Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/66af07-3318-4f4a-89ff-40c5ebc6f736/1/XdPn5RfIHYhhoNRUO33tmj-yimM.roa
File: XdPn5RfIHYhhoNRUO33tmj-yimM.roa (raw, json)
Hash identifier: WFv5P1YUc9EZ6hhYSLjX4I+ETHIeT+6EfeGDyTlZWu0=
Subject key identifier: 5D:D3:E7:E5:17:C8:1D:88:61:A0:D4:54:3B:7D:ED:9A:3F:B2:8A:63
Certificate issuer: /CN=6d23ce7b0c10068fbc44c021943e339013f2aee0
Certificate serial: 088224C8
Authority key identifier: 6D:23:CE:7B:0C:10:06:8F:BC:44:C0:21:94:3E:33:90:13:F2:AE:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bSPOewwQBo-8RMAhlD4zkBPyruA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/66af07-3318-4f4a-89ff-40c5ebc6f736/1/XdPn5RfIHYhhoNRUO33tmj-yimM.roa
Signing time: Sat 01 Jan 2022 01:52:40 +0000
ROA not before: Sat 01 Jan 2022 01:52:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58291
IP address blocks: 45.11.28.0/22 maxlen: 24
2a0e:5700::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 142746824 (0x88224c8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d23ce7b0c10068fbc44c021943e339013f2aee0
Validity
Not Before: Jan 1 01:52:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5dd3e7e517c81d8861a0d4543b7ded9a3fb28a63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:7b:2b:3e:dc:20:35:40:e1:55:7e:40:38:ec:
6c:c9:74:52:77:17:69:ae:6e:2e:fa:49:bc:ff:73:
b0:1a:b2:c9:18:3f:c0:8b:9d:2f:8d:4d:47:a5:ca:
4e:3d:8d:bd:3e:c7:86:91:36:61:a9:03:ae:5e:04:
47:e5:63:34:70:3d:01:99:80:83:dd:e0:7b:f8:5f:
b9:92:0e:50:ae:49:5d:97:2a:02:4b:6c:7b:78:54:
1e:f2:95:bc:82:64:1d:e2:01:9d:f6:f6:e4:7f:46:
3c:ba:ce:92:c8:6e:54:3e:68:e5:d9:be:3f:35:ad:
6e:b2:f3:ad:35:95:c8:a3:2d:c7:5c:29:d9:fc:c0:
95:36:16:6e:29:3a:dc:ab:50:b1:dd:92:ec:50:f7:
a8:7c:67:cb:de:f5:05:54:3f:9d:c7:28:66:7e:10:
ab:62:6e:30:41:1a:ec:9e:e2:9d:09:31:dc:b2:6b:
be:5a:c8:ed:21:ca:a7:a2:0c:81:2d:6c:3e:bf:46:
a4:34:59:3c:19:0e:61:a1:03:5b:07:91:72:63:92:
cb:d9:a4:fc:ef:47:a3:44:da:c5:c7:f3:cc:b2:9a:
f2:3f:86:69:43:13:81:ff:08:f3:51:b5:a3:ee:42:
93:df:71:8e:1d:59:2c:2a:d3:9c:5b:18:aa:c5:88:
1d:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:D3:E7:E5:17:C8:1D:88:61:A0:D4:54:3B:7D:ED:9A:3F:B2:8A:63
X509v3 Authority Key Identifier:
keyid:6D:23:CE:7B:0C:10:06:8F:BC:44:C0:21:94:3E:33:90:13:F2:AE:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bSPOewwQBo-8RMAhlD4zkBPyruA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/66af07-3318-4f4a-89ff-40c5ebc6f736/1/XdPn5RfIHYhhoNRUO33tmj-yimM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/66af07-3318-4f4a-89ff-40c5ebc6f736/1/bSPOewwQBo-8RMAhlD4zkBPyruA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.28.0/22
IPv6:
2a0e:5700::/32
Signature Algorithm: sha256WithRSAEncryption
a3:f5:a5:6d:1f:0c:3c:6a:92:5b:ea:ae:40:a7:11:d6:22:85:
27:de:83:65:7b:e6:4e:4a:2b:17:9a:46:88:42:7c:75:cc:d9:
97:cc:19:f4:c6:d3:ab:5d:12:c3:65:e0:bf:19:f7:89:27:2a:
4e:3c:0d:af:ba:69:8b:bc:be:11:fd:3e:54:e6:ee:e3:d4:d5:
8b:45:13:6f:5c:9c:17:e3:59:52:5f:96:56:71:43:59:fc:d7:
0b:82:ba:30:de:e2:ee:54:fc:2c:70:ef:12:66:c8:0a:dd:50:
32:6e:84:70:d5:66:f7:3a:17:0b:3e:96:bc:0b:4c:e0:a9:30:
38:2c:ad:0b:51:79:54:26:d7:02:07:96:59:89:d1:d2:31:36:
3d:1b:32:21:07:a1:cf:c2:fb:2d:06:97:5f:4d:19:68:a1:2c:
a4:7f:4b:9f:2f:0c:4c:23:4b:c3:e8:3e:2b:75:d2:6a:86:45:
84:c4:ec:6a:fa:9c:4a:e0:50:85:67:d1:9a:72:4e:b4:03:13:
5a:ce:83:97:7c:fd:cc:24:c9:0d:65:37:e5:0a:0b:c7:e7:c9:
2c:39:5c:73:01:9a:a5:93:01:e9:2d:dd:68:77:03:3e:2c:13:
ed:53:f3:23:94:bb:29:84:3b:9a:eb:24:20:2e:95:06:ac:f3:
2d:1c:cf:82
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIECIIkyDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
ZDIzY2U3YjBjMTAwNjhmYmM0NGMwMjE5NDNlMzM5MDEzZjJhZWUwMB4XDTIyMDEw
MTAxNTI0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWRkM2U3ZTUxN2M4
MWQ4ODYxYTBkNDU0M2I3ZGVkOWEzZmIyOGE2MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN97Kz7cIDVA4VV+QDjsbMl0UncXaa5uLvpJvP9zsBqyyRg/
wIudL41NR6XKTj2NvT7HhpE2YakDrl4ER+VjNHA9AZmAg93ge/hfuZIOUK5JXZcq
Aktse3hUHvKVvIJkHeIBnfb25H9GPLrOkshuVD5o5dm+PzWtbrLzrTWVyKMtx1wp
2fzAlTYWbik63KtQsd2S7FD3qHxny971BVQ/nccoZn4Qq2JuMEEa7J7inQkx3LJr
vlrI7SHKp6IMgS1sPr9GpDRZPBkOYaEDWweRcmOSy9mk/O9Ho0TaxcfzzLKa8j+G
aUMTgf8I81G1o+5Ck99xjh1ZLCrTnFsYqsWIHWUCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBRd0+flF8gdiGGg1FQ7fe2aP7KKYzAfBgNVHSMEGDAWgBRtI857DBAGj7xE
wCGUPjOQE/Ku4DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JTUE9ld3dRQm8tOFJNQWhsRDR6a0JQeXJ1QS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTMvNjZhZjA3LTMzMTgtNGY0YS04OWZmLTQwYzVlYmM2ZjczNi8x
L1hkUG41UmZJSFloaG9OUlVPMzN0bWoteWltTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTMv
NjZhZjA3LTMzMTgtNGY0YS04OWZmLTQwYzVlYmM2ZjczNi8xL2JTUE9ld3dRQm8t
OFJNQWhsRDR6a0JQeXJ1QS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAi0LHDANBAIAAjAHAwUAKg5XADAN
BgkqhkiG9w0BAQsFAAOCAQEAo/WlbR8MPGqSW+quQKcR1iKFJ96DZXvmTkorF5pG
iEJ8dczZl8wZ9MbTq10Sw2Xgvxn3iScqTjwNr7ppi7y+Ef0+VObu49TVi0UTb1yc
F+NZUl+WVnFDWfzXC4K6MN7i7lT8LHDvEmbICt1QMm6EcNVm9zoXCz6WvAtM4Kkw
OCytC1F5VCbXAgeWWYnR0jE2PRsyIQehz8L7LQaXX00ZaKEspH9Lny8MTCNLw+g+
K3XSaoZFhMTsavqcSuBQhWfRmnJOtAMTWs6Dl3z9zCTJDWU35QoLx+fJLDlccwGa
pZMB6S3daHcDPiwT7VPzI5S7KYQ7muskIC6VBqzzLRzPgg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:56 2024 by rpki-client on console-ams.rpki-client.org