Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/XqhvU1PpI4d5otnGJvwPwkfc73E.roa
File: XqhvU1PpI4d5otnGJvwPwkfc73E.roa (raw, json)
Hash identifier: cTvl8guTDSfRKZCW3JXl7xsZ62Kw4rreNT4OP5ocaSE=
Subject key identifier: 5E:A8:6F:53:53:E9:23:87:79:A2:D9:C6:26:FC:0F:C2:47:DC:EF:71
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018250D306FBB6B161EF1A75C1263AAF0472
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/XqhvU1PpI4d5otnGJvwPwkfc73E.roa
Signing time: Sat 30 Jul 2022 20:36:23 +0000
ROA not before: Sat 30 Jul 2022 20:36:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49981
IP address blocks: 45.130.201.0/24 maxlen: 24
185.244.138.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:50:d3:06:fb:b6:b1:61:ef:1a:75:c1:26:3a:af:04:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jul 30 20:36:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5ea86f5353e9238779a2d9c626fc0fc247dcef71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:94:dd:f9:58:b0:3f:d9:7d:ae:f3:d3:d5:9a:
86:72:70:b7:64:8d:45:0e:14:dd:55:8f:7b:61:be:
52:40:7e:f2:03:b2:7f:56:8c:0f:75:83:45:67:b1:
05:bd:47:dc:91:f0:5b:6c:bc:d3:b4:71:8c:45:93:
2b:c4:89:cb:bf:ac:9a:19:62:b8:c7:3c:d7:a2:3b:
30:39:b4:b5:1d:f5:7e:ba:07:a1:34:ca:a3:8d:4d:
e0:22:f6:b2:cf:3a:4c:4c:d9:70:50:40:df:e8:f6:
b2:1f:44:5f:91:29:05:36:ff:43:7b:1d:38:75:19:
4e:81:72:82:9d:62:de:06:0d:07:18:77:20:16:e3:
77:df:4d:c9:8b:11:ec:ab:7e:8d:82:2f:b0:4e:00:
68:42:ac:ff:e7:b8:ff:62:92:ee:b2:5d:dd:2d:08:
cb:b9:dc:d4:e2:17:8f:8c:c1:0d:20:a2:4b:f7:83:
e0:9d:d4:60:22:a8:64:99:68:0d:0f:05:bf:4d:a6:
5b:24:4c:d7:bd:d9:00:49:ce:24:d3:f5:6f:78:38:
4f:b9:f2:00:ba:79:1f:61:d6:c4:85:31:55:46:69:
23:80:e9:00:99:91:f7:b7:56:08:86:ad:19:ca:37:
53:2d:7b:17:c8:60:f0:ce:97:b5:4f:48:f7:6a:50:
f4:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:A8:6F:53:53:E9:23:87:79:A2:D9:C6:26:FC:0F:C2:47:DC:EF:71
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/XqhvU1PpI4d5otnGJvwPwkfc73E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.130.201.0/24
185.244.138.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:ac:ae:ac:0f:d2:ed:ed:88:c7:02:e2:fd:bf:be:f3:55:f9:
4a:7b:86:c5:5a:47:39:6b:e6:9f:7c:4c:76:2b:c7:b1:4b:fe:
be:0e:2d:ee:f9:fe:6e:e6:a3:ea:d1:bf:24:ca:71:0e:53:19:
8f:17:9f:44:59:6b:9d:1d:ba:d6:ae:7f:5a:14:53:31:9c:fd:
ae:32:b2:e3:0e:86:a6:cb:61:16:fc:b2:c9:19:25:d0:f8:68:
4f:d7:f3:ef:e1:9e:e6:8c:44:14:97:1d:a0:d5:f7:c0:ff:3b:
aa:fb:ba:5f:b6:47:bf:b6:61:95:04:80:a1:86:8d:fc:8d:ca:
b0:6b:72:4c:c8:81:e6:41:89:62:dd:7e:2b:50:2c:95:4b:f8:
c7:ae:ad:47:59:68:e8:5a:ee:08:41:21:28:c1:56:4b:fe:ff:
f1:ad:45:ae:c9:40:d3:28:3d:cb:f0:6a:01:8d:72:28:47:c6:
6d:28:a7:f8:5e:5e:b7:a3:7d:4e:d2:02:8e:02:53:3c:91:2e:
20:25:14:c5:5c:a3:83:e9:7b:d1:01:35:d3:1e:71:e9:6f:05:
4a:ed:7e:cb:77:4f:d9:ec:a0:63:a2:8c:ec:ed:55:5d:64:f4:
80:24:ba:70:d6:bd:18:b8:6a:25:ce:53:43:55:80:16:48:a4:
56:23:28:11
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYJQ0wb7trFh7xp1wSY6rwRyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjIwNzMwMjAzNjIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWE4NmY1MzUzZTkyMzg3NzlhMmQ5YzYyNmZjMGZjMjQ3ZGNlZjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhpTd+ViwP9l9rvPT1ZqGcnC3ZI1F
DhTdVY97Yb5SQH7yA7J/VowPdYNFZ7EFvUfckfBbbLzTtHGMRZMrxInLv6yaGWK4
xzzXojswObS1HfV+ugehNMqjjU3gIvayzzpMTNlwUEDf6PayH0RfkSkFNv9Dex04
dRlOgXKCnWLeBg0HGHcgFuN3303JixHsq36Ngi+wTgBoQqz/57j/YpLusl3dLQjL
udzU4hePjMENIKJL94PgndRgIqhkmWgNDwW/TaZbJEzXvdkASc4k0/VveDhPufIA
unkfYdbEhTFVRmkjgOkAmZH3t1YIhq0ZyjdTLXsXyGDwzpe1T0j3alD0bwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFF6ob1NT6SOHeaLZxib8D8JH3O9xMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvWHFodlUxUHBJNGQ1b3RuR0p2d1B3a2ZjNzNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALYLJAwQA
ufSKMA0GCSqGSIb3DQEBCwUAA4IBAQA9rK6sD9Lt7YjHAuL9v77zVflKe4bFWkc5
a+affEx2K8exS/6+Di3u+f5u5qPq0b8kynEOUxmPF59EWWudHbrWrn9aFFMxnP2u
MrLjDoamy2EW/LLJGSXQ+GhP1/Pv4Z7mjEQUlx2g1ffA/zuq+7pftke/tmGVBICh
ho38jcqwa3JMyIHmQYli3X4rUCyVS/jHrq1HWWjoWu4IQSEowVZL/v/xrUWuyUDT
KD3L8GoBjXIoR8ZtKKf4Xl63o31O0gKOAlM8kS4gJRTFXKOD6XvRATXTHnHpbwVK
7X7Ld0/Z7KBjoozs7VVdZPSAJLpw1r0YuGolzlNDVYAWSKRWIygR
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:55 2023 by rpki-client on console-ams.rpki-client.org