Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/1QLx9Gpk-IEvUOIUxjaKVK5vMbc.roa
File: 1QLx9Gpk-IEvUOIUxjaKVK5vMbc.roa (raw, json)
Hash identifier: L/Ha+s/m/V0GTiaFImRGQ5hcXJFg0ksSL9oeG7ZcWOs=
Subject key identifier: D5:02:F1:F4:6A:64:F8:81:2F:50:E2:14:C6:36:8A:54:AE:6F:31:B7
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01823A53728A8C92AD414388DDE986A19D19
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/1QLx9Gpk-IEvUOIUxjaKVK5vMbc.roa
Signing time: Tue 26 Jul 2022 11:45:23 +0000
ROA not before: Tue 26 Jul 2022 11:45:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 137409
IP address blocks: 194.5.83.0/24 maxlen: 24
45.8.70.0/24 maxlen: 24
194.5.82.0/24 maxlen: 24
45.133.5.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:3a:53:72:8a:8c:92:ad:41:43:88:dd:e9:86:a1:9d:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jul 26 11:45:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d502f1f46a64f8812f50e214c6368a54ae6f31b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:94:08:d5:d9:7f:bb:32:31:93:35:ec:25:ff:
df:70:6d:13:9a:9f:c5:8d:bf:2d:08:67:4f:92:96:
59:ec:dc:34:fc:5d:f3:98:a0:21:2b:09:9a:a8:56:
92:c5:ba:0d:65:54:2f:a3:6e:25:86:ff:c1:74:68:
c5:83:14:a8:41:23:75:da:11:d2:d9:08:2f:a5:ff:
a6:ed:29:1e:ab:dc:3a:7b:cb:17:4f:ff:4b:65:45:
38:30:3f:eb:b3:5e:22:0c:19:be:ca:21:10:a9:dc:
9f:a6:b7:b8:51:10:ea:df:ef:61:6a:9f:e8:2f:70:
5c:a6:7d:bf:3a:4f:f1:28:16:c1:14:a5:ff:fb:ad:
0a:96:12:6f:80:cb:6e:bc:bb:c5:8b:50:8f:f2:31:
06:3a:7f:74:7f:10:92:52:4a:e3:85:18:5a:61:c2:
1a:65:8d:7a:b2:71:68:5a:56:29:39:20:3d:b3:53:
23:2c:27:fa:fa:23:e2:46:3d:f3:b1:76:93:37:f4:
a0:7d:21:35:62:4f:c3:b1:5f:3a:d3:29:9d:1c:59:
fb:83:06:e8:81:83:1e:76:2d:84:25:c5:76:39:72:
3d:31:24:39:3d:97:db:80:89:fd:bc:e7:1f:dc:7d:
b5:b1:40:1d:35:53:80:c3:02:36:70:09:2b:86:20:
19:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:02:F1:F4:6A:64:F8:81:2F:50:E2:14:C6:36:8A:54:AE:6F:31:B7
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/1QLx9Gpk-IEvUOIUxjaKVK5vMbc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.70.0/24
45.133.5.0/24
194.5.82.0/23
Signature Algorithm: sha256WithRSAEncryption
55:9d:a5:b1:4f:18:3c:1b:cf:85:de:1d:cb:2f:9a:a7:0d:b1:
97:4e:23:8d:4e:89:cf:31:00:a1:05:9c:b9:e2:ce:c6:3e:cb:
92:13:91:58:b4:52:69:4b:4d:83:81:01:7b:54:6b:fd:72:1b:
3c:1e:9d:db:9b:ce:71:f9:a1:4d:4b:7c:bc:62:eb:8a:77:1c:
f2:4b:70:61:74:3d:b6:41:dd:9c:48:9c:6f:a0:34:96:39:a1:
68:83:4a:29:6c:bf:b8:4a:3c:0b:0e:02:1d:37:09:cb:97:af:
c2:b1:01:66:1a:c7:1b:b7:07:8a:39:9d:63:87:06:ad:a5:ff:
f9:0e:52:b9:09:3d:1a:4c:ee:01:08:dd:1a:ed:67:9f:a9:d2:
2e:b8:ac:2c:52:cf:5e:0e:37:8c:0a:d6:d6:31:d4:0e:53:20:
0c:6f:03:fa:21:df:52:05:77:44:c7:5e:ec:a9:0a:28:f2:5e:
30:2a:a1:d0:8e:4d:26:69:0b:d5:08:8e:7e:94:59:28:55:3a:
77:be:5f:90:b5:57:c2:b6:4f:3b:92:40:7a:e9:56:82:41:f9:
ce:54:59:d5:c3:7e:7e:45:3f:08:d7:1d:6f:4a:4f:fe:ea:63:
95:01:c1:a4:91:7b:6b:26:c4:31:5a:3c:85:f5:b7:3f:e5:ae:
b3:e7:f7:20
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYI6U3KKjJKtQUOI3emGoZ0ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjIwNzI2MTE0NTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTAyZjFmNDZhNjRmODgxMmY1MGUyMTRjNjM2OGE1NGFlNmYzMWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg5QI1dl/uzIxkzXsJf/fcG0Tmp/F
jb8tCGdPkpZZ7Nw0/F3zmKAhKwmaqFaSxboNZVQvo24lhv/BdGjFgxSoQSN12hHS
2Qgvpf+m7Skeq9w6e8sXT/9LZUU4MD/rs14iDBm+yiEQqdyfpre4URDq3+9hap/o
L3Bcpn2/Ok/xKBbBFKX/+60KlhJvgMtuvLvFi1CP8jEGOn90fxCSUkrjhRhaYcIa
ZY16snFoWlYpOSA9s1MjLCf6+iPiRj3zsXaTN/SgfSE1Yk/DsV860ymdHFn7gwbo
gYMedi2EJcV2OXI9MSQ5PZfbgIn9vOcf3H21sUAdNVOAwwI2cAkrhiAZiQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNUC8fRqZPiBL1DiFMY2ilSubzG3MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvMVFMeDlHcGstSUV2VU9JVXhqYUtWSzV2TWJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALQhGAwQA
LYUFAwQBwgVSMA0GCSqGSIb3DQEBCwUAA4IBAQBVnaWxTxg8G8+F3h3LL5qnDbGX
TiONTonPMQChBZy54s7GPsuSE5FYtFJpS02DgQF7VGv9chs8Hp3bm85x+aFNS3y8
YuuKdxzyS3BhdD22Qd2cSJxvoDSWOaFog0opbL+4SjwLDgIdNwnLl6/CsQFmGscb
tweKOZ1jhwatpf/5DlK5CT0aTO4BCN0a7WefqdIuuKwsUs9eDjeMCtbWMdQOUyAM
bwP6Id9SBXdEx17sqQoo8l4wKqHQjk0maQvVCI5+lFkoVTp3vl+QtVfCtk87kkB6
6VaCQfnOVFnVw35+RT8I1x1vSk/+6mOVAcGkkXtrJsQxWjyF9bc/5a6z5/cg
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:57 2023 by rpki-client on console-fra.rpki-client.org