Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/19455b-d2cf-4e5f-bf58-21df55ba9ebf/1/3CAJOdbOAgcqeiuGUQZM97Glsvw.roa
File: 3CAJOdbOAgcqeiuGUQZM97Glsvw.roa (raw, json)
Hash identifier: cTdJlsojjqaXcg6jGx64khjuYApGUq2cFn7DhLPAu2Q=
Subject key identifier: DC:20:09:39:D6:CE:02:07:2A:7A:2B:86:51:06:4C:F7:B1:A5:B2:FC
Certificate issuer: /CN=bea649ef6030fc80848fdfe21d4321ac8011fd10
Certificate serial: 083F86F0
Authority key identifier: BE:A6:49:EF:60:30:FC:80:84:8F:DF:E2:1D:43:21:AC:80:11:FD:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vqZJ72Aw_ICEj9_iHUMhrIAR_RA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/19455b-d2cf-4e5f-bf58-21df55ba9ebf/1/3CAJOdbOAgcqeiuGUQZM97Glsvw.roa
Signing time: Sat 01 Jan 2022 11:00:27 +0000
ROA not before: Sat 01 Jan 2022 11:00:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208567
IP address blocks: 45.91.125.0/24 maxlen: 24
2a0e:f41::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 138381040 (0x83f86f0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bea649ef6030fc80848fdfe21d4321ac8011fd10
Validity
Not Before: Jan 1 11:00:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dc200939d6ce02072a7a2b8651064cf7b1a5b2fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:d7:1c:33:dc:bf:ec:f0:07:39:2e:ce:9a:f1:
dc:23:37:23:bb:fd:20:ee:c8:ac:a1:ff:6f:34:8c:
4b:b6:a1:6f:fe:a1:a2:16:d7:e6:b1:34:91:f8:15:
fd:17:8c:86:f5:2c:70:2a:d4:64:76:76:95:02:83:
14:2f:84:35:d5:e6:9a:11:e6:3b:92:1c:96:08:d3:
7b:8c:3b:b4:bc:0e:9f:1b:8f:95:ff:14:cc:37:a9:
b7:43:5b:d9:16:43:00:3f:14:26:58:94:dd:30:72:
84:96:16:ef:ea:40:77:da:64:64:45:52:9c:f0:4f:
6e:37:7d:bb:e0:b0:41:a2:b6:51:d3:3b:6c:96:e4:
d2:fb:91:0a:d3:59:c5:9c:89:e6:6e:b3:5c:a3:2e:
1d:a9:4c:dc:71:85:ad:47:0b:84:47:19:5f:d1:62:
d4:19:8f:0a:49:50:fc:74:ac:7c:28:ef:6b:94:5e:
03:7e:55:7a:3a:28:9c:d5:6d:5f:f7:ca:d7:a7:36:
be:ff:84:57:64:74:3c:70:c2:6d:77:cf:84:31:43:
1a:79:73:ce:29:bf:de:25:2b:c5:b5:8b:05:3d:7d:
f4:f0:a3:1a:f6:c4:ba:11:8f:26:64:54:4a:c9:bf:
c1:20:18:8b:d5:4a:75:18:ff:41:13:c8:69:26:32:
02:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:20:09:39:D6:CE:02:07:2A:7A:2B:86:51:06:4C:F7:B1:A5:B2:FC
X509v3 Authority Key Identifier:
keyid:BE:A6:49:EF:60:30:FC:80:84:8F:DF:E2:1D:43:21:AC:80:11:FD:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vqZJ72Aw_ICEj9_iHUMhrIAR_RA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/19455b-d2cf-4e5f-bf58-21df55ba9ebf/1/3CAJOdbOAgcqeiuGUQZM97Glsvw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/19455b-d2cf-4e5f-bf58-21df55ba9ebf/1/vqZJ72Aw_ICEj9_iHUMhrIAR_RA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.125.0/24
IPv6:
2a0e:f41::/32
Signature Algorithm: sha256WithRSAEncryption
59:10:97:87:a7:03:4e:83:98:1f:ee:94:10:fb:cc:0a:b3:06:
75:ae:77:60:c4:ac:4a:a7:56:46:95:e6:1a:c0:23:7e:e4:77:
ad:d8:5f:9d:3e:b9:ab:b4:b5:da:c1:7f:42:02:1f:d1:86:ab:
74:09:76:4f:3e:3e:78:ca:8d:81:d6:7f:02:f0:2d:c4:81:05:
ff:65:5a:6a:cb:99:5e:2e:bc:05:38:3e:6f:70:d4:a8:e2:8b:
f8:7f:23:f1:be:16:61:3d:6c:a7:e7:36:a9:ec:04:f4:e8:69:
37:e2:c1:3d:8c:2a:cc:a3:4f:95:39:b5:7e:94:a8:86:54:a2:
68:86:77:cd:d1:0c:37:3d:ef:e8:26:a9:f0:ad:3c:91:96:03:
3c:37:28:94:4e:fc:d6:55:32:ca:2d:ea:c5:dd:ac:e7:4d:87:
f1:3e:5c:03:8c:d5:9b:b9:5b:7e:25:27:8c:55:43:0b:72:5f:
f2:e1:a8:95:c8:99:92:98:27:ff:56:fe:33:19:12:7f:61:f3:
5d:cb:a5:dd:85:95:f3:c0:60:91:f7:f4:c1:18:c3:37:26:6e:
ed:55:a0:37:1e:4b:43:3d:41:30:cc:72:41:11:cc:77:81:7c:
78:59:43:1a:e6:6c:8d:bf:a5:2d:92:0f:93:c6:14:ed:aa:5f:
4c:1a:83:27
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIECD+G8DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
ZWE2NDllZjYwMzBmYzgwODQ4ZmRmZTIxZDQzMjFhYzgwMTFmZDEwMB4XDTIyMDEw
MTExMDAyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGMyMDA5MzlkNmNl
MDIwNzJhN2EyYjg2NTEwNjRjZjdiMWE1YjJmYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANDXHDPcv+zwBzkuzprx3CM3I7v9IO7IrKH/bzSMS7ahb/6h
ohbX5rE0kfgV/ReMhvUscCrUZHZ2lQKDFC+ENdXmmhHmO5IclgjTe4w7tLwOnxuP
lf8UzDept0Nb2RZDAD8UJliU3TByhJYW7+pAd9pkZEVSnPBPbjd9u+CwQaK2UdM7
bJbk0vuRCtNZxZyJ5m6zXKMuHalM3HGFrUcLhEcZX9Fi1BmPCklQ/HSsfCjva5Re
A35VejoonNVtX/fK16c2vv+EV2R0PHDCbXfPhDFDGnlzzim/3iUrxbWLBT199PCj
GvbEuhGPJmRUSsm/wSAYi9VKdRj/QRPIaSYyAkECAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBTcIAk51s4CByp6K4ZRBkz3saWy/DAfBgNVHSMEGDAWgBS+pknvYDD8gISP
3+IdQyGsgBH9EDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3ZxWko3MkF3X0lDRWo5X2lIVU1ocklBUl9SQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzUvMTk0NTViLWQyY2YtNGU1Zi1iZjU4LTIxZGY1NWJhOWViZi8x
LzNDQUpPZGJPQWdjcWVpdUdVUVpNOTdHbHN2dy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzUv
MTk0NTViLWQyY2YtNGU1Zi1iZjU4LTIxZGY1NWJhOWViZi8xL3ZxWko3MkF3X0lD
RWo5X2lIVU1ocklBUl9SQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAC1bfTANBAIAAjAHAwUAKg4PQTAN
BgkqhkiG9w0BAQsFAAOCAQEAWRCXh6cDToOYH+6UEPvMCrMGda53YMSsSqdWRpXm
GsAjfuR3rdhfnT65q7S12sF/QgIf0YardAl2Tz4+eMqNgdZ/AvAtxIEF/2VaasuZ
Xi68BTg+b3DUqOKL+H8j8b4WYT1sp+c2qewE9OhpN+LBPYwqzKNPlTm1fpSohlSi
aIZ3zdEMNz3v6Cap8K08kZYDPDcolE781lUyyi3qxd2s502H8T5cA4zVm7lbfiUn
jFVDC3Jf8uGolciZkpgn/1b+MxkSf2HzXcul3YWV88Bgkff0wRjDNyZu7VWgNx5L
Qz1BMMxyQRHMd4F8eFlDGuZsjb+lLZIPk8YU7apfTBqDJw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:03 2024 by rpki-client on console-fra.rpki-client.org