Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/cNtrLJQrpIW1vC-safuNC2_J8Mc.roa
File: cNtrLJQrpIW1vC-safuNC2_J8Mc.roa (raw, json)
Hash identifier: rH++7frqWKdDIVZ2aEHJ0xZAo9SAvHav4VSpej6nLEA=
Subject key identifier: 70:DB:6B:2C:94:2B:A4:85:B5:BC:2F:AC:69:FB:8D:0B:6F:C9:F0:C7
Certificate issuer: /CN=1f4738389cb3b998ec4fa6d4272f8dd799fbc4a9
Certificate serial: 03C89817
Authority key identifier: 1F:47:38:38:9C:B3:B9:98:EC:4F:A6:D4:27:2F:8D:D7:99:FB:C4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/cNtrLJQrpIW1vC-safuNC2_J8Mc.roa
Signing time: Sat 01 Jan 2022 02:56:33 +0000
ROA not before: Sat 01 Jan 2022 02:56:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 21859
IP address blocks: 91.208.245.0/24 maxlen: 24
91.208.246.0/24 maxlen: 24
45.10.70.0/23 maxlen: 24
45.10.69.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63477783 (0x3c89817)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f4738389cb3b998ec4fa6d4272f8dd799fbc4a9
Validity
Not Before: Jan 1 02:56:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=70db6b2c942ba485b5bc2fac69fb8d0b6fc9f0c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:3a:d1:d3:c6:f7:10:7c:16:05:17:38:35:9e:
ac:18:92:e1:a1:71:32:54:a7:19:21:7e:f9:cf:72:
7c:16:e9:05:0b:c3:49:22:9d:5b:9b:a2:13:e9:cc:
9c:c9:c3:b0:b4:7f:ff:69:77:4a:6d:7a:2a:63:65:
08:60:d7:7f:a5:f9:80:a5:45:bf:46:91:ee:c2:4b:
76:34:80:f3:62:6b:20:7c:78:b1:08:9b:cf:e6:00:
06:07:75:b0:8c:8f:25:b7:54:0e:df:26:d2:ca:c6:
6f:ee:c6:87:93:a9:f0:71:bd:c2:f1:b9:3a:49:81:
22:0c:e2:ea:24:86:9a:df:72:ee:90:6f:56:df:cb:
a4:44:28:34:bb:f1:5a:50:d3:d6:77:fa:01:c4:82:
b2:1a:75:9f:28:13:39:5d:e6:b8:2f:10:fa:56:e3:
44:29:20:94:8d:bc:46:6e:93:53:a7:80:80:3f:e0:
6a:ab:39:43:df:64:a2:d6:79:76:5f:f1:bf:7f:7c:
b2:f7:a5:10:92:2c:10:27:b4:15:1f:c1:5e:c8:19:
5f:53:9e:f5:10:47:40:a8:29:59:01:6f:86:bc:51:
f2:21:67:ae:20:67:da:71:31:17:33:b9:3d:0b:7d:
e4:0a:5c:7e:7a:fe:89:3f:73:5a:48:1c:92:5a:ba:
5f:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:DB:6B:2C:94:2B:A4:85:B5:BC:2F:AC:69:FB:8D:0B:6F:C9:F0:C7
X509v3 Authority Key Identifier:
keyid:1F:47:38:38:9C:B3:B9:98:EC:4F:A6:D4:27:2F:8D:D7:99:FB:C4:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/cNtrLJQrpIW1vC-safuNC2_J8Mc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/H0c4OJyzuZjsT6bUJy-N15n7xKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.69.0-45.10.71.255
91.208.245.0-91.208.246.255
Signature Algorithm: sha256WithRSAEncryption
ab:be:00:b6:92:6f:6b:9e:82:0b:06:85:34:2d:63:7a:bf:bf:
cd:d1:f0:c6:b9:39:c8:e7:d4:bd:66:52:1f:0a:d0:a1:fc:38:
a9:37:82:61:9e:20:bf:95:c3:55:0f:cc:7c:ce:5f:45:2a:5a:
d6:7e:4d:66:b9:dc:24:88:f6:c1:e4:ef:18:8f:a7:0c:0e:2c:
9c:41:08:b5:60:4d:77:d2:fd:12:c5:e6:c1:52:2b:91:6b:0c:
c3:5f:8e:a5:80:b1:50:f7:d9:98:ef:01:dc:e3:c9:28:7e:99:
b7:98:98:6f:99:bf:ef:0b:f4:32:3f:24:fe:57:b7:e5:44:d5:
a3:83:ee:c2:85:ad:49:c0:43:7f:b4:10:80:ae:30:67:9e:97:
25:05:f9:cf:47:18:92:21:ae:a6:ec:58:32:d1:35:df:e9:6e:
22:9c:9c:2a:eb:21:93:58:42:6b:8f:96:de:ec:e4:b1:30:a8:
4a:9b:52:38:54:12:e6:ba:bb:7c:27:c7:42:7f:16:9c:53:d7:
fa:e3:43:2f:63:2d:61:76:b1:bb:d0:a4:25:05:67:9e:f2:b7:
b0:0a:1e:9a:96:8a:db:5d:de:75:6b:0a:02:31:4f:12:32:a2:
49:78:e8:a4:6c:d0:c4:7c:15:b0:66:9a:98:66:6b:8c:39:cd:
1b:aa:34:f8
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgIEA8iYFzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ZjQ3MzgzODljYjNiOTk4ZWM0ZmE2ZDQyNzJmOGRkNzk5ZmJjNGE5MB4XDTIyMDEw
MTAyNTYzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzBkYjZiMmM5NDJi
YTQ4NWI1YmMyZmFjNjlmYjhkMGI2ZmM5ZjBjNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALg60dPG9xB8FgUXODWerBiS4aFxMlSnGSF++c9yfBbpBQvD
SSKdW5uiE+nMnMnDsLR//2l3Sm16KmNlCGDXf6X5gKVFv0aR7sJLdjSA82JrIHx4
sQibz+YABgd1sIyPJbdUDt8m0srGb+7Gh5Op8HG9wvG5OkmBIgzi6iSGmt9y7pBv
Vt/LpEQoNLvxWlDT1nf6AcSCshp1nygTOV3muC8Q+lbjRCkglI28Rm6TU6eAgD/g
aqs5Q99kotZ5dl/xv398svelEJIsECe0FR/BXsgZX1Oe9RBHQKgpWQFvhrxR8iFn
riBn2nExFzO5PQt95Apcfnr+iT9zWkgcklq6X3kCAwEAAaOCAh8wggIbMB0GA1Ud
DgQWBBRw22sslCukhbW8L6xp+40Lb8nwxzAfBgNVHSMEGDAWgBQfRzg4nLO5mOxP
ptQnL43XmfvEqTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0gwYzRPSnl6dVpqc1Q2YlVKeS1OMTVuN3hLay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzUvNTE3Njk0LWM4YTEtNDU4Yi05Y2YyLTZjN2U1Njg1ODkwYy8x
L2NOdHJMSlFycElXMXZDLXNhZnVOQzJfSjhNYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzUv
NTE3Njk0LWM4YTEtNDU4Yi05Y2YyLTZjN2U1Njg1ODkwYy8xL0gwYzRPSnl6dVpq
c1Q2YlVKeS1OMTVuN3hLay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA1
BggrBgEFBQcBBwEB/wQmMCQwIgQCAAEwHDAMAwQALQpFAwQDLQpAMAwDBABb0PUD
BABb0PYwDQYJKoZIhvcNAQELBQADggEBAKu+ALaSb2ueggsGhTQtY3q/v83R8Ma5
Ocjn1L1mUh8K0KH8OKk3gmGeIL+Vw1UPzHzOX0UqWtZ+TWa53CSI9sHk7xiPpwwO
LJxBCLVgTXfS/RLF5sFSK5FrDMNfjqWAsVD32ZjvAdzjySh+mbeYmG+Zv+8L9DI/
JP5Xt+VE1aOD7sKFrUnAQ3+0EICuMGeelyUF+c9HGJIhrqbsWDLRNd/pbiKcnCrr
IZNYQmuPlt7s5LEwqEqbUjhUEua6u3wnx0J/FpxT1/rjQy9jLWF2sbvQpCUFZ57y
t7AKHpqWittd3nVrCgIxTxIyokl46KRs0MR8FbBmmphma4w5zRuqNPg=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:01 2023 by rpki-client on console-fra.rpki-client.org