Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/3cb9d2-70ff-46d6-9c73-57586156354e/1/fnrOKZ3lTVSxca8N2T-B3D_MRzY.roa
File: fnrOKZ3lTVSxca8N2T-B3D_MRzY.roa (raw, json)
Hash identifier: hDZZ5WP/Zn1Dzsqhi+d9kcV9i9yL6LY9nK6+TZTB8B0=
Subject key identifier: 7E:7A:CE:29:9D:E5:4D:54:B1:71:AF:0D:D9:3F:81:DC:3F:CC:47:36
Certificate issuer: /CN=f261df44b346823cce8c6643b5fa6919afb23195
Certificate serial: 0181F27FCA0F286F28B0E131B0F1A4AFC0FB
Authority key identifier: F2:61:DF:44:B3:46:82:3C:CE:8C:66:43:B5:FA:69:19:AF:B2:31:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8mHfRLNGgjzOjGZDtfppGa-yMZU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/3cb9d2-70ff-46d6-9c73-57586156354e/1/fnrOKZ3lTVSxca8N2T-B3D_MRzY.roa
Signing time: Tue 12 Jul 2022 13:01:09 +0000
ROA not before: Tue 12 Jul 2022 13:01:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 30848
IP address blocks: 45.143.183.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:f2:7f:ca:0f:28:6f:28:b0:e1:31:b0:f1:a4:af:c0:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f261df44b346823cce8c6643b5fa6919afb23195
Validity
Not Before: Jul 12 13:01:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7e7ace299de54d54b171af0dd93f81dc3fcc4736
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:8a:7d:d7:2e:76:21:aa:fb:77:41:a1:17:9b:
47:4f:fa:cf:30:61:eb:96:5c:30:28:0e:1f:6c:0a:
bc:50:ca:0c:d8:40:92:ee:05:17:3c:3a:61:ad:e4:
ff:b8:2f:f1:74:be:1b:14:d4:78:75:6c:5f:41:c2:
18:d1:97:a0:d1:ee:a5:d4:a7:4f:a1:3a:e6:25:73:
64:72:c1:88:12:63:c2:ed:79:63:84:22:dd:ed:d2:
9d:e4:f2:78:83:16:9e:55:7b:15:9f:28:37:c0:8c:
08:0a:c7:07:c7:b0:cc:d5:48:bb:d9:53:90:80:62:
bf:c1:d5:47:2e:02:ef:0e:e3:4a:7d:29:58:fa:fa:
df:2f:43:35:cc:48:16:25:1a:de:3d:d0:4a:e2:5d:
cd:ff:eb:4d:c2:9f:f9:bf:08:1b:fd:4e:8e:45:4c:
92:58:20:a7:2e:52:f5:85:a6:45:bc:8b:db:e9:ee:
fa:cf:f7:7c:fa:b7:8f:9e:9f:46:42:0e:2e:92:bf:
63:6c:3b:68:67:92:4b:97:9c:09:33:37:a8:f3:bd:
cb:ae:ed:fb:20:8c:55:48:ed:b1:31:8c:2d:4f:ad:
db:e0:3c:17:45:15:77:78:f6:46:81:88:d1:21:68:
d4:f5:02:dc:9b:56:54:ae:bc:75:f0:97:76:71:b6:
c2:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:7A:CE:29:9D:E5:4D:54:B1:71:AF:0D:D9:3F:81:DC:3F:CC:47:36
X509v3 Authority Key Identifier:
keyid:F2:61:DF:44:B3:46:82:3C:CE:8C:66:43:B5:FA:69:19:AF:B2:31:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8mHfRLNGgjzOjGZDtfppGa-yMZU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/3cb9d2-70ff-46d6-9c73-57586156354e/1/fnrOKZ3lTVSxca8N2T-B3D_MRzY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/3cb9d2-70ff-46d6-9c73-57586156354e/1/8mHfRLNGgjzOjGZDtfppGa-yMZU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.183.0/24
Signature Algorithm: sha256WithRSAEncryption
25:9b:3f:e1:75:14:d0:ec:67:2d:b1:b2:8f:3e:c0:3f:a8:ec:
df:a6:9f:a9:a6:bf:76:bb:88:2a:74:7c:a0:9e:6c:5f:b0:d7:
b4:83:37:9d:b8:d2:b8:f4:b1:a1:71:99:18:c7:88:8e:a2:67:
1e:3f:d2:b5:6b:6d:46:66:1a:e5:88:3d:c7:a3:72:5c:16:cd:
f0:28:42:96:d6:e8:73:6d:7d:04:32:9b:07:c3:ad:f9:77:24:
04:0c:80:1d:5f:67:5e:6f:a2:2d:16:8d:9d:00:8e:d0:55:0b:
fd:8d:b1:4b:25:51:35:c0:d9:9c:24:95:25:94:71:34:51:d5:
fc:9e:99:ed:ec:4e:74:c9:53:12:94:2f:a4:81:6f:64:d5:b6:
a6:f4:b7:dd:c6:88:ac:de:3f:ea:11:60:73:a9:d1:e4:de:f7:
75:2a:fe:76:a4:8b:2a:ad:e5:e9:da:aa:9d:42:92:4a:ac:1c:
81:1c:1a:d9:e4:4d:76:f5:93:ae:cb:bf:a6:0f:5f:4d:e2:65:
c4:35:4e:7a:f5:a0:c4:a2:f7:3b:77:22:40:d4:e0:86:62:e4:
18:d9:94:a5:51:30:45:7f:8e:37:77:c7:0d:63:bb:12:6e:f4:
8e:1f:55:d9:ab:15:7b:65:0a:9b:3d:06:2d:12:6b:7e:9b:1f:
bd:d3:83:f5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYHyf8oPKG8osOExsPGkr8D7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyNjFkZjQ0YjM0NjgyM2NjZThjNjY0M2I1ZmE2OTE5YWZi
MjMxOTUwHhcNMjIwNzEyMTMwMTA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTdhY2UyOTlkZTU0ZDU0YjE3MWFmMGRkOTNmODFkYzNmY2M0NzM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlop91y52Iar7d0GhF5tHT/rPMGHr
llwwKA4fbAq8UMoM2ECS7gUXPDphreT/uC/xdL4bFNR4dWxfQcIY0Zeg0e6l1KdP
oTrmJXNkcsGIEmPC7XljhCLd7dKd5PJ4gxaeVXsVnyg3wIwICscHx7DM1Ui72VOQ
gGK/wdVHLgLvDuNKfSlY+vrfL0M1zEgWJRrePdBK4l3N/+tNwp/5vwgb/U6ORUyS
WCCnLlL1haZFvIvb6e76z/d8+rePnp9GQg4ukr9jbDtoZ5JLl5wJMzeo873Lru37
IIxVSO2xMYwtT63b4DwXRRV3ePZGgYjRIWjU9QLcm1ZUrrx18Jd2cbbCtQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH56zimd5U1UsXGvDdk/gdw/zEc2MB8GA1UdIwQY
MBaAFPJh30SzRoI8zoxmQ7X6aRmvsjGVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOG1IZlJMTkdnanpPakdaRHRmcHBHYS15TVpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny8zY2I5ZDItNzBmZi00NmQ2LTljNzMt
NTc1ODYxNTYzNTRlLzEvZm5yT0taM2xUVlN4Y2E4TjJULUIzRF9NUnpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny8zY2I5ZDItNzBmZi00NmQ2LTljNzMtNTc1ODYxNTYzNTRl
LzEvOG1IZlJMTkdnanpPakdaRHRmcHBHYS15TVpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALY+3MA0G
CSqGSIb3DQEBCwUAA4IBAQAlmz/hdRTQ7GctsbKPPsA/qOzfpp+ppr92u4gqdHyg
nmxfsNe0gzeduNK49LGhcZkYx4iOomceP9K1a21GZhrliD3Ho3JcFs3wKEKW1uhz
bX0EMpsHw635dyQEDIAdX2deb6ItFo2dAI7QVQv9jbFLJVE1wNmcJJUllHE0UdX8
npnt7E50yVMSlC+kgW9k1bam9Lfdxois3j/qEWBzqdHk3vd1Kv52pIsqreXp2qqd
QpJKrByBHBrZ5E129ZOuy7+mD19N4mXENU569aDEovc7dyJA1OCGYuQY2ZSlUTBF
f443d8cNY7sSbvSOH1XZqxV7ZQqbPQYtEmt+mx+904P1
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:18 2024 by rpki-client on console-fra.rpki-client.org