Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/f3695c-e340-4e2f-afeb-6b95d3c89c91/1/p-ksfoerDQhjoq4cOs4xRdzB31M.roa
File: p-ksfoerDQhjoq4cOs4xRdzB31M.roa (raw, json)
Hash identifier: LTjbBouDKCH39PFc4Sx5tMxM9qixc4Bil51f9sJodcc=
Subject key identifier: A7:E9:2C:7E:87:AB:0D:08:63:A2:AE:1C:3A:CE:31:45:DC:C1:DF:53
Certificate issuer: /CN=4caf11150ce5fe9f70f36c9806747bb682b1ca21
Certificate serial: 0182F4639283FC5265FC128EBFE4A0D3DDDC
Authority key identifier: 4C:AF:11:15:0C:E5:FE:9F:70:F3:6C:98:06:74:7B:B6:82:B1:CA:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TK8RFQzl_p9w82yYBnR7toKxyiE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/f3695c-e340-4e2f-afeb-6b95d3c89c91/1/p-ksfoerDQhjoq4cOs4xRdzB31M.roa
Signing time: Wed 31 Aug 2022 14:52:22 +0000
ROA not before: Wed 31 Aug 2022 14:52:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48817
IP address blocks: 45.67.64.0/22 maxlen: 24
2a09:7140::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:f4:63:92:83:fc:52:65:fc:12:8e:bf:e4:a0:d3:dd:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4caf11150ce5fe9f70f36c9806747bb682b1ca21
Validity
Not Before: Aug 31 14:52:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a7e92c7e87ab0d0863a2ae1c3ace3145dcc1df53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:d0:1e:54:c9:f0:7f:b9:61:20:13:0e:03:71:
c2:f3:93:18:e8:87:ed:22:58:1f:9f:61:fe:21:72:
d8:c3:d9:60:44:56:85:c5:1c:93:1a:05:5e:2a:bb:
e9:1c:7f:e0:13:39:51:c1:de:c1:26:f4:fc:fb:07:
77:6f:15:e0:0c:91:08:4d:bc:1b:9f:a6:57:1c:c9:
ca:21:1a:d2:e2:8c:4e:34:6d:40:94:4b:a7:6c:e0:
ee:9f:7c:bc:3d:99:4b:62:ac:87:81:e8:7f:b6:7c:
8e:d6:c6:98:81:52:df:3f:87:80:09:f5:4a:62:c9:
7f:f6:9a:72:02:24:96:4b:f1:da:55:b9:b0:94:28:
3b:dc:66:71:97:29:e1:be:70:bc:3e:6b:57:8e:9a:
79:e4:11:36:ea:11:26:78:07:b0:f4:83:04:65:28:
47:df:53:9c:4a:ed:8b:cd:ce:09:48:1a:72:7c:7a:
fe:8a:28:fb:c2:fd:51:52:48:e7:bc:80:da:3e:c3:
31:9f:45:00:2e:04:d8:89:e4:2b:f9:04:d7:87:7b:
99:57:bf:ac:36:bc:f5:80:d2:3d:fa:ef:8a:5b:52:
55:c5:35:89:fc:30:12:5d:be:8a:a1:63:e3:5e:1a:
a5:74:77:6f:24:5d:a6:31:ed:12:63:35:a5:8a:eb:
b3:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:E9:2C:7E:87:AB:0D:08:63:A2:AE:1C:3A:CE:31:45:DC:C1:DF:53
X509v3 Authority Key Identifier:
keyid:4C:AF:11:15:0C:E5:FE:9F:70:F3:6C:98:06:74:7B:B6:82:B1:CA:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TK8RFQzl_p9w82yYBnR7toKxyiE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/f3695c-e340-4e2f-afeb-6b95d3c89c91/1/p-ksfoerDQhjoq4cOs4xRdzB31M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/f3695c-e340-4e2f-afeb-6b95d3c89c91/1/TK8RFQzl_p9w82yYBnR7toKxyiE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.64.0/22
IPv6:
2a09:7140::/29
Signature Algorithm: sha256WithRSAEncryption
35:fd:0d:55:82:39:de:48:7a:e7:42:35:bf:b4:77:2c:88:a2:
33:3f:9e:2c:1f:40:89:25:bb:65:ef:f3:a8:87:53:47:c7:b4:
46:4c:78:3a:91:f4:60:8b:fe:3f:8f:50:aa:a3:17:d1:f1:81:
eb:79:fc:49:99:76:07:90:92:ed:cf:b4:d7:d3:19:e5:43:16:
c9:61:76:ef:9f:76:8d:67:8b:ec:65:de:a5:d9:5d:c9:c5:33:
ff:7c:6a:4b:55:26:54:b6:80:a5:e1:fc:d4:55:87:ca:b1:93:
18:6a:2f:94:39:ab:06:46:37:a3:a6:4a:42:cc:01:be:4b:13:
60:d5:70:67:11:bc:ee:d0:10:14:a7:ef:34:6c:ed:e1:df:b8:
68:fd:64:68:78:3f:06:87:67:a3:4f:14:b5:0f:7b:d4:3d:a9:
ac:32:ee:27:1d:66:7b:87:47:3e:4d:c1:e8:cf:c8:23:47:75:
3d:0f:50:bb:d7:71:c1:02:a9:48:0b:82:dd:43:36:fd:2a:4b:
44:55:d2:bd:f7:7e:99:5d:ec:6d:b2:73:5a:d5:d0:9e:2c:f6:
69:5d:30:a8:f0:cd:fd:24:f7:e0:6f:d6:14:e0:ec:25:2b:9c:
6c:62:20:b4:0d:bb:91:78:48:7e:9d:5e:45:37:65:e5:1b:2d:
8b:eb:bd:37
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYL0Y5KD/FJl/BKOv+Sg093cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjYWYxMTE1MGNlNWZlOWY3MGYzNmM5ODA2NzQ3YmI2ODJi
MWNhMjEwHhcNMjIwODMxMTQ1MjIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhN2U5MmM3ZTg3YWIwZDA4NjNhMmFlMWMzYWNlMzE0NWRjYzFkZjUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAztAeVMnwf7lhIBMOA3HC85MY6Ift
Ilgfn2H+IXLYw9lgRFaFxRyTGgVeKrvpHH/gEzlRwd7BJvT8+wd3bxXgDJEITbwb
n6ZXHMnKIRrS4oxONG1AlEunbODun3y8PZlLYqyHgeh/tnyO1saYgVLfP4eACfVK
Ysl/9ppyAiSWS/HaVbmwlCg73GZxlynhvnC8PmtXjpp55BE26hEmeAew9IMEZShH
31OcSu2Lzc4JSBpyfHr+iij7wv1RUkjnvIDaPsMxn0UALgTYieQr+QTXh3uZV7+s
Nrz1gNI9+u+KW1JVxTWJ/DASXb6KoWPjXhqldHdvJF2mMe0SYzWliuuzMwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKfpLH6Hqw0IY6KuHDrOMUXcwd9TMB8GA1UdIwQY
MBaAFEyvERUM5f6fcPNsmAZ0e7aCscohMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEs4UkZRemxfcDl3ODJ5WUJuUjd0b0t4eWlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy9mMzY5NWMtZTM0MC00ZTJmLWFmZWIt
NmI5NWQzYzg5YzkxLzEvcC1rc2ZvZXJEUWhqb3E0Y09zNHhSZHpCMzFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy9mMzY5NWMtZTM0MC00ZTJmLWFmZWItNmI5NWQzYzg5Yzkx
LzEvVEs4UkZRemxfcDl3ODJ5WUJuUjd0b0t4eWlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLUNAMA0E
AgACMAcDBQMqCXFAMA0GCSqGSIb3DQEBCwUAA4IBAQA1/Q1VgjneSHrnQjW/tHcs
iKIzP54sH0CJJbtl7/Ooh1NHx7RGTHg6kfRgi/4/j1CqoxfR8YHrefxJmXYHkJLt
z7TX0xnlQxbJYXbvn3aNZ4vsZd6l2V3JxTP/fGpLVSZUtoCl4fzUVYfKsZMYai+U
OasGRjejpkpCzAG+SxNg1XBnEbzu0BAUp+80bO3h37ho/WRoeD8Gh2ejTxS1D3vU
PamsMu4nHWZ7h0c+TcHoz8gjR3U9D1C713HBAqlIC4LdQzb9KktEVdK9936ZXext
snNa1dCeLPZpXTCo8M39JPfgb9YU4OwlK5xsYiC0DbuReEh+nV5FN2XlGy2L6703
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:11 2024 by rpki-client on console-ams.rpki-client.org