Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/0735e3-00aa-405d-89bb-96a404c790b7/1/XzIKobHntyAFUXLfYyaLRL1_shc.roa
File: XzIKobHntyAFUXLfYyaLRL1_shc.roa (raw, json)
Hash identifier: 1MbzaaRkmPW09DnJzeYGf/Llrv0PPyVttbqzOBfbm8g=
Subject key identifier: 5F:32:0A:A1:B1:E7:B7:20:05:51:72:DF:63:26:8B:44:BD:7F:B2:17
Certificate issuer: /CN=787650d0951529b1a817232c12c42e49b889e1b8
Certificate serial: 0182EAE2C391055D73ACAC35BC38EF96811C
Authority key identifier: 78:76:50:D0:95:15:29:B1:A8:17:23:2C:12:C4:2E:49:B8:89:E1:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eHZQ0JUVKbGoFyMsEsQuSbiJ4bg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/0735e3-00aa-405d-89bb-96a404c790b7/1/XzIKobHntyAFUXLfYyaLRL1_shc.roa
Signing time: Mon 29 Aug 2022 18:35:05 +0000
ROA not before: Mon 29 Aug 2022 18:35:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 834
IP address blocks: 45.150.149.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:ea:e2:c3:91:05:5d:73:ac:ac:35:bc:38:ef:96:81:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=787650d0951529b1a817232c12c42e49b889e1b8
Validity
Not Before: Aug 29 18:35:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5f320aa1b1e7b720055172df63268b44bd7fb217
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:47:b3:47:23:9f:3c:ca:e4:06:2c:e7:14:dd:
1a:26:2c:a2:60:84:4b:e6:56:3e:19:0e:06:54:1a:
8d:f5:96:cb:7d:1d:57:c2:a0:49:21:74:7f:eb:b0:
13:dd:f9:b0:66:f8:75:ec:c6:6c:ce:2d:7d:3b:20:
cc:ef:44:e0:de:80:31:20:8c:82:6c:9c:97:27:b0:
5f:77:ec:0d:e3:f9:ac:da:ce:a5:9b:02:85:08:12:
89:de:fd:48:e5:15:80:5a:51:54:00:59:62:e3:30:
43:d5:fb:67:11:0c:41:7e:0f:a6:fe:fc:94:0a:bb:
50:49:d3:2c:6a:b8:db:c9:2d:d2:5a:90:ba:2a:ee:
d0:4a:45:7a:fa:43:7d:e6:9c:b3:4b:79:d4:75:70:
90:c9:ea:14:1c:72:3a:c9:7b:d3:b5:f0:34:5a:e6:
43:87:f7:51:c8:ba:b5:48:f4:e4:7f:6b:dc:62:5e:
8a:34:d7:7f:ff:58:87:ff:01:f5:e6:61:1b:10:cc:
e9:79:f7:8e:f5:d1:e2:0b:f7:95:7a:b2:e6:b5:e0:
86:71:2c:10:3f:d4:ad:96:da:b4:56:a8:21:65:ff:
6b:76:20:17:81:8c:b9:db:56:e4:a6:9e:73:69:40:
ec:62:ba:81:20:a4:f3:6c:e7:32:57:70:a1:f9:05:
ae:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:32:0A:A1:B1:E7:B7:20:05:51:72:DF:63:26:8B:44:BD:7F:B2:17
X509v3 Authority Key Identifier:
keyid:78:76:50:D0:95:15:29:B1:A8:17:23:2C:12:C4:2E:49:B8:89:E1:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eHZQ0JUVKbGoFyMsEsQuSbiJ4bg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/0735e3-00aa-405d-89bb-96a404c790b7/1/XzIKobHntyAFUXLfYyaLRL1_shc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/0735e3-00aa-405d-89bb-96a404c790b7/1/eHZQ0JUVKbGoFyMsEsQuSbiJ4bg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.150.149.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:4e:20:5c:1c:e3:d8:9b:25:df:92:66:f3:32:3d:96:f4:e8:
2d:56:b7:17:cb:c3:3e:84:4c:a8:ce:1b:b8:04:c9:7b:89:6e:
6d:4f:f3:f4:24:20:b1:f3:de:09:b3:a4:89:56:42:f0:9e:17:
8a:16:2b:0c:3d:a2:71:1d:bd:19:12:06:78:39:01:5f:d0:6f:
9b:93:0a:8c:ed:f8:fe:bf:af:ce:5a:cd:1c:38:6a:23:33:2a:
a6:0f:89:b9:c3:40:43:ab:ee:56:12:44:02:47:ee:e9:5e:4d:
33:85:76:f2:77:d6:db:e0:8a:d1:18:da:30:46:78:0d:f1:08:
d7:5f:fa:61:21:2b:5d:73:ae:c5:87:44:dc:e8:c9:74:d4:d3:
16:89:25:23:9f:e5:40:9b:41:af:3b:61:13:47:0c:42:81:00:
02:29:39:67:d3:32:39:13:8f:e7:10:f2:4e:7e:80:a3:12:2c:
6d:6f:41:18:c3:c4:7f:30:b0:00:32:f3:41:75:d5:14:69:83:
59:45:0f:81:72:a7:be:a9:22:67:ac:d1:34:8e:b5:7d:de:1d:
1c:b2:f2:4e:b9:aa:a8:92:61:4c:a2:54:49:ec:ab:2f:0c:58:
4e:05:ea:84:a4:d8:e4:d9:07:ff:be:aa:29:05:f6:6f:ab:91:
b9:79:df:9e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYLq4sORBV1zrKw1vDjvloEcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4NzY1MGQwOTUxNTI5YjFhODE3MjMyYzEyYzQyZTQ5Yjg4
OWUxYjgwHhcNMjIwODI5MTgzNTA1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjMyMGFhMWIxZTdiNzIwMDU1MTcyZGY2MzI2OGI0NGJkN2ZiMjE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjUezRyOfPMrkBiznFN0aJiyiYIRL
5lY+GQ4GVBqN9ZbLfR1XwqBJIXR/67AT3fmwZvh17MZszi19OyDM70Tg3oAxIIyC
bJyXJ7Bfd+wN4/ms2s6lmwKFCBKJ3v1I5RWAWlFUAFli4zBD1ftnEQxBfg+m/vyU
CrtQSdMsarjbyS3SWpC6Ku7QSkV6+kN95pyzS3nUdXCQyeoUHHI6yXvTtfA0WuZD
h/dRyLq1SPTkf2vcYl6KNNd//1iH/wH15mEbEMzpefeO9dHiC/eVerLmteCGcSwQ
P9Stltq0VqghZf9rdiAXgYy521bkpp5zaUDsYrqBIKTzbOcyV3Ch+QWuHwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF8yCqGx57cgBVFy32Mmi0S9f7IXMB8GA1UdIwQY
MBaAFHh2UNCVFSmxqBcjLBLELkm4ieG4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZUhaUTBKVVZLYkdvRnlNc0VzUXVTYmlKNGJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8wNzM1ZTMtMDBhYS00MDVkLTg5YmIt
OTZhNDA0Yzc5MGI3LzEvWHpJS29iSG50eUFGVVhMZll5YUxSTDFfc2hjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8wNzM1ZTMtMDBhYS00MDVkLTg5YmItOTZhNDA0Yzc5MGI3
LzEvZUhaUTBKVVZLYkdvRnlNc0VzUXVTYmlKNGJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZaVMA0G
CSqGSIb3DQEBCwUAA4IBAQAqTiBcHOPYmyXfkmbzMj2W9OgtVrcXy8M+hEyozhu4
BMl7iW5tT/P0JCCx894Js6SJVkLwnheKFisMPaJxHb0ZEgZ4OQFf0G+bkwqM7fj+
v6/OWs0cOGojMyqmD4m5w0BDq+5WEkQCR+7pXk0zhXbyd9bb4IrRGNowRngN8QjX
X/phIStdc67Fh0Tc6Ml01NMWiSUjn+VAm0GvO2ETRwxCgQACKTln0zI5E4/nEPJO
foCjEixtb0EYw8R/MLAAMvNBddUUaYNZRQ+Bcqe+qSJnrNE0jrV93h0csvJOuaqo
kmFMolRJ7KsvDFhOBeqEpNjk2Qf/vqopBfZvq5G5ed+e
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:33 2024 by rpki-client on console-fra.rpki-client.org