Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/P1GW8MKotaAgfMnGwNJjJE7rPR0.roa
File: P1GW8MKotaAgfMnGwNJjJE7rPR0.roa (raw, json)
Hash identifier: SSI4HlMw+Q1qZGeqAS2jm6VNTcGDnG0365HVrloDcS8=
Subject key identifier: 3F:51:96:F0:C2:A8:B5:A0:20:7C:C9:C6:C0:D2:63:24:4E:EB:3D:1D
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01842501E6534938CACE69E5C0DCD50AB6ED
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/P1GW8MKotaAgfMnGwNJjJE7rPR0.roa
Signing time: Sat 29 Oct 2022 18:29:52 +0000
ROA not before: Sat 29 Oct 2022 18:29:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205397
IP address blocks: 45.141.203.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:25:01:e6:53:49:38:ca:ce:69:e5:c0:dc:d5:0a:b6:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Oct 29 18:29:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3f5196f0c2a8b5a0207cc9c6c0d263244eeb3d1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:6f:12:b3:2d:5c:88:a3:c4:61:00:d6:cd:c6:
75:61:b0:de:67:64:0f:d2:32:6c:ff:70:2a:80:e9:
28:a4:8c:13:cb:32:0c:c4:40:c9:6f:e3:a0:6f:ba:
8a:f3:ad:22:39:eb:2b:47:d9:01:d6:58:51:24:7a:
22:cb:75:d5:57:a0:f9:4f:0c:00:4d:a1:9f:fc:1b:
fe:e4:6a:66:63:ea:b0:09:e3:79:2e:3c:f6:49:5a:
04:56:08:e8:75:93:45:0e:5d:1f:23:16:33:3c:63:
70:e2:c1:c1:83:d4:44:42:38:8f:b9:8a:11:9d:ca:
c7:e9:2e:1a:76:e1:97:81:11:68:cb:6a:68:5f:61:
1c:e4:51:e7:88:cc:31:50:35:b7:7f:f2:ac:24:c3:
18:2a:74:09:43:f5:b4:2b:82:5d:38:d7:75:5c:06:
53:ca:d0:72:c9:64:99:ad:99:07:e2:15:a2:0b:85:
34:d4:c0:6f:cc:ee:86:fd:14:61:35:0d:aa:b5:cc:
55:4f:ab:3f:b0:32:a5:22:0b:9a:d2:4b:6b:86:f8:
f5:4b:e9:4b:49:19:cc:25:1b:c0:04:3d:36:17:f0:
ef:e6:bd:fd:99:4c:73:e6:17:25:e3:da:14:d5:4e:
36:c3:f4:b7:31:fb:42:38:98:66:1c:d2:d7:b5:27:
29:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:51:96:F0:C2:A8:B5:A0:20:7C:C9:C6:C0:D2:63:24:4E:EB:3D:1D
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/P1GW8MKotaAgfMnGwNJjJE7rPR0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.203.0/24
Signature Algorithm: sha256WithRSAEncryption
10:38:76:2a:74:dd:3b:71:c8:32:3b:89:d8:a6:bd:ba:e7:f2:
17:d9:b4:f4:0c:38:42:34:38:60:21:86:fc:2e:3b:6d:19:01:
74:b1:fa:1c:9b:37:75:09:b9:72:fa:5f:d5:26:6b:35:5d:c0:
c3:0a:c2:d4:1b:aa:48:12:be:7d:4d:33:33:f8:ef:23:6a:ee:
11:8e:f4:d9:73:1d:2f:fb:0b:c1:f0:e7:57:cc:9b:45:ec:2b:
be:e9:15:b3:b8:07:39:ff:5c:51:18:56:61:62:a3:df:27:66:
65:80:f7:83:20:30:a3:59:1b:14:e5:2d:89:f2:68:b1:e9:fe:
ce:be:35:53:62:ab:b7:15:1c:2b:f9:49:1c:bb:fb:c3:2c:83:
ce:c2:2f:b5:c2:51:3c:09:19:72:56:28:b6:cf:b4:a8:fa:62:
01:92:1c:be:00:e9:57:95:dc:60:76:ed:e4:8d:79:96:ac:75:
70:1c:c2:eb:1e:ab:b0:23:92:ff:50:23:53:b9:03:f7:bf:8a:
06:6f:02:d3:b4:45:fc:b2:c4:26:d0:8a:e6:76:f4:9f:1a:f4:
e9:0d:65:6b:2e:17:75:1a:1c:2a:d8:8e:2e:fd:2d:99:a5:f2:
37:6b:64:83:f5:f5:dd:5a:39:cf:e5:bd:36:b5:58:a9:d5:af:
a3:81:83:48
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQlAeZTSTjKzmnlwNzVCrbtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjIxMDI5MTgyOTUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjUxOTZmMGMyYThiNWEwMjA3Y2M5YzZjMGQyNjMyNDRlZWIzZDFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl28Ssy1ciKPEYQDWzcZ1YbDeZ2QP
0jJs/3AqgOkopIwTyzIMxEDJb+Ogb7qK860iOesrR9kB1lhRJHoiy3XVV6D5TwwA
TaGf/Bv+5GpmY+qwCeN5Ljz2SVoEVgjodZNFDl0fIxYzPGNw4sHBg9REQjiPuYoR
ncrH6S4aduGXgRFoy2poX2Ec5FHniMwxUDW3f/KsJMMYKnQJQ/W0K4JdONd1XAZT
ytByyWSZrZkH4hWiC4U01MBvzO6G/RRhNQ2qtcxVT6s/sDKlIgua0ktrhvj1S+lL
SRnMJRvABD02F/Dv5r39mUxz5hcl49oU1U42w/S3MftCOJhmHNLXtScpxQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD9RlvDCqLWgIHzJxsDSYyRO6z0dMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvUDFHVzhNS290YUFnZk1uR3dOSmpKRTdyUFIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALY3LMA0G
CSqGSIb3DQEBCwUAA4IBAQAQOHYqdN07ccgyO4nYpr265/IX2bT0DDhCNDhgIYb8
LjttGQF0sfocmzd1Cbly+l/VJms1XcDDCsLUG6pIEr59TTMz+O8jau4RjvTZcx0v
+wvB8OdXzJtF7Cu+6RWzuAc5/1xRGFZhYqPfJ2ZlgPeDIDCjWRsU5S2J8mix6f7O
vjVTYqu3FRwr+Ukcu/vDLIPOwi+1wlE8CRlyVii2z7So+mIBkhy+AOlXldxgdu3k
jXmWrHVwHMLrHquwI5L/UCNTuQP3v4oGbwLTtEX8ssQm0IrmdvSfGvTpDWVrLhd1
Ghwq2I4u/S2ZpfI3a2SD9fXdWjnP5b02tVip1a+jgYNI
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:01 2023 by rpki-client on console-fra.rpki-client.org