Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/ooBAF2Pbckw1z6P24CCAqjbSfYM.roa
File: ooBAF2Pbckw1z6P24CCAqjbSfYM.roa (raw, json)
Hash identifier: VT6ZcJ9gxtpyoFbyMhCOyscaqNfyuyYOEMNut+vXsRI=
Subject key identifier: A2:80:40:17:63:DB:72:4C:35:CF:A3:F6:E0:20:80:AA:36:D2:7D:83
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01821694BFF4880F7AFD8C8D06E94A91B335
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/ooBAF2Pbckw1z6P24CCAqjbSfYM.roa
Signing time: Tue 19 Jul 2022 13:10:23 +0000
ROA not before: Tue 19 Jul 2022 13:10:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 149782
IP address blocks: 45.91.51.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:16:94:bf:f4:88:0f:7a:fd:8c:8d:06:e9:4a:91:b3:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jul 19 13:10:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a280401763db724c35cfa3f6e02080aa36d27d83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:c7:c5:6b:f0:78:09:ab:0f:e7:48:d2:17:06:
c5:64:3b:ea:d4:c5:87:e3:e8:5e:18:c8:df:cf:cf:
89:ff:ed:4a:91:12:42:38:21:d6:a1:79:a8:fc:c1:
66:ee:b4:cc:21:21:07:aa:ad:58:d7:15:96:c2:9f:
b6:88:2b:d1:cc:2e:14:77:13:36:8b:6f:2d:0b:ba:
5a:90:6c:00:25:b4:2f:70:08:ad:ca:76:44:c7:bf:
b0:cf:fe:e2:dc:85:1c:cb:44:c2:d4:c7:bd:4d:bc:
44:dd:b7:37:af:f8:dc:47:d4:cd:d8:75:75:9e:af:
5c:5b:a8:36:5d:54:a4:2b:a7:99:8c:f2:aa:e2:1f:
62:48:d5:c2:fe:4e:b3:01:b2:3e:2c:67:4b:90:f5:
86:ae:fd:3b:06:6c:67:e3:95:5c:b4:10:10:a8:d7:
e0:5f:6e:48:52:f0:39:ae:ad:c8:58:0f:aa:6c:36:
15:64:b1:cd:36:0c:90:14:bd:64:b8:62:fd:2e:39:
ef:48:39:38:e1:1d:0e:55:63:d0:5b:8c:06:51:22:
84:b9:be:d6:15:e8:27:1a:35:c6:f6:d5:89:5b:e9:
5e:d7:4f:b3:14:12:62:bf:0b:e3:2b:4f:0a:c8:54:
e7:ed:50:a2:67:74:dc:12:b8:33:bd:66:8c:bd:cb:
0a:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:80:40:17:63:DB:72:4C:35:CF:A3:F6:E0:20:80:AA:36:D2:7D:83
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/ooBAF2Pbckw1z6P24CCAqjbSfYM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.51.0/24
Signature Algorithm: sha256WithRSAEncryption
09:4f:e5:ca:c6:08:0d:cd:65:bf:9f:3f:7f:40:3b:69:32:35:
7b:d2:4f:32:3e:b7:27:75:67:9b:47:a7:e0:e2:60:7e:1c:60:
2e:7d:cc:05:18:05:d0:65:66:76:25:a0:ee:e3:ec:45:94:5e:
55:59:0c:a5:57:5e:bf:54:86:77:68:60:da:f1:33:1a:bf:4e:
16:8c:54:e6:c2:43:6f:0d:d6:43:97:d1:9e:2c:1e:98:20:23:
8c:22:89:bc:03:15:ad:6b:72:cd:57:b6:f1:84:39:c2:5e:60:
b6:cc:7c:ff:81:7b:bd:84:85:fc:f9:dd:cb:91:3b:cf:e1:ae:
0c:2d:f4:fd:3b:e3:54:45:50:e6:8f:88:f4:9a:36:46:9a:07:
e3:e6:07:b8:62:86:10:dd:89:19:ae:4e:6e:5c:b6:43:3f:25:
7a:ba:a4:89:de:4b:24:cd:cc:db:ca:5c:42:6a:26:d3:d6:a7:
fc:df:d7:99:88:d3:d3:a2:a9:73:f7:15:27:a8:bf:13:81:ef:
b4:36:df:7d:a2:3b:41:1c:5b:9c:fa:05:39:01:4a:7d:29:0f:
6d:0e:70:f9:8d:f7:50:03:36:29:f2:d2:3c:f0:03:e8:c1:c0:
b8:e3:00:72:f8:2a:01:81:ba:be:9b:13:b0:82:0b:ee:6a:6a:
39:b7:e9:59
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYIWlL/0iA96/YyNBulKkbM1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjIwNzE5MTMxMDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjgwNDAxNzYzZGI3MjRjMzVjZmEzZjZlMDIwODBhYTM2ZDI3ZDgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApMfFa/B4CasP50jSFwbFZDvq1MWH
4+heGMjfz8+J/+1KkRJCOCHWoXmo/MFm7rTMISEHqq1Y1xWWwp+2iCvRzC4UdxM2
i28tC7pakGwAJbQvcAitynZEx7+wz/7i3IUcy0TC1Me9TbxE3bc3r/jcR9TN2HV1
nq9cW6g2XVSkK6eZjPKq4h9iSNXC/k6zAbI+LGdLkPWGrv07Bmxn45VctBAQqNfg
X25IUvA5rq3IWA+qbDYVZLHNNgyQFL1kuGL9LjnvSDk44R0OVWPQW4wGUSKEub7W
FegnGjXG9tWJW+le10+zFBJivwvjK08KyFTn7VCiZ3TcErgzvWaMvcsK7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKKAQBdj23JMNc+j9uAggKo20n2DMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvb29CQUYyUGJja3cxejZQMjRDQ0FxamJTZllNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVszMA0G
CSqGSIb3DQEBCwUAA4IBAQAJT+XKxggNzWW/nz9/QDtpMjV70k8yPrcndWebR6fg
4mB+HGAufcwFGAXQZWZ2JaDu4+xFlF5VWQylV16/VIZ3aGDa8TMav04WjFTmwkNv
DdZDl9GeLB6YICOMIom8AxWta3LNV7bxhDnCXmC2zHz/gXu9hIX8+d3LkTvP4a4M
LfT9O+NURVDmj4j0mjZGmgfj5ge4YoYQ3YkZrk5uXLZDPyV6uqSJ3kskzczbylxC
aibT1qf839eZiNPToqlz9xUnqL8Tge+0Nt99ojtBHFuc+gU5AUp9KQ9tDnD5jfdQ
AzYp8tI88APowcC44wBy+CoBgbq+mxOwggvuamo5t+lZ
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:03 2023 by rpki-client on console-fra.rpki-client.org