Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/rxCZ78sB8Nnj6LMTR8fOIiWG-ek.roa
File: rxCZ78sB8Nnj6LMTR8fOIiWG-ek.roa (raw, json)
Hash identifier: DyTlsi9Qoqzg9wAltUZZa4NEAali0l8WaqR8drM4NaE=
Subject key identifier: AF:10:99:EF:CB:01:F0:D9:E3:E8:B3:13:47:C7:CE:22:25:86:F9:E9
Certificate issuer: /CN=01f3ef3e0ea95a975537d5c25d93cb76af687234
Certificate serial: 35517DF2
Authority key identifier: 01:F3:EF:3E:0E:A9:5A:97:55:37:D5:C2:5D:93:CB:76:AF:68:72:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AfPvPg6pWpdVN9XCXZPLdq9ocjQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/rxCZ78sB8Nnj6LMTR8fOIiWG-ek.roa
Signing time: Sat 01 Jan 2022 13:05:13 +0000
ROA not before: Sat 01 Jan 2022 13:05:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44218
IP address blocks: 145.14.94.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 894533106 (0x35517df2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01f3ef3e0ea95a975537d5c25d93cb76af687234
Validity
Not Before: Jan 1 13:05:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=af1099efcb01f0d9e3e8b31347c7ce222586f9e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:43:bc:aa:a3:2f:6c:aa:82:be:4d:2c:4f:42:
17:af:32:cc:89:f9:74:97:bc:13:d8:ac:38:9b:ba:
ab:de:82:b4:36:23:11:5d:ea:44:6a:85:e2:37:d8:
31:f3:09:aa:f4:9e:27:3b:5e:5f:3b:5d:5a:32:b8:
c9:97:b1:f5:ef:df:75:35:66:49:33:75:d0:08:40:
8a:d6:b2:d7:19:4b:d7:28:b3:96:3b:b8:ba:0a:41:
22:71:35:b3:af:42:95:bd:3a:68:ee:7d:28:0a:98:
25:21:aa:03:82:a7:37:c6:17:bc:b5:13:24:07:ec:
c1:50:ee:31:6e:23:8e:43:57:bf:07:84:54:cc:95:
bc:09:f1:3b:47:35:12:13:90:2e:84:c7:29:7e:4d:
1c:13:ac:0e:aa:f5:79:b2:07:ac:d0:5a:5d:e7:2c:
8a:94:ce:71:3a:6d:a2:17:af:69:69:54:56:0e:e2:
b7:15:89:86:a8:5d:f4:1a:52:66:ae:2c:4c:ce:ae:
62:8e:01:f0:28:a1:28:04:8a:ac:eb:c8:77:dd:eb:
82:15:d7:a0:a5:e1:0d:3b:7d:d0:80:dd:4d:54:51:
96:cd:dc:3f:52:e7:d8:f1:89:19:f1:a5:41:b9:35:
15:39:06:4b:95:d9:df:4d:6a:67:35:59:a3:ab:97:
2c:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:10:99:EF:CB:01:F0:D9:E3:E8:B3:13:47:C7:CE:22:25:86:F9:E9
X509v3 Authority Key Identifier:
keyid:01:F3:EF:3E:0E:A9:5A:97:55:37:D5:C2:5D:93:CB:76:AF:68:72:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AfPvPg6pWpdVN9XCXZPLdq9ocjQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/rxCZ78sB8Nnj6LMTR8fOIiWG-ek.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/AfPvPg6pWpdVN9XCXZPLdq9ocjQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.14.94.0/24
Signature Algorithm: sha256WithRSAEncryption
93:47:3a:0c:14:db:2e:92:0d:78:02:73:64:20:ea:bf:3f:93:
86:e6:be:92:e0:79:aa:44:a5:a3:df:b3:bf:19:70:0a:24:54:
9b:9a:37:e2:13:b5:6a:f0:0d:a0:ea:93:ee:17:1d:52:c7:f6:
dd:3a:48:e4:04:70:b8:45:6e:fb:4d:f5:b9:58:de:c0:81:4b:
c6:f2:f6:56:d7:fd:66:e8:f8:ae:fc:63:b2:df:20:08:ba:d4:
ae:50:31:f7:d8:4b:06:28:59:d7:36:21:6d:28:ee:0e:ef:31:
8d:5a:e0:5d:28:19:af:90:09:71:e8:53:af:65:b2:c4:b5:ec:
54:49:22:f9:51:10:60:3f:07:2d:62:28:f7:9f:c3:e3:33:d9:
2a:a4:5b:19:30:c8:68:8f:79:21:7b:ae:0b:09:7a:6c:73:83:
18:1c:3d:77:17:5c:34:6c:f9:05:48:ef:ba:75:ab:b4:d7:20:
91:88:f7:0a:f7:5d:43:3d:56:4d:a8:8d:a3:a9:b9:eb:3d:ad:
c8:e4:d6:ba:62:c0:8e:6b:7c:be:ab:a9:65:a3:e0:82:25:3d:
0c:a0:72:ae:bc:bb:4f:94:e6:80:07:79:ed:8a:a1:80:20:8b:
27:28:4b:d2:39:ca:53:dd:5e:1e:af:ea:e1:b5:9e:8f:ed:ef:
5a:de:08:bf
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIENVF98jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MWYzZWYzZTBlYTk1YTk3NTUzN2Q1YzI1ZDkzY2I3NmFmNjg3MjM0MB4XDTIyMDEw
MTEzMDUxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWYxMDk5ZWZjYjAx
ZjBkOWUzZThiMzEzNDdjN2NlMjIyNTg2ZjllOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALJDvKqjL2yqgr5NLE9CF68yzIn5dJe8E9isOJu6q96CtDYj
EV3qRGqF4jfYMfMJqvSeJzteXztdWjK4yZex9e/fdTVmSTN10AhAitay1xlL1yiz
lju4ugpBInE1s69Clb06aO59KAqYJSGqA4KnN8YXvLUTJAfswVDuMW4jjkNXvweE
VMyVvAnxO0c1EhOQLoTHKX5NHBOsDqr1ebIHrNBaXecsipTOcTptohevaWlUVg7i
txWJhqhd9BpSZq4sTM6uYo4B8CihKASKrOvId93rghXXoKXhDTt90IDdTVRRls3c
P1Ln2PGJGfGlQbk1FTkGS5XZ301qZzVZo6uXLK8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSvEJnvywHw2ePosxNHx84iJYb56TAfBgNVHSMEGDAWgBQB8+8+Dqlal1U3
1cJdk8t2r2hyNDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0FmUHZQZzZwV3BkVk45WENYWlBMZHE5b2NqUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDUvODQxN2EwLTA3NzctNDQ2ZS05N2UxLTM1M2IzYTYzM2FkYS8x
L3J4Q1o3OHNCOE5uajZMTVRSOGZPSWlXRy1lay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDUv
ODQxN2EwLTA3NzctNDQ2ZS05N2UxLTM1M2IzYTYzM2FkYS8xL0FmUHZQZzZwV3Bk
Vk45WENYWlBMZHE5b2NqUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAJEOXjANBgkqhkiG9w0BAQsFAAOC
AQEAk0c6DBTbLpINeAJzZCDqvz+Thua+kuB5qkSlo9+zvxlwCiRUm5o34hO1avAN
oOqT7hcdUsf23TpI5ARwuEVu+031uVjewIFLxvL2Vtf9Zuj4rvxjst8gCLrUrlAx
99hLBihZ1zYhbSjuDu8xjVrgXSgZr5AJcehTr2WyxLXsVEki+VEQYD8HLWIo95/D
4zPZKqRbGTDIaI95IXuuCwl6bHODGBw9dxdcNGz5BUjvunWrtNcgkYj3CvddQz1W
TaiNo6m56z2tyOTWumLAjmt8vqupZaPggiU9DKByrry7T5TmgAd57YqhgCCLJyhL
0jnKU91eHq/q4bWej+3vWt4Ivw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:16 2023 by rpki-client on console-fra.rpki-client.org