Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/c8ae79-6d7b-4776-80b7-420492cd1afd/1/9atjgqHnMk1RZNSD7m1xtcjfIYU.roa
File: 9atjgqHnMk1RZNSD7m1xtcjfIYU.roa (raw, json)
Hash identifier: 6rhRsvzzrpB5eKNH0y//9DN3bQ45wKB/VJHN77a4rUE=
Subject key identifier: F5:AB:63:82:A1:E7:32:4D:51:64:D4:83:EE:6D:71:B5:C8:DF:21:85
Certificate issuer: /CN=7ed24c5d344fb92bcf4cf6e1e569f51ae41aa87c
Certificate serial: 018317F7E0AD733B1B617B2B5DEF471288C9
Authority key identifier: 7E:D2:4C:5D:34:4F:B9:2B:CF:4C:F6:E1:E5:69:F5:1A:E4:1A:A8:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ftJMXTRPuSvPTPbh5Wn1GuQaqHw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/c8ae79-6d7b-4776-80b7-420492cd1afd/1/9atjgqHnMk1RZNSD7m1xtcjfIYU.roa
Signing time: Wed 07 Sep 2022 12:41:04 +0000
ROA not before: Wed 07 Sep 2022 12:41:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48603
IP address blocks: 45.147.92.0/24 maxlen: 24
45.147.93.0/24 maxlen: 24
2a0f:f800::/29 maxlen: 31
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:17:f7:e0:ad:73:3b:1b:61:7b:2b:5d:ef:47:12:88:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ed24c5d344fb92bcf4cf6e1e569f51ae41aa87c
Validity
Not Before: Sep 7 12:41:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f5ab6382a1e7324d5164d483ee6d71b5c8df2185
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:28:52:f3:aa:46:19:c0:53:cd:b1:2a:60:e7:
fe:31:75:fa:06:9a:7f:dc:5e:89:0d:f5:c9:2c:fb:
5c:39:f1:22:dd:0b:2a:3d:01:ce:73:b7:c1:4a:35:
cc:64:5b:7f:91:fe:14:13:11:6b:d8:e3:26:11:b3:
59:1f:53:de:75:ab:ca:d6:8b:78:41:bc:42:c0:2d:
dc:c5:17:4d:c7:94:66:a7:9c:35:7c:3e:44:42:2f:
92:a2:a9:b9:5b:d6:74:4a:65:94:f9:e0:59:6b:e5:
a8:b9:ea:21:ec:c2:6c:b4:1a:0e:5a:4d:27:7c:38:
14:4f:ea:09:dd:ca:0e:a8:3d:a8:fd:b5:c5:e7:89:
b0:ae:41:2b:ae:e8:71:92:24:c5:4e:67:e2:0e:f9:
7c:39:6a:34:c2:12:42:48:70:71:f9:6f:e4:94:dc:
46:ab:2f:e6:87:51:d7:2b:22:2a:3a:20:bb:fd:5c:
7d:ac:7d:3f:8c:5a:7c:19:16:a8:59:d0:43:2d:31:
77:14:49:b3:b8:a1:13:44:76:cf:ad:c8:bd:9c:bd:
27:c5:86:65:8e:ef:8a:66:80:be:25:c8:2e:66:e6:
4d:a6:d5:f3:de:00:d1:d4:71:94:59:2e:17:c5:ae:
ef:a1:e4:0f:4b:41:bb:13:8e:61:45:16:49:71:66:
a1:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:AB:63:82:A1:E7:32:4D:51:64:D4:83:EE:6D:71:B5:C8:DF:21:85
X509v3 Authority Key Identifier:
keyid:7E:D2:4C:5D:34:4F:B9:2B:CF:4C:F6:E1:E5:69:F5:1A:E4:1A:A8:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ftJMXTRPuSvPTPbh5Wn1GuQaqHw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/c8ae79-6d7b-4776-80b7-420492cd1afd/1/9atjgqHnMk1RZNSD7m1xtcjfIYU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/c8ae79-6d7b-4776-80b7-420492cd1afd/1/ftJMXTRPuSvPTPbh5Wn1GuQaqHw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.147.92.0/23
IPv6:
2a0f:f800::/29
Signature Algorithm: sha256WithRSAEncryption
7e:d3:59:2f:1f:3d:43:09:5c:4e:4d:53:5f:c0:2a:da:f2:91:
91:11:15:da:11:cb:27:57:20:b6:85:21:21:f6:53:71:8c:82:
5e:10:f4:da:6e:fa:b3:0e:86:31:5e:4d:1e:3f:02:67:82:8b:
60:d1:bc:1a:04:13:3a:a3:68:dc:29:e0:82:ca:d8:22:22:40:
e4:fc:56:ae:ae:12:0b:2b:0a:32:67:2e:91:66:6b:c8:96:76:
21:96:e0:8f:27:05:d1:3d:7a:36:ee:46:32:51:16:c0:18:c5:
4f:e9:63:c2:f7:7a:8a:5e:d7:d9:1e:46:58:9f:f7:fc:0f:66:
25:68:f0:4d:e1:cd:de:32:bd:55:ba:4e:95:c6:55:4f:5e:dd:
0d:11:f7:54:28:e0:d1:94:e4:55:6e:1f:2b:44:14:d6:6c:e8:
55:14:7f:72:a2:6a:af:d1:79:2b:9d:9d:ce:a4:ed:87:39:aa:
27:f6:81:82:ca:d9:d3:d6:40:7c:a8:ae:0d:14:b6:e4:30:b8:
41:1a:5d:0f:e3:32:8f:0a:06:6c:02:41:50:e8:01:c9:6e:77:
09:fc:46:b1:3a:26:d6:e1:6a:8c:7f:c4:11:f5:b8:45:85:b8:
ef:66:1d:a7:bf:66:7c:9f:26:48:67:e0:12:3e:5d:c8:9b:fa:
8e:57:9e:ac
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYMX9+CtczsbYXsrXe9HEojJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlZDI0YzVkMzQ0ZmI5MmJjZjRjZjZlMWU1NjlmNTFhZTQx
YWE4N2MwHhcNMjIwOTA3MTI0MTA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWFiNjM4MmExZTczMjRkNTE2NGQ0ODNlZTZkNzFiNWM4ZGYyMTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhyhS86pGGcBTzbEqYOf+MXX6Bpp/
3F6JDfXJLPtcOfEi3QsqPQHOc7fBSjXMZFt/kf4UExFr2OMmEbNZH1PedavK1ot4
QbxCwC3cxRdNx5Rmp5w1fD5EQi+Soqm5W9Z0SmWU+eBZa+Woueoh7MJstBoOWk0n
fDgUT+oJ3coOqD2o/bXF54mwrkErruhxkiTFTmfiDvl8OWo0whJCSHBx+W/klNxG
qy/mh1HXKyIqOiC7/Vx9rH0/jFp8GRaoWdBDLTF3FEmzuKETRHbPrci9nL0nxYZl
ju+KZoC+JcguZuZNptXz3gDR1HGUWS4Xxa7voeQPS0G7E45hRRZJcWahSwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPWrY4Kh5zJNUWTUg+5tcbXI3yGFMB8GA1UdIwQY
MBaAFH7STF00T7krz0z24eVp9RrkGqh8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZnRKTVhUUlB1U3ZQVFBiaDVXbjFHdVFhcUh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS9jOGFlNzktNmQ3Yi00Nzc2LTgwYjct
NDIwNDkyY2QxYWZkLzEvOWF0amdxSG5NazFSWk5TRDdtMXh0Y2pmSVlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS9jOGFlNzktNmQ3Yi00Nzc2LTgwYjctNDIwNDkyY2QxYWZk
LzEvZnRKTVhUUlB1U3ZQVFBiaDVXbjFHdVFhcUh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBLZNcMA0E
AgACMAcDBQMqD/gAMA0GCSqGSIb3DQEBCwUAA4IBAQB+01kvHz1DCVxOTVNfwCra
8pGRERXaEcsnVyC2hSEh9lNxjIJeEPTabvqzDoYxXk0ePwJngotg0bwaBBM6o2jc
KeCCytgiIkDk/FaurhILKwoyZy6RZmvIlnYhluCPJwXRPXo27kYyURbAGMVP6WPC
93qKXtfZHkZYn/f8D2YlaPBN4c3eMr1Vuk6VxlVPXt0NEfdUKODRlORVbh8rRBTW
bOhVFH9yomqv0XkrnZ3OpO2HOaon9oGCytnT1kB8qK4NFLbkMLhBGl0P4zKPCgZs
AkFQ6AHJbncJ/EaxOibW4WqMf8QR9bhFhbjvZh2nv2Z8nyZIZ+ASPl3Im/qOV56s
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:17 2024 by rpki-client on console-ams.rpki-client.org