Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/d9xfWmg929wMwTN2I5dQJGRtZxo.roa
File: d9xfWmg929wMwTN2I5dQJGRtZxo.roa (raw, json)
Hash identifier: s8gELbf458pPmcTV+ehwC7xB2w0i+mATJYEmHeGg+r4=
Subject key identifier: 77:DC:5F:5A:68:3D:DB:DC:0C:C1:33:76:23:97:50:24:64:6D:67:1A
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 018539E8C94CBB7F32991F38F57E0AFE814E
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/d9xfWmg929wMwTN2I5dQJGRtZxo.roa
Signing time: Thu 22 Dec 2022 12:57:15 +0000
ROA not before: Thu 22 Dec 2022 12:57:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205775
IP address blocks: 185.36.0.0/22 maxlen: 22
45.93.56.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:39:e8:c9:4c:bb:7f:32:99:1f:38:f5:7e:0a:fe:81:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Dec 22 12:57:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=77dc5f5a683ddbdc0cc1337623975024646d671a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:9e:51:ca:f2:22:d2:9c:46:f2:50:ee:9c:27:
3e:40:8f:04:62:d4:8e:69:a9:a4:c0:de:e0:20:3b:
f2:9c:94:10:83:ac:2e:95:e3:bb:67:d3:52:f7:3c:
d9:ec:75:1a:9f:65:7d:9c:a0:33:90:9a:d7:3c:81:
55:55:77:68:28:71:67:6d:59:13:63:37:6b:fa:cc:
8a:30:ac:c3:24:87:92:63:25:9a:2b:b3:90:e3:ec:
0d:9c:d2:48:8c:52:49:fd:46:cd:65:8e:27:a1:e4:
2f:db:ca:56:a3:1e:72:47:9f:b9:1d:d4:f4:22:60:
d7:65:45:39:35:48:1e:cd:c0:14:b3:24:50:a8:b2:
5f:5c:5c:f5:fa:73:1f:c3:54:14:51:c6:db:7c:c4:
8e:c7:a9:f1:6a:25:4b:e3:83:a6:e4:ed:dd:ec:aa:
bd:fc:5a:07:41:a4:4f:cf:ae:aa:a8:4d:3e:43:5f:
ad:84:0f:63:82:27:08:b9:d1:ed:01:ef:27:23:de:
10:ea:fd:a3:f9:ea:f2:dd:b3:4d:fa:02:51:96:fc:
52:e0:2d:7a:78:28:12:9f:5e:83:18:f3:e2:d8:de:
06:2c:d6:3a:cb:f7:35:0b:e0:28:19:e8:b9:f2:00:
d6:16:e4:3e:ad:4e:c6:5a:a5:65:9b:88:8b:26:88:
9d:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:DC:5F:5A:68:3D:DB:DC:0C:C1:33:76:23:97:50:24:64:6D:67:1A
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/d9xfWmg929wMwTN2I5dQJGRtZxo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.93.56.0/22
185.36.0.0/22
Signature Algorithm: sha256WithRSAEncryption
1e:55:d8:41:76:e7:de:0d:a6:62:74:f3:ad:84:9f:50:9c:77:
d4:b7:4d:c4:c4:52:b8:61:ba:31:64:85:2a:1b:8c:e5:39:d2:
fa:cb:d8:71:61:8d:9b:d9:9e:ff:2c:ba:a0:c5:29:84:21:47:
6b:91:71:4c:b3:13:26:e7:a2:2e:0c:a8:5a:9f:80:7c:f3:28:
b6:6b:f9:d1:75:c5:92:7e:53:96:0f:fd:7f:c4:91:ec:06:e0:
7d:00:b4:69:29:77:34:f2:44:bd:0a:32:bb:f9:cf:ba:aa:c2:
7a:11:ac:b2:1c:86:72:15:80:fb:de:3b:f1:d8:34:2c:42:84:
95:5d:4d:54:6e:84:59:f7:64:3f:6a:6d:a1:24:50:e8:80:52:
f0:42:08:86:f6:94:cd:1e:c3:86:7e:a5:ca:14:b2:d7:02:a9:
fe:3e:17:db:9c:17:27:9e:e9:df:8d:55:70:6d:f8:fe:38:f3:
63:e8:ba:4f:12:f6:fd:08:e0:2b:66:d1:8a:83:ae:00:b6:fa:
70:74:8d:3d:0a:dc:08:aa:a4:fc:39:7c:b1:ef:b9:b8:64:9e:
11:d9:d4:22:65:ad:06:02:29:a3:e5:3c:91:04:e8:32:39:9d:
7e:e8:be:f4:1b:7a:77:b6:ef:6d:00:da:28:0c:76:4a:d1:7b:
bd:2e:d5:36
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYU56MlMu38ymR849X4K/oFOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjIxMjIyMTI1NzE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2RjNWY1YTY4M2RkYmRjMGNjMTMzNzYyMzk3NTAyNDY0NmQ2NzFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhZ5RyvIi0pxG8lDunCc+QI8EYtSO
aamkwN7gIDvynJQQg6wuleO7Z9NS9zzZ7HUan2V9nKAzkJrXPIFVVXdoKHFnbVkT
Yzdr+syKMKzDJIeSYyWaK7OQ4+wNnNJIjFJJ/UbNZY4noeQv28pWox5yR5+5HdT0
ImDXZUU5NUgezcAUsyRQqLJfXFz1+nMfw1QUUcbbfMSOx6nxaiVL44Om5O3d7Kq9
/FoHQaRPz66qqE0+Q1+thA9jgicIudHtAe8nI94Q6v2j+ery3bNN+gJRlvxS4C16
eCgSn16DGPPi2N4GLNY6y/c1C+AoGei58gDWFuQ+rU7GWqVlm4iLJoidRwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHfcX1poPdvcDMEzdiOXUCRkbWcaMB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvZDl4ZldtZzkyOXdNd1ROMkk1ZFFKR1J0WnhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLV04AwQC
uSQAMA0GCSqGSIb3DQEBCwUAA4IBAQAeVdhBdufeDaZidPOthJ9QnHfUt03ExFK4
YboxZIUqG4zlOdL6y9hxYY2b2Z7/LLqgxSmEIUdrkXFMsxMm56IuDKhan4B88yi2
a/nRdcWSflOWD/1/xJHsBuB9ALRpKXc08kS9CjK7+c+6qsJ6EayyHIZyFYD73jvx
2DQsQoSVXU1UboRZ92Q/am2hJFDogFLwQgiG9pTNHsOGfqXKFLLXAqn+PhfbnBcn
nunfjVVwbfj+OPNj6LpPEvb9COArZtGKg64AtvpwdI09CtwIqqT8OXyx77m4ZJ4R
2dQiZa0GAimj5TyRBOgyOZ1+6L70G3p3tu9tANooDHZK0Xu9LtU2
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:36 2024 by rpki-client on console-fra.rpki-client.org