Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/eK3UL7_CTzfvPMy5HC3cswYZoY4.roa
File: eK3UL7_CTzfvPMy5HC3cswYZoY4.roa (raw, json)
Hash identifier: 70O/sfg5r+b5l55qtOl3c55wx7ykz1LHsuP2/m8YXN0=
Subject key identifier: 78:AD:D4:2F:BF:C2:4F:37:EF:3C:CC:B9:1C:2D:DC:B3:06:19:A1:8E
Certificate issuer: /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial: 01826102B391C7CEBBD6E06FE00A56F5D561
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/eK3UL7_CTzfvPMy5HC3cswYZoY4.roa
Signing time: Wed 03 Aug 2022 00:02:23 +0000
ROA not before: Wed 03 Aug 2022 00:02:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 297898
IP address blocks: 45.11.191.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:61:02:b3:91:c7:ce:bb:d6:e0:6f:e0:0a:56:f5:d5:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Validity
Not Before: Aug 3 00:02:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=78add42fbfc24f37ef3cccb91c2ddcb30619a18e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:9e:82:00:bb:75:92:70:12:09:af:c0:3b:87:
2a:b7:eb:b6:f8:5a:93:73:9c:9b:24:3b:85:64:dc:
91:56:6a:4d:6e:d1:75:b7:e3:5d:94:89:56:75:2e:
ac:b8:83:83:20:0e:57:db:29:72:6e:f1:a3:21:2a:
8d:1f:ba:27:44:3b:10:aa:77:33:47:be:5e:2d:33:
94:10:b2:e2:4a:0c:cb:42:66:ef:7d:3b:ef:e4:d4:
29:c7:2c:c1:66:3b:08:c5:d8:df:a1:e2:e9:ec:b6:
44:7e:f2:d7:90:d3:c6:d4:99:3d:f3:7b:f6:0e:7d:
af:5b:56:c5:41:20:dc:82:23:8f:0a:51:e8:04:82:
69:79:a2:39:21:4b:3c:db:b3:d7:aa:42:c0:aa:5c:
1d:a2:6c:11:3c:69:e4:c6:58:87:81:0d:de:0c:ec:
2d:17:4c:40:f6:f1:4b:5f:8c:fc:4f:1f:1e:4c:ad:
21:f3:a9:0b:c9:66:24:eb:5d:b2:1e:7d:44:26:68:
3e:6a:d0:45:32:ae:0f:79:6f:83:11:97:b8:b9:95:
da:45:3a:e8:26:16:c5:0e:9d:f3:6a:27:25:b9:b5:
d2:c5:e7:66:f7:8e:f7:a3:10:5d:81:c3:f9:10:52:
15:9a:5a:6a:88:0e:5c:c3:78:db:7e:4a:0f:a2:59:
f9:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:AD:D4:2F:BF:C2:4F:37:EF:3C:CC:B9:1C:2D:DC:B3:06:19:A1:8E
X509v3 Authority Key Identifier:
keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/eK3UL7_CTzfvPMy5HC3cswYZoY4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.191.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:4e:b1:b7:15:e1:0b:4c:75:27:37:68:d1:d1:fb:51:c9:58:
95:b5:a1:ad:bf:c6:50:e0:b2:f0:a9:a0:d0:e7:03:41:1c:0d:
8d:7a:26:a1:16:78:8f:71:fa:9c:ec:dd:de:c6:99:2b:a1:34:
93:d1:af:d1:ea:10:c0:ac:48:f0:ff:35:bc:7b:17:d1:8e:86:
23:e0:dc:e9:ff:aa:a1:b7:ef:b1:b1:55:7c:da:01:58:fa:00:
bb:5b:99:c6:9f:83:27:bd:e0:bc:a2:15:27:f1:c3:7e:28:98:
ae:b9:17:92:ee:37:0c:61:98:32:9b:64:4a:8c:0c:c9:59:93:
63:8e:97:fc:b2:ee:f1:c6:52:fe:18:26:4b:78:54:c9:07:a0:
70:84:a8:9d:b1:ec:20:71:67:69:99:75:0e:ee:ea:70:c7:88:
32:04:1d:90:bb:79:04:be:15:49:b9:b6:de:aa:c2:20:c0:ef:
81:d4:66:28:20:a6:8b:84:9e:a6:b3:79:25:00:62:95:71:94:
70:4f:c3:b5:09:48:d2:40:42:cd:76:f0:12:45:fe:f0:94:40:
54:77:ef:74:63:7c:f7:df:e7:e1:a3:ed:a5:cc:12:80:10:17:
1c:ac:cf:b6:9d:1d:c5:f1:2a:31:85:22:8b:f1:7c:b0:35:9d:
3f:e0:e6:46
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYJhArORx8671uBv4ApW9dVhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjIwODAzMDAwMjIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OGFkZDQyZmJmYzI0ZjM3ZWYzY2NjYjkxYzJkZGNiMzA2MTlhMThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo56CALt1knASCa/AO4cqt+u2+FqT
c5ybJDuFZNyRVmpNbtF1t+NdlIlWdS6suIODIA5X2ylybvGjISqNH7onRDsQqncz
R75eLTOUELLiSgzLQmbvfTvv5NQpxyzBZjsIxdjfoeLp7LZEfvLXkNPG1Jk983v2
Dn2vW1bFQSDcgiOPClHoBIJpeaI5IUs827PXqkLAqlwdomwRPGnkxliHgQ3eDOwt
F0xA9vFLX4z8Tx8eTK0h86kLyWYk612yHn1EJmg+atBFMq4PeW+DEZe4uZXaRTro
JhbFDp3zaiclubXSxedm9473oxBdgcP5EFIVmlpqiA5cw3jbfkoPoln5lQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHit1C+/wk837zzMuRwt3LMGGaGOMB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvZUszVUw3X0NUemZ2UE15NUhDM2Nzd1lab1k0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQu/MA0G
CSqGSIb3DQEBCwUAA4IBAQAqTrG3FeELTHUnN2jR0ftRyViVtaGtv8ZQ4LLwqaDQ
5wNBHA2NeiahFniPcfqc7N3expkroTST0a/R6hDArEjw/zW8exfRjoYj4Nzp/6qh
t++xsVV82gFY+gC7W5nGn4MnveC8ohUn8cN+KJiuuReS7jcMYZgym2RKjAzJWZNj
jpf8su7xxlL+GCZLeFTJB6BwhKidsewgcWdpmXUO7upwx4gyBB2Qu3kEvhVJubbe
qsIgwO+B1GYoIKaLhJ6ms3klAGKVcZRwT8O1CUjSQELNdvASRf7wlEBUd+90Y3z3
3+fho+2lzBKAEBccrM+2nR3F8SoxhSKL8XywNZ0/4OZG
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:41 2024 by rpki-client on console-fra.rpki-client.org