Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/67cCO93KF-5BNyPOpwZcu1pEHoI.roa
File: 67cCO93KF-5BNyPOpwZcu1pEHoI.roa (raw, json)
Hash identifier: hv3KSkUjt/844qgxgli+sUsggesdYxk9k+5QoaPDxvU=
Subject key identifier: EB:B7:02:3B:DD:CA:17:EE:41:37:23:CE:A7:06:5C:BB:5A:44:1E:82
Certificate issuer: /CN=bb830630f23b070a2b7bdf529f73948c97eacd40
Certificate serial: 01856072EAD9044B81EC307BC536486AF441
Authority key identifier: BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/67cCO93KF-5BNyPOpwZcu1pEHoI.roa
Signing time: Fri 30 Dec 2022 00:33:42 +0000
ROA not before: Fri 30 Dec 2022 00:33:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43624
IP address blocks: 45.67.228.0/24 maxlen: 24
45.67.231.0/24 maxlen: 24
2a09:7c40::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:60:72:ea:d9:04:4b:81:ec:30:7b:c5:36:48:6a:f4:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb830630f23b070a2b7bdf529f73948c97eacd40
Validity
Not Before: Dec 30 00:33:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ebb7023bddca17ee413723cea7065cbb5a441e82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:0d:71:c7:3f:6c:c4:3b:99:f9:b9:1e:a9:09:
03:4b:e6:9c:c1:23:1f:f5:1e:e7:6c:8c:77:44:99:
50:16:76:05:fd:1a:ee:f7:4a:d4:4e:d5:c8:29:bb:
e8:2e:4d:84:18:a2:83:2e:2e:9c:cc:b0:2b:36:1d:
2c:55:13:5f:5c:0b:e1:df:21:88:78:52:ca:a3:f4:
3e:e2:64:f6:2d:83:37:cb:0c:cc:59:ff:34:71:45:
e3:9d:c3:5b:f1:0b:da:79:ef:f4:1f:99:75:33:1a:
77:63:6e:4a:41:b4:45:cd:fc:29:55:88:d0:fa:43:
51:00:f1:55:2a:75:73:a7:86:67:ce:2f:8a:75:31:
4f:b8:e7:4c:c5:99:fd:95:d2:bf:14:59:cf:aa:66:
2f:41:3b:28:82:a6:73:7c:b2:1d:2f:3f:90:b2:95:
38:cf:39:c0:47:93:12:86:00:b6:c1:68:f2:87:3a:
d5:8f:a4:aa:ab:22:16:6c:fe:c6:16:f0:bd:57:ff:
3b:5e:38:2d:93:ca:0c:c6:6e:14:8c:a7:32:9c:8a:
38:1a:f5:5b:6f:3b:bd:3c:56:af:cf:4a:e6:ec:60:
85:66:9d:31:a4:66:c7:fa:fc:03:40:a9:64:22:5b:
2b:11:c5:fd:12:94:d7:6d:82:bb:b9:bc:29:75:fb:
16:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:B7:02:3B:DD:CA:17:EE:41:37:23:CE:A7:06:5C:BB:5A:44:1E:82
X509v3 Authority Key Identifier:
keyid:BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/67cCO93KF-5BNyPOpwZcu1pEHoI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/u4MGMPI7Bwore99Sn3OUjJfqzUA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.228.0/24
45.67.231.0/24
IPv6:
2a09:7c40::/32
Signature Algorithm: sha256WithRSAEncryption
89:ba:41:f4:8a:61:00:15:8c:ee:1f:c6:90:7c:db:0a:c7:e2:
3e:e5:7a:6d:fb:8f:21:71:6d:44:a0:c0:9c:fa:b6:28:58:8a:
7b:41:00:f5:a2:ad:2e:6b:5f:2b:a0:e2:c6:45:bf:8f:f0:e2:
89:73:1f:70:42:c7:90:4c:f9:e3:da:88:27:bb:c9:5f:e8:6f:
96:e3:98:c9:20:6e:b4:3e:65:b2:aa:4e:76:7e:37:29:54:8e:
c2:ab:98:35:45:e1:39:20:ee:8c:93:e9:4c:15:cd:54:c7:0e:
8a:8a:7f:79:4a:5d:f5:9e:7d:75:df:6f:81:b5:41:7b:db:05:
c2:b5:d3:51:e3:50:ea:90:9b:4e:2c:1f:c9:73:f1:e1:37:8a:
86:b3:8d:42:b6:22:91:b5:52:a5:32:cf:91:e4:c4:60:7d:db:
6c:eb:67:93:6f:b4:a0:8b:52:07:12:72:79:e0:01:b5:29:a7:
09:e7:93:36:a3:b7:af:8c:2c:24:3e:c1:44:54:b9:f7:1f:fa:
2b:8c:86:06:6b:cb:cb:74:86:6e:52:40:a1:76:da:2d:23:42:
4f:40:a3:dd:d5:28:32:66:d5:64:bf:d5:ae:47:b2:85:fd:e5:
98:5d:52:14:72:2f:db:26:df:7b:84:87:ef:af:6f:9f:e0:82:
9f:46:b6:b2
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVgcurZBEuB7DB7xTZIavRBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiODMwNjMwZjIzYjA3MGEyYjdiZGY1MjlmNzM5NDhjOTdl
YWNkNDAwHhcNMjIxMjMwMDAzMzQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYmI3MDIzYmRkY2ExN2VlNDEzNzIzY2VhNzA2NWNiYjVhNDQxZTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlQ1xxz9sxDuZ+bkeqQkDS+acwSMf
9R7nbIx3RJlQFnYF/Rru90rUTtXIKbvoLk2EGKKDLi6czLArNh0sVRNfXAvh3yGI
eFLKo/Q+4mT2LYM3ywzMWf80cUXjncNb8Qvaee/0H5l1Mxp3Y25KQbRFzfwpVYjQ
+kNRAPFVKnVzp4Znzi+KdTFPuOdMxZn9ldK/FFnPqmYvQTsogqZzfLIdLz+QspU4
zznAR5MShgC2wWjyhzrVj6SqqyIWbP7GFvC9V/87Xjgtk8oMxm4UjKcynIo4GvVb
bzu9PFavz0rm7GCFZp0xpGbH+vwDQKlkIlsrEcX9EpTXbYK7ubwpdfsWxwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFOu3AjvdyhfuQTcjzqcGXLtaRB6CMB8GA1UdIwQY
MBaAFLuDBjDyOwcKK3vfUp9zlIyX6s1AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMt
MTE5ZWZjYmIyMDIzLzEvNjdjQ085M0tGLTVCTnlQT3B3WmN1MXBFSG9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMtMTE5ZWZjYmIyMDIz
LzEvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQALUPkAwQA
LUPnMA0EAgACMAcDBQAqCXxAMA0GCSqGSIb3DQEBCwUAA4IBAQCJukH0imEAFYzu
H8aQfNsKx+I+5Xpt+48hcW1EoMCc+rYoWIp7QQD1oq0ua18roOLGRb+P8OKJcx9w
QseQTPnj2ognu8lf6G+W45jJIG60PmWyqk52fjcpVI7Cq5g1ReE5IO6Mk+lMFc1U
xw6Kin95Sl31nn1132+BtUF72wXCtdNR41DqkJtOLB/Jc/HhN4qGs41CtiKRtVKl
Ms+R5MRgfdts62eTb7Sgi1IHEnJ54AG1KacJ55M2o7evjCwkPsFEVLn3H/orjIYG
a8vLdIZuUkChdtotI0JPQKPd1SgyZtVkv9WuR7KF/eWYXVIUci/bJt97hIfvr2+f
4IKfRray
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:41:06 2024 by rpki-client on console-fra.rpki-client.org