Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/xEChOxwwb348P6pp5ZjxXMLR4BY.roa
File: xEChOxwwb348P6pp5ZjxXMLR4BY.roa (raw, json)
Hash identifier: xupSALc/J9PfUsGBnoICAJpzZCKUOtBmkYiUqzCrKRs=
Subject key identifier: C4:40:A1:3B:1C:30:6F:7E:3C:3F:AA:69:E5:98:F1:5C:C2:D1:E0:16
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0184F669D02F17D65E22AEFF4455196A14F1
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/xEChOxwwb348P6pp5ZjxXMLR4BY.roa
Signing time: Fri 09 Dec 2022 10:24:00 +0000
ROA not before: Fri 09 Dec 2022 10:24:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207821
IP address blocks: 45.129.134.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:f6:69:d0:2f:17:d6:5e:22:ae:ff:44:55:19:6a:14:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Dec 9 10:24:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c440a13b1c306f7e3c3faa69e598f15cc2d1e016
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:c1:3b:9b:8a:da:8a:78:e6:bb:f9:6e:6c:b8:
05:10:09:24:d7:6b:80:2a:98:a1:fc:8b:cd:2f:5c:
ec:0a:e3:17:08:2a:4b:65:21:77:03:5f:e2:0d:41:
a1:6f:44:68:92:66:01:8c:95:6e:84:d4:bd:78:1f:
5e:4e:ae:d3:a7:bd:fc:92:b9:22:a4:7e:c1:ff:ba:
40:cc:31:25:7b:8f:60:50:8b:4a:4f:f8:42:92:ff:
ef:dd:27:2c:3c:c8:f1:e9:1e:62:8e:68:21:a0:87:
33:fb:c6:fe:3e:73:f6:75:a3:19:19:e7:2a:3d:e8:
aa:89:57:46:4a:e5:f0:9e:cc:21:7d:f3:dc:70:19:
d2:5f:cd:0b:64:1e:72:2a:a2:5e:58:65:68:c1:80:
97:a3:5b:ff:22:fb:6f:a9:40:14:5c:a2:c3:d2:47:
98:27:84:7d:0d:31:26:b4:fc:02:26:0e:90:15:15:
6f:58:a3:c3:51:20:ee:d8:29:85:b6:57:a8:e4:db:
05:e3:20:df:9c:53:cb:92:77:fc:d2:1b:70:ed:e2:
28:4d:66:0e:33:92:7a:ec:6c:e8:89:83:b1:23:9a:
97:9f:4e:53:b0:63:23:99:0d:ef:3d:84:63:6e:09:
e9:a6:53:30:6a:9f:cf:86:af:7d:19:1f:b6:61:79:
63:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:40:A1:3B:1C:30:6F:7E:3C:3F:AA:69:E5:98:F1:5C:C2:D1:E0:16
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/xEChOxwwb348P6pp5ZjxXMLR4BY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.134.0/23
Signature Algorithm: sha256WithRSAEncryption
4d:cd:e5:85:e4:0f:a1:cc:ca:ac:99:f2:5b:e7:fd:9b:1a:0a:
e6:99:1f:65:1c:3f:7e:a5:81:b4:24:8d:f8:12:20:12:b8:c2:
2f:3c:4c:92:fc:90:8a:da:41:90:df:c3:18:b0:96:ea:f9:fb:
1e:20:8c:8b:5e:fb:ed:83:ac:09:87:6a:d3:14:53:f0:d0:bc:
52:cc:34:58:b6:db:92:2d:ff:f4:ae:11:0b:e0:c7:ae:68:ad:
1a:db:39:16:1d:e6:a0:37:a2:99:71:6a:01:b7:18:11:1c:2e:
64:9f:30:12:06:80:25:2d:15:ff:07:96:c2:ff:8d:2b:49:70:
e3:be:75:ad:58:b7:08:e7:98:96:a1:6b:9c:dd:89:16:c3:b9:
7b:25:65:12:63:c0:87:b4:36:b4:aa:4f:6f:2a:fe:a8:88:7f:
f4:53:f6:a7:14:2c:c7:03:30:87:83:2b:90:ef:fe:a3:f8:3e:
98:70:08:20:ed:3a:aa:43:9e:2c:36:9e:b8:ab:3a:1b:fd:a6:
11:6f:5b:a2:2b:24:bf:b2:ea:1e:a0:1d:b7:72:6d:ad:1c:98:
e1:19:74:ce:3f:67:f0:47:47:3c:7f:05:65:fd:a8:c9:27:67:
d5:25:88:fe:b9:5e:3f:2a:a5:1d:7e:8e:29:c3:a8:cb:36:09:
69:b5:1f:0c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYT2adAvF9ZeIq7/RFUZahTxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjIxMjA5MTAyNDAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDQwYTEzYjFjMzA2ZjdlM2MzZmFhNjllNTk4ZjE1Y2MyZDFlMDE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgcE7m4rainjmu/lubLgFEAkk12uA
Kpih/IvNL1zsCuMXCCpLZSF3A1/iDUGhb0RokmYBjJVuhNS9eB9eTq7Tp738krki
pH7B/7pAzDEle49gUItKT/hCkv/v3ScsPMjx6R5ijmghoIcz+8b+PnP2daMZGecq
PeiqiVdGSuXwnswhffPccBnSX80LZB5yKqJeWGVowYCXo1v/IvtvqUAUXKLD0keY
J4R9DTEmtPwCJg6QFRVvWKPDUSDu2CmFtleo5NsF4yDfnFPLknf80htw7eIoTWYO
M5J67GzoiYOxI5qXn05TsGMjmQ3vPYRjbgnpplMwap/Phq99GR+2YXljewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMRAoTscMG9+PD+qaeWY8VzC0eAWMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEveEVDaE94d3diMzQ4UDZwcDVaanhYTUxSNEJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLYGGMA0G
CSqGSIb3DQEBCwUAA4IBAQBNzeWF5A+hzMqsmfJb5/2bGgrmmR9lHD9+pYG0JI34
EiASuMIvPEyS/JCK2kGQ38MYsJbq+fseIIyLXvvtg6wJh2rTFFPw0LxSzDRYttuS
Lf/0rhEL4MeuaK0a2zkWHeagN6KZcWoBtxgRHC5knzASBoAlLRX/B5bC/40rSXDj
vnWtWLcI55iWoWuc3YkWw7l7JWUSY8CHtDa0qk9vKv6oiH/0U/anFCzHAzCHgyuQ
7/6j+D6YcAgg7TqqQ54sNp64qzob/aYRb1uiKyS/suoeoB23cm2tHJjhGXTOP2fw
R0c8fwVl/ajJJ2fVJYj+uV4/KqUdfo4pw6jLNglptR8M
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:57 2023 by rpki-client on console-ams.rpki-client.org