Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/GS4XI7qPw6FIhpxF0vrzJ7R5-MM.roa
File: GS4XI7qPw6FIhpxF0vrzJ7R5-MM.roa (raw, json)
Hash identifier: J00mCJwoRtDVePXZrjXKth87Jtr+Hw4+MlOS6P1yr2w=
Subject key identifier: 19:2E:17:23:BA:8F:C3:A1:48:86:9C:45:D2:FA:F3:27:B4:79:F8:C3
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01842279B161F45854ADB4BF7D0A072ECD0A
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/GS4XI7qPw6FIhpxF0vrzJ7R5-MM.roa
Signing time: Sat 29 Oct 2022 06:41:51 +0000
ROA not before: Sat 29 Oct 2022 06:41:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212477
IP address blocks: 45.141.200.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:22:79:b1:61:f4:58:54:ad:b4:bf:7d:0a:07:2e:cd:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Oct 29 06:41:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=192e1723ba8fc3a148869c45d2faf327b479f8c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:14:f1:13:30:11:db:2e:31:67:cd:3c:3e:11:
1f:07:b0:7d:1b:90:15:0c:f6:8d:ef:75:dc:2d:d8:
7b:83:e5:7c:fb:1c:22:c5:f1:84:e2:45:7c:1b:2c:
8c:9a:d9:fc:dc:66:c9:9f:ac:e0:93:8f:19:3c:9f:
85:bb:65:9f:a7:9d:ac:85:f3:10:58:ad:be:96:97:
cc:0c:49:9f:02:d3:e0:54:54:01:a8:a9:31:de:1e:
87:f7:2b:40:ec:62:69:56:2c:38:be:f7:d5:00:56:
56:92:f2:3b:75:40:2f:77:0d:a5:39:16:86:d5:ab:
79:41:81:50:f7:cd:5b:88:05:b9:6b:6c:c1:d9:68:
64:98:c0:54:e4:7a:ba:7f:df:e5:d7:e3:cc:39:4d:
e0:10:e9:f7:47:19:c7:c2:14:85:76:15:e5:f3:fb:
b6:eb:05:4d:df:9f:6d:0f:b5:fd:11:c7:e9:4a:00:
44:3e:cd:44:25:86:37:4c:65:2a:93:5c:b2:3e:f3:
83:75:a3:57:6f:93:13:2c:67:69:61:e2:0c:f4:79:
54:c1:9d:e2:6a:fe:a2:30:82:cf:2d:43:fa:d7:2e:
15:1d:e2:d2:1a:15:b0:f1:a2:7d:59:16:95:6b:60:
9a:1c:55:a5:07:fa:9c:49:c8:63:00:5c:d2:bf:f8:
51:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:2E:17:23:BA:8F:C3:A1:48:86:9C:45:D2:FA:F3:27:B4:79:F8:C3
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/GS4XI7qPw6FIhpxF0vrzJ7R5-MM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.200.0/22
Signature Algorithm: sha256WithRSAEncryption
85:73:33:c3:da:9a:2d:ff:93:1d:f7:39:d9:55:0d:9b:1f:4d:
02:63:99:51:c1:8e:81:c7:e9:f7:52:9b:1f:dd:92:10:d1:39:
8f:f8:6e:cf:4a:c8:2e:c6:a7:dc:e5:a2:3c:7b:29:28:03:fd:
27:01:47:27:ac:76:ef:d6:5a:95:70:fd:ca:23:e7:85:95:bb:
b3:7f:7f:6b:6e:b6:71:7c:28:12:73:93:94:3a:b5:83:1f:e9:
94:3a:bc:c7:a3:7c:0a:dc:78:87:bc:9b:be:21:9b:f9:f7:4f:
2a:eb:89:7b:01:d8:ab:3e:a1:99:78:bd:f2:22:5d:c2:96:b5:
10:c1:1e:a3:94:8e:dc:10:fe:e5:77:49:80:c2:bc:a8:5f:d1:
7c:46:27:c5:34:17:f0:4d:28:06:40:a8:22:f6:84:25:01:da:
73:bf:5d:16:a2:a4:0b:ee:a4:c0:7b:60:ac:97:0d:85:3b:4e:
1d:f6:8a:c6:3c:f6:46:c7:a3:3b:b1:53:64:90:c9:10:58:f4:
5b:43:f8:c6:b0:af:ad:bc:62:eb:3a:00:5c:97:54:f1:46:ea:
d8:46:d8:64:a0:90:92:63:ea:47:c6:6d:f6:31:5f:2e:e0:c7:
9e:f3:e8:3c:a3:2d:6a:91:f7:04:9e:3f:8f:25:a8:83:2b:f8:
07:a1:c8:8e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQiebFh9FhUrbS/fQoHLs0KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjIxMDI5MDY0MTUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTJlMTcyM2JhOGZjM2ExNDg4NjljNDVkMmZhZjMyN2I0NzlmOGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyhTxEzAR2y4xZ808PhEfB7B9G5AV
DPaN73XcLdh7g+V8+xwixfGE4kV8GyyMmtn83GbJn6zgk48ZPJ+Fu2Wfp52shfMQ
WK2+lpfMDEmfAtPgVFQBqKkx3h6H9ytA7GJpViw4vvfVAFZWkvI7dUAvdw2lORaG
1at5QYFQ981biAW5a2zB2WhkmMBU5Hq6f9/l1+PMOU3gEOn3RxnHwhSFdhXl8/u2
6wVN359tD7X9EcfpSgBEPs1EJYY3TGUqk1yyPvODdaNXb5MTLGdpYeIM9HlUwZ3i
av6iMILPLUP61y4VHeLSGhWw8aJ9WRaVa2CaHFWlB/qcSchjAFzSv/hRawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBkuFyO6j8OhSIacRdL68ye0efjDMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvR1M0WEk3cVB3NkZJaHB4RjB2cnpKN1I1LU1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLY3IMA0G
CSqGSIb3DQEBCwUAA4IBAQCFczPD2pot/5Md9znZVQ2bH00CY5lRwY6Bx+n3Upsf
3ZIQ0TmP+G7PSsguxqfc5aI8eykoA/0nAUcnrHbv1lqVcP3KI+eFlbuzf39rbrZx
fCgSc5OUOrWDH+mUOrzHo3wK3HiHvJu+IZv5908q64l7AdirPqGZeL3yIl3ClrUQ
wR6jlI7cEP7ld0mAwryoX9F8RifFNBfwTSgGQKgi9oQlAdpzv10WoqQL7qTAe2Cs
lw2FO04d9orGPPZGx6M7sVNkkMkQWPRbQ/jGsK+tvGLrOgBcl1TxRurYRthkoJCS
Y+pHxm32MV8u4Mee8+g8oy1qkfcEnj+PJaiDK/gHociO
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:00 2023 by rpki-client on console-fra.rpki-client.org