Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/acfcb6-d78a-448a-a761-dd3b4f8381c4/1/xwjSpXYicXnxEdE0Fr_SjDqNthA.roa
File: xwjSpXYicXnxEdE0Fr_SjDqNthA.roa (raw, json)
Hash identifier: 8N99Qwhuz3GOwM7I6S8vVIp2YizD1yRcQc8G4GKvXho=
Subject key identifier: C7:08:D2:A5:76:22:71:79:F1:11:D1:34:16:BF:D2:8C:3A:8D:B6:10
Certificate issuer: /CN=509df728d1b46634054972d2945fda58073b5762
Certificate serial: 097FD77E
Authority key identifier: 50:9D:F7:28:D1:B4:66:34:05:49:72:D2:94:5F:DA:58:07:3B:57:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UJ33KNG0ZjQFSXLSlF_aWAc7V2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/acfcb6-d78a-448a-a761-dd3b4f8381c4/1/xwjSpXYicXnxEdE0Fr_SjDqNthA.roa
Signing time: Fri 01 Apr 2022 10:15:50 +0000
ROA not before: Fri 01 Apr 2022 10:15:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208972
IP address blocks: 45.12.55.0/24 maxlen: 24
45.12.54.0/24 maxlen: 24
2a0a:4940::/30 maxlen: 30
2a0a:4944::/30 maxlen: 30
2a0a:4940::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 159373182 (0x97fd77e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=509df728d1b46634054972d2945fda58073b5762
Validity
Not Before: Apr 1 10:15:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c708d2a576227179f111d13416bfd28c3a8db610
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:46:ba:8c:d6:d4:02:8a:b8:96:95:7f:89:5c:
40:5c:f5:ba:89:63:18:2d:1f:31:3d:ba:0c:d7:4b:
74:7a:54:06:47:85:2e:06:31:ab:fa:42:af:79:e0:
27:95:7c:f7:27:ad:bd:3d:32:e7:64:30:7b:12:e4:
63:7c:18:f4:a9:6d:fc:55:3e:61:82:97:4d:de:72:
84:c8:51:bb:ff:ec:21:31:88:91:8d:53:66:7c:95:
e1:79:3b:ff:a1:19:91:0b:c2:16:7f:31:14:f5:f1:
59:72:aa:48:1b:d6:1c:ab:69:0d:cb:9a:a9:87:c4:
e7:dd:96:53:88:96:c9:f1:11:af:da:03:01:31:fb:
d3:e1:1f:f5:3a:5a:2e:4b:9a:56:73:0d:e1:ad:50:
19:67:d1:dc:8e:30:19:1b:89:d8:4a:0d:68:6a:1e:
dc:65:ee:46:20:9f:aa:d3:b9:20:ad:14:86:2f:90:
59:1c:d0:f4:e4:29:7c:ac:61:2f:8a:fe:93:a2:28:
41:ce:e2:82:31:ff:9f:7e:4f:9f:bf:ad:5e:ae:2d:
03:27:cc:36:ae:5a:27:2f:6a:6c:33:08:2d:e0:73:
d4:96:6a:ad:e4:47:e3:d8:50:95:1e:81:bc:de:6d:
27:f7:7a:82:05:86:86:6a:71:1e:28:17:82:16:a5:
d6:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:08:D2:A5:76:22:71:79:F1:11:D1:34:16:BF:D2:8C:3A:8D:B6:10
X509v3 Authority Key Identifier:
keyid:50:9D:F7:28:D1:B4:66:34:05:49:72:D2:94:5F:DA:58:07:3B:57:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UJ33KNG0ZjQFSXLSlF_aWAc7V2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/acfcb6-d78a-448a-a761-dd3b4f8381c4/1/xwjSpXYicXnxEdE0Fr_SjDqNthA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/acfcb6-d78a-448a-a761-dd3b4f8381c4/1/UJ33KNG0ZjQFSXLSlF_aWAc7V2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.54.0/23
IPv6:
2a0a:4940::/29
Signature Algorithm: sha256WithRSAEncryption
b9:1b:44:df:23:64:f8:60:e8:85:60:fb:21:23:fa:c3:de:13:
4e:6e:8a:88:17:6b:d5:b0:d7:07:97:3c:4c:ee:24:b6:36:4f:
a4:51:6e:7e:ad:d2:41:7c:ff:f5:82:ed:ca:2a:c0:b6:01:6b:
d6:99:92:25:52:20:de:77:eb:6a:56:e2:97:6e:4c:2b:42:c1:
f0:14:34:77:7e:cd:ad:2a:52:c6:b3:8c:f2:7e:79:f2:e1:a1:
3b:a7:03:c8:0c:7a:fc:01:14:3b:a1:58:91:da:1a:92:4e:18:
fb:33:eb:71:f7:89:83:73:28:91:80:d3:b6:f9:3f:75:c6:cd:
2e:73:88:83:d5:6d:62:44:32:37:6f:d1:d2:c9:cd:c6:c9:44:
34:68:32:12:99:36:62:f4:c4:8d:2e:69:f6:94:5b:68:e0:01:
18:01:52:b5:50:80:1c:62:a4:0e:7f:be:13:57:9e:a3:35:9c:
a4:ef:6d:d4:76:50:97:49:2e:80:76:cc:83:35:1d:9d:c2:d7:
ee:3e:3e:4d:34:7a:08:e6:9d:35:8a:94:60:5e:b9:4f:52:0f:
a3:a0:db:b1:0d:35:4b:d9:24:37:53:e3:3b:93:1d:d6:3f:04:
2a:3c:ee:7d:b1:b7:2d:4f:db:ea:36:4e:97:3a:b1:0a:71:2d:
19:61:a2:29
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIECX/XfjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
MDlkZjcyOGQxYjQ2NjM0MDU0OTcyZDI5NDVmZGE1ODA3M2I1NzYyMB4XDTIyMDQw
MTEwMTU1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzcwOGQyYTU3NjIy
NzE3OWYxMTFkMTM0MTZiZmQyOGMzYThkYjYxMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALFGuozW1AKKuJaVf4lcQFz1uoljGC0fMT26DNdLdHpUBkeF
LgYxq/pCr3ngJ5V89yetvT0y52QwexLkY3wY9Klt/FU+YYKXTd5yhMhRu//sITGI
kY1TZnyV4Xk7/6EZkQvCFn8xFPXxWXKqSBvWHKtpDcuaqYfE592WU4iWyfERr9oD
ATH70+Ef9TpaLkuaVnMN4a1QGWfR3I4wGRuJ2EoNaGoe3GXuRiCfqtO5IK0Uhi+Q
WRzQ9OQpfKxhL4r+k6IoQc7igjH/n35Pn7+tXq4tAyfMNq5aJy9qbDMILeBz1JZq
reRH49hQlR6BvN5tJ/d6ggWGhmpxHigXghal1q0CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBTHCNKldiJxefER0TQWv9KMOo22EDAfBgNVHSMEGDAWgBRQnfco0bRmNAVJ
ctKUX9pYBztXYjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1VKMzNLTkcwWmpRRlNYTFNsRl9hV0FjN1YySS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTQvYWNmY2I2LWQ3OGEtNDQ4YS1hNzYxLWRkM2I0ZjgzODFjNC8x
L3h3alNwWFlpY1hueEVkRTBGcl9TakRxTnRoQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTQv
YWNmY2I2LWQ3OGEtNDQ4YS1hNzYxLWRkM2I0ZjgzODFjNC8xL1VKMzNLTkcwWmpR
RlNYTFNsRl9hV0FjN1YySS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAS0MNjANBAIAAjAHAwUDKgpJQDAN
BgkqhkiG9w0BAQsFAAOCAQEAuRtE3yNk+GDohWD7ISP6w94TTm6KiBdr1bDXB5c8
TO4ktjZPpFFufq3SQXz/9YLtyirAtgFr1pmSJVIg3nfralbil25MK0LB8BQ0d37N
rSpSxrOM8n558uGhO6cDyAx6/AEUO6FYkdoakk4Y+zPrcfeJg3MokYDTtvk/dcbN
LnOIg9VtYkQyN2/R0snNxslENGgyEpk2YvTEjS5p9pRbaOABGAFStVCAHGKkDn++
E1eeozWcpO9t1HZQl0kugHbMgzUdncLX7j4+TTR6COadNYqUYF65T1IPo6DbsQ01
S9kkN1PjO5Md1j8EKjzufbG3LU/b6jZOlzqxCnEtGWGiKQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:04 2024 by rpki-client on console-fra.rpki-client.org