Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/b8e03e-c398-4eee-8939-f909d79a44ad/1/MDXkfxlbA6BCrj1dxYhNfCL8pZA.roa
File: MDXkfxlbA6BCrj1dxYhNfCL8pZA.roa (raw, json)
Hash identifier: xSKf4LgGNTd1l/2SxvDugKUkrfdCWF1OQfx4p4bIkM4=
Subject key identifier: 30:35:E4:7F:19:5B:03:A0:42:AE:3D:5D:C5:88:4D:7C:22:FC:A5:90
Certificate issuer: /CN=779290311e6e9cfa5e517fabb0d96fa9a71c3da1
Certificate serial: 0737D580
Authority key identifier: 77:92:90:31:1E:6E:9C:FA:5E:51:7F:AB:B0:D9:6F:A9:A7:1C:3D:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d5KQMR5unPpeUX-rsNlvqaccPaE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/b8e03e-c398-4eee-8939-f909d79a44ad/1/MDXkfxlbA6BCrj1dxYhNfCL8pZA.roa
Signing time: Sat 01 Jan 2022 08:02:19 +0000
ROA not before: Sat 01 Jan 2022 08:02:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208071
IP address blocks: 45.159.160.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 121099648 (0x737d580)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=779290311e6e9cfa5e517fabb0d96fa9a71c3da1
Validity
Not Before: Jan 1 08:02:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3035e47f195b03a042ae3d5dc5884d7c22fca590
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:e6:3f:05:89:72:fa:7f:ad:f5:6b:66:ba:8d:
9b:9c:c5:b3:13:f6:46:72:4b:af:ea:99:9f:46:1f:
cb:0b:fc:93:13:c8:9c:8e:ba:62:42:ea:09:81:3e:
1f:c3:fa:93:18:ff:31:96:c9:8c:08:15:f8:1d:d2:
6d:fe:b8:0d:30:b8:18:d3:6f:27:5a:1a:33:7d:7f:
5f:da:82:ae:5e:68:5a:75:e5:1a:f9:fb:25:88:2b:
6d:5a:23:c6:7e:3a:ae:f6:80:ff:20:36:e1:cd:57:
d5:73:0e:11:15:8d:1e:e4:f5:2c:6a:23:03:0c:37:
b6:df:51:f6:05:cd:dd:07:5a:32:3e:42:89:45:ef:
67:ec:67:94:4a:76:7c:60:04:c2:f6:21:e6:37:4d:
7f:55:f3:7a:7b:d8:86:15:ad:ef:08:74:70:75:ea:
cd:46:6a:ce:1c:02:5d:21:07:a1:63:8e:9a:ac:56:
58:3a:8b:5a:58:c5:ed:ff:6b:a5:94:5c:ac:7b:74:
a1:6e:d2:50:46:38:ba:61:f9:e0:52:c3:c9:ef:0a:
8c:72:ec:79:4a:67:e1:ee:be:8f:b2:5e:a1:91:1c:
84:33:4f:3b:38:9a:1e:1f:06:fd:dc:01:c6:3f:3e:
93:29:4b:2b:c3:aa:50:b3:fb:92:64:51:85:c8:4b:
2f:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:35:E4:7F:19:5B:03:A0:42:AE:3D:5D:C5:88:4D:7C:22:FC:A5:90
X509v3 Authority Key Identifier:
keyid:77:92:90:31:1E:6E:9C:FA:5E:51:7F:AB:B0:D9:6F:A9:A7:1C:3D:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5KQMR5unPpeUX-rsNlvqaccPaE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/b8e03e-c398-4eee-8939-f909d79a44ad/1/MDXkfxlbA6BCrj1dxYhNfCL8pZA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/b8e03e-c398-4eee-8939-f909d79a44ad/1/d5KQMR5unPpeUX-rsNlvqaccPaE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.160.0/22
Signature Algorithm: sha256WithRSAEncryption
26:07:65:8e:ca:8f:b3:5e:54:50:a9:76:35:e5:9f:bc:15:14:
11:3f:0c:7f:d2:53:5a:ea:35:b7:b3:8f:9e:cf:44:05:8b:13:
5e:66:e9:40:05:78:4c:da:e5:bb:92:81:87:9d:03:e4:62:c6:
23:86:aa:18:ab:23:61:88:08:e8:b9:82:a7:c4:33:c3:20:5f:
64:53:47:3d:e0:e3:84:c9:00:69:01:28:c2:35:f1:74:d8:56:
90:69:c5:5d:bd:0a:a0:7c:a8:92:c0:67:fb:cf:a2:fe:c8:4a:
47:30:db:75:83:f5:eb:5e:db:99:8d:b9:97:d3:d3:7c:f2:e2:
3a:13:7d:fe:9e:d3:50:7b:08:3b:5b:0e:02:e1:4b:ed:8d:d8:
96:e3:be:38:e1:d5:e9:2f:fe:44:eb:3b:8c:53:1e:85:49:01:
cf:a0:e1:fb:81:7e:fb:57:d3:5d:09:bf:58:ef:82:f7:33:cd:
8c:2f:9c:97:8d:56:91:11:be:eb:73:9c:0a:93:25:cc:bb:c8:
7c:05:91:63:fa:df:5a:8c:c1:50:77:93:85:7f:25:e4:80:86:
9a:24:44:94:e9:3a:dd:75:b5:64:8d:de:4d:14:e8:3a:66:3c:
e4:a0:58:66:36:1f:27:ed:e8:d1:f7:62:eb:3e:59:20:2c:57:
58:f8:d6:bf
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBzfVgDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NzkyOTAzMTFlNmU5Y2ZhNWU1MTdmYWJiMGQ5NmZhOWE3MWMzZGExMB4XDTIyMDEw
MTA4MDIxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzAzNWU0N2YxOTVi
MDNhMDQyYWUzZDVkYzU4ODRkN2MyMmZjYTU5MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALjmPwWJcvp/rfVrZrqNm5zFsxP2RnJLr+qZn0Yfywv8kxPI
nI66YkLqCYE+H8P6kxj/MZbJjAgV+B3Sbf64DTC4GNNvJ1oaM31/X9qCrl5oWnXl
Gvn7JYgrbVojxn46rvaA/yA24c1X1XMOERWNHuT1LGojAww3tt9R9gXN3QdaMj5C
iUXvZ+xnlEp2fGAEwvYh5jdNf1XzenvYhhWt7wh0cHXqzUZqzhwCXSEHoWOOmqxW
WDqLWljF7f9rpZRcrHt0oW7SUEY4umH54FLDye8KjHLseUpn4e6+j7JeoZEchDNP
OziaHh8G/dwBxj8+kylLK8OqULP7kmRRhchLLxcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQwNeR/GVsDoEKuPV3FiE18IvylkDAfBgNVHSMEGDAWgBR3kpAxHm6c+l5R
f6uw2W+ppxw9oTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2Q1S1FNUjV1blBwZVVYLXJzTmx2cWFjY1BhRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzEvYjhlMDNlLWMzOTgtNGVlZS04OTM5LWY5MDlkNzlhNDRhZC8x
L01EWGtmeGxiQTZCQ3JqMWR4WWhOZkNMOHBaQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzEv
YjhlMDNlLWMzOTgtNGVlZS04OTM5LWY5MDlkNzlhNDRhZC8xL2Q1S1FNUjV1blBw
ZVVYLXJzTmx2cWFjY1BhRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi2foDANBgkqhkiG9w0BAQsFAAOC
AQEAJgdljsqPs15UUKl2NeWfvBUUET8Mf9JTWuo1t7OPns9EBYsTXmbpQAV4TNrl
u5KBh50D5GLGI4aqGKsjYYgI6LmCp8QzwyBfZFNHPeDjhMkAaQEowjXxdNhWkGnF
Xb0KoHyoksBn+8+i/shKRzDbdYP1617bmY25l9PTfPLiOhN9/p7TUHsIO1sOAuFL
7Y3YluO+OOHV6S/+ROs7jFMehUkBz6Dh+4F++1fTXQm/WO+C9zPNjC+cl41WkRG+
63OcCpMlzLvIfAWRY/rfWozBUHeThX8l5ICGmiRElOk63XW1ZI3eTRToOmY85KBY
ZjYfJ+3o0fdi6z5ZICxXWPjWvw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:46 2024 by rpki-client on console-fra.rpki-client.org