Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/9QufzlT8BPucd9_-xgOhxTattzA.roa
File: 9QufzlT8BPucd9_-xgOhxTattzA.roa (raw, json)
Hash identifier: ENvK0BuDuyP6Z7awwtur7T3/xL58jU8MH1nZRt+kNu0=
Subject key identifier: F5:0B:9F:CE:54:FC:04:FB:9C:77:DF:FE:C6:03:A1:C5:36:AD:B7:30
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01847F9026FA4016D398A16828A49738A54F
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/9QufzlT8BPucd9_-xgOhxTattzA.roa
Signing time: Wed 16 Nov 2022 08:31:04 +0000
ROA not before: Wed 16 Nov 2022 08:31:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206286
IP address blocks: 45.141.24.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:7f:90:26:fa:40:16:d3:98:a1:68:28:a4:97:38:a5:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Nov 16 08:31:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f50b9fce54fc04fb9c77dffec603a1c536adb730
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:dd:23:b0:46:78:85:ab:ae:71:13:9f:1f:c4:
e2:37:af:d0:ee:a7:26:e7:03:bd:a8:87:b5:82:f3:
50:8b:18:c2:69:c2:40:b6:4b:1a:19:38:3b:89:38:
00:94:63:93:f3:61:cd:0a:e9:2c:5d:91:05:ea:54:
30:93:11:4d:d1:a2:d1:51:b1:b1:bd:0c:ba:d4:0e:
d4:76:75:cf:97:1b:82:f0:10:96:76:2f:38:9a:ec:
8d:98:61:6e:46:c6:d2:be:c5:79:6a:5f:8c:d3:3c:
2e:9e:26:9e:d4:97:12:03:c0:2a:22:ab:92:73:23:
96:bf:cd:50:a7:49:13:7b:40:a7:1f:78:44:18:64:
b1:cc:e9:d6:6a:db:b3:51:e0:47:4f:b9:6c:ff:be:
4f:c0:42:be:64:40:07:ac:4b:3b:b2:c2:62:56:3b:
42:49:d4:dd:02:ea:07:ac:59:dd:a2:8d:2a:09:5c:
79:56:38:6a:73:6c:b7:ab:f4:43:87:b3:f3:96:17:
7b:c4:14:6e:de:eb:fb:e4:41:87:94:39:ad:00:e0:
a4:a9:88:78:11:d5:ca:f3:1f:2f:2b:be:d7:78:0c:
dd:b5:7f:3f:1b:e5:03:d0:e3:44:c7:04:ea:e6:78:
c1:03:36:1d:0f:6e:38:4a:42:4e:65:b5:c6:63:73:
21:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:0B:9F:CE:54:FC:04:FB:9C:77:DF:FE:C6:03:A1:C5:36:AD:B7:30
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/9QufzlT8BPucd9_-xgOhxTattzA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.24.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:c2:ac:25:59:c9:87:65:bd:73:85:95:78:9a:e1:21:3f:38:
08:85:73:55:aa:e6:d0:63:a4:ff:b5:ef:ca:27:21:a3:5b:70:
2e:13:b8:fe:f3:42:88:be:80:4c:04:07:83:d5:96:b5:84:e0:
46:72:b7:7d:4f:2b:7e:7c:44:fe:69:bc:37:26:b6:48:9a:33:
a8:30:ac:0d:17:8f:fb:2b:d7:5b:7e:cd:55:56:f5:86:54:75:
08:7d:9d:d3:99:99:8e:32:67:21:f8:69:70:a0:e5:3f:c5:45:
46:a5:ef:be:cd:88:94:8f:c3:f4:0d:db:dc:7c:3f:ba:06:21:
00:bf:43:94:ab:bc:eb:b5:bb:a0:1a:97:33:04:a8:37:27:a1:
61:87:b3:24:25:67:94:cb:27:75:29:63:2f:bf:61:33:74:03:
f7:67:bc:69:75:66:0a:6d:b3:5b:07:c1:4a:72:94:5f:1a:ae:
e7:eb:f5:cf:99:14:d2:f4:b1:0f:e3:84:1a:6d:76:f1:42:89:
a2:72:95:8b:85:28:2a:ef:c0:40:30:1d:9c:66:c6:98:6f:55:
e4:0d:4e:09:74:43:b8:b6:fa:36:9f:69:82:d0:38:5c:ab:41:
83:5f:70:2d:71:9a:ea:bf:a4:4d:0f:52:d6:cd:35:aa:f0:6a:
7c:9d:bc:bf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYR/kCb6QBbTmKFoKKSXOKVPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjIxMTE2MDgzMTA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTBiOWZjZTU0ZmMwNGZiOWM3N2RmZmVjNjAzYTFjNTM2YWRiNzMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAst0jsEZ4hauucROfH8TiN6/Q7qcm
5wO9qIe1gvNQixjCacJAtksaGTg7iTgAlGOT82HNCuksXZEF6lQwkxFN0aLRUbGx
vQy61A7UdnXPlxuC8BCWdi84muyNmGFuRsbSvsV5al+M0zwuniae1JcSA8AqIquS
cyOWv81Qp0kTe0CnH3hEGGSxzOnWatuzUeBHT7ls/75PwEK+ZEAHrEs7ssJiVjtC
SdTdAuoHrFndoo0qCVx5Vjhqc2y3q/RDh7Pzlhd7xBRu3uv75EGHlDmtAOCkqYh4
EdXK8x8vK77XeAzdtX8/G+UD0ONExwTq5njBAzYdD244SkJOZbXGY3MhlwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPULn85U/AT7nHff/sYDocU2rbcwMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvOVF1ZnpsVDhCUHVjZDlfLXhnT2h4VGF0dHpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALY0YMA0G
CSqGSIb3DQEBCwUAA4IBAQB/wqwlWcmHZb1zhZV4muEhPzgIhXNVqubQY6T/te/K
JyGjW3AuE7j+80KIvoBMBAeD1Za1hOBGcrd9Tyt+fET+abw3JrZImjOoMKwNF4/7
K9dbfs1VVvWGVHUIfZ3TmZmOMmch+GlwoOU/xUVGpe++zYiUj8P0DdvcfD+6BiEA
v0OUq7zrtbugGpczBKg3J6Fhh7MkJWeUyyd1KWMvv2EzdAP3Z7xpdWYKbbNbB8FK
cpRfGq7n6/XPmRTS9LEP44QabXbxQomicpWLhSgq78BAMB2cZsaYb1XkDU4JdEO4
tvo2n2mC0Dhcq0GDX3AtcZrqv6RND1LWzTWq8Gp8nby/
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:53 2023 by rpki-client on console-ams.rpki-client.org