Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/08cda2-bebe-49a7-b46c-0a50803b0fbc/1/Ac-qUgKPHO7yY0hZQ9-5qUYH170.roa
File: Ac-qUgKPHO7yY0hZQ9-5qUYH170.roa (raw, json)
Hash identifier: 2/2NT9jG1/S0gL2bWMeV7mK7+xCf2PIT/2puMWNI5p8=
Subject key identifier: 01:CF:AA:52:02:8F:1C:EE:F2:63:48:59:43:DF:B9:A9:46:07:D7:BD
Certificate issuer: /CN=30055378b5d7cc0cb7943bc803379015b3485296
Certificate serial: 0940EBF0
Authority key identifier: 30:05:53:78:B5:D7:CC:0C:B7:94:3B:C8:03:37:90:15:B3:48:52:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MAVTeLXXzAy3lDvIAzeQFbNIUpY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/08cda2-bebe-49a7-b46c-0a50803b0fbc/1/Ac-qUgKPHO7yY0hZQ9-5qUYH170.roa
Signing time: Sat 01 Jan 2022 09:00:50 +0000
ROA not before: Sat 01 Jan 2022 09:00:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204996
IP address blocks: 45.67.8.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 155249648 (0x940ebf0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30055378b5d7cc0cb7943bc803379015b3485296
Validity
Not Before: Jan 1 09:00:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=01cfaa52028f1ceef263485943dfb9a94607d7bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:b5:64:03:92:7d:7d:c8:8e:5f:22:72:16:91:
28:1e:46:50:49:fd:9a:e1:86:b7:a7:fd:50:88:3e:
87:cc:37:c5:26:ee:da:33:f1:bc:29:90:36:9d:bb:
42:74:1d:8a:44:7d:f1:da:4e:30:31:2e:dc:2b:b0:
2c:38:61:1c:48:ba:f2:12:fb:18:4b:5d:02:47:1c:
f0:66:37:19:a0:58:f4:fa:51:a6:af:a4:1f:dc:1f:
19:ed:df:a6:84:e5:1e:fb:0c:13:35:26:b2:df:90:
22:5a:4f:34:32:1c:22:6b:d0:6c:7c:f6:0d:f6:71:
33:54:e9:11:7b:a6:ce:06:19:b0:a0:82:23:0e:9a:
ad:5f:43:60:ee:f7:14:85:99:f7:2a:e4:a6:66:82:
68:b4:de:05:ed:12:64:cc:3f:8c:4d:7b:fd:56:21:
b4:47:e4:11:6e:1a:2d:49:02:ab:61:3b:34:82:5b:
d1:da:49:be:1b:2e:11:43:8d:e8:04:68:95:57:73:
d3:12:7b:5f:4e:07:c0:7b:67:ec:77:c1:01:1f:56:
e5:81:f6:48:e5:88:e8:5c:fe:ed:f5:a5:c0:dc:d7:
b8:d8:0c:04:cc:2e:4e:a5:f7:d3:18:24:b1:ac:f2:
3e:bc:ec:22:8a:89:9c:7b:19:80:b1:fc:bc:67:91:
9d:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:CF:AA:52:02:8F:1C:EE:F2:63:48:59:43:DF:B9:A9:46:07:D7:BD
X509v3 Authority Key Identifier:
keyid:30:05:53:78:B5:D7:CC:0C:B7:94:3B:C8:03:37:90:15:B3:48:52:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MAVTeLXXzAy3lDvIAzeQFbNIUpY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/08cda2-bebe-49a7-b46c-0a50803b0fbc/1/Ac-qUgKPHO7yY0hZQ9-5qUYH170.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/08cda2-bebe-49a7-b46c-0a50803b0fbc/1/MAVTeLXXzAy3lDvIAzeQFbNIUpY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.8.0/22
Signature Algorithm: sha256WithRSAEncryption
64:3d:0f:ce:5c:bc:a9:55:95:9b:aa:6c:09:df:b3:df:5e:c9:
8a:c2:6e:b7:15:69:b3:cd:95:5d:85:91:49:43:b6:90:da:d7:
47:6b:0a:60:7a:69:c0:a5:bc:86:8e:67:be:16:51:98:44:29:
a4:ce:17:92:bc:77:44:97:ce:14:6a:d3:bf:e4:1d:58:53:81:
4d:a1:2a:79:50:1b:fc:d4:9c:98:04:76:89:89:06:eb:6e:ca:
29:b5:d5:b8:7d:1c:2f:7c:bf:96:7f:d6:fd:a5:5d:61:a4:8f:
06:cf:f2:52:36:47:a2:aa:39:76:5e:05:29:cd:15:53:69:03:
67:5d:5f:77:6f:60:74:70:e7:d0:c5:6f:c7:7f:51:e2:78:48:
26:9f:56:0a:58:7f:ff:dc:fb:4d:f9:89:62:a0:49:53:fd:74:
84:c4:ad:9e:fd:29:c5:bf:71:7e:a1:fd:1e:2b:74:69:2b:cd:
f2:8f:d3:53:63:93:7e:16:e4:66:18:09:10:1c:52:e3:56:03:
f9:dd:68:c9:07:01:a9:12:9c:f3:6d:96:00:c3:87:69:91:ed:
7c:b8:41:1d:c8:2b:84:29:39:0c:ae:64:69:57:db:ef:c7:ec:
28:c4:8e:fc:ff:ae:8d:c5:41:59:e6:b4:37:85:5d:c9:b2:58:
76:ba:3b:f0
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECUDr8DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MDA1NTM3OGI1ZDdjYzBjYjc5NDNiYzgwMzM3OTAxNWIzNDg1Mjk2MB4XDTIyMDEw
MTA5MDA1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDFjZmFhNTIwMjhm
MWNlZWYyNjM0ODU5NDNkZmI5YTk0NjA3ZDdiZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM61ZAOSfX3Ijl8ichaRKB5GUEn9muGGt6f9UIg+h8w3xSbu
2jPxvCmQNp27QnQdikR98dpOMDEu3CuwLDhhHEi68hL7GEtdAkcc8GY3GaBY9PpR
pq+kH9wfGe3fpoTlHvsMEzUmst+QIlpPNDIcImvQbHz2DfZxM1TpEXumzgYZsKCC
Iw6arV9DYO73FIWZ9yrkpmaCaLTeBe0SZMw/jE17/VYhtEfkEW4aLUkCq2E7NIJb
0dpJvhsuEUON6ARolVdz0xJ7X04HwHtn7HfBAR9W5YH2SOWI6Fz+7fWlwNzXuNgM
BMwuTqX30xgksazyPrzsIoqJnHsZgLH8vGeRnRUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQBz6pSAo8c7vJjSFlD37mpRgfXvTAfBgNVHSMEGDAWgBQwBVN4tdfMDLeU
O8gDN5AVs0hSljAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01BVlRlTFhYekF5M2xEdklBemVRRmJOSVVwWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGEvMDhjZGEyLWJlYmUtNDlhNy1iNDZjLTBhNTA4MDNiMGZiYy8x
L0FjLXFVZ0tQSE83eVkwaFpROS01cVVZSDE3MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGEv
MDhjZGEyLWJlYmUtNDlhNy1iNDZjLTBhNTA4MDNiMGZiYy8xL01BVlRlTFhYekF5
M2xEdklBemVRRmJOSVVwWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi1DCDANBgkqhkiG9w0BAQsFAAOC
AQEAZD0Pzly8qVWVm6psCd+z317JisJutxVps82VXYWRSUO2kNrXR2sKYHppwKW8
ho5nvhZRmEQppM4Xkrx3RJfOFGrTv+QdWFOBTaEqeVAb/NScmAR2iYkG627KKbXV
uH0cL3y/ln/W/aVdYaSPBs/yUjZHoqo5dl4FKc0VU2kDZ11fd29gdHDn0MVvx39R
4nhIJp9WClh//9z7TfmJYqBJU/10hMStnv0pxb9xfqH9Hit0aSvN8o/TU2OTfhbk
ZhgJEBxS41YD+d1oyQcBqRKc822WAMOHaZHtfLhBHcgrhCk5DK5kaVfb78fsKMSO
/P+ujcVBWea0N4VdybJYdro78A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:09 2024 by rpki-client on console-fra.rpki-client.org