Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/4bcb1b-ff41-48e0-8db8-6212ac49ca3b/1/rmfLYQln9gm0wqD-ZgZ7uHrF0jg.roa
File: rmfLYQln9gm0wqD-ZgZ7uHrF0jg.roa (raw, json)
Hash identifier: vuOLGtfhll4uY2DbXRNY5eXEkzI8RrN1+MmRtxRg7TU=
Subject key identifier: AE:67:CB:61:09:67:F6:09:B4:C2:A0:FE:66:06:7B:B8:7A:C5:D2:38
Certificate issuer: /CN=ddb71471373bb0603c356eeded4b918292b5beee
Certificate serial: 43F973
Authority key identifier: DD:B7:14:71:37:3B:B0:60:3C:35:6E:ED:ED:4B:91:82:92:B5:BE:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3bcUcTc7sGA8NW7t7UuRgpK1vu4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/4bcb1b-ff41-48e0-8db8-6212ac49ca3b/1/rmfLYQln9gm0wqD-ZgZ7uHrF0jg.roa
Signing time: Mon 20 Jun 2022 12:17:53 +0000
ROA not before: Mon 20 Jun 2022 12:17:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1136
IP address blocks: 145.8.178.0/24 maxlen: 24
145.8.177.0/24 maxlen: 24
145.8.176.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4454771 (0x43f973)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddb71471373bb0603c356eeded4b918292b5beee
Validity
Not Before: Jun 20 12:17:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ae67cb610967f609b4c2a0fe66067bb87ac5d238
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:47:56:d1:de:e2:01:e4:9e:90:d4:ee:84:5f:
a9:e2:7f:0c:6f:4c:1c:23:59:29:e8:92:73:d3:48:
ee:bd:ca:21:2b:59:52:0c:85:ac:77:c9:11:19:db:
a8:48:0d:df:f4:7f:ff:3d:48:19:4b:6b:70:40:00:
41:e0:57:90:92:4c:9d:94:ea:73:4b:ef:90:9b:67:
11:6a:3d:fe:ee:06:88:9f:f7:33:f6:c4:57:48:5a:
8e:09:c2:b4:42:83:ba:ad:95:11:0d:cc:0b:fd:f1:
8c:bd:2e:64:f6:27:03:65:45:f4:2d:65:01:1d:14:
a2:2f:21:a8:09:0e:a9:39:d0:5e:40:40:3d:4f:df:
22:2b:64:38:2d:4f:20:78:77:e2:c8:fd:db:1a:9f:
b4:67:ca:68:15:0a:82:ee:c3:c6:67:9b:47:5b:76:
c0:db:cd:14:62:61:02:76:c8:a5:e2:4a:8e:09:a0:
91:20:b7:72:0d:3d:93:75:b1:ab:27:b2:aa:38:20:
a9:6c:a8:dd:12:c3:f0:83:12:e8:77:79:44:4c:a4:
4d:23:12:38:05:17:fb:b0:07:fc:73:29:7d:8b:14:
01:33:3d:79:a0:5b:6a:33:42:6d:f1:f0:1f:e4:9d:
84:b8:9d:ce:53:1e:65:c8:44:bc:c5:d3:66:00:ed:
5c:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:67:CB:61:09:67:F6:09:B4:C2:A0:FE:66:06:7B:B8:7A:C5:D2:38
X509v3 Authority Key Identifier:
keyid:DD:B7:14:71:37:3B:B0:60:3C:35:6E:ED:ED:4B:91:82:92:B5:BE:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3bcUcTc7sGA8NW7t7UuRgpK1vu4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/4bcb1b-ff41-48e0-8db8-6212ac49ca3b/1/rmfLYQln9gm0wqD-ZgZ7uHrF0jg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/4bcb1b-ff41-48e0-8db8-6212ac49ca3b/1/3bcUcTc7sGA8NW7t7UuRgpK1vu4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.8.176.0-145.8.178.255
Signature Algorithm: sha256WithRSAEncryption
2f:01:1d:d9:5a:24:3f:07:b7:52:87:9c:33:34:c7:cc:af:61:
8f:4e:d3:de:8c:da:be:e4:eb:86:9a:c4:0d:ab:b0:cc:30:3a:
c0:a8:fb:ad:ac:f8:38:e1:f1:16:96:a1:90:19:cd:2f:ac:4e:
f2:ff:6b:61:40:f7:ee:86:c3:2d:51:8d:d0:b3:d8:71:c2:4e:
2d:d8:9b:9c:ec:4b:f8:0b:4b:64:fa:2d:96:1b:25:10:46:dc:
02:e7:d0:7e:7b:02:51:0f:cf:b9:c8:f6:a7:00:ae:1a:ca:fe:
81:07:0e:38:06:f5:2f:98:c7:05:14:75:8c:ca:9f:cd:30:7a:
b8:73:20:e9:00:16:02:25:3b:72:05:de:ff:4e:d0:b7:d9:2a:
02:9f:4e:7e:19:f4:f4:52:89:8b:b6:92:b7:50:93:80:52:05:
6f:a5:14:95:65:9a:2c:e8:ef:92:09:7c:ce:2e:88:a8:fe:62:
bb:0c:6e:e6:31:47:91:5e:6b:c1:91:71:83:17:c1:cd:43:85:
1a:a1:cf:59:21:71:e4:dd:b1:eb:78:a3:6c:62:2c:07:84:85:
4f:e0:1c:91:c0:b0:29:eb:ea:99:02:be:7d:a5:59:f4:12:b3:
f7:99:0c:57:27:58:ff:cd:68:ee:7e:0e:ea:99:d3:ae:4c:15:
dd:d7:20:00
-----BEGIN CERTIFICATE-----
MIIE9jCCA96gAwIBAgIDQ/lzMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGRk
YjcxNDcxMzczYmIwNjAzYzM1NmVlZGVkNGI5MTgyOTJiNWJlZWUwHhcNMjIwNjIw
MTIxNzUzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhhZTY3Y2I2MTA5Njdm
NjA5YjRjMmEwZmU2NjA2N2JiODdhYzVkMjM4MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAokdW0d7iAeSekNTuhF+p4n8Mb0wcI1kp6JJz00juvcohK1lS
DIWsd8kRGduoSA3f9H//PUgZS2twQABB4FeQkkydlOpzS++Qm2cRaj3+7gaIn/cz
9sRXSFqOCcK0QoO6rZURDcwL/fGMvS5k9icDZUX0LWUBHRSiLyGoCQ6pOdBeQEA9
T98iK2Q4LU8geHfiyP3bGp+0Z8poFQqC7sPGZ5tHW3bA280UYmECdsil4kqOCaCR
ILdyDT2TdbGrJ7KqOCCpbKjdEsPwgxLod3lETKRNIxI4BRf7sAf8cyl9ixQBMz15
oFtqM0Jt8fAf5J2EuJ3OUx5lyES8xdNmAO1cMwIDAQABo4ICETCCAg0wHQYDVR0O
BBYEFK5ny2EJZ/YJtMKg/mYGe7h6xdI4MB8GA1UdIwQYMBaAFN23FHE3O7BgPDVu
7e1LkYKStb7uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
M2JjVWNUYzdzR0E4Tlc3dDdVdVJncEsxdnU0LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jMy80YmNiMWItZmY0MS00OGUwLThkYjgtNjIxMmFjNDljYTNiLzEv
cm1mTFlRbG45Z20wd3FELVpnWjd1SHJGMGpnLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy80
YmNiMWItZmY0MS00OGUwLThkYjgtNjIxMmFjNDljYTNiLzEvM2JjVWNUYzdzR0E4
Tlc3dDdVdVJncEsxdnU0LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCcG
CCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBASRCLADBACRCLIwDQYJKoZIhvcN
AQELBQADggEBAC8BHdlaJD8Ht1KHnDM0x8yvYY9O096M2r7k64aaxA2rsMwwOsCo
+62s+Djh8RaWoZAZzS+sTvL/a2FA9+6Gwy1RjdCz2HHCTi3Ym5zsS/gLS2T6LZYb
JRBG3ALn0H57AlEPz7nI9qcArhrK/oEHDjgG9S+YxwUUdYzKn80werhzIOkAFgIl
O3IF3v9O0LfZKgKfTn4Z9PRSiYu2krdQk4BSBW+lFJVlmizo75IJfM4uiKj+YrsM
buYxR5Fea8GRcYMXwc1DhRqhz1khceTdset4o2xiLAeEhU/gHJHAsCnr6pkCvn2l
WfQSs/eZDFcnWP/NaO5+DuqZ065MFd3XIAA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:48 2024 by rpki-client on console-fra.rpki-client.org