Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/dbb043-377b-4c4b-a0a2-7e8c5526de7e/1/foqUC-dy71161_Nlr-U52K7jQYk.roa
File: foqUC-dy71161_Nlr-U52K7jQYk.roa (raw, json)
Hash identifier: 2MqOspAacmO59fvJGgeWqWWfFeijqOb46iiy8+T+hgI=
Subject key identifier: 7E:8A:94:0B:E7:72:EF:5D:7A:D7:F3:65:AF:E5:39:D8:AE:E3:41:89
Certificate issuer: /CN=df78ec6b0b969aa2228f125edaa419bacdbbf25b
Certificate serial: 074C3495
Authority key identifier: DF:78:EC:6B:0B:96:9A:A2:22:8F:12:5E:DA:A4:19:BA:CD:BB:F2:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33jsawuWmqIijxJe2qQZus278ls.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/dbb043-377b-4c4b-a0a2-7e8c5526de7e/1/foqUC-dy71161_Nlr-U52K7jQYk.roa
Signing time: Sat 01 Jan 2022 14:05:12 +0000
ROA not before: Sat 01 Jan 2022 14:05:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16509
IP address blocks: 45.154.19.0/24 maxlen: 24
45.154.18.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 122434709 (0x74c3495)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df78ec6b0b969aa2228f125edaa419bacdbbf25b
Validity
Not Before: Jan 1 14:05:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7e8a940be772ef5d7ad7f365afe539d8aee34189
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:4f:1d:4e:1f:60:5e:a9:25:ae:6e:48:e6:3b:
b7:bc:43:8d:c2:44:bd:08:e3:f4:df:30:94:a1:b3:
36:96:a1:4e:4e:5a:d6:89:0d:b2:83:8a:50:cd:61:
ab:9a:8b:04:e5:2e:60:3b:30:59:47:d7:0b:31:6b:
84:90:7a:b1:2f:53:36:fd:2f:65:fc:bc:35:93:56:
2f:52:a9:53:00:20:14:e6:4e:11:3a:0f:9c:90:05:
03:3f:25:5e:a5:f1:c7:6c:2f:41:46:ee:c9:c5:29:
d6:8e:84:43:dd:fd:c7:63:c5:57:19:f7:de:6e:a9:
0e:62:a2:dc:6f:52:13:cd:0a:fd:d7:67:94:68:ad:
f0:d3:7d:76:ab:d8:9e:0e:07:a3:be:b7:a2:bd:3a:
bc:cf:05:a3:c6:0e:70:a9:47:2a:22:a5:47:bd:30:
23:7b:94:b0:85:cf:f7:19:c7:20:99:0a:6e:fa:13:
d7:e1:9b:94:fe:ec:c2:dc:bc:c5:05:c5:e1:fa:b0:
8f:61:e7:f2:e9:20:58:98:e8:72:14:c8:d1:78:77:
6d:b5:c5:66:a1:93:bc:1d:0a:41:18:47:94:80:5c:
c1:9d:c6:31:46:b1:aa:0a:80:7c:b1:77:03:59:d4:
5e:eb:9f:40:38:50:bb:fb:09:3a:8b:64:65:33:71:
33:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:8A:94:0B:E7:72:EF:5D:7A:D7:F3:65:AF:E5:39:D8:AE:E3:41:89
X509v3 Authority Key Identifier:
keyid:DF:78:EC:6B:0B:96:9A:A2:22:8F:12:5E:DA:A4:19:BA:CD:BB:F2:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33jsawuWmqIijxJe2qQZus278ls.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/dbb043-377b-4c4b-a0a2-7e8c5526de7e/1/foqUC-dy71161_Nlr-U52K7jQYk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/dbb043-377b-4c4b-a0a2-7e8c5526de7e/1/33jsawuWmqIijxJe2qQZus278ls.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.18.0/23
Signature Algorithm: sha256WithRSAEncryption
2d:59:97:0c:ef:3e:f4:22:cd:5a:4c:a3:7e:7c:44:2d:0d:da:
12:53:e2:fa:a8:52:a4:cf:c6:d6:f6:4c:67:61:fc:95:d0:c3:
85:00:4d:ac:b1:5a:c3:36:98:22:3c:7f:fe:7b:48:63:3d:7f:
33:be:73:a9:71:37:7b:77:eb:1c:67:ae:68:75:06:4d:44:96:
ce:02:df:f8:4b:61:80:c8:4a:9a:22:34:f6:64:cd:77:d7:c7:
03:2a:9b:8f:2d:1b:ea:35:2a:ec:1c:2f:bf:5a:4e:fb:a1:ae:
36:7e:d0:93:2a:f2:7b:55:f2:43:d4:5c:e0:93:ad:49:5c:73:
3a:80:52:58:bf:dc:e9:e9:89:01:aa:a8:cd:76:08:d6:d0:dc:
21:62:ab:b8:5e:bb:15:ff:f7:69:c4:2f:22:ed:07:82:5b:1d:
d7:56:50:d6:18:67:ad:e2:d2:c9:5e:28:66:22:86:58:94:f2:
e9:6b:eb:1c:ad:33:e8:0f:8c:41:b9:95:ad:1c:56:77:74:c6:
87:82:7e:42:71:dd:7d:18:2e:5a:32:ea:9d:d4:90:c6:a2:2e:
03:0f:94:39:8d:35:63:4f:c6:d2:2a:5a:e4:90:45:7f:8f:92:
bf:04:ce:41:10:f6:3b:f4:ac:9f:81:63:79:61:9e:b6:89:ac:
b7:98:f0:e6
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEB0w0lTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
Zjc4ZWM2YjBiOTY5YWEyMjI4ZjEyNWVkYWE0MTliYWNkYmJmMjViMB4XDTIyMDEw
MTE0MDUxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2U4YTk0MGJlNzcy
ZWY1ZDdhZDdmMzY1YWZlNTM5ZDhhZWUzNDE4OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK1PHU4fYF6pJa5uSOY7t7xDjcJEvQjj9N8wlKGzNpahTk5a
1okNsoOKUM1hq5qLBOUuYDswWUfXCzFrhJB6sS9TNv0vZfy8NZNWL1KpUwAgFOZO
EToPnJAFAz8lXqXxx2wvQUbuycUp1o6EQ939x2PFVxn33m6pDmKi3G9SE80K/ddn
lGit8NN9dqvYng4Ho763or06vM8Fo8YOcKlHKiKlR70wI3uUsIXP9xnHIJkKbvoT
1+GblP7swty8xQXF4fqwj2Hn8ukgWJjochTI0Xh3bbXFZqGTvB0KQRhHlIBcwZ3G
MUaxqgqAfLF3A1nUXuufQDhQu/sJOotkZTNxM08CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBR+ipQL53LvXXrX82Wv5TnYruNBiTAfBgNVHSMEGDAWgBTfeOxrC5aaoiKP
El7apBm6zbvyWzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzMzanNhd3VXbXFJaWp4SmUycVFadXMyNzhscy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzkvZGJiMDQzLTM3N2ItNGM0Yi1hMGEyLTdlOGM1NTI2ZGU3ZS8x
L2ZvcVVDLWR5NzExNjFfTmxyLVU1Mks3alFZay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzkv
ZGJiMDQzLTM3N2ItNGM0Yi1hMGEyLTdlOGM1NTI2ZGU3ZS8xLzMzanNhd3VXbXFJ
aWp4SmUycVFadXMyNzhscy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAS2aEjANBgkqhkiG9w0BAQsFAAOC
AQEALVmXDO8+9CLNWkyjfnxELQ3aElPi+qhSpM/G1vZMZ2H8ldDDhQBNrLFawzaY
Ijx//ntIYz1/M75zqXE3e3frHGeuaHUGTUSWzgLf+EthgMhKmiI09mTNd9fHAyqb
jy0b6jUq7Bwvv1pO+6GuNn7Qkyrye1XyQ9Rc4JOtSVxzOoBSWL/c6emJAaqozXYI
1tDcIWKruF67Ff/3acQvIu0Hglsd11ZQ1hhnreLSyV4oZiKGWJTy6WvrHK0z6A+M
QbmVrRxWd3TGh4J+QnHdfRguWjLqndSQxqIuAw+UOY01Y0/G0ipa5JBFf4+SvwTO
QRD2O/Ssn4FjeWGetomst5jw5g==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:51 2023 by rpki-client on console-ams.rpki-client.org