Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/_VpSR2y9JESG2XZ2HmvXECz6-DQ.roa
File: _VpSR2y9JESG2XZ2HmvXECz6-DQ.roa (raw, json)
Hash identifier: lfBVrxLYk996I0cKrK3UN9OcTKjnyYeqNzNP1atyEvc=
Subject key identifier: FD:5A:52:47:6C:BD:24:44:86:D9:76:76:1E:6B:D7:10:2C:FA:F8:34
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0184BEFCACE09A4C9DB605DF01248A691765
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/_VpSR2y9JESG2XZ2HmvXECz6-DQ.roa
Signing time: Mon 28 Nov 2022 16:05:41 +0000
ROA not before: Mon 28 Nov 2022 16:05:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212411
IP address blocks: 45.129.133.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:be:fc:ac:e0:9a:4c:9d:b6:05:df:01:24:8a:69:17:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Nov 28 16:05:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fd5a52476cbd244486d976761e6bd7102cfaf834
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:df:67:50:39:4c:31:19:30:b3:81:25:86:fc:
f3:86:af:60:de:70:fa:3c:45:ae:04:1e:ce:af:dd:
cf:6d:54:9f:37:4a:44:ec:9b:64:83:08:a0:03:2b:
27:4b:6a:66:60:ed:b4:e8:b3:f2:1c:08:ae:dd:ec:
04:c6:76:0e:2e:80:e9:0a:3e:21:49:e4:07:89:a4:
6f:59:fa:f3:36:ba:12:7c:0a:a5:f1:41:24:62:c4:
b3:83:6b:79:58:f0:27:8e:ac:79:82:94:47:d3:b2:
2d:07:d3:06:6a:f8:70:ea:58:5a:c4:c5:7c:e7:45:
36:7c:fe:3e:10:65:68:3e:cb:ca:99:6d:d4:b8:99:
26:2a:1f:f3:64:f4:e0:19:a0:34:cb:a9:77:c9:cc:
c1:fa:14:e7:28:6b:30:9a:77:a8:37:26:c2:08:51:
75:19:fa:ef:61:81:65:41:e3:54:71:f6:e7:85:8f:
ca:66:b3:7a:5c:57:5c:fb:7f:e4:d3:d3:c2:9b:59:
6b:c7:3e:05:f4:1d:82:ed:32:0b:67:0a:00:ca:67:
3c:62:1e:60:79:26:fd:77:a6:fe:6e:04:f9:46:74:
a0:c0:d3:bb:f9:13:da:34:06:ea:7a:a0:ee:3c:03:
9d:65:47:43:56:69:a0:7a:d6:57:e7:cc:ea:2a:89:
43:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:5A:52:47:6C:BD:24:44:86:D9:76:76:1E:6B:D7:10:2C:FA:F8:34
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/_VpSR2y9JESG2XZ2HmvXECz6-DQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.133.0/24
Signature Algorithm: sha256WithRSAEncryption
21:78:40:31:46:d5:eb:62:38:74:b9:d3:db:ed:ae:62:43:a0:
29:ca:4e:57:a3:78:e2:21:dc:11:b9:3c:82:0a:ae:4a:a3:25:
90:46:ce:88:12:46:e4:a3:a9:8c:d5:53:22:e6:ab:ef:a3:52:
3a:24:5b:3f:67:fd:d3:ff:9c:db:ec:c7:ad:90:11:a8:9b:d9:
c2:74:0a:0d:68:32:54:1e:29:7d:2b:29:59:0c:ea:1f:99:d7:
a6:a2:e8:e8:7f:11:5a:b5:3a:69:22:2c:10:78:52:cf:c3:c7:
07:66:00:0f:b3:55:34:e0:e3:20:c2:5a:6b:91:2c:bc:de:c7:
22:9a:98:37:71:45:28:48:9a:c6:a9:f6:48:75:66:6c:8f:f3:
e1:08:f3:a2:95:a7:e8:ca:90:ea:98:dd:c3:e9:27:0a:3d:05:
08:fa:9f:25:52:8b:ea:ed:4c:e6:64:fb:60:69:eb:58:6d:21:
24:56:5c:d3:64:cd:17:c1:3e:26:ef:0b:cf:46:c3:4d:f5:29:
a0:64:84:f7:6f:0e:b3:71:8f:9a:50:69:61:e1:d8:23:93:e2:
12:b0:14:59:d3:f3:f3:2e:5c:14:bc:f8:69:66:18:67:4c:56:
e8:44:57:b1:b9:50:f6:4a:92:15:b1:cc:78:c5:27:2d:6c:41:
87:bf:78:10
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYS+/KzgmkydtgXfASSKaRdlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjIxMTI4MTYwNTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDVhNTI0NzZjYmQyNDQ0ODZkOTc2NzYxZTZiZDcxMDJjZmFmODM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1d9nUDlMMRkws4Elhvzzhq9g3nD6
PEWuBB7Or93PbVSfN0pE7JtkgwigAysnS2pmYO206LPyHAiu3ewExnYOLoDpCj4h
SeQHiaRvWfrzNroSfAql8UEkYsSzg2t5WPAnjqx5gpRH07ItB9MGavhw6lhaxMV8
50U2fP4+EGVoPsvKmW3UuJkmKh/zZPTgGaA0y6l3yczB+hTnKGswmneoNybCCFF1
GfrvYYFlQeNUcfbnhY/KZrN6XFdc+3/k09PCm1lrxz4F9B2C7TILZwoAymc8Yh5g
eSb9d6b+bgT5RnSgwNO7+RPaNAbqeqDuPAOdZUdDVmmgetZX58zqKolDBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP1aUkdsvSREhtl2dh5r1xAs+vg0MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvX1ZwU1IyeTlKRVNHMlhaMkhtdlhFQ3o2LURRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYGFMA0G
CSqGSIb3DQEBCwUAA4IBAQAheEAxRtXrYjh0udPb7a5iQ6Apyk5Xo3jiIdwRuTyC
Cq5KoyWQRs6IEkbko6mM1VMi5qvvo1I6JFs/Z/3T/5zb7MetkBGom9nCdAoNaDJU
Hil9KylZDOofmdemoujofxFatTppIiwQeFLPw8cHZgAPs1U04OMgwlprkSy83sci
mpg3cUUoSJrGqfZIdWZsj/PhCPOilafoypDqmN3D6ScKPQUI+p8lUovq7UzmZPtg
aetYbSEkVlzTZM0XwT4m7wvPRsNN9SmgZIT3bw6zcY+aUGlh4dgjk+ISsBRZ0/Pz
LlwUvPhpZhhnTFboRFexuVD2SpIVscx4xSctbEGHv3gQ
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:02 2023 by rpki-client on console-fra.rpki-client.org