Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/2q7l0BWplzxLbncDSYKT5MDEAWw.roa
File: 2q7l0BWplzxLbncDSYKT5MDEAWw.roa (raw, json)
Hash identifier: a3gnwnUSZqGZr+RzgaxVq24gsYjgAxYPtcvi+0EToOU=
Subject key identifier: DA:AE:E5:D0:15:A9:97:3C:4B:6E:77:03:49:82:93:E4:C0:C4:01:6C
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0CB0580F
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/2q7l0BWplzxLbncDSYKT5MDEAWw.roa
Signing time: Sat 01 Jan 2022 05:04:54 +0000
ROA not before: Sat 01 Jan 2022 05:04:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 32181
IP address blocks: 45.85.106.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 212883471 (0xcb0580f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 1 05:04:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=daaee5d015a9973c4b6e7703498293e4c0c4016c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:d6:ca:2e:8a:b4:75:c6:94:67:76:c5:4e:82:
a9:e3:f1:00:b3:31:ab:17:6f:49:79:2c:0b:c6:ed:
3a:24:97:92:af:19:b8:52:28:a7:47:bc:55:f7:84:
ee:5b:36:3a:3d:3d:ed:d9:b1:02:d2:4b:b4:9b:3b:
05:ea:8b:8c:39:9c:e4:4e:54:d4:40:6c:b5:06:ab:
49:98:a3:e1:48:c9:62:b7:bc:95:fe:25:08:c3:87:
53:5f:0d:b7:77:3a:41:f1:08:35:26:1f:13:aa:2e:
f6:70:40:86:6c:a4:f0:fb:f4:11:a6:f4:b7:5d:95:
75:d7:cf:b6:55:1c:1a:3c:c6:f0:31:d2:e9:28:2a:
02:80:33:99:ad:8f:11:91:39:98:8f:08:d6:db:23:
2c:5a:ef:3e:d4:4d:9e:94:16:2b:c2:d2:41:89:eb:
47:fe:05:b8:0b:07:d8:53:59:14:80:f2:36:f8:63:
c1:c6:21:22:20:79:49:cb:c8:17:59:0c:c0:bc:f0:
68:a7:ee:a7:11:97:5c:9a:69:e7:48:ac:fa:15:2e:
b1:49:52:e1:dd:ba:e5:07:3c:da:fd:bd:6e:2a:8f:
17:79:07:c6:c0:52:b6:7f:5a:05:f4:71:41:21:c6:
18:da:1c:f1:af:b7:41:a4:2e:6c:c7:57:01:4c:d8:
38:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:AE:E5:D0:15:A9:97:3C:4B:6E:77:03:49:82:93:E4:C0:C4:01:6C
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/2q7l0BWplzxLbncDSYKT5MDEAWw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.106.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:74:40:1d:86:a0:1d:89:33:5c:93:8f:13:e1:72:b0:68:4b:
04:1c:76:9b:d4:a8:ce:d2:fd:4c:c7:64:21:d5:e4:b5:1e:65:
cc:3a:2a:f6:04:6c:0c:9a:9c:69:05:bc:6a:90:40:27:50:d2:
c0:f0:5e:17:16:46:6f:ae:8f:e8:75:79:54:55:e8:0e:88:39:
01:70:8f:3a:7c:d7:11:ef:b3:b9:54:6d:3b:14:be:be:5d:8b:
25:bc:4e:6f:9a:19:3e:ad:68:b7:a0:ef:eb:5e:25:53:a2:81:
7d:74:8f:62:ac:9f:d6:86:d3:47:ba:17:f5:fb:2d:c1:0b:27:
a2:26:ea:28:42:93:1b:73:b7:50:6d:6a:1b:2f:18:82:3b:3f:
30:ec:84:c5:3d:90:85:87:82:7d:1c:95:af:cc:97:86:ba:2f:
19:96:d6:ed:0b:ee:c0:5e:7b:ca:7b:cf:ba:72:1d:57:58:30:
ff:d9:60:6d:6e:89:ac:69:1b:24:9e:dd:65:af:e3:41:f9:e0:
f5:a8:cb:d4:b5:de:08:71:fc:f9:69:a9:e8:05:88:72:3d:d2:
67:fe:ae:36:fc:89:52:04:a5:c2:7d:99:13:65:df:06:28:60:
ea:40:41:8f:8e:cf:06:3a:7f:c4:d3:8c:a5:97:1c:96:8c:5a:
1d:54:21:d5
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEDLBYDzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NmMyYTRiN2Q1ZDczYzViNTcwNDYyMjNiZjMwZWI2NTMwMDViMGUyMB4XDTIyMDEw
MTA1MDQ1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGFhZWU1ZDAxNWE5
OTczYzRiNmU3NzAzNDk4MjkzZTRjMGM0MDE2YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALrWyi6KtHXGlGd2xU6CqePxALMxqxdvSXksC8btOiSXkq8Z
uFIop0e8VfeE7ls2Oj097dmxAtJLtJs7BeqLjDmc5E5U1EBstQarSZij4UjJYre8
lf4lCMOHU18Nt3c6QfEINSYfE6ou9nBAhmyk8Pv0Eab0t12VddfPtlUcGjzG8DHS
6SgqAoAzma2PEZE5mI8I1tsjLFrvPtRNnpQWK8LSQYnrR/4FuAsH2FNZFIDyNvhj
wcYhIiB5ScvIF1kMwLzwaKfupxGXXJpp50is+hUusUlS4d265Qc82v29biqPF3kH
xsBStn9aBfRxQSHGGNoc8a+3QaQubMdXAUzYODECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTaruXQFamXPEtudwNJgpPkwMQBbDAfBgNVHSMEGDAWgBQ2wqS31dc8W1cE
YiO/MOtlMAWw4jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05zS2t0OVhYUEZ0WEJHSWp2ekRyWlRBRnNPSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmMvOGRkODVhLWJmOGYtNDI1ZS1hMjRiLTJjY2VkYjk2NmE1OC8x
LzJxN2wwQldwbHp4TGJuY0RTWUtUNU1ERUFXdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmMv
OGRkODVhLWJmOGYtNDI1ZS1hMjRiLTJjY2VkYjk2NmE1OC8xL05zS2t0OVhYUEZ0
WEJHSWp2ekRyWlRBRnNPSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC1VajANBgkqhkiG9w0BAQsFAAOC
AQEAX3RAHYagHYkzXJOPE+FysGhLBBx2m9SoztL9TMdkIdXktR5lzDoq9gRsDJqc
aQW8apBAJ1DSwPBeFxZGb66P6HV5VFXoDog5AXCPOnzXEe+zuVRtOxS+vl2LJbxO
b5oZPq1ot6Dv614lU6KBfXSPYqyf1obTR7oX9fstwQsnoibqKEKTG3O3UG1qGy8Y
gjs/MOyExT2QhYeCfRyVr8yXhrovGZbW7QvuwF57ynvPunIdV1gw/9lgbW6JrGkb
JJ7dZa/jQfng9ajL1LXeCHH8+Wmp6AWIcj3SZ/6uNvyJUgSlwn2ZE2XfBihg6kBB
j47PBjp/xNOMpZccloxaHVQh1Q==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:57 2023 by rpki-client on console-fra.rpki-client.org