Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/nKP8T-Biau32jymbxpljqfHS8ok.roa
File: nKP8T-Biau32jymbxpljqfHS8ok.roa (raw, json)
Hash identifier: iZfb5WSFiHuuXlnHhvtdrzxJzlk3Sb7kElJl4u798Ms=
Subject key identifier: 9C:A3:FC:4F:E0:62:6A:ED:F6:8F:29:9B:C6:99:63:A9:F1:D2:F2:89
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0183F001CBACED1A9948B774A11BB4F8F1FE
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/nKP8T-Biau32jymbxpljqfHS8ok.roa
Signing time: Wed 19 Oct 2022 11:29:52 +0000
ROA not before: Wed 19 Oct 2022 11:29:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210732
IP address blocks: 45.148.117.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:f0:01:cb:ac:ed:1a:99:48:b7:74:a1:1b:b4:f8:f1:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Oct 19 11:29:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9ca3fc4fe0626aedf68f299bc69963a9f1d2f289
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:bb:54:ae:b6:24:90:93:bb:d5:7b:db:1f:0b:
65:60:c0:db:93:a7:18:8c:82:5e:cd:eb:55:ca:df:
2f:08:67:b8:b3:e9:27:87:1d:4f:2b:b3:ca:04:28:
88:c0:d9:01:0e:4c:06:7b:06:d6:dd:72:32:5a:79:
23:57:4b:7a:87:04:d4:1a:c6:9a:50:d3:02:70:9d:
7b:d9:c0:bb:d2:e2:80:49:61:69:52:d5:bd:cc:f9:
83:ad:2d:3e:d6:03:62:18:b0:d4:29:84:27:92:bf:
f0:02:72:fa:f6:c0:59:23:36:72:31:83:94:88:e9:
00:96:39:48:e0:c4:32:99:c1:55:80:7a:a1:9e:e1:
45:9f:62:15:9d:c4:36:92:29:ff:64:36:8e:e7:f8:
85:0a:59:23:31:ce:95:68:ca:c2:a8:85:ed:28:8d:
df:58:c6:1f:01:33:5b:c4:5f:a3:cf:be:0b:1d:81:
ed:53:27:5b:ee:fd:21:94:00:00:09:92:70:14:99:
e0:c6:a4:29:48:16:b6:02:c0:3b:0a:ce:10:68:33:
4c:d0:bc:cf:c9:ed:73:26:4d:e7:2f:15:2f:b6:db:
31:e9:35:fc:61:8b:1f:7a:1f:41:f3:13:e6:f9:f8:
03:35:85:2d:ec:0a:dd:94:8b:a3:19:ef:45:d5:e0:
dd:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:A3:FC:4F:E0:62:6A:ED:F6:8F:29:9B:C6:99:63:A9:F1:D2:F2:89
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/nKP8T-Biau32jymbxpljqfHS8ok.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.148.117.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:0d:b0:19:5e:a9:08:70:f6:bf:4a:69:25:a7:11:cd:9d:21:
1a:3d:74:03:d2:b8:4e:d1:a9:9c:4e:57:8e:cd:3f:78:17:68:
6f:e5:f0:59:28:0a:c2:c3:0e:f8:9c:6b:c3:aa:33:11:13:37:
b0:10:e9:bc:b3:58:be:dd:58:89:a8:81:bb:0b:a2:55:7e:04:
61:07:e8:d3:0b:f2:7b:ac:61:6c:b6:62:49:d8:a2:1f:05:ed:
40:de:2f:c2:0b:4e:32:27:c9:ad:12:8c:1b:63:63:0e:cb:18:
10:5e:73:92:52:0a:8e:8e:8a:28:7e:0e:10:e8:7a:e4:78:4e:
9d:2c:82:8e:aa:6a:71:b5:41:11:7c:c5:82:e4:ef:6b:49:45:
a5:13:87:87:51:10:bf:fa:d7:ae:1d:83:a0:6f:5c:9f:87:d4:
41:fd:7e:ee:72:dc:56:8a:39:ed:5f:cd:2e:f7:c4:ac:73:60:
f2:69:64:64:29:af:93:e4:38:90:7e:98:eb:6c:8e:27:c3:45:
3e:73:56:ea:84:48:82:d3:63:f6:fd:20:20:66:64:aa:e5:76:
05:3e:1c:e4:6f:3a:ac:a2:e3:01:b2:f6:28:42:ae:69:44:24:
83:47:aa:82:82:16:6d:75:b6:a4:23:48:9e:25:d9:b7:77:38:
87:bc:13:f9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYPwAcus7RqZSLd0oRu0+PH+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMDE5MTEyOTUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2EzZmM0ZmUwNjI2YWVkZjY4ZjI5OWJjNjk5NjNhOWYxZDJmMjg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg7tUrrYkkJO71XvbHwtlYMDbk6cY
jIJezetVyt8vCGe4s+knhx1PK7PKBCiIwNkBDkwGewbW3XIyWnkjV0t6hwTUGsaa
UNMCcJ172cC70uKASWFpUtW9zPmDrS0+1gNiGLDUKYQnkr/wAnL69sBZIzZyMYOU
iOkAljlI4MQymcFVgHqhnuFFn2IVncQ2kin/ZDaO5/iFClkjMc6VaMrCqIXtKI3f
WMYfATNbxF+jz74LHYHtUydb7v0hlAAACZJwFJngxqQpSBa2AsA7Cs4QaDNM0LzP
ye1zJk3nLxUvttsx6TX8YYsfeh9B8xPm+fgDNYUt7ArdlIujGe9F1eDdTQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJyj/E/gYmrt9o8pm8aZY6nx0vKJMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvbktQOFQtQmlhdTMyanltYnhwbGpxZkhTOG9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZR1MA0G
CSqGSIb3DQEBCwUAA4IBAQBaDbAZXqkIcPa/SmklpxHNnSEaPXQD0rhO0amcTleO
zT94F2hv5fBZKArCww74nGvDqjMREzewEOm8s1i+3ViJqIG7C6JVfgRhB+jTC/J7
rGFstmJJ2KIfBe1A3i/CC04yJ8mtEowbY2MOyxgQXnOSUgqOjooofg4Q6HrkeE6d
LIKOqmpxtUERfMWC5O9rSUWlE4eHURC/+teuHYOgb1yfh9RB/X7uctxWijntX80u
98Ssc2DyaWRkKa+T5DiQfpjrbI4nw0U+c1bqhEiC02P2/SAgZmSq5XYFPhzkbzqs
ouMBsvYoQq5pRCSDR6qCghZtdbakI0ieJdm3dziHvBP5
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:03 2023 by rpki-client on console-ams.rpki-client.org