Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/9e47e9-3281-4d17-a6bc-e2a7fb848318/1/OFimd30eAVmCAVnPih5sfRSlX-U.roa
File: OFimd30eAVmCAVnPih5sfRSlX-U.roa (raw, json)
Hash identifier: 29QD76ynMfcbLqzG+ZgJtHYQCUEm/Qh9KFjZfML1OHY=
Subject key identifier: 38:58:A6:77:7D:1E:01:59:82:01:59:CF:8A:1E:6C:7D:14:A5:5F:E5
Certificate issuer: /CN=74b4cd3edf521df8ec0a151111272d3fb91b99c3
Certificate serial: 058EC88D
Authority key identifier: 74:B4:CD:3E:DF:52:1D:F8:EC:0A:15:11:11:27:2D:3F:B9:1B:99:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dLTNPt9SHfjsChURESctP7kbmcM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/9e47e9-3281-4d17-a6bc-e2a7fb848318/1/OFimd30eAVmCAVnPih5sfRSlX-U.roa
Signing time: Sat 01 Jan 2022 08:53:06 +0000
ROA not before: Sat 01 Jan 2022 08:53:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58224
IP address blocks: 45.144.16.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93243533 (0x58ec88d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=74b4cd3edf521df8ec0a151111272d3fb91b99c3
Validity
Not Before: Jan 1 08:53:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3858a6777d1e0159820159cf8a1e6c7d14a55fe5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:c1:91:40:4e:31:16:5a:9c:2d:2e:f0:ac:df:
ba:78:ae:d3:0b:fb:a8:52:c7:9e:4b:3c:ff:82:b4:
3d:85:58:20:b7:4a:56:92:2f:9f:38:00:e5:1d:b6:
a0:51:29:10:0a:e4:3c:31:04:33:e9:67:fd:f3:46:
24:6b:87:40:9c:0f:bf:d3:92:d2:ce:54:81:a9:b7:
f6:24:61:d4:4a:cf:04:cb:f0:5a:aa:12:84:c6:cb:
7d:b2:74:ee:4c:57:5c:51:ef:22:a7:8b:16:28:30:
e8:37:da:08:27:78:24:c3:b7:9c:9d:e4:5a:51:95:
24:fc:92:2c:b0:78:c1:90:3b:a7:ae:dd:b3:dd:7d:
60:d4:1a:24:3a:61:ce:75:71:63:dc:e1:8b:f1:b1:
2f:57:f3:04:f5:6a:93:96:a9:53:d2:14:ad:e8:92:
47:7e:95:65:b6:82:17:d7:fb:af:94:13:cf:37:5c:
61:6a:d9:31:a1:55:13:08:a5:3a:a0:e9:85:ed:46:
30:3a:de:01:85:34:45:8a:3a:a7:62:84:6d:3a:6a:
e7:62:2a:16:3c:45:ef:a1:3d:b0:a8:10:aa:91:94:
83:88:66:da:12:96:5f:a3:7f:5a:21:c9:d9:40:17:
85:50:af:20:25:4f:18:b9:e4:96:44:60:d3:f6:1c:
41:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:58:A6:77:7D:1E:01:59:82:01:59:CF:8A:1E:6C:7D:14:A5:5F:E5
X509v3 Authority Key Identifier:
keyid:74:B4:CD:3E:DF:52:1D:F8:EC:0A:15:11:11:27:2D:3F:B9:1B:99:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dLTNPt9SHfjsChURESctP7kbmcM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/9e47e9-3281-4d17-a6bc-e2a7fb848318/1/OFimd30eAVmCAVnPih5sfRSlX-U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/9e47e9-3281-4d17-a6bc-e2a7fb848318/1/dLTNPt9SHfjsChURESctP7kbmcM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.16.0/22
Signature Algorithm: sha256WithRSAEncryption
88:5d:41:88:98:c9:6a:bc:e6:fc:a2:05:41:e2:a7:02:7b:c8:
ae:20:bb:3d:6e:3d:57:cc:a9:9b:cb:66:8f:b8:8a:8a:0f:b4:
2a:46:ba:84:0a:d1:d3:a5:77:9a:9e:32:27:08:d6:87:91:14:
de:31:cd:c2:25:19:24:44:ae:b0:ff:24:f7:b4:c5:5a:2b:62:
2c:78:c2:e8:18:12:c2:0d:2b:e2:1d:b3:48:ad:82:16:8e:53:
eb:eb:03:a1:0d:ba:26:3d:6a:ef:3c:f5:05:ff:60:3f:21:20:
e6:6a:8b:e9:ae:6b:75:2b:76:48:11:2e:7e:e4:60:b1:c7:d3:
c3:70:10:6a:49:e4:4e:a3:3f:48:6f:ed:d2:bc:d6:28:f1:d1:
c7:ce:1e:e8:28:fd:a3:7a:f6:53:16:db:1f:a8:ac:86:64:55:
38:bd:cd:93:74:4a:45:80:99:88:27:d0:6d:ad:90:9b:80:75:
39:26:d3:d0:96:5d:c8:7a:73:b9:f9:e7:68:7f:c9:6f:08:e7:
75:21:05:76:60:4c:59:ec:5f:83:5f:f6:d3:75:38:5e:04:70:
bc:ff:82:e2:33:7b:c5:77:30:cd:4e:73:0b:51:04:91:3b:bf:
50:bc:bb:41:05:0e:69:c3:2d:6b:11:fe:ad:08:6e:e7:09:db:
7d:b5:ec:b9
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBY7IjTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NGI0Y2QzZWRmNTIxZGY4ZWMwYTE1MTExMTI3MmQzZmI5MWI5OWMzMB4XDTIyMDEw
MTA4NTMwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzg1OGE2Nzc3ZDFl
MDE1OTgyMDE1OWNmOGExZTZjN2QxNGE1NWZlNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALvBkUBOMRZanC0u8Kzfuniu0wv7qFLHnks8/4K0PYVYILdK
VpIvnzgA5R22oFEpEArkPDEEM+ln/fNGJGuHQJwPv9OS0s5Ugam39iRh1ErPBMvw
WqoShMbLfbJ07kxXXFHvIqeLFigw6DfaCCd4JMO3nJ3kWlGVJPySLLB4wZA7p67d
s919YNQaJDphznVxY9zhi/GxL1fzBPVqk5apU9IUreiSR36VZbaCF9f7r5QTzzdc
YWrZMaFVEwilOqDphe1GMDreAYU0RYo6p2KEbTpq52IqFjxF76E9sKgQqpGUg4hm
2hKWX6N/WiHJ2UAXhVCvICVPGLnklkRg0/YcQRkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ4WKZ3fR4BWYIBWc+KHmx9FKVf5TAfBgNVHSMEGDAWgBR0tM0+31Id+OwK
FRERJy0/uRuZwzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RMVE5QdDlTSGZqc0NoVVJFU2N0UDdrYm1jTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGUvOWU0N2U5LTMyODEtNGQxNy1hNmJjLWUyYTdmYjg0ODMxOC8x
L09GaW1kMzBlQVZtQ0FWblBpaDVzZlJTbFgtVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGUv
OWU0N2U5LTMyODEtNGQxNy1hNmJjLWUyYTdmYjg0ODMxOC8xL2RMVE5QdDlTSGZq
c0NoVVJFU2N0UDdrYm1jTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi2QEDANBgkqhkiG9w0BAQsFAAOC
AQEAiF1BiJjJarzm/KIFQeKnAnvIriC7PW49V8ypm8tmj7iKig+0Kka6hArR06V3
mp4yJwjWh5EU3jHNwiUZJESusP8k97TFWitiLHjC6BgSwg0r4h2zSK2CFo5T6+sD
oQ26Jj1q7zz1Bf9gPyEg5mqL6a5rdSt2SBEufuRgscfTw3AQaknkTqM/SG/t0rzW
KPHRx84e6Cj9o3r2UxbbH6ishmRVOL3Nk3RKRYCZiCfQba2Qm4B1OSbT0JZdyHpz
ufnnaH/JbwjndSEFdmBMWexfg1/203U4XgRwvP+C4jN7xXcwzU5zC1EEkTu/ULy7
QQUOacMtaxH+rQhu5wnbfbXsuQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:19 2023 by rpki-client on console-fra.rpki-client.org