Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/JcT6HWq9w0o2ViKPSBVGXFinLgY.roa
File: JcT6HWq9w0o2ViKPSBVGXFinLgY.roa (raw, json)
Hash identifier: RFFcva4tzUHgczPWQMI2LfsGK6VOfcullbSIsSAGHZE=
Subject key identifier: 25:C4:FA:1D:6A:BD:C3:4A:36:56:22:8F:48:15:46:5C:58:A7:2E:06
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0184BEFCAC64638C1D5F5B96102FDAACBD61
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/JcT6HWq9w0o2ViKPSBVGXFinLgY.roa
Signing time: Mon 28 Nov 2022 16:05:41 +0000
ROA not before: Mon 28 Nov 2022 16:05:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60064
IP address blocks: 45.129.132.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:be:fc:ac:64:63:8c:1d:5f:5b:96:10:2f:da:ac:bd:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Nov 28 16:05:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=25c4fa1d6abdc34a3656228f4815465c58a72e06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:3d:cb:67:b3:0e:c0:1c:bc:3e:e5:11:96:96:
ab:28:56:3a:1b:84:67:dc:bc:91:ae:a8:19:aa:ad:
19:2d:92:c0:7a:b9:20:f7:7c:2f:3f:95:cf:5c:86:
db:31:45:67:60:62:31:e9:95:c9:26:89:47:d2:94:
7f:3f:e2:3d:c8:d5:72:89:ce:ee:eb:77:c7:bc:fe:
44:0c:26:82:48:f5:d8:62:c3:7e:81:26:2a:96:3e:
30:ab:73:5b:f7:27:b1:fb:fe:0b:c3:40:fe:07:db:
d0:19:44:c8:71:d2:93:56:32:bf:98:e3:94:0c:1a:
92:1a:23:dc:47:5f:68:0e:ca:47:64:ab:8d:ac:70:
3f:81:1a:d7:50:81:a7:35:56:39:c8:b2:aa:50:0b:
92:ce:a1:a5:ee:9f:0c:66:6c:85:5b:cd:11:e3:2d:
81:6d:84:75:3d:8b:7e:23:84:39:4b:31:96:a2:fb:
f6:40:71:8b:49:a0:d2:83:82:2d:15:43:fb:b3:27:
7f:90:6d:2d:f9:cb:20:0c:6a:10:e6:54:0a:8b:8e:
86:aa:02:8d:5a:dd:94:6f:c0:73:ea:04:7e:c7:11:
29:97:12:2b:0f:98:be:f7:be:2b:b2:90:db:4e:6b:
72:1e:46:01:31:39:25:93:7f:b3:1c:28:eb:b1:5d:
8e:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:C4:FA:1D:6A:BD:C3:4A:36:56:22:8F:48:15:46:5C:58:A7:2E:06
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/JcT6HWq9w0o2ViKPSBVGXFinLgY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.132.0/24
Signature Algorithm: sha256WithRSAEncryption
38:b1:cb:43:f3:ee:59:c1:8c:e4:a8:0b:f8:78:9f:d3:9b:27:
74:24:69:2b:5a:ce:7c:47:c8:0f:17:f9:c1:df:40:33:a7:64:
41:dd:41:92:fa:b7:a5:4a:6f:34:cf:68:b3:5f:de:10:80:f3:
2b:d5:41:7b:60:b7:3e:9c:d1:d5:ab:da:df:ba:2d:7a:2e:96:
9d:3d:36:77:39:48:d2:ac:17:1b:d2:ff:f3:0a:26:b6:6e:5c:
8d:4e:7c:64:4c:41:59:9b:b0:d4:45:ed:b3:c0:8b:52:e9:71:
fa:e2:99:5b:7e:9b:2f:65:a8:d7:dd:2b:07:f0:58:f2:16:3d:
41:5c:ab:da:12:36:84:8c:e2:a0:cb:3a:73:2b:bc:3e:31:d6:
70:35:ba:e5:2f:1a:ee:69:af:c9:82:d1:aa:14:6a:d7:7d:e0:
e1:f9:f5:5a:b7:82:54:59:25:7e:1e:e6:21:65:0f:47:bd:54:
9e:8b:fc:a7:17:c1:1e:4e:3e:86:72:c9:14:a9:be:85:83:eb:
87:05:3a:7d:a5:56:9f:03:f9:54:5d:6b:a1:04:9e:f7:08:17:
11:42:3f:5a:b5:4c:a5:d8:8b:4d:11:c8:58:a9:f1:f0:91:37:
a2:4e:79:44:4b:27:bb:3d:22:52:47:58:fe:91:97:9a:53:21:
78:d8:7e:b3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYS+/KxkY4wdX1uWEC/arL1hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjIxMTI4MTYwNTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWM0ZmExZDZhYmRjMzRhMzY1NjIyOGY0ODE1NDY1YzU4YTcyZTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqj3LZ7MOwBy8PuURlparKFY6G4Rn
3LyRrqgZqq0ZLZLAerkg93wvP5XPXIbbMUVnYGIx6ZXJJolH0pR/P+I9yNVyic7u
63fHvP5EDCaCSPXYYsN+gSYqlj4wq3Nb9yex+/4Lw0D+B9vQGUTIcdKTVjK/mOOU
DBqSGiPcR19oDspHZKuNrHA/gRrXUIGnNVY5yLKqUAuSzqGl7p8MZmyFW80R4y2B
bYR1PYt+I4Q5SzGWovv2QHGLSaDSg4ItFUP7syd/kG0t+csgDGoQ5lQKi46GqgKN
Wt2Ub8Bz6gR+xxEplxIrD5i+974rspDbTmtyHkYBMTklk3+zHCjrsV2O1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCXE+h1qvcNKNlYij0gVRlxYpy4GMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvSmNUNkhXcTl3MG8yVmlLUFNCVkdYRmluTGdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYGEMA0G
CSqGSIb3DQEBCwUAA4IBAQA4sctD8+5ZwYzkqAv4eJ/Tmyd0JGkrWs58R8gPF/nB
30Azp2RB3UGS+relSm80z2izX94QgPMr1UF7YLc+nNHVq9rfui16LpadPTZ3OUjS
rBcb0v/zCia2blyNTnxkTEFZm7DURe2zwItS6XH64plbfpsvZajX3SsH8FjyFj1B
XKvaEjaEjOKgyzpzK7w+MdZwNbrlLxruaa/JgtGqFGrXfeDh+fVat4JUWSV+HuYh
ZQ9HvVSei/ynF8EeTj6GcskUqb6Fg+uHBTp9pVafA/lUXWuhBJ73CBcRQj9atUyl
2ItNEchYqfHwkTeiTnlESye7PSJSR1j+kZeaUyF42H6z
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:54 2023 by rpki-client on console-ams.rpki-client.org