINLxbWRQZ+Th4RR03ms42/X3P201IViXNpdokI7JMP4VeCw8AFoi1iEK6YYr
TEOz22v0weA2af09ixItFAnr/V1yIoEGkA3LVJ/qHLAagKCxERcG4kHd0M9l2zV4
dxG7nQDaJ6m4+shbzdk0ri2RLoaQ2rbA9MfT8wdCbs2C4QkNIUI1op+0aka2v1mb
DQ0sjPk7NntCMPhWQWraBxtISBpaYtww7mo4VELKCPlWyZZghnF3c8a7GZqLy9b6
EgTshJjYZXfQo3iTDqk9lIzMpRf/auDsGj03eHcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ13qWziyrLkDCF2PC3WL0lxTSFZjAfBgNVHSMEGDAWgBSLqzBoOFnsfgIG
/pJlNj6OOXGpqDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2k2c3dhRGhaN0g0Q0J2NlNaVFktampseHFhZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmIvODFmZDFhLTQ3YTctNDVkOC1iZTc0LTNhYzllNTZjMzA4OS8x
L05kNmxzNHNxeTVBd2hkand0MWk5SmNVMGhXWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmIv
ODFmZDFhLTQ3YTctNDVkOC1iZTc0LTNhYzllNTZjMzA4OS8xL2k2c3dhRGhaN0g0
Q0J2NlNaVFktampseHFhZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi1WFDANBgkqhkiG9w0BAQsFAAOC
AQEAfbM1fERA4iKh99q89+nP3SHEU9SA6WZ/rcb/RtXBqzzZ/npMdKqyOPmBLkMY
V85Np9ze4f2btJ0cA6RGq98JF0810OHjf1NdOs5AxekLuhU2romBiJbFoF4qT1lO
vTYRSp9u3poJPoAcHx4ADN17cgGWYGzgMM0I/XM9mWyzArRhwAjV3tSshJ9/2yRW
kd9Bk5luMNAlxKeMA+mbhKNP/qUTFEEapgqOZCh+CmFQM0oequwjP42CUrcuZjYZ
Ym5A///wk0pQal5wwJpcycROjS1EbNrZEPo2OItEQ+ud1EOE8J2uQ0jYozoRPd8f
6fY2G7BbJYvIKzG8DnUBYTbBbQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:36 2023 by rpki-client on console-ams.rpki-client.org