Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/cstFNrCTkmUW7wYfgZA4rDIXmk4.roa
File: cstFNrCTkmUW7wYfgZA4rDIXmk4.roa (raw, json)
Hash identifier: Idgi+51+26AMT3DxXKdVHLpsHhN3rvZii+Apen+HAHI=
Subject key identifier: 72:CB:45:36:B0:93:92:65:16:EF:06:1F:81:90:38:AC:32:17:9A:4E
Certificate issuer: /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial: 07C6C828
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/cstFNrCTkmUW7wYfgZA4rDIXmk4.roa
Signing time: Tue 17 May 2022 15:55:29 +0000
ROA not before: Tue 17 May 2022 15:55:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1299
IP address blocks: 45.11.188.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 130467880 (0x7c6c828)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Validity
Not Before: May 17 15:55:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=72cb4536b093926516ef061f819038ac32179a4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:e0:3f:f9:9f:d3:88:00:fa:a4:f1:26:dc:97:
a6:c4:c9:b4:63:be:ae:59:09:48:ac:91:3d:dd:3a:
c8:88:af:70:52:3d:21:de:dc:42:ae:d4:eb:5c:82:
88:59:91:a6:f0:00:c6:80:04:d8:f7:26:22:d8:e1:
b4:c7:7b:39:d9:02:d7:a5:95:ac:44:bc:41:8a:30:
e5:44:20:1a:ea:e0:e6:4d:8d:ab:14:ca:ac:6f:d4:
d8:ec:8d:fd:98:3e:27:53:fc:92:08:e0:f7:15:71:
40:4e:db:8e:a5:21:d5:5d:2a:23:44:29:c1:da:c4:
47:21:eb:1f:2a:db:31:57:79:2e:54:7f:ac:cb:25:
55:a3:67:1a:c9:83:50:11:c8:b3:eb:61:fa:4e:55:
0e:c1:95:2e:fb:0a:af:e7:48:e8:47:9b:77:72:ad:
8e:f1:c2:ce:d5:c1:9b:e1:e1:9b:8d:cc:db:10:81:
a6:ac:d0:4d:e8:e4:8d:c2:96:13:f3:d2:e2:55:6e:
cd:68:25:8f:be:f6:f6:cd:a7:84:f5:ca:35:75:c0:
fc:f7:17:4e:6e:d3:f5:a6:ac:3e:d7:e7:9b:0f:f6:
9e:dc:c0:7c:98:fa:ec:d2:17:3c:c5:32:17:0f:82:
ce:15:17:f4:51:b9:a7:ce:c3:aa:1e:f4:25:18:2c:
ab:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:CB:45:36:B0:93:92:65:16:EF:06:1F:81:90:38:AC:32:17:9A:4E
X509v3 Authority Key Identifier:
keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/cstFNrCTkmUW7wYfgZA4rDIXmk4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.188.0/23
Signature Algorithm: sha256WithRSAEncryption
b0:3b:04:c7:ce:f4:56:03:26:7c:cc:15:c1:b7:cd:90:90:9a:
da:cd:c5:7e:df:70:13:21:8b:51:81:09:4a:26:40:4f:bc:a7:
aa:af:08:fb:a2:c4:e3:bc:34:01:66:41:13:e4:25:6f:7d:2b:
77:73:c2:fd:e2:a6:72:0b:37:45:fd:7e:9b:2e:44:33:60:8f:
64:bc:af:8e:99:54:3d:9a:bd:01:85:aa:52:4d:a6:8d:6f:0a:
6b:e5:50:73:3f:a5:f1:c4:60:c7:01:4a:f8:0d:6f:a6:64:b2:
34:a9:1d:a0:aa:da:7b:38:0e:a7:33:30:dd:59:8a:2b:ef:4a:
cf:ef:fe:95:23:cb:79:a0:64:be:92:20:eb:3a:03:7a:9f:96:
89:9a:97:cf:79:78:ee:f8:0a:c3:69:a0:e6:45:dd:42:a9:d5:
c7:28:a9:f8:0d:7c:ba:8f:a0:e8:57:90:7f:02:57:a1:40:21:
2f:1b:ab:99:23:20:8e:af:c2:bd:99:cc:a7:51:48:ed:55:35:
93:2f:c8:f5:28:b0:d6:65:fa:9a:0a:d2:93:56:69:eb:b5:73:
40:28:66:e9:e3:cb:20:45:57:4e:e9:b5:6c:b3:a1:1e:04:c4:
31:d3:48:9c:d7:4e:55:fb:8d:51:3b:f5:55:34:4b:56:f8:1c:
a9:9d:0f:03
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEB8bIKDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
OTNkYTIwMTk5MDlkOWZjMzc4MjlmZDllYzI5ZDk0OGVjZmY3YzkyMB4XDTIyMDUx
NzE1NTUyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzJjYjQ1MzZiMDkz
OTI2NTE2ZWYwNjFmODE5MDM4YWMzMjE3OWE0ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJXgP/mf04gA+qTxJtyXpsTJtGO+rlkJSKyRPd06yIivcFI9
Id7cQq7U61yCiFmRpvAAxoAE2PcmItjhtMd7OdkC16WVrES8QYow5UQgGurg5k2N
qxTKrG/U2OyN/Zg+J1P8kgjg9xVxQE7bjqUh1V0qI0QpwdrERyHrHyrbMVd5LlR/
rMslVaNnGsmDUBHIs+th+k5VDsGVLvsKr+dI6Eebd3KtjvHCztXBm+Hhm43M2xCB
pqzQTejkjcKWE/PS4lVuzWglj7729s2nhPXKNXXA/PcXTm7T9aasPtfnmw/2ntzA
fJj67NIXPMUyFw+CzhUX9FG5p87Dqh70JRgsq4ECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRyy0U2sJOSZRbvBh+BkDisMheaTjAfBgNVHSMEGDAWgBTZPaIBmQnZ/DeC
n9nsKdlI7P98kjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJUMmlBWmtKMmZ3M2dwX1o3Q25aU096X2ZKSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzIvNDdhZmEzLWNlMzEtNDA2MC1hMDc4LWY1YWRkZGRmMWVjNS8x
L2NzdEZOckNUa21VVzd3WWZnWkE0ckRJWG1rNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzIv
NDdhZmEzLWNlMzEtNDA2MC1hMDc4LWY1YWRkZGRmMWVjNS8xLzJUMmlBWmtKMmZ3
M2dwX1o3Q25aU096X2ZKSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAS0LvDANBgkqhkiG9w0BAQsFAAOC
AQEAsDsEx870VgMmfMwVwbfNkJCa2s3Fft9wEyGLUYEJSiZAT7ynqq8I+6LE47w0
AWZBE+Qlb30rd3PC/eKmcgs3Rf1+my5EM2CPZLyvjplUPZq9AYWqUk2mjW8Ka+VQ
cz+l8cRgxwFK+A1vpmSyNKkdoKraezgOpzMw3VmKK+9Kz+/+lSPLeaBkvpIg6zoD
ep+WiZqXz3l47vgKw2mg5kXdQqnVxyip+A18uo+g6FeQfwJXoUAhLxurmSMgjq/C
vZnMp1FI7VU1ky/I9Siw1mX6mgrSk1Zp67VzQChm6ePLIEVXTum1bLOhHgTEMdNI
nNdOVfuNUTv1VTRLVvgcqZ0PAw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:14 2023 by rpki-client on console-fra.rpki-client.org