Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/bef6e8-8873-4529-8e72-238c6d8a4c17/1/1bZFNscQ5M06I8JmUYNlumFbI3U.roa
File: 1bZFNscQ5M06I8JmUYNlumFbI3U.roa (raw, json)
Hash identifier: McUuXOkf6aMfvOMlaloDQCuxKJF83+EtuXMNTGVFQ5g=
Subject key identifier: D5:B6:45:36:C7:10:E4:CD:3A:23:C2:66:51:83:65:BA:61:5B:23:75
Certificate issuer: /CN=a487782e3f70c5cd27b32f5274d0e5bc62e95caf
Certificate serial: 022C3228
Authority key identifier: A4:87:78:2E:3F:70:C5:CD:27:B3:2F:52:74:D0:E5:BC:62:E9:5C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pId4Lj9wxc0nsy9SdNDlvGLpXK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/bef6e8-8873-4529-8e72-238c6d8a4c17/1/1bZFNscQ5M06I8JmUYNlumFbI3U.roa
Signing time: Fri 01 Apr 2022 14:03:46 +0000
ROA not before: Fri 01 Apr 2022 14:03:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209164
IP address blocks: 45.132.52.0/22 maxlen: 24
2a11:ab00::/32 maxlen: 44
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 36450856 (0x22c3228)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a487782e3f70c5cd27b32f5274d0e5bc62e95caf
Validity
Not Before: Apr 1 14:03:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d5b64536c710e4cd3a23c266518365ba615b2375
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:22:25:c2:64:db:a2:2e:11:64:7d:31:db:b0:
cf:c0:f6:62:17:28:a7:b6:41:8c:9f:24:a4:36:86:
53:0d:bd:9d:eb:ee:3e:b1:70:f7:60:d3:10:8f:74:
63:af:90:73:6a:e6:4f:7a:16:55:59:04:84:da:3a:
58:11:7d:18:83:56:04:6f:42:af:e3:aa:00:71:29:
ef:f3:86:b0:e4:95:e8:db:19:57:cf:df:8d:90:9c:
de:61:7d:06:52:01:f7:fd:89:a6:ab:71:e7:c9:8b:
42:ef:c2:8b:6f:8a:d4:42:57:c0:52:20:ce:b0:c6:
a7:b9:32:6e:c7:af:f9:ac:be:13:94:d2:ac:51:e1:
f8:67:0d:25:96:98:a1:be:16:6d:51:e4:54:c5:24:
78:74:51:28:6b:c2:ca:f0:6a:fd:be:1e:4b:49:eb:
4b:c8:c8:93:35:1a:ca:78:9b:d3:c5:e3:73:da:e7:
2d:f8:c7:04:ff:40:8c:69:5e:55:d9:a2:09:e7:d8:
76:ae:aa:f7:c0:ad:82:ce:8e:5e:d1:48:c5:ff:f2:
0d:c7:21:91:09:df:42:a8:4f:90:a9:ef:d3:da:a8:
d8:50:7b:32:60:f5:61:82:25:a6:fb:d9:7e:67:bd:
fd:55:bf:cb:bf:7f:19:5e:7b:e0:00:20:e8:04:51:
5d:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:B6:45:36:C7:10:E4:CD:3A:23:C2:66:51:83:65:BA:61:5B:23:75
X509v3 Authority Key Identifier:
keyid:A4:87:78:2E:3F:70:C5:CD:27:B3:2F:52:74:D0:E5:BC:62:E9:5C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pId4Lj9wxc0nsy9SdNDlvGLpXK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/bef6e8-8873-4529-8e72-238c6d8a4c17/1/1bZFNscQ5M06I8JmUYNlumFbI3U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/bef6e8-8873-4529-8e72-238c6d8a4c17/1/pId4Lj9wxc0nsy9SdNDlvGLpXK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.52.0/22
IPv6:
2a11:ab00::/32
Signature Algorithm: sha256WithRSAEncryption
64:f7:0c:95:29:3e:3a:bd:a0:94:7d:b0:f6:61:36:b6:77:25:
de:09:cd:31:86:e2:0b:e2:3a:58:61:b8:bf:8f:83:51:1e:29:
b0:54:3e:b4:7f:ed:33:e4:fc:c9:68:d7:e0:98:18:9f:2c:17:
cd:26:37:05:80:1a:59:a2:83:d9:2e:8a:c7:53:df:7f:1c:1a:
0a:28:74:fc:e0:eb:d0:48:63:94:43:d3:0f:ac:c9:99:e3:cf:
2f:07:9b:80:e9:85:a1:8b:da:ac:4d:a9:ef:0b:b0:f6:14:d1:
33:ec:2f:ba:1d:07:a8:6d:65:67:72:d5:8d:ef:69:62:fa:4e:
ca:33:ad:1d:52:9e:a3:d1:43:25:41:0e:35:5f:99:e6:6d:c2:
52:6f:e7:5a:af:2f:13:88:b6:d5:6f:d4:ac:1d:2d:e1:8d:f0:
99:41:59:33:f8:1a:be:05:84:ce:69:f5:67:be:4b:a9:df:fb:
e6:26:d3:d3:c6:66:26:b2:74:4f:b2:03:ff:93:0b:61:b4:2a:
15:7d:d4:e3:4f:90:64:4e:5b:fa:9b:c4:8a:c8:44:b8:8a:61:
48:5e:37:06:bf:69:b0:ea:01:c8:cb:13:dc:25:19:1b:c5:5a:
13:d6:ae:fe:ad:c3:34:31:a1:53:83:4e:d0:5d:45:e0:ec:be:
ba:3a:9f:20
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEAiwyKDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
NDg3NzgyZTNmNzBjNWNkMjdiMzJmNTI3NGQwZTViYzYyZTk1Y2FmMB4XDTIyMDQw
MTE0MDM0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDViNjQ1MzZjNzEw
ZTRjZDNhMjNjMjY2NTE4MzY1YmE2MTViMjM3NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAO4iJcJk26IuEWR9Mduwz8D2Yhcop7ZBjJ8kpDaGUw29nevu
PrFw92DTEI90Y6+Qc2rmT3oWVVkEhNo6WBF9GINWBG9Cr+OqAHEp7/OGsOSV6NsZ
V8/fjZCc3mF9BlIB9/2Jpqtx58mLQu/Ci2+K1EJXwFIgzrDGp7kybsev+ay+E5TS
rFHh+GcNJZaYob4WbVHkVMUkeHRRKGvCyvBq/b4eS0nrS8jIkzUaynib08Xjc9rn
LfjHBP9AjGleVdmiCefYdq6q98Ctgs6OXtFIxf/yDcchkQnfQqhPkKnv09qo2FB7
MmD1YYIlpvvZfme9/VW/y79/GV574AAg6ARRXdUCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBTVtkU2xxDkzTojwmZRg2W6YVsjdTAfBgNVHSMEGDAWgBSkh3guP3DFzSez
L1J00OW8YulcrzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3BJZDRMajl3eGMwbnN5OVNkTkRsdkdMcFhLOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGYvYmVmNmU4LTg4NzMtNDUyOS04ZTcyLTIzOGM2ZDhhNGMxNy8x
LzFiWkZOc2NRNU0wNkk4Sm1VWU5sdW1GYkkzVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGYv
YmVmNmU4LTg4NzMtNDUyOS04ZTcyLTIzOGM2ZDhhNGMxNy8xL3BJZDRMajl3eGMw
bnN5OVNkTkRsdkdMcFhLOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAi2ENDANBAIAAjAHAwUAKhGrADAN
BgkqhkiG9w0BAQsFAAOCAQEAZPcMlSk+Or2glH2w9mE2tncl3gnNMYbiC+I6WGG4
v4+DUR4psFQ+tH/tM+T8yWjX4JgYnywXzSY3BYAaWaKD2S6Kx1PffxwaCih0/ODr
0EhjlEPTD6zJmePPLwebgOmFoYvarE2p7wuw9hTRM+wvuh0HqG1lZ3LVje9pYvpO
yjOtHVKeo9FDJUEONV+Z5m3CUm/nWq8vE4i21W/UrB0t4Y3wmUFZM/gavgWEzmn1
Z75Lqd/75ibT08ZmJrJ0T7ID/5MLYbQqFX3U40+QZE5b+pvEishEuIphSF43Br9p
sOoByMsT3CUZG8VaE9au/q3DNDGhU4NO0F1F4Oy+ujqfIA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:28 2024 by rpki-client on console-ams.rpki-client.org