Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/eHwYNbJL7Nc6j9v1T6llfTbXIJI.roa
File: eHwYNbJL7Nc6j9v1T6llfTbXIJI.roa (raw, json)
Hash identifier: 4KKR17tz7OBMhgf4H4LxjQohcXNnhX7jGadgFQeSk24=
Subject key identifier: 78:7C:18:35:B2:4B:EC:D7:3A:8F:DB:F5:4F:A9:65:7D:36:D7:20:92
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 0185593064F4377E87F9D568B923ED7D83EF
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/eHwYNbJL7Nc6j9v1T6llfTbXIJI.roa
Signing time: Wed 28 Dec 2022 14:43:41 +0000
ROA not before: Wed 28 Dec 2022 14:43:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203534
IP address blocks: 45.131.172.0/22 maxlen: 24
185.131.184.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:59:30:64:f4:37:7e:87:f9:d5:68:b9:23:ed:7d:83:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Dec 28 14:43:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=787c1835b24becd73a8fdbf54fa9657d36d72092
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:f3:c9:17:96:78:d5:5e:4e:42:9c:72:40:f8:
c5:21:32:f2:7d:85:b0:2b:75:4b:15:3e:42:76:b0:
73:f6:18:a9:52:e7:3d:2b:20:02:5f:a4:b4:93:6f:
87:e0:28:56:fd:6b:b6:92:1c:0c:fe:a2:4d:ad:50:
ac:95:04:a0:01:14:c6:e6:c3:43:56:03:94:ab:71:
7f:c5:0a:ed:2d:53:b1:ca:06:ee:2e:6b:fa:97:04:
d4:51:0c:83:55:84:b5:73:46:f9:e0:66:b4:de:2f:
73:b1:f1:50:5b:98:fa:60:63:1f:1a:80:fe:d7:9d:
1d:81:ee:30:37:27:c3:4e:1d:74:3f:b5:66:bc:ac:
5c:8f:06:db:99:bf:2a:62:d7:c6:46:ac:84:3c:9e:
f2:25:a0:7c:7d:45:b5:c6:be:96:6b:bd:a6:95:93:
f8:b7:07:b2:eb:99:bb:20:e1:3e:f2:d5:06:39:56:
e1:d0:93:2b:69:bb:1e:a4:77:be:7d:e4:08:9e:d9:
d0:e6:3c:09:d7:cc:0b:8e:b0:a5:4d:24:11:47:db:
ff:47:90:63:1a:fb:f2:06:94:2a:5e:03:8c:75:ff:
0a:dc:33:a6:54:d5:90:07:61:db:1d:b2:b0:8e:6f:
48:cd:96:55:0f:4f:4f:03:c8:56:41:4a:52:44:60:
07:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:7C:18:35:B2:4B:EC:D7:3A:8F:DB:F5:4F:A9:65:7D:36:D7:20:92
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/eHwYNbJL7Nc6j9v1T6llfTbXIJI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.131.172.0/22
185.131.184.0/22
Signature Algorithm: sha256WithRSAEncryption
99:df:aa:fe:4d:31:fb:09:96:94:96:8a:2c:d3:55:c0:84:12:
a4:1b:36:4f:95:f7:ea:5e:4f:17:d4:32:86:e0:67:97:ec:b2:
76:ed:87:0c:c5:33:11:18:55:5c:b6:33:5d:ec:33:f1:9f:23:
74:a9:c6:3f:d5:c0:4a:97:4d:ef:d9:77:70:96:e1:47:ac:fb:
ec:67:f2:3c:d7:99:f2:d1:c7:f7:d5:df:e2:00:b7:63:4c:1e:
47:09:76:78:51:fb:a7:38:73:43:e7:27:8b:e2:a1:87:02:e7:
7a:a2:02:d2:f6:b2:00:99:af:51:4a:1c:40:a1:1d:70:16:02:
44:2e:c0:62:01:3e:bc:6a:66:23:be:d8:b5:83:a1:ff:e8:0e:
57:23:b6:a1:c0:82:e7:f0:68:c7:fa:9f:57:6a:cb:bc:bf:b5:
56:1b:e8:ec:8b:1a:87:0e:12:f2:5d:ae:ec:2f:9c:ce:a2:53:
1e:af:30:cd:5d:ae:f3:5f:46:fe:10:af:2b:46:d1:4c:9e:55:
a3:e9:e2:8b:35:d7:03:6e:b5:d2:a5:54:f4:11:9c:0c:42:68:
31:62:ca:48:8a:5e:a3:aa:50:eb:95:f0:80:96:0a:ad:92:14:
cb:b3:b9:72:f2:e6:86:ef:59:8c:b2:32:0b:5e:ec:27:38:8b:
7d:85:0b:bb
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVZMGT0N36H+dVouSPtfYPvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjIxMjI4MTQ0MzQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODdjMTgzNWIyNGJlY2Q3M2E4ZmRiZjU0ZmE5NjU3ZDM2ZDcyMDkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxvPJF5Z41V5OQpxyQPjFITLyfYWw
K3VLFT5CdrBz9hipUuc9KyACX6S0k2+H4ChW/Wu2khwM/qJNrVCslQSgARTG5sND
VgOUq3F/xQrtLVOxygbuLmv6lwTUUQyDVYS1c0b54Ga03i9zsfFQW5j6YGMfGoD+
150dge4wNyfDTh10P7VmvKxcjwbbmb8qYtfGRqyEPJ7yJaB8fUW1xr6Wa72mlZP4
twey65m7IOE+8tUGOVbh0JMrabsepHe+feQIntnQ5jwJ18wLjrClTSQRR9v/R5Bj
GvvyBpQqXgOMdf8K3DOmVNWQB2HbHbKwjm9IzZZVD09PA8hWQUpSRGAHRQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHh8GDWyS+zXOo/b9U+pZX021yCSMB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvZUh3WU5iSkw3TmM2ajl2MVQ2bGxmVGJYSUpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLYOsAwQC
uYO4MA0GCSqGSIb3DQEBCwUAA4IBAQCZ36r+TTH7CZaUloos01XAhBKkGzZPlffq
Xk8X1DKG4GeX7LJ27YcMxTMRGFVctjNd7DPxnyN0qcY/1cBKl03v2XdwluFHrPvs
Z/I815ny0cf31d/iALdjTB5HCXZ4UfunOHND5yeL4qGHAud6ogLS9rIAma9RShxA
oR1wFgJELsBiAT68amYjvti1g6H/6A5XI7ahwILn8GjH+p9Xasu8v7VWG+jsixqH
DhLyXa7sL5zOolMerzDNXa7zX0b+EK8rRtFMnlWj6eKLNdcDbrXSpVT0EZwMQmgx
YspIil6jqlDrlfCAlgqtkhTLs7ly8uaG71mMsjILXuwnOIt9hQu7
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:36 2024 by rpki-client on console-fra.rpki-client.org