Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/dbb043-377b-4c4b-a0a2-7e8c5526de7e/1/yNPXmrMrXuMs76SeNF3z5PLfFK0.roa
File: yNPXmrMrXuMs76SeNF3z5PLfFK0.roa (raw, json)
Hash identifier: 1tGbK0cfqEMEuVhS+U0ai1aM4OsSKgGRilggL89Vi3A=
Subject key identifier: C8:D3:D7:9A:B3:2B:5E:E3:2C:EF:A4:9E:34:5D:F3:E4:F2:DF:14:AD
Certificate issuer: /CN=df78ec6b0b969aa2228f125edaa419bacdbbf25b
Certificate serial: 074B027A
Authority key identifier: DF:78:EC:6B:0B:96:9A:A2:22:8F:12:5E:DA:A4:19:BA:CD:BB:F2:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33jsawuWmqIijxJe2qQZus278ls.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/dbb043-377b-4c4b-a0a2-7e8c5526de7e/1/yNPXmrMrXuMs76SeNF3z5PLfFK0.roa
Signing time: Sat 01 Jan 2022 14:05:12 +0000
ROA not before: Sat 01 Jan 2022 14:05:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 14618
IP address blocks: 45.154.18.0/24 maxlen: 24
45.154.19.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 122356346 (0x74b027a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df78ec6b0b969aa2228f125edaa419bacdbbf25b
Validity
Not Before: Jan 1 14:05:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c8d3d79ab32b5ee32cefa49e345df3e4f2df14ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:c6:e2:7e:34:87:34:c7:5d:ae:97:4d:53:3b:
f2:31:87:79:7d:b3:56:77:1c:32:bf:08:1d:b4:a2:
82:6b:ac:f2:9a:b2:a8:d8:52:62:36:97:3d:ac:65:
c3:ff:76:04:87:5a:96:b5:c2:8e:87:5a:a7:d8:7b:
44:e7:4b:4c:68:ac:ab:7a:f6:ba:3a:66:a6:be:f7:
6a:38:cb:2d:b2:82:40:cb:f6:30:5d:a6:04:71:62:
98:e2:98:7a:94:72:7a:66:27:ef:68:bd:4d:dd:86:
02:fc:6f:57:be:e9:ab:02:5f:a2:7e:c1:07:97:37:
f5:57:fd:ef:96:1c:ed:05:11:74:34:af:1b:14:c4:
22:c3:8c:d1:1a:57:ab:c4:0c:6b:23:bf:8a:a9:b1:
5a:2a:6b:b5:31:fc:b9:be:4a:a8:e0:1c:f8:e9:47:
fe:d9:51:31:83:b2:13:c4:03:cb:75:eb:3e:82:f3:
7c:40:7e:2c:22:60:05:25:a2:b9:cb:25:31:28:d2:
59:f3:5c:c4:4f:93:78:cb:af:bf:a7:2f:7d:ad:80:
7e:28:48:27:c0:11:14:cb:6e:a3:ca:45:e4:e4:7f:
32:42:35:ec:50:32:be:e0:32:b2:84:a6:2e:47:62:
66:f4:34:fc:cb:e0:a3:8c:f7:2a:3a:8d:a8:5b:13:
22:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:D3:D7:9A:B3:2B:5E:E3:2C:EF:A4:9E:34:5D:F3:E4:F2:DF:14:AD
X509v3 Authority Key Identifier:
keyid:DF:78:EC:6B:0B:96:9A:A2:22:8F:12:5E:DA:A4:19:BA:CD:BB:F2:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33jsawuWmqIijxJe2qQZus278ls.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/dbb043-377b-4c4b-a0a2-7e8c5526de7e/1/yNPXmrMrXuMs76SeNF3z5PLfFK0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/dbb043-377b-4c4b-a0a2-7e8c5526de7e/1/33jsawuWmqIijxJe2qQZus278ls.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.18.0/23
Signature Algorithm: sha256WithRSAEncryption
2d:a9:40:bd:a1:62:83:ed:2a:1c:3b:3d:80:46:05:0e:a3:e0:
23:2c:7f:01:4f:85:8b:85:53:05:1f:a1:db:9e:4d:5a:08:be:
20:be:72:a7:cf:82:e9:38:ab:62:bb:98:c6:82:af:3b:f8:83:
d9:08:33:86:88:4f:f7:dc:4d:3c:8f:23:f3:91:64:ce:82:7a:
54:17:9c:1b:5a:99:9b:b3:3c:6a:be:05:62:29:7f:8a:e6:76:
c3:9d:1e:67:81:49:39:38:9d:cf:74:f3:e9:14:99:4e:06:82:
7a:89:5c:40:a1:61:a5:fb:8d:cf:ae:9c:fe:89:35:75:9c:df:
dd:61:c7:04:b9:ec:a7:aa:82:13:ca:c4:54:f9:5e:7e:29:b1:
73:67:04:2e:99:1f:a6:ba:d2:f8:54:88:70:f9:68:f6:69:be:
5b:e0:38:fe:d0:bb:34:07:70:09:da:27:9c:1c:a4:0d:e9:0e:
42:98:40:69:bb:c4:21:72:d0:da:5c:69:0c:f0:96:86:64:c1:
a6:58:cc:61:02:a1:d1:ce:1d:a9:5a:1a:72:39:14:5d:61:b6:
04:79:4a:c9:c7:f1:6b:88:66:24:b1:6a:c8:42:90:11:27:a4:
ec:c6:e1:66:63:4c:0d:49:d1:c8:3e:f5:48:0d:9d:9b:12:18:
9b:30:18:73
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEB0sCejANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
Zjc4ZWM2YjBiOTY5YWEyMjI4ZjEyNWVkYWE0MTliYWNkYmJmMjViMB4XDTIyMDEw
MTE0MDUxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzhkM2Q3OWFiMzJi
NWVlMzJjZWZhNDllMzQ1ZGYzZTRmMmRmMTRhZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMLG4n40hzTHXa6XTVM78jGHeX2zVnccMr8IHbSigmus8pqy
qNhSYjaXPaxlw/92BIdalrXCjodap9h7ROdLTGisq3r2ujpmpr73ajjLLbKCQMv2
MF2mBHFimOKYepRyemYn72i9Td2GAvxvV77pqwJfon7BB5c39Vf975Yc7QURdDSv
GxTEIsOM0RpXq8QMayO/iqmxWiprtTH8ub5KqOAc+OlH/tlRMYOyE8QDy3XrPoLz
fEB+LCJgBSWiucslMSjSWfNcxE+TeMuvv6cvfa2AfihIJ8ARFMtuo8pF5OR/MkI1
7FAyvuAysoSmLkdiZvQ0/Mvgo4z3KjqNqFsTIh8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTI09easyte4yzvpJ40XfPk8t8UrTAfBgNVHSMEGDAWgBTfeOxrC5aaoiKP
El7apBm6zbvyWzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzMzanNhd3VXbXFJaWp4SmUycVFadXMyNzhscy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzkvZGJiMDQzLTM3N2ItNGM0Yi1hMGEyLTdlOGM1NTI2ZGU3ZS8x
L3lOUFhtck1yWHVNczc2U2VORjN6NVBMZkZLMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzkv
ZGJiMDQzLTM3N2ItNGM0Yi1hMGEyLTdlOGM1NTI2ZGU3ZS8xLzMzanNhd3VXbXFJ
aWp4SmUycVFadXMyNzhscy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAS2aEjANBgkqhkiG9w0BAQsFAAOC
AQEALalAvaFig+0qHDs9gEYFDqPgIyx/AU+Fi4VTBR+h255NWgi+IL5yp8+C6Tir
YruYxoKvO/iD2QgzhohP99xNPI8j85FkzoJ6VBecG1qZm7M8ar4FYil/iuZ2w50e
Z4FJOTidz3Tz6RSZTgaCeolcQKFhpfuNz66c/ok1dZzf3WHHBLnsp6qCE8rEVPle
fimxc2cELpkfprrS+FSIcPlo9mm+W+A4/tC7NAdwCdonnBykDekOQphAabvEIXLQ
2lxpDPCWhmTBpljMYQKh0c4dqVoacjkUXWG2BHlKycfxa4hmJLFqyEKQESek7Mbh
ZmNMDUnRyD71SA2dmxIYmzAYcw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:14 2023 by rpki-client on console-fra.rpki-client.org