Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/4e1b5b-0b7e-4004-bf9d-114039d5a9e1/1/NqBNELT9kSEnF7RM5ovGcxywv-A.roa
File: NqBNELT9kSEnF7RM5ovGcxywv-A.roa (raw, json)
Hash identifier: JR9/9UG7FLzE5C7p5SY3vNHwC73vsSBFstgXpoFuMcw=
Subject key identifier: 36:A0:4D:10:B4:FD:91:21:27:17:B4:4C:E6:8B:C6:73:1C:B0:BF:E0
Certificate issuer: /CN=0dce7e26ac1de4de6dff75aba004a1cfca787664
Certificate serial: 0722D770
Authority key identifier: 0D:CE:7E:26:AC:1D:E4:DE:6D:FF:75:AB:A0:04:A1:CF:CA:78:76:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Dc5-Jqwd5N5t_3WroAShz8p4dmQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/4e1b5b-0b7e-4004-bf9d-114039d5a9e1/1/NqBNELT9kSEnF7RM5ovGcxywv-A.roa
Signing time: Fri 22 Apr 2022 06:41:10 +0000
ROA not before: Fri 22 Apr 2022 06:41:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208028
IP address blocks: 45.80.140.0/29 maxlen: 29
45.80.140.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 119723888 (0x722d770)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0dce7e26ac1de4de6dff75aba004a1cfca787664
Validity
Not Before: Apr 22 06:41:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=36a04d10b4fd91212717b44ce68bc6731cb0bfe0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:b4:26:17:1f:f4:49:8a:0b:fe:d9:3c:90:7e:
66:02:d9:2a:51:5a:5d:eb:b4:70:84:fd:f2:b2:54:
c9:45:f7:dd:ee:72:0f:b8:cc:6a:47:cc:1f:9d:e9:
66:bc:13:f5:37:bb:ec:ce:b3:b5:ae:43:0c:b9:fe:
79:ac:d3:80:36:f4:b7:a2:a9:93:8f:7a:ff:e1:79:
dd:69:96:89:78:96:94:a8:50:ad:26:3b:13:b1:33:
80:e5:db:0d:60:e8:23:52:c4:1c:e3:83:38:2d:90:
e2:9b:37:5b:20:de:06:b8:79:fe:46:f5:4a:cb:e2:
d2:a7:61:de:9f:28:8f:f8:e7:47:f6:4c:72:3a:54:
ba:4c:2d:ae:5e:bf:db:17:b9:46:6e:91:5c:d5:f9:
70:46:4d:e1:f0:c3:b0:81:a4:27:f4:85:f0:6c:66:
6b:63:ff:ba:fc:46:bc:a8:33:aa:be:c1:60:ae:bf:
5d:84:2e:41:89:ff:1b:2e:43:9c:ce:bd:94:52:b9:
d6:4c:ae:9f:82:d2:79:f2:81:72:34:5e:75:40:f7:
65:68:2b:30:76:05:a3:3c:11:51:29:1e:48:ab:ee:
54:a2:0e:fb:a2:bb:c9:50:7b:b6:18:fb:db:9f:3f:
33:08:d9:2d:17:3d:1a:6e:11:4a:35:71:21:31:2a:
4f:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:A0:4D:10:B4:FD:91:21:27:17:B4:4C:E6:8B:C6:73:1C:B0:BF:E0
X509v3 Authority Key Identifier:
keyid:0D:CE:7E:26:AC:1D:E4:DE:6D:FF:75:AB:A0:04:A1:CF:CA:78:76:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Dc5-Jqwd5N5t_3WroAShz8p4dmQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/4e1b5b-0b7e-4004-bf9d-114039d5a9e1/1/NqBNELT9kSEnF7RM5ovGcxywv-A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/4e1b5b-0b7e-4004-bf9d-114039d5a9e1/1/Dc5-Jqwd5N5t_3WroAShz8p4dmQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.80.140.0/22
Signature Algorithm: sha256WithRSAEncryption
3a:5e:c3:b4:9f:a3:a2:15:6b:90:3a:6b:52:2e:78:e3:a3:b0:
7c:1d:f4:e4:de:33:21:46:c7:54:15:21:42:e9:36:4d:27:6f:
f1:94:99:d8:b0:67:92:d0:e9:36:6a:f1:e6:c5:ab:3c:27:d1:
1f:8f:ed:36:52:f0:0a:ca:1e:fe:ed:51:da:fc:7c:66:bc:48:
f0:7d:6e:26:e9:55:a0:eb:ee:38:c3:05:bc:c9:3a:e8:d2:82:
06:f5:2a:91:48:cb:6c:3b:42:83:38:1e:79:bb:18:eb:b5:6f:
f2:83:0c:d6:b5:3b:39:73:12:ec:ce:f7:9e:76:13:25:3e:1a:
8c:ec:81:fc:02:59:f0:12:0c:8d:7c:57:0a:f5:4e:63:30:f2:
7c:17:20:fc:1d:06:d1:4b:fa:f7:c2:88:6d:a9:ce:e0:a4:05:
5d:04:1c:d1:0e:c2:cc:c1:bd:b8:a0:f1:1e:a4:e9:6c:f3:52:
b1:30:79:73:5c:56:cc:c8:08:8b:88:85:f8:31:9d:0d:d1:12:
68:f3:62:6e:eb:37:e3:cb:c1:1b:c2:ec:f4:77:ee:f9:f8:73:
ee:31:96:18:be:94:82:5b:03:b0:2b:b3:87:73:fe:b8:f9:1c:
42:c2:99:32:c6:43:f0:fb:f5:77:2e:e9:2e:a8:2b:ca:d8:2e:
a6:de:65:5f
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEByLXcDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ZGNlN2UyNmFjMWRlNGRlNmRmZjc1YWJhMDA0YTFjZmNhNzg3NjY0MB4XDTIyMDQy
MjA2NDExMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzZhMDRkMTBiNGZk
OTEyMTI3MTdiNDRjZTY4YmM2NzMxY2IwYmZlMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJi0Jhcf9EmKC/7ZPJB+ZgLZKlFaXeu0cIT98rJUyUX33e5y
D7jMakfMH53pZrwT9Te77M6zta5DDLn+eazTgDb0t6Kpk496/+F53WmWiXiWlKhQ
rSY7E7EzgOXbDWDoI1LEHOODOC2Q4ps3WyDeBrh5/kb1Ssvi0qdh3p8oj/jnR/ZM
cjpUukwtrl6/2xe5Rm6RXNX5cEZN4fDDsIGkJ/SF8Gxma2P/uvxGvKgzqr7BYK6/
XYQuQYn/Gy5DnM69lFK51kyun4LSefKBcjRedUD3ZWgrMHYFozwRUSkeSKvuVKIO
+6K7yVB7thj7258/MwjZLRc9Gm4RSjVxITEqTzUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ2oE0QtP2RIScXtEzmi8ZzHLC/4DAfBgNVHSMEGDAWgBQNzn4mrB3k3m3/
daugBKHPynh2ZDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0RjNS1KcXdkNU41dF8zV3JvQVNoejhwNGRtUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2IvNGUxYjViLTBiN2UtNDAwNC1iZjlkLTExNDAzOWQ1YTllMS8x
L05xQk5FTFQ5a1NFbkY3Uk01b3ZHY3h5d3YtQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Iv
NGUxYjViLTBiN2UtNDAwNC1iZjlkLTExNDAzOWQ1YTllMS8xL0RjNS1KcXdkNU41
dF8zV3JvQVNoejhwNGRtUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi1QjDANBgkqhkiG9w0BAQsFAAOC
AQEAOl7DtJ+johVrkDprUi5446OwfB305N4zIUbHVBUhQuk2TSdv8ZSZ2LBnktDp
Nmrx5sWrPCfRH4/tNlLwCsoe/u1R2vx8ZrxI8H1uJulVoOvuOMMFvMk66NKCBvUq
kUjLbDtCgzgeebsY67Vv8oMM1rU7OXMS7M73nnYTJT4ajOyB/AJZ8BIMjXxXCvVO
YzDyfBcg/B0G0Uv698KIbanO4KQFXQQc0Q7CzMG9uKDxHqTpbPNSsTB5c1xWzMgI
i4iF+DGdDdESaPNibus348vBG8Ls9Hfu+fhz7jGWGL6UglsDsCuzh3P+uPkcQsKZ
MsZD8Pv1dy7pLqgrytgupt5lXw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:20 2023 by rpki-client on console-fra.rpki-client.org