Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/0f50bb-1fe1-4c83-8c88-e35d2d5f00f8/1/jKGvfpgmH2YifC7sgEkFIbYgxdM.roa
File: jKGvfpgmH2YifC7sgEkFIbYgxdM.roa (raw, json)
Hash identifier: edIH+vN77YyrETR5hMC/eb5MeV04qUzjI0FgbKMOHUY=
Subject key identifier: 8C:A1:AF:7E:98:26:1F:66:22:7C:2E:EC:80:49:05:21:B6:20:C5:D3
Certificate issuer: /CN=d98ac0b1066d0defcb1695643dcbaa0739975ca8
Certificate serial: 0345043B
Authority key identifier: D9:8A:C0:B1:06:6D:0D:EF:CB:16:95:64:3D:CB:AA:07:39:97:5C:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2YrAsQZtDe_LFpVkPcuqBzmXXKg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/0f50bb-1fe1-4c83-8c88-e35d2d5f00f8/1/jKGvfpgmH2YifC7sgEkFIbYgxdM.roa
Signing time: Sat 01 Jan 2022 10:01:40 +0000
ROA not before: Sat 01 Jan 2022 10:01:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210129
IP address blocks: 45.137.232.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 54854715 (0x345043b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d98ac0b1066d0defcb1695643dcbaa0739975ca8
Validity
Not Before: Jan 1 10:01:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8ca1af7e98261f66227c2eec80490521b620c5d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:67:b2:78:0d:21:81:6b:51:a6:8d:9b:11:82:
9f:d1:3d:1f:13:6e:fc:65:b0:8a:5b:a9:09:40:1d:
2a:b1:5d:32:3e:36:aa:b7:d6:3d:41:33:ba:53:9a:
5a:99:33:ea:72:da:f0:ec:71:a9:f8:67:ad:9d:94:
f2:56:82:91:d3:45:6d:86:6d:79:bb:c6:0e:fe:c0:
f1:07:68:24:f7:61:3d:06:99:db:03:6b:04:6d:86:
8e:43:6a:7a:42:4f:b4:9f:b8:cf:a5:d9:5b:60:4e:
ae:51:fa:d5:4c:c4:dd:66:2e:97:13:2c:15:0f:b6:
77:94:ba:3a:2c:77:d2:b3:aa:02:11:d3:f4:d3:09:
d8:3f:96:0e:5d:bf:c9:40:97:4f:0c:e7:15:da:0d:
aa:fd:85:3d:3b:1c:d3:26:d7:24:46:f2:0b:75:7e:
e9:73:b3:36:6e:29:83:4a:cb:db:dd:22:e3:ef:55:
1a:4a:c4:a4:35:51:d9:d9:04:de:e9:48:89:2c:00:
7d:e1:2c:91:dd:e4:26:e7:4b:06:97:e1:5f:92:61:
cd:ac:09:c2:0c:a9:31:79:19:9d:1b:c9:15:2d:bd:
af:ab:dc:62:1e:f3:a5:a9:9d:67:9a:be:cd:aa:0e:
60:eb:f3:17:db:40:98:43:5f:c7:7c:dc:03:37:40:
db:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:A1:AF:7E:98:26:1F:66:22:7C:2E:EC:80:49:05:21:B6:20:C5:D3
X509v3 Authority Key Identifier:
keyid:D9:8A:C0:B1:06:6D:0D:EF:CB:16:95:64:3D:CB:AA:07:39:97:5C:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2YrAsQZtDe_LFpVkPcuqBzmXXKg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/0f50bb-1fe1-4c83-8c88-e35d2d5f00f8/1/jKGvfpgmH2YifC7sgEkFIbYgxdM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/0f50bb-1fe1-4c83-8c88-e35d2d5f00f8/1/2YrAsQZtDe_LFpVkPcuqBzmXXKg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.232.0/22
Signature Algorithm: sha256WithRSAEncryption
03:9e:fb:92:89:a9:70:ae:4a:d8:8d:e2:08:80:7f:ef:01:24:
5e:55:24:21:ec:05:3c:fe:ac:b0:13:80:29:9f:a4:4f:bb:c6:
a2:00:10:e8:ae:05:39:57:d5:92:af:a0:de:b8:50:f6:0c:8d:
2a:a8:ba:c3:8a:70:6e:24:76:09:b9:e5:98:93:c1:60:f4:7a:
ce:f5:dc:f9:d9:c4:58:c6:79:ae:be:7a:a9:4e:e2:5a:64:27:
44:a6:1e:8c:13:63:93:56:55:d6:7f:ca:0b:58:1f:64:e8:d1:
df:89:83:da:ea:9b:38:b5:28:0f:17:27:13:cf:58:bb:51:27:
cf:14:4d:96:ca:1f:34:30:31:e5:bd:45:2e:c2:d0:92:12:1f:
aa:73:51:b6:3e:dd:6b:31:4f:48:d0:5a:5c:ce:35:53:71:6a:
f9:89:7c:e2:26:f4:63:87:c2:19:4a:77:ee:d1:f2:b7:c8:33:
3b:46:7d:c5:d6:33:9e:c7:a2:00:ab:a1:87:95:91:b3:f0:d8:
bb:6e:66:7c:63:ef:4f:8a:bb:76:a5:99:7c:e1:35:c7:26:ac:
1e:73:2a:b7:8e:27:ba:fc:df:72:1f:93:43:af:48:72:5b:1e:
f1:2a:82:eb:ed:89:ac:3c:9d:40:02:eb:be:f0:fa:8c:f2:17:
0c:5f:87:05
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA0UEOzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
OThhYzBiMTA2NmQwZGVmY2IxNjk1NjQzZGNiYWEwNzM5OTc1Y2E4MB4XDTIyMDEw
MTEwMDE0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGNhMWFmN2U5ODI2
MWY2NjIyN2MyZWVjODA0OTA1MjFiNjIwYzVkMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALxnsngNIYFrUaaNmxGCn9E9HxNu/GWwilupCUAdKrFdMj42
qrfWPUEzulOaWpkz6nLa8OxxqfhnrZ2U8laCkdNFbYZtebvGDv7A8QdoJPdhPQaZ
2wNrBG2GjkNqekJPtJ+4z6XZW2BOrlH61UzE3WYulxMsFQ+2d5S6Oix30rOqAhHT
9NMJ2D+WDl2/yUCXTwznFdoNqv2FPTsc0ybXJEbyC3V+6XOzNm4pg0rL290i4+9V
GkrEpDVR2dkE3ulIiSwAfeEskd3kJudLBpfhX5JhzawJwgypMXkZnRvJFS29r6vc
Yh7zpamdZ5q+zaoOYOvzF9tAmENfx3zcAzdA2/0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSMoa9+mCYfZiJ8LuyASQUhtiDF0zAfBgNVHSMEGDAWgBTZisCxBm0N78sW
lWQ9y6oHOZdcqDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJZckFzUVp0RGVfTEZwVmtQY3VxQnptWFhLZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWUvMGY1MGJiLTFmZTEtNGM4My04Yzg4LWUzNWQyZDVmMDBmOC8x
L2pLR3ZmcGdtSDJZaWZDN3NnRWtGSWJZZ3hkTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWUv
MGY1MGJiLTFmZTEtNGM4My04Yzg4LWUzNWQyZDVmMDBmOC8xLzJZckFzUVp0RGVf
TEZwVmtQY3VxQnptWFhLZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi2J6DANBgkqhkiG9w0BAQsFAAOC
AQEAA577kompcK5K2I3iCIB/7wEkXlUkIewFPP6ssBOAKZ+kT7vGogAQ6K4FOVfV
kq+g3rhQ9gyNKqi6w4pwbiR2CbnlmJPBYPR6zvXc+dnEWMZ5rr56qU7iWmQnRKYe
jBNjk1ZV1n/KC1gfZOjR34mD2uqbOLUoDxcnE89Yu1EnzxRNlsofNDAx5b1FLsLQ
khIfqnNRtj7dazFPSNBaXM41U3Fq+Yl84ib0Y4fCGUp37tHyt8gzO0Z9xdYznsei
AKuhh5WRs/DYu25mfGPvT4q7dqWZfOE1xyasHnMqt44nuvzfch+TQ69Iclse8SqC
6+2JrDydQALrvvD6jPIXDF+HBQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:06 2023 by rpki-client on console-fra.rpki-client.org