Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/nCweUfXQD9gbnnQp2qmYwhWfva4.roa
File: nCweUfXQD9gbnnQp2qmYwhWfva4.roa (raw, json)
Hash identifier: idccaPzU2TMyLyuglvQz2GaRqWrSRHBC6XrNSjFWiOk=
Subject key identifier: 9C:2C:1E:51:F5:D0:0F:D8:1B:9E:74:29:DA:A9:98:C2:15:9F:BD:AE
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 0185302149E15A43752C1186B3485F219BB5
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/nCweUfXQD9gbnnQp2qmYwhWfva4.roa
Signing time: Tue 20 Dec 2022 15:22:45 +0000
ROA not before: Tue 20 Dec 2022 15:22:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209451
IP address blocks: 185.245.132.0/22 maxlen: 24
2a09:55c0::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:30:21:49:e1:5a:43:75:2c:11:86:b3:48:5f:21:9b:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Dec 20 15:22:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9c2c1e51f5d00fd81b9e7429daa998c2159fbdae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:1e:9b:4c:cf:2b:00:dc:ef:15:16:12:1b:99:
f2:b1:18:1b:68:5e:3c:d2:4a:67:e7:d1:46:4e:ff:
6b:83:72:27:1b:47:d7:5c:9e:7e:bf:0f:44:ef:b9:
c3:e1:02:e4:cf:04:fc:c3:2d:a1:b0:d4:c8:d8:66:
30:7c:30:18:bb:89:85:81:72:55:e2:a2:13:ef:89:
14:fc:ae:5d:dc:27:0d:39:31:28:d1:e6:09:2b:5b:
a3:df:b3:39:91:c6:64:5f:a4:d2:aa:2c:15:cd:f9:
ac:38:e9:91:e6:50:a4:df:1b:3d:e5:a1:88:74:49:
50:be:8b:35:07:85:d7:97:61:6d:b7:b5:eb:54:d7:
9b:0d:4d:f9:df:24:eb:ea:0c:de:a3:be:24:a0:8a:
d7:06:4b:56:7a:1e:de:5a:40:20:7d:ae:1e:af:66:
e9:38:9f:9a:86:6e:dc:69:75:4f:80:36:a5:01:fe:
12:f4:b2:a0:be:a6:24:95:67:0e:28:33:f5:96:4c:
0f:dd:c9:c0:74:aa:4c:5a:e1:ec:34:3b:e6:8c:17:
2a:d7:6d:cc:f9:da:10:3e:6d:12:3f:6f:c2:e8:99:
64:db:9f:93:a8:f0:3a:18:25:65:c5:c9:8c:8d:ae:
29:f8:0a:18:91:bf:3a:08:f8:5e:66:80:08:bd:69:
07:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:2C:1E:51:F5:D0:0F:D8:1B:9E:74:29:DA:A9:98:C2:15:9F:BD:AE
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/nCweUfXQD9gbnnQp2qmYwhWfva4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.245.132.0/22
IPv6:
2a09:55c0::/29
Signature Algorithm: sha256WithRSAEncryption
b4:ab:8d:16:02:0a:65:5b:54:ed:c1:05:4f:b3:cd:af:e9:f7:
9e:55:ca:bf:5b:ef:f9:94:f1:46:52:e6:02:c8:f0:ac:7d:a6:
8d:39:87:b4:36:e7:81:91:cc:85:e6:42:93:34:71:03:b3:5d:
76:e6:4c:7c:aa:19:66:70:47:81:a0:94:cb:38:d7:d7:aa:1e:
6c:9f:7c:05:e1:9f:ed:ae:dd:45:9a:d2:b9:9b:46:b6:31:07:
aa:d2:6c:de:09:a3:0b:03:00:a1:59:85:d9:43:bf:d6:4d:bb:
08:58:55:5f:59:94:7b:ee:95:38:8e:ac:db:28:87:27:f4:a7:
8a:bb:1d:e5:9c:d3:0c:48:02:88:f1:d5:4f:c4:0b:fb:a7:95:
32:f9:ae:11:d4:22:e6:a6:cd:20:e4:bd:34:f5:97:b9:87:a4:
d6:7b:51:bf:ec:be:ad:2d:a0:fe:74:d0:73:ea:d9:67:0f:27:
d0:b9:a6:2e:a8:02:20:c2:4b:a0:38:b8:65:47:56:a3:bf:9b:
b4:b3:38:2d:a7:95:fd:fe:07:62:c7:cb:63:95:d5:7e:d9:cf:
5a:39:76:f3:30:d7:0b:c8:a4:d2:53:b5:f3:c2:30:aa:8b:ad:
61:7d:0d:f5:4c:6a:f4:eb:35:3b:23:f9:d3:07:24:ac:61:26:
34:70:82:1d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYUwIUnhWkN1LBGGs0hfIZu1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjIxMjIwMTUyMjQ1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzJjMWU1MWY1ZDAwZmQ4MWI5ZTc0MjlkYWE5OThjMjE1OWZiZGFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhB6bTM8rANzvFRYSG5nysRgbaF48
0kpn59FGTv9rg3InG0fXXJ5+vw9E77nD4QLkzwT8wy2hsNTI2GYwfDAYu4mFgXJV
4qIT74kU/K5d3CcNOTEo0eYJK1uj37M5kcZkX6TSqiwVzfmsOOmR5lCk3xs95aGI
dElQvos1B4XXl2Ftt7XrVNebDU353yTr6gzeo74koIrXBktWeh7eWkAgfa4er2bp
OJ+ahm7caXVPgDalAf4S9LKgvqYklWcOKDP1lkwP3cnAdKpMWuHsNDvmjBcq123M
+doQPm0SP2/C6Jlk25+TqPA6GCVlxcmMja4p+AoYkb86CPheZoAIvWkHpwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJwsHlH10A/YG550KdqpmMIVn72uMB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvbkN3ZVVmWFFEOWdibm5RcDJxbVl3aFdmdmE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCufWEMA0E
AgACMAcDBQMqCVXAMA0GCSqGSIb3DQEBCwUAA4IBAQC0q40WAgplW1TtwQVPs82v
6feeVcq/W+/5lPFGUuYCyPCsfaaNOYe0NueBkcyF5kKTNHEDs1125kx8qhlmcEeB
oJTLONfXqh5sn3wF4Z/trt1FmtK5m0a2MQeq0mzeCaMLAwChWYXZQ7/WTbsIWFVf
WZR77pU4jqzbKIcn9KeKux3lnNMMSAKI8dVPxAv7p5Uy+a4R1CLmps0g5L009Ze5
h6TWe1G/7L6tLaD+dNBz6tlnDyfQuaYuqAIgwkugOLhlR1ajv5u0szgtp5X9/gdi
x8tjldV+2c9aOXbzMNcLyKTSU7XzwjCqi61hfQ31TGr06zU7I/nTBySsYSY0cIId
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:51 2024 by rpki-client on console-ams.rpki-client.org