Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/e64148-4c8c-4e84-925b-e022e3009a71/1/af3jJnMYVDvCGlsfObzPGsDohs4.roa
File: af3jJnMYVDvCGlsfObzPGsDohs4.roa (raw, json)
Hash identifier: OR101jK44uwcMjzjvY2G+lf9RX6egKzY7lkyK39yYZY=
Subject key identifier: 69:FD:E3:26:73:18:54:3B:C2:1A:5B:1F:39:BC:CF:1A:C0:E8:86:CE
Certificate issuer: /CN=8069d9ffe048a70003f16f06e24d9bf2db85eb52
Certificate serial: 0748AB56
Authority key identifier: 80:69:D9:FF:E0:48:A7:00:03:F1:6F:06:E2:4D:9B:F2:DB:85:EB:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gGnZ_-BIpwAD8W8G4k2b8tuF61I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/e64148-4c8c-4e84-925b-e022e3009a71/1/af3jJnMYVDvCGlsfObzPGsDohs4.roa
Signing time: Sat 01 Jan 2022 07:56:01 +0000
ROA not before: Sat 01 Jan 2022 07:56:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208012
IP address blocks: 45.129.121.0/24 maxlen: 24
45.129.120.0/24 maxlen: 24
45.129.123.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 122202966 (0x748ab56)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8069d9ffe048a70003f16f06e24d9bf2db85eb52
Validity
Not Before: Jan 1 07:56:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=69fde3267318543bc21a5b1f39bccf1ac0e886ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:92:8d:39:19:41:80:99:0f:58:61:36:47:b3:
db:c1:eb:a0:74:30:69:ae:6c:8c:98:be:a8:d6:f7:
54:ff:1d:4a:a4:f7:f7:00:6f:fa:52:cb:d1:ab:6b:
6a:99:c3:e9:c9:79:bb:0f:64:37:f9:f9:be:35:b9:
7b:06:1b:18:e9:92:bf:fd:7a:9b:a3:09:20:66:e6:
b8:5f:82:e8:2b:8c:78:28:d2:52:da:1c:fa:22:ed:
52:a4:fd:b0:c7:82:bb:e4:e0:5a:77:98:a6:a8:0d:
d6:81:de:52:2e:de:de:1d:79:3d:79:f2:31:c5:98:
77:d3:42:f6:39:9d:88:7e:77:da:ae:66:da:05:64:
e1:5b:04:a8:e0:16:50:43:2f:3b:05:4d:6e:71:6d:
d9:64:72:62:f6:45:7e:ca:e3:90:9d:82:77:ee:f3:
6c:72:1e:b0:05:e2:c7:b4:44:15:db:0d:8d:2d:0c:
ac:e4:35:75:be:cb:5d:aa:98:c2:48:97:40:6e:87:
4c:72:85:af:52:56:99:d5:31:ff:64:85:58:bc:29:
a7:9f:90:9f:cc:57:6d:41:7a:19:e0:8d:da:1b:97:
53:ed:32:09:2a:ae:ca:74:8a:9f:eb:47:55:09:b3:
9e:79:6d:7d:bc:64:41:cf:fd:82:a7:65:2f:7e:f5:
83:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:FD:E3:26:73:18:54:3B:C2:1A:5B:1F:39:BC:CF:1A:C0:E8:86:CE
X509v3 Authority Key Identifier:
keyid:80:69:D9:FF:E0:48:A7:00:03:F1:6F:06:E2:4D:9B:F2:DB:85:EB:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gGnZ_-BIpwAD8W8G4k2b8tuF61I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/e64148-4c8c-4e84-925b-e022e3009a71/1/af3jJnMYVDvCGlsfObzPGsDohs4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/e64148-4c8c-4e84-925b-e022e3009a71/1/gGnZ_-BIpwAD8W8G4k2b8tuF61I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.120.0/23
45.129.123.0/24
Signature Algorithm: sha256WithRSAEncryption
63:3e:4a:ce:c1:8b:85:ef:a9:a7:dc:16:92:3f:be:c9:2c:d8:
ef:99:1d:3c:0b:33:f4:3f:f0:fb:b4:e0:64:6b:2b:77:c5:a2:
bf:fc:bd:65:d3:80:16:d2:c1:93:6a:95:27:5f:3e:84:54:ae:
3b:c0:7c:44:5c:4d:88:b9:d7:37:ca:42:0a:ed:34:81:a4:2c:
ee:7c:db:77:b9:27:45:d4:04:44:01:22:4e:7d:4d:48:97:11:
f0:4b:9b:fe:e1:a0:59:10:ea:ae:46:d9:02:cc:4d:bd:c4:49:
26:45:27:ec:ac:e4:e8:65:e8:c0:b8:61:fa:f7:15:3b:55:21:
09:32:48:3e:55:30:c6:33:97:c3:91:30:42:e0:ef:aa:73:2e:
cb:45:44:35:90:1c:a5:85:31:dc:2e:74:e5:a0:21:23:22:5e:
26:ac:68:39:1c:6a:ce:65:70:7b:c9:96:3a:9e:b6:d9:21:eb:
36:97:b1:2b:9f:5e:69:0e:74:d7:df:9c:59:da:86:cc:1f:0d:
92:2f:5c:80:74:05:5f:b5:a8:a8:5f:78:ad:a8:cb:10:16:15:
33:cc:63:0e:94:68:a8:1e:d3:a4:79:39:3b:cb:a2:57:78:5a:
45:e9:61:1a:78:6a:8f:43:ea:13:86:51:c7:13:80:67:22:9f:
5e:10:6c:4e
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEB0irVjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MDY5ZDlmZmUwNDhhNzAwMDNmMTZmMDZlMjRkOWJmMmRiODVlYjUyMB4XDTIyMDEw
MTA3NTYwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjlmZGUzMjY3MzE4
NTQzYmMyMWE1YjFmMzliY2NmMWFjMGU4ODZjZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMuSjTkZQYCZD1hhNkez28HroHQwaa5sjJi+qNb3VP8dSqT3
9wBv+lLL0atrapnD6cl5uw9kN/n5vjW5ewYbGOmSv/16m6MJIGbmuF+C6CuMeCjS
Utoc+iLtUqT9sMeCu+TgWneYpqgN1oHeUi7e3h15PXnyMcWYd9NC9jmdiH532q5m
2gVk4VsEqOAWUEMvOwVNbnFt2WRyYvZFfsrjkJ2Cd+7zbHIesAXix7REFdsNjS0M
rOQ1db7LXaqYwkiXQG6HTHKFr1JWmdUx/2SFWLwpp5+Qn8xXbUF6GeCN2huXU+0y
CSquynSKn+tHVQmznnltfbxkQc/9gqdlL371g0MCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRp/eMmcxhUO8IaWx85vM8awOiGzjAfBgNVHSMEGDAWgBSAadn/4EinAAPx
bwbiTZvy24XrUjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2dHblpfLUJJcHdBRDhXOEc0azJiOHR1RjYxSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2EvZTY0MTQ4LTRjOGMtNGU4NC05MjViLWUwMjJlMzAwOWE3MS8x
L2FmM2pKbk1ZVkR2Q0dsc2ZPYnpQR3NEb2hzNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Ev
ZTY0MTQ4LTRjOGMtNGU4NC05MjViLWUwMjJlMzAwOWE3MS8xL2dHblpfLUJJcHdB
RDhXOEc0azJiOHR1RjYxSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAS2BeAMEAC2BezANBgkqhkiG9w0B
AQsFAAOCAQEAYz5KzsGLhe+pp9wWkj++ySzY75kdPAsz9D/w+7TgZGsrd8Wiv/y9
ZdOAFtLBk2qVJ18+hFSuO8B8RFxNiLnXN8pCCu00gaQs7nzbd7knRdQERAEiTn1N
SJcR8Eub/uGgWRDqrkbZAsxNvcRJJkUn7Kzk6GXowLhh+vcVO1UhCTJIPlUwxjOX
w5EwQuDvqnMuy0VENZAcpYUx3C505aAhIyJeJqxoORxqzmVwe8mWOp622SHrNpex
K59eaQ5019+cWdqGzB8Nki9cgHQFX7WoqF94rajLEBYVM8xjDpRoqB7TpHk5O8ui
V3haRelhGnhqj0PqE4ZRxxOAZyKfXhBsTg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:58 2024 by rpki-client on console-fra.rpki-client.org