Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/c76d85-6864-4b37-bdb3-92e8be6279bb/1/lOVCI69rwlFOm-yyM5XiYQCc1dE.roa
File: lOVCI69rwlFOm-yyM5XiYQCc1dE.roa (raw, json)
Hash identifier: OFSnhj0UlcT5LyAnuxLg446zWlb5kiNUMCbK/z0HGn4=
Subject key identifier: 94:E5:42:23:AF:6B:C2:51:4E:9B:EC:B2:33:95:E2:61:00:9C:D5:D1
Certificate issuer: /CN=40d55b78836a93fb6f9ec9fa7a79ed9b8bea2ba1
Certificate serial: 0761473A
Authority key identifier: 40:D5:5B:78:83:6A:93:FB:6F:9E:C9:FA:7A:79:ED:9B:8B:EA:2B:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QNVbeINqk_tvnsn6enntm4vqK6E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/c76d85-6864-4b37-bdb3-92e8be6279bb/1/lOVCI69rwlFOm-yyM5XiYQCc1dE.roa
Signing time: Sat 01 Jan 2022 07:59:16 +0000
ROA not before: Sat 01 Jan 2022 07:59:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 45.129.194.0/24 maxlen: 24
45.129.193.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 123815738 (0x761473a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40d55b78836a93fb6f9ec9fa7a79ed9b8bea2ba1
Validity
Not Before: Jan 1 07:59:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=94e54223af6bc2514e9becb23395e261009cd5d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:7a:43:a6:90:a2:80:26:c8:bd:0c:a0:65:f8:
11:4c:45:1f:e9:af:bb:a0:a4:14:bc:86:28:5f:6b:
a4:6d:c1:7e:14:3b:14:46:cb:08:e8:35:b2:c1:7a:
60:bd:a8:08:16:fa:14:c6:7a:00:12:e8:9e:6c:2e:
16:2b:28:2c:84:46:88:2d:fa:d8:5c:2a:dc:e1:24:
3f:3d:65:85:e4:6b:14:94:29:f6:1a:59:e3:77:ab:
dc:47:cf:44:d6:72:03:15:01:ee:91:24:35:3f:3e:
77:e8:6c:91:4f:17:ca:f0:55:3c:6c:73:d7:8e:6d:
8e:16:45:a1:a5:22:35:e9:7e:7e:59:1f:46:58:63:
97:b9:00:9c:df:27:c4:aa:08:0c:c6:68:4f:2e:b1:
a7:84:31:a4:9c:14:18:c0:d8:8d:ab:e6:01:ba:c0:
cb:be:9c:94:64:6a:22:a0:76:bb:fe:dc:4e:96:44:
8a:88:30:84:90:58:35:6e:91:4c:21:4d:a6:50:09:
d5:f6:78:5d:d1:60:75:2a:77:5f:5f:1f:53:2a:6e:
ba:03:68:d5:0e:f7:d4:5c:3c:15:98:b0:8b:a0:e5:
b8:4c:96:2b:0c:19:f4:3a:fa:0e:0b:9a:01:1a:d0:
b3:45:5f:b9:f7:52:62:f2:20:d1:ab:cc:42:e0:59:
f0:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:E5:42:23:AF:6B:C2:51:4E:9B:EC:B2:33:95:E2:61:00:9C:D5:D1
X509v3 Authority Key Identifier:
keyid:40:D5:5B:78:83:6A:93:FB:6F:9E:C9:FA:7A:79:ED:9B:8B:EA:2B:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QNVbeINqk_tvnsn6enntm4vqK6E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c76d85-6864-4b37-bdb3-92e8be6279bb/1/lOVCI69rwlFOm-yyM5XiYQCc1dE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c76d85-6864-4b37-bdb3-92e8be6279bb/1/QNVbeINqk_tvnsn6enntm4vqK6E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.193.0-45.129.194.255
Signature Algorithm: sha256WithRSAEncryption
2d:b9:31:40:f5:c7:4c:d4:cd:0c:e2:6d:69:f1:1b:1d:26:4d:
6d:c2:61:69:c7:91:17:02:02:b1:5d:3d:d6:4c:c7:7d:6d:6d:
3c:7d:93:d5:68:18:51:d3:71:44:09:46:c0:0f:27:05:09:33:
f9:02:4f:dc:3a:c8:63:be:c7:71:dc:92:11:a9:24:01:17:d6:
cd:e5:77:35:87:cc:04:a4:21:55:eb:d0:46:78:e2:af:a1:85:
c4:e8:d9:3c:6a:14:00:8e:e4:47:0f:dc:ac:3f:53:31:bb:48:
e9:57:99:6d:1a:d3:ee:88:c9:ad:88:ff:01:0a:a9:ec:25:0b:
c3:58:4f:39:2a:41:ca:a7:f4:8f:a0:92:36:09:f5:09:04:ab:
9c:f3:55:95:65:bf:a2:e1:e1:66:61:b0:5c:49:83:3b:c8:2a:
78:d1:55:d4:b9:72:04:8f:fc:6c:73:48:25:9e:f5:e6:db:d2:
ba:18:de:18:df:4d:55:f8:78:a1:a5:a9:73:d9:d7:74:40:aa:
47:e3:55:1f:86:11:20:ea:f4:d5:ca:96:4a:44:c7:66:83:67:
2c:ac:56:66:6c:f1:80:ff:4f:0d:75:b4:5e:aa:39:83:cd:b0:
c4:4c:93:11:35:97:dc:ee:c2:d3:f2:ab:08:d1:17:b3:e8:c7:
9c:f5:91:e7
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEB2FHOjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MGQ1NWI3ODgzNmE5M2ZiNmY5ZWM5ZmE3YTc5ZWQ5YjhiZWEyYmExMB4XDTIyMDEw
MTA3NTkxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTRlNTQyMjNhZjZi
YzI1MTRlOWJlY2IyMzM5NWUyNjEwMDljZDVkMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMd6Q6aQooAmyL0MoGX4EUxFH+mvu6CkFLyGKF9rpG3BfhQ7
FEbLCOg1ssF6YL2oCBb6FMZ6ABLonmwuFisoLIRGiC362Fwq3OEkPz1lheRrFJQp
9hpZ43er3EfPRNZyAxUB7pEkNT8+d+hskU8XyvBVPGxz145tjhZFoaUiNel+flkf
Rlhjl7kAnN8nxKoIDMZoTy6xp4QxpJwUGMDYjavmAbrAy76clGRqIqB2u/7cTpZE
iogwhJBYNW6RTCFNplAJ1fZ4XdFgdSp3X18fUypuugNo1Q731Fw8FZiwi6DluEyW
KwwZ9Dr6DguaARrQs0VfufdSYvIg0avMQuBZ8NUCAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBSU5UIjr2vCUU6b7LIzleJhAJzV0TAfBgNVHSMEGDAWgBRA1Vt4g2qT+2+e
yfp6ee2bi+oroTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1FOVmJlSU5xa190dm5zbjZlbm50bTR2cUs2RS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGUvYzc2ZDg1LTY4NjQtNGIzNy1iZGIzLTkyZThiZTYyNzliYi8x
L2xPVkNJNjlyd2xGT20teXlNNVhpWVFDYzFkRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGUv
Yzc2ZDg1LTY4NjQtNGIzNy1iZGIzLTkyZThiZTYyNzliYi8xL1FOVmJlSU5xa190
dm5zbjZlbm50bTR2cUs2RS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQALYHBAwQALYHCMA0GCSqGSIb3
DQEBCwUAA4IBAQAtuTFA9cdM1M0M4m1p8RsdJk1twmFpx5EXAgKxXT3WTMd9bW08
fZPVaBhR03FECUbADycFCTP5Ak/cOshjvsdx3JIRqSQBF9bN5Xc1h8wEpCFV69BG
eOKvoYXE6Nk8ahQAjuRHD9ysP1Mxu0jpV5ltGtPuiMmtiP8BCqnsJQvDWE85KkHK
p/SPoJI2CfUJBKuc81WVZb+i4eFmYbBcSYM7yCp40VXUuXIEj/xsc0glnvXm29K6
GN4Y301V+Hihpalz2dd0QKpH41UfhhEg6vTVypZKRMdmg2csrFZmbPGA/08NdbRe
qjmDzbDETJMRNZfc7sLT8qsI0Rez6Mec9ZHn
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:00 2023 by rpki-client on console-fra.rpki-client.org