Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/zUOtIzbhSsPxngrk7ugjc5xctzE.roa
File: zUOtIzbhSsPxngrk7ugjc5xctzE.roa (raw, json)
Hash identifier: PDWO/ISWIMBEYtRSt1LzhQZsBlOokpLh78H7RrumdEs=
Subject key identifier: CD:43:AD:23:36:E1:4A:C3:F1:9E:0A:E4:EE:E8:23:73:9C:5C:B7:31
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01847B1C50AC1A3B8A6A4701ABCD700C452A
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/zUOtIzbhSsPxngrk7ugjc5xctzE.roa
Signing time: Tue 15 Nov 2022 11:46:03 +0000
ROA not before: Tue 15 Nov 2022 11:46:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 0
IP address blocks: 45.92.2.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:7b:1c:50:ac:1a:3b:8a:6a:47:01:ab:cd:70:0c:45:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Nov 15 11:46:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cd43ad2336e14ac3f19e0ae4eee823739c5cb731
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:a7:bd:08:cd:74:ca:9f:69:c6:9c:b8:1e:75:
90:9d:48:75:85:bb:2f:e2:7b:10:63:ef:cf:4b:47:
60:43:b4:12:b0:7a:36:78:d2:07:90:e0:38:01:65:
c7:41:18:ff:1d:80:d9:87:85:fe:2a:2f:5d:7c:87:
1f:83:a1:8c:04:08:45:1e:a6:b7:42:c7:d1:13:df:
09:53:b3:be:32:9f:4c:4f:f6:31:e6:75:4d:2e:ff:
ca:36:cb:f1:c8:e2:1c:e2:c5:cc:cd:da:6c:68:f0:
3e:ac:e1:f5:d1:9c:c9:4c:bf:c1:e3:f3:1f:0d:9f:
b6:cc:d3:56:ee:3b:67:f3:87:00:08:cf:88:68:02:
a4:77:fa:45:03:fe:e2:85:6a:9c:f1:2f:b6:4a:05:
b4:2b:be:80:a0:a9:43:1d:0c:2b:f6:ce:35:66:39:
90:74:29:56:57:35:21:b3:78:6b:a1:7b:31:8d:13:
bd:04:ca:b4:f5:7c:e1:b4:d8:3a:0f:c8:a9:bb:31:
9d:a9:ca:c0:51:bf:0d:cc:20:ea:c5:c9:4d:d4:4c:
2a:b5:9e:5a:16:a4:96:0c:88:a0:d7:8d:1e:9a:e2:
da:2a:63:a7:f0:83:90:17:52:cc:f5:f5:db:d0:ab:
8f:b1:5f:95:35:8c:22:21:92:6e:5f:04:f7:ed:38:
62:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:43:AD:23:36:E1:4A:C3:F1:9E:0A:E4:EE:E8:23:73:9C:5C:B7:31
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/zUOtIzbhSsPxngrk7ugjc5xctzE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.92.2.0/23
Signature Algorithm: sha256WithRSAEncryption
56:51:de:ca:5b:54:c2:72:32:7d:0d:00:16:cd:c1:53:d7:2e:
92:46:5d:67:50:10:d2:2e:de:37:c1:72:82:fc:58:b5:e1:28:
b1:3d:7e:33:78:df:e7:44:1b:ac:e5:2f:af:4f:4d:53:ca:76:
0f:ff:0e:bc:76:87:a5:94:9c:78:e4:ac:37:df:6b:c1:c3:0a:
e1:88:ef:5c:63:60:1c:40:59:e8:bd:be:db:0f:72:2e:48:1a:
ea:76:62:1b:93:3e:f2:eb:da:d1:92:42:53:57:29:06:c7:3d:
3d:70:75:62:e6:6c:0f:81:6c:72:3a:99:7d:63:06:d6:b2:4c:
06:8a:b5:82:a3:67:7d:9b:2b:b8:c7:91:bc:4c:5b:e8:9c:1f:
8b:4c:8d:67:47:ee:ab:67:4a:e3:67:51:97:ea:2a:5f:9f:df:
ce:dd:b4:06:a7:bd:b9:ab:a9:9c:67:8f:dc:8d:ac:43:68:0c:
17:52:e5:e5:d6:4b:06:21:df:1d:21:9c:8f:7f:f6:31:26:73:
26:28:cc:f6:bf:db:67:49:4f:cb:4b:f2:e4:87:e1:1a:64:49:
e0:9e:96:87:34:a3:61:43:b0:e3:d2:a0:d1:04:0a:1c:24:55:
3e:89:20:de:1d:c1:fd:41:59:ff:e1:df:08:4b:4c:69:67:e7:
4d:8c:d3:c8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYR7HFCsGjuKakcBq81wDEUqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjIxMTE1MTE0NjAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDQzYWQyMzM2ZTE0YWMzZjE5ZTBhZTRlZWU4MjM3MzljNWNiNzMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv6e9CM10yp9pxpy4HnWQnUh1hbsv
4nsQY+/PS0dgQ7QSsHo2eNIHkOA4AWXHQRj/HYDZh4X+Ki9dfIcfg6GMBAhFHqa3
QsfRE98JU7O+Mp9MT/Yx5nVNLv/KNsvxyOIc4sXMzdpsaPA+rOH10ZzJTL/B4/Mf
DZ+2zNNW7jtn84cACM+IaAKkd/pFA/7ihWqc8S+2SgW0K76AoKlDHQwr9s41ZjmQ
dClWVzUhs3hroXsxjRO9BMq09XzhtNg6D8ipuzGdqcrAUb8NzCDqxclN1EwqtZ5a
FqSWDIig140emuLaKmOn8IOQF1LM9fXb0KuPsV+VNYwiIZJuXwT37ThimwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM1DrSM24UrD8Z4K5O7oI3OcXLcxMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvelVPdEl6YmhTc1B4bmdyazd1Z2pjNXhjdHpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLVwCMA0G
CSqGSIb3DQEBCwUAA4IBAQBWUd7KW1TCcjJ9DQAWzcFT1y6SRl1nUBDSLt43wXKC
/Fi14SixPX4zeN/nRBus5S+vT01TynYP/w68doellJx45Kw332vBwwrhiO9cY2Ac
QFnovb7bD3IuSBrqdmIbkz7y69rRkkJTVykGxz09cHVi5mwPgWxyOpl9YwbWskwG
irWCo2d9myu4x5G8TFvonB+LTI1nR+6rZ0rjZ1GX6ipfn9/O3bQGp725q6mcZ4/c
jaxDaAwXUuXl1ksGId8dIZyPf/YxJnMmKMz2v9tnSU/LS/Lkh+EaZEngnpaHNKNh
Q7Dj0qDRBAocJFU+iSDeHcH9QVn/4d8IS0xpZ+dNjNPI
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:04 2023 by rpki-client on console-fra.rpki-client.org