Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/eda54a-772c-49db-a012-6100cd15e260/1/XNIJcesQWOO6Xfl-68tzzXmH4r4.roa
File: XNIJcesQWOO6Xfl-68tzzXmH4r4.roa (raw, json)
Hash identifier: /FhN36CZIHOCTTJ6S1pK1n1hi7leHehvbzKvYgW++Q8=
Subject key identifier: 5C:D2:09:71:EB:10:58:E3:BA:5D:F9:7E:EB:CB:73:CD:79:87:E2:BE
Certificate issuer: /CN=a1a01f76a42be8717befdce1676215988a4dfc73
Certificate serial: 01B0BB76
Authority key identifier: A1:A0:1F:76:A4:2B:E8:71:7B:EF:DC:E1:67:62:15:98:8A:4D:FC:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oaAfdqQr6HF779zhZ2IVmIpN_HM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/eda54a-772c-49db-a012-6100cd15e260/1/XNIJcesQWOO6Xfl-68tzzXmH4r4.roa
Signing time: Mon 13 Jun 2022 02:23:03 +0000
ROA not before: Mon 13 Jun 2022 02:23:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 137427
IP address blocks: 45.142.153.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 28359542 (0x1b0bb76)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a1a01f76a42be8717befdce1676215988a4dfc73
Validity
Not Before: Jun 13 02:23:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5cd20971eb1058e3ba5df97eebcb73cd7987e2be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:ee:8a:ce:df:fe:f7:d2:f0:0a:91:cc:be:52:
69:ef:7f:ef:69:de:2c:c2:39:ac:9b:bf:5a:18:76:
91:4f:07:5d:54:04:c4:9d:9c:ed:65:e1:ac:1c:71:
a1:7a:83:50:74:aa:d1:a6:44:d1:68:dc:05:de:d5:
11:72:22:0a:37:3f:eb:75:3e:d4:2b:67:52:e6:b5:
e3:75:fa:9a:f3:35:81:37:f7:3e:15:6e:31:15:c2:
21:0e:eb:78:33:f6:1c:c4:32:77:78:a4:72:64:25:
c3:bc:ba:da:c4:e7:6e:48:5a:7d:1e:c0:fb:cc:e8:
cf:fd:70:47:20:58:af:44:68:40:2d:5b:a3:fc:c6:
ee:5e:24:c0:53:a0:d8:1e:69:c6:42:a9:dc:d7:c5:
11:8d:26:65:05:2b:14:64:fd:74:db:af:99:4c:47:
59:7a:8b:29:cf:7f:c8:a5:19:bc:0d:e4:ce:9f:3a:
13:f6:45:6c:e2:9b:f1:bf:fc:7d:b9:b2:15:fa:e6:
2b:44:51:02:9c:8b:42:55:8f:b6:9b:61:a4:f0:65:
15:00:1f:f0:07:73:51:a1:ba:c8:3c:b4:98:24:d0:
f9:7d:de:83:62:02:14:42:98:49:b8:c7:10:8c:3d:
f1:e0:c9:ba:a3:c0:5f:df:5d:97:bc:2a:a7:91:18:
de:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:D2:09:71:EB:10:58:E3:BA:5D:F9:7E:EB:CB:73:CD:79:87:E2:BE
X509v3 Authority Key Identifier:
keyid:A1:A0:1F:76:A4:2B:E8:71:7B:EF:DC:E1:67:62:15:98:8A:4D:FC:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oaAfdqQr6HF779zhZ2IVmIpN_HM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/eda54a-772c-49db-a012-6100cd15e260/1/XNIJcesQWOO6Xfl-68tzzXmH4r4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/eda54a-772c-49db-a012-6100cd15e260/1/oaAfdqQr6HF779zhZ2IVmIpN_HM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.153.0/24
Signature Algorithm: sha256WithRSAEncryption
72:dd:32:f4:b2:09:e3:80:c7:8d:31:2a:05:d6:f9:82:1a:47:
71:54:c7:2c:5e:d7:56:a8:ab:24:ff:26:c1:9b:e6:37:ae:fd:
35:86:50:4e:89:76:56:db:a6:a4:85:f6:c1:ef:e3:45:5d:21:
50:d1:0e:a7:8e:65:31:50:dd:fb:c3:f2:71:ba:aa:cd:7d:04:
54:2a:c2:24:ac:13:89:0a:9e:19:ca:0a:39:5a:89:4f:fd:48:
94:a1:c7:dd:6d:4c:d7:0e:a2:5a:a7:26:ed:3a:09:de:1b:5f:
59:e2:2d:3f:62:55:04:48:35:02:c1:82:3a:38:ce:5b:38:0f:
56:b1:26:82:53:2f:af:29:58:ff:a5:99:b3:09:32:8e:2d:19:
39:af:80:7b:cb:32:8e:01:76:ce:b8:c9:fc:e5:81:77:76:b6:
73:47:34:c1:0d:76:53:15:5c:a8:76:62:bb:24:b1:07:99:0e:
49:f8:b6:63:10:53:2b:f1:2e:78:c5:45:16:37:7c:45:99:4e:
b3:cf:02:2c:df:8f:6c:3c:39:82:3d:4f:a0:86:de:56:50:d0:
f5:39:bc:3e:01:c9:8e:78:42:51:f3:e4:35:1b:fb:e9:35:c0:
a4:c7:68:82:37:f1:01:a3:03:d1:60:4e:81:f7:0e:8e:46:8e:
bb:7d:b5:21
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAbC7djANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
MWEwMWY3NmE0MmJlODcxN2JlZmRjZTE2NzYyMTU5ODhhNGRmYzczMB4XDTIyMDYx
MzAyMjMwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWNkMjA5NzFlYjEw
NThlM2JhNWRmOTdlZWJjYjczY2Q3OTg3ZTJiZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL7uis7f/vfS8AqRzL5Sae9/72neLMI5rJu/Whh2kU8HXVQE
xJ2c7WXhrBxxoXqDUHSq0aZE0WjcBd7VEXIiCjc/63U+1CtnUua143X6mvM1gTf3
PhVuMRXCIQ7reDP2HMQyd3ikcmQlw7y62sTnbkhafR7A+8zoz/1wRyBYr0RoQC1b
o/zG7l4kwFOg2B5pxkKp3NfFEY0mZQUrFGT9dNuvmUxHWXqLKc9/yKUZvA3kzp86
E/ZFbOKb8b/8fbmyFfrmK0RRApyLQlWPtpthpPBlFQAf8AdzUaG6yDy0mCTQ+X3e
g2ICFEKYSbjHEIw98eDJuqPAX99dl7wqp5EY3jMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRc0glx6xBY47pd+X7ry3PNeYfivjAfBgNVHSMEGDAWgBShoB92pCvocXvv
3OFnYhWYik38czAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L29hQWZkcVFyNkhGNzc5emhaMklWbUlwTl9ITS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzEvZWRhNTRhLTc3MmMtNDlkYi1hMDEyLTYxMDBjZDE1ZTI2MC8x
L1hOSUpjZXNRV09PNlhmbC02OHR6elhtSDRyNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzEv
ZWRhNTRhLTc3MmMtNDlkYi1hMDEyLTYxMDBjZDE1ZTI2MC8xL29hQWZkcVFyNkhG
Nzc5emhaMklWbUlwTl9ITS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC2OmTANBgkqhkiG9w0BAQsFAAOC
AQEAct0y9LIJ44DHjTEqBdb5ghpHcVTHLF7XVqirJP8mwZvmN679NYZQTol2Vtum
pIX2we/jRV0hUNEOp45lMVDd+8PycbqqzX0EVCrCJKwTiQqeGcoKOVqJT/1IlKHH
3W1M1w6iWqcm7ToJ3htfWeItP2JVBEg1AsGCOjjOWzgPVrEmglMvrylY/6WZswky
ji0ZOa+Ae8syjgF2zrjJ/OWBd3a2c0c0wQ12UxVcqHZiuySxB5kOSfi2YxBTK/Eu
eMVFFjd8RZlOs88CLN+PbDw5gj1PoIbeVlDQ9Tm8PgHJjnhCUfPkNRv76TXApMdo
gjfxAaMD0WBOgfcOjkaOu321IQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:58 2023 by rpki-client on console-ams.rpki-client.org