Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Zx27mu2g4GYFU6zvb2jl04Gfqms.roa
File: Zx27mu2g4GYFU6zvb2jl04Gfqms.roa (raw, json)
Hash identifier: KlKhNjXGMTOatb89JPLiIEZMYiFuxPanzoNSEXl5NXE=
Subject key identifier: 67:1D:BB:9A:ED:A0:E0:66:05:53:AC:EF:6F:68:E5:D3:81:9F:AA:6B
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018418D954BFA9F080149F10E609BD37C3D4
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Zx27mu2g4GYFU6zvb2jl04Gfqms.roa
Signing time: Thu 27 Oct 2022 09:50:06 +0000
ROA not before: Thu 27 Oct 2022 09:50:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210558
IP address blocks: 45.92.1.0/24 maxlen: 24
185.241.208.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:18:d9:54:bf:a9:f0:80:14:9f:10:e6:09:bd:37:c3:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Oct 27 09:50:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=671dbb9aeda0e0660553acef6f68e5d3819faa6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:13:7c:15:cd:5d:42:47:78:a7:70:f6:6c:aa:
5a:64:25:a3:2b:8c:67:c1:d6:3a:8a:1e:ac:09:ba:
e1:27:d6:f7:32:ff:bf:e0:3b:af:c4:fe:7b:06:c7:
e5:87:12:0c:dc:b1:b7:34:a8:82:b7:65:f6:2c:5f:
42:ba:aa:b1:14:a3:d5:26:fb:0d:64:2a:35:4f:d1:
e5:52:43:95:f6:0e:4f:5a:1b:a1:9b:e8:d8:43:64:
a7:ae:eb:44:09:9a:a8:36:ca:ff:26:43:4b:e1:1b:
62:bc:69:c4:3b:1a:c9:ac:79:af:10:1d:cf:32:ba:
09:88:e7:74:4d:ef:e7:35:c0:c7:35:ab:28:b6:4f:
7d:9c:30:fb:fd:6b:e0:75:93:e6:29:77:27:dd:92:
86:6b:1a:e6:6d:07:45:90:4f:71:f0:4f:46:2a:c6:
54:63:d2:9e:58:67:41:81:c8:77:2f:4b:a5:d6:f5:
e1:0b:e1:09:1f:22:94:1a:4e:ad:03:df:a2:55:0e:
5f:bf:3e:77:eb:22:40:d6:a4:04:6a:c5:62:d7:4f:
fa:c3:55:f6:fc:48:ce:e0:41:67:0a:2e:d4:e7:a1:
b9:0c:32:77:0a:d8:aa:8b:00:00:8a:88:fc:8e:71:
ae:b0:4e:25:ae:b4:5f:72:09:dd:78:cf:82:5d:ba:
61:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:1D:BB:9A:ED:A0:E0:66:05:53:AC:EF:6F:68:E5:D3:81:9F:AA:6B
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Zx27mu2g4GYFU6zvb2jl04Gfqms.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.92.1.0/24
185.241.208.0/24
Signature Algorithm: sha256WithRSAEncryption
30:ee:4e:bb:82:11:a6:1d:a8:e4:94:b6:4c:c8:15:dd:f5:c5:
84:9e:39:a4:ff:de:eb:b4:06:8b:09:7f:bf:73:1c:e8:89:85:
3e:5f:97:a0:ac:da:21:0a:68:81:e0:16:b4:5e:97:c2:fc:d0:
04:d0:1d:82:17:15:51:ec:20:6e:cd:d3:be:eb:f8:53:07:f3:
1b:8f:3f:04:83:e1:d1:1b:a4:27:fc:61:f0:2c:68:e6:79:8e:
8e:3d:9d:7b:4a:b2:5a:c4:e3:12:60:84:7a:86:b8:2a:3d:42:
6f:20:7b:21:4d:e8:06:3c:10:ba:2f:06:0e:d5:e4:af:58:be:
ca:61:b7:3c:c0:26:58:11:ee:7d:53:bd:b2:8f:e7:72:58:4c:
73:6c:a7:84:b7:14:a0:fa:dc:19:a8:eb:fd:ff:83:57:7e:ff:
cb:e2:50:74:63:e5:bc:67:4d:4b:9f:db:ec:d6:6d:79:44:bf:
64:fa:0d:90:05:cf:9d:f7:15:27:2e:88:97:77:d1:d4:67:79:
8a:0f:f4:bb:48:f1:56:c3:76:dd:89:40:61:77:ca:b8:10:0f:
ba:59:80:94:f9:10:4a:a1:9f:38:03:f9:83:31:9f:a0:69:69:
32:82:73:f2:9f:91:d7:d9:07:6b:9e:d9:db:96:4e:c8:6d:d9:
0a:91:ea:44
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYQY2VS/qfCAFJ8Q5gm9N8PUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjIxMDI3MDk1MDA2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzFkYmI5YWVkYTBlMDY2MDU1M2FjZWY2ZjY4ZTVkMzgxOWZhYTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAihN8Fc1dQkd4p3D2bKpaZCWjK4xn
wdY6ih6sCbrhJ9b3Mv+/4DuvxP57BsflhxIM3LG3NKiCt2X2LF9CuqqxFKPVJvsN
ZCo1T9HlUkOV9g5PWhuhm+jYQ2SnrutECZqoNsr/JkNL4RtivGnEOxrJrHmvEB3P
MroJiOd0Te/nNcDHNasotk99nDD7/WvgdZPmKXcn3ZKGaxrmbQdFkE9x8E9GKsZU
Y9KeWGdBgch3L0ul1vXhC+EJHyKUGk6tA9+iVQ5fvz536yJA1qQEasVi10/6w1X2
/EjO4EFnCi7U56G5DDJ3CtiqiwAAioj8jnGusE4lrrRfcgndeM+CXbphvwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGcdu5rtoOBmBVOs729o5dOBn6prMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvWngyN211Mmc0R1lGVTZ6dmIyamwwNEdmcW1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALVwBAwQA
ufHQMA0GCSqGSIb3DQEBCwUAA4IBAQAw7k67ghGmHajklLZMyBXd9cWEnjmk/97r
tAaLCX+/cxzoiYU+X5egrNohCmiB4Ba0XpfC/NAE0B2CFxVR7CBuzdO+6/hTB/Mb
jz8Eg+HRG6Qn/GHwLGjmeY6OPZ17SrJaxOMSYIR6hrgqPUJvIHshTegGPBC6LwYO
1eSvWL7KYbc8wCZYEe59U72yj+dyWExzbKeEtxSg+twZqOv9/4NXfv/L4lB0Y+W8
Z01Ln9vs1m15RL9k+g2QBc+d9xUnLoiXd9HUZ3mKD/S7SPFWw3bdiUBhd8q4EA+6
WYCU+RBKoZ84A/mDMZ+gaWkygnPyn5HX2Qdrntnblk7IbdkKkepE
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:02 2023 by rpki-client on console-fra.rpki-client.org