Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/nreIKZ9DtsGfpsq1heigJsSXc-E.roa
File: nreIKZ9DtsGfpsq1heigJsSXc-E.roa (raw, json)
Hash identifier: IMxMC2KIx5a3SmvbjCWv3fF9GH9cLw+iBs0Su7w0EKg=
Subject key identifier: 9E:B7:88:29:9F:43:B6:C1:9F:A6:CA:B5:85:E8:A0:26:C4:97:73:E1
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01842795FE8A26DD509D4D8C290CB38676F0
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/nreIKZ9DtsGfpsq1heigJsSXc-E.roa
Signing time: Sun 30 Oct 2022 06:30:52 +0000
ROA not before: Sun 30 Oct 2022 06:30:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212477
IP address blocks: 45.141.200.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:27:95:fe:8a:26:dd:50:9d:4d:8c:29:0c:b3:86:76:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Oct 30 06:30:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9eb788299f43b6c19fa6cab585e8a026c49773e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:78:8d:32:54:a0:36:03:f3:e8:31:9f:d6:97:
b3:63:7f:11:8a:3a:ac:15:90:66:8b:80:c5:9e:9b:
fe:c5:59:c1:dd:d6:7e:94:5e:8f:65:85:0f:d5:2b:
e1:5d:88:54:60:77:7a:0a:ad:15:63:f7:9b:8d:d6:
60:bb:ec:4d:da:89:42:9e:4e:b9:71:95:87:25:f4:
42:3c:be:45:a5:6c:ff:4a:1d:a0:2c:81:ee:c9:6e:
27:fc:07:32:6d:cf:67:86:db:df:b7:69:7c:ac:b8:
17:df:59:b5:d0:f8:bf:cb:d6:20:54:f2:c6:75:10:
e5:c3:ad:8c:4e:d6:f0:e1:c3:76:f8:23:c6:1d:f8:
d1:41:73:22:56:35:a9:5b:94:87:c3:79:b8:e7:ea:
2c:84:ba:6d:84:60:6e:ab:ae:c8:cd:a9:cc:0d:99:
ce:f2:70:08:22:ea:29:8a:59:c9:0d:2b:bb:ea:12:
ca:ff:0a:a7:14:63:50:37:08:89:ef:4f:d3:3a:64:
e0:ee:3b:e6:60:ab:7a:a4:9d:4d:26:eb:cc:77:d6:
73:e3:28:3d:bc:c9:ee:83:50:cc:ac:aa:4e:72:cf:
11:d8:cd:e0:ce:72:ca:e1:85:b2:50:1a:c6:e5:2f:
48:e6:2b:b6:fa:22:a2:60:04:ae:31:b8:13:5c:b4:
e9:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:B7:88:29:9F:43:B6:C1:9F:A6:CA:B5:85:E8:A0:26:C4:97:73:E1
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/nreIKZ9DtsGfpsq1heigJsSXc-E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.200.0/23
Signature Algorithm: sha256WithRSAEncryption
1d:8c:be:f3:8d:f3:29:36:d2:c5:81:fc:38:75:9c:77:63:19:
14:7c:33:07:2b:89:a4:bd:f6:17:e7:d4:f4:fe:f5:3f:c7:09:
62:1f:30:28:8b:b5:c0:9f:99:be:3b:c5:51:58:dd:f7:22:69:
8b:91:d1:49:97:0b:49:d7:d8:22:94:c4:2a:06:85:23:96:45:
c0:38:a4:6c:23:9e:1b:7a:84:9f:e3:28:24:4c:45:bb:21:61:
0b:4d:40:fc:9a:0a:16:2c:01:af:75:d5:7f:70:b1:f7:21:ec:
60:ad:2d:08:e4:22:7b:e8:8d:31:62:fb:f5:5e:96:c0:8c:e4:
de:19:7c:91:a4:50:ab:e8:e6:93:cd:04:c5:c5:a7:21:10:d7:
fd:41:ba:66:11:de:d1:e5:59:a0:9d:cf:7f:a7:7a:a9:c7:42:
01:0b:97:31:71:61:9c:8c:52:b2:4e:0b:5d:1a:63:0a:50:83:
29:77:eb:b9:f6:c4:18:3d:c1:ad:d4:ee:8d:78:08:f2:e0:15:
a0:ff:54:9f:5d:43:98:7b:45:f3:db:c9:51:d5:9e:cf:40:d6:
50:af:c3:50:2a:2f:d6:d2:62:a7:f9:97:00:56:eb:02:6c:cb:
4e:e1:7a:1f:41:2d:80:f2:2a:07:83:ac:7f:b0:3a:51:45:15:
b9:d6:fa:32
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQnlf6KJt1QnU2MKQyzhnbwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjIxMDMwMDYzMDUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWI3ODgyOTlmNDNiNmMxOWZhNmNhYjU4NWU4YTAyNmM0OTc3M2UxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj3iNMlSgNgPz6DGf1pezY38Rijqs
FZBmi4DFnpv+xVnB3dZ+lF6PZYUP1SvhXYhUYHd6Cq0VY/ebjdZgu+xN2olCnk65
cZWHJfRCPL5FpWz/Sh2gLIHuyW4n/Acybc9nhtvft2l8rLgX31m10Pi/y9YgVPLG
dRDlw62MTtbw4cN2+CPGHfjRQXMiVjWpW5SHw3m45+oshLpthGBuq67IzanMDZnO
8nAIIuopilnJDSu76hLK/wqnFGNQNwiJ70/TOmTg7jvmYKt6pJ1NJuvMd9Zz4yg9
vMnug1DMrKpOcs8R2M3gznLK4YWyUBrG5S9I5iu2+iKiYASuMbgTXLTpzQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ63iCmfQ7bBn6bKtYXooCbEl3PhMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvbnJlSUtaOUR0c0dmcHNxMWhlaWdKc1NYYy1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLY3IMA0G
CSqGSIb3DQEBCwUAA4IBAQAdjL7zjfMpNtLFgfw4dZx3YxkUfDMHK4mkvfYX59T0
/vU/xwliHzAoi7XAn5m+O8VRWN33ImmLkdFJlwtJ19gilMQqBoUjlkXAOKRsI54b
eoSf4ygkTEW7IWELTUD8mgoWLAGvddV/cLH3IexgrS0I5CJ76I0xYvv1XpbAjOTe
GXyRpFCr6OaTzQTFxachENf9QbpmEd7R5Vmgnc9/p3qpx0IBC5cxcWGcjFKyTgtd
GmMKUIMpd+u59sQYPcGt1O6NeAjy4BWg/1SfXUOYe0Xz28lR1Z7PQNZQr8NQKi/W
0mKn+ZcAVusCbMtO4XofQS2A8ioHg6x/sDpRRRW51voy
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:56 2023 by rpki-client on console-ams.rpki-client.org