Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/0d8be8-b4b4-436e-86e2-ba4c56d8c0ce/1/1-DP9djyns8TRxM3E1IS20nLwYto.roa
File: 1-DP9djyns8TRxM3E1IS20nLwYto.roa (raw, json)
Hash identifier: vmfm1lb6sIIq6nyhXI8fyPh8tOpEwFMO9gV0OUBpq+E=
Subject key identifier: F8:33:FD:76:3C:A7:B3:C4:D1:C4:CD:C4:D4:84:B6:D2:72:F0:62:DA
Certificate issuer: /CN=e1b9a3ce0f593910819c3271e1e8d0bd1371a6be
Certificate serial: 01823F9BACFD4E1F2DA90C0A5164979A908A
Authority key identifier: E1:B9:A3:CE:0F:59:39:10:81:9C:32:71:E1:E8:D0:BD:13:71:A6:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4bmjzg9ZORCBnDJx4ejQvRNxpr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/0d8be8-b4b4-436e-86e2-ba4c56d8c0ce/1/1-DP9djyns8TRxM3E1IS20nLwYto.roa
Signing time: Wed 27 Jul 2022 12:22:23 +0000
ROA not before: Wed 27 Jul 2022 12:22:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197706
IP address blocks: 92.118.68.0/22 maxlen: 22
45.157.124.0/22 maxlen: 24
2a0f:4780::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:3f:9b:ac:fd:4e:1f:2d:a9:0c:0a:51:64:97:9a:90:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e1b9a3ce0f593910819c3271e1e8d0bd1371a6be
Validity
Not Before: Jul 27 12:22:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f833fd763ca7b3c4d1c4cdc4d484b6d272f062da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:98:e5:57:62:80:5c:31:6f:2c:8f:59:a0:7b:
b9:8a:ff:ed:e9:7e:13:22:fd:66:3d:71:29:21:b0:
cf:f1:4c:7f:cc:98:88:02:bd:c4:cf:90:11:f1:e0:
59:07:85:f6:a5:b6:1a:b3:0c:02:1a:af:9b:e4:25:
ef:0b:b4:5f:bf:f8:76:16:4c:2c:07:97:a2:29:b9:
7c:59:78:37:99:da:be:ca:66:3b:66:51:97:67:71:
a5:36:7c:2a:45:18:2c:81:f6:ab:87:ae:54:4d:77:
d2:fb:de:80:f0:ef:eb:6c:1d:11:e0:f6:1a:8a:6f:
89:e5:98:85:85:f2:86:0c:9d:83:22:c8:f1:c9:1b:
dc:05:0c:ce:e0:db:07:f8:f9:3c:8e:42:62:21:3a:
0f:35:cb:55:3d:25:6a:81:af:8d:b9:94:bc:2f:57:
c9:f7:63:32:0d:9b:b5:83:d3:73:24:b7:07:0e:96:
8e:41:bd:4a:77:de:c2:4a:74:07:b6:ed:bb:af:54:
fb:3e:86:8a:5c:0e:2b:ec:7a:d1:fb:c3:90:1f:8b:
5f:38:48:98:2b:43:f8:3f:78:4a:7b:97:02:9c:e0:
03:8c:8d:8d:b2:a6:11:2e:b5:3d:87:43:1e:40:1b:
05:76:ab:29:23:43:5e:d1:65:f8:9f:ec:ef:74:45:
b8:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:33:FD:76:3C:A7:B3:C4:D1:C4:CD:C4:D4:84:B6:D2:72:F0:62:DA
X509v3 Authority Key Identifier:
keyid:E1:B9:A3:CE:0F:59:39:10:81:9C:32:71:E1:E8:D0:BD:13:71:A6:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4bmjzg9ZORCBnDJx4ejQvRNxpr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/0d8be8-b4b4-436e-86e2-ba4c56d8c0ce/1/1-DP9djyns8TRxM3E1IS20nLwYto.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/0d8be8-b4b4-436e-86e2-ba4c56d8c0ce/1/4bmjzg9ZORCBnDJx4ejQvRNxpr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.124.0/22
92.118.68.0/22
IPv6:
2a0f:4780::/29
Signature Algorithm: sha256WithRSAEncryption
26:94:00:29:08:2e:d8:43:6f:f4:bd:25:57:bd:a3:39:db:e0:
fa:64:2c:1a:74:7d:94:c5:0c:b6:25:88:4a:f7:53:f2:8e:c1:
3d:d3:79:5c:32:9c:c9:8a:7c:ac:c1:52:93:19:fa:4d:0b:fb:
fd:cc:68:8d:3c:04:cd:e1:2e:98:cb:a6:cd:c7:15:9c:c2:12:
19:37:d1:67:62:37:6c:c1:20:cc:c2:0d:c5:fc:f2:25:b6:77:
ac:59:5c:0f:51:38:65:49:9c:ba:9b:90:ac:d9:c3:2d:9d:19:
21:5c:82:67:2d:09:a8:a8:be:c1:96:ac:48:88:b6:04:27:20:
f2:8a:f2:ca:55:c1:0a:58:df:fd:1c:d1:50:3e:4a:b8:ea:12:
c7:cd:96:71:4b:be:d9:5b:6c:0c:7f:15:ab:9c:53:47:cc:35:
5e:c4:dd:2f:6c:7c:40:ca:44:8d:66:57:6a:f8:78:7b:15:eb:
d8:4e:99:d7:0e:9b:86:36:59:1f:3c:5b:62:a0:cf:e5:98:8f:
a6:e2:e9:a9:91:9e:e5:84:4b:d8:0e:24:8b:87:75:8f:f5:2a:
60:58:a8:39:31:ab:b2:68:9c:bc:c3:16:dd:33:28:c4:f4:7b:
93:19:78:8a:5a:32:6f:86:6f:a0:54:37:ac:67:ae:c2:17:d1:
7b:80:eb:7c
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYI/m6z9Th8tqQwKUWSXmpCKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxYjlhM2NlMGY1OTM5MTA4MTljMzI3MWUxZThkMGJkMTM3
MWE2YmUwHhcNMjIwNzI3MTIyMjIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODMzZmQ3NjNjYTdiM2M0ZDFjNGNkYzRkNDg0YjZkMjcyZjA2MmRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkpjlV2KAXDFvLI9ZoHu5iv/t6X4T
Iv1mPXEpIbDP8Ux/zJiIAr3Ez5AR8eBZB4X2pbYaswwCGq+b5CXvC7Rfv/h2Fkws
B5eiKbl8WXg3mdq+ymY7ZlGXZ3GlNnwqRRgsgfarh65UTXfS+96A8O/rbB0R4PYa
im+J5ZiFhfKGDJ2DIsjxyRvcBQzO4NsH+Pk8jkJiIToPNctVPSVqga+NuZS8L1fJ
92MyDZu1g9NzJLcHDpaOQb1Kd97CSnQHtu27r1T7PoaKXA4r7HrR+8OQH4tfOEiY
K0P4P3hKe5cCnOADjI2NsqYRLrU9h0MeQBsFdqspI0Ne0WX4n+zvdEW4IwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFPgz/XY8p7PE0cTNxNSEttJy8GLaMB8GA1UdIwQY
MBaAFOG5o84PWTkQgZwyceHo0L0Tcaa+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGJtanpnOVpPUkNCbkRKeDRlalF2Uk54cHI0LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC8wZDhiZTgtYjRiNC00MzZlLTg2ZTIt
YmE0YzU2ZDhjMGNlLzEvMS1EUDlkanluczhUUnhNM0UxSVMyMG5Md1l0by5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZDQvMGQ4YmU4LWI0YjQtNDM2ZS04NmUyLWJhNGM1NmQ4YzBj
ZS8xLzRibWp6ZzlaT1JDQm5ESng0ZWpRdlJOeHByNC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA0BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAi2dfAME
Alx2RDANBAIAAjAHAwUDKg9HgDANBgkqhkiG9w0BAQsFAAOCAQEAJpQAKQgu2ENv
9L0lV72jOdvg+mQsGnR9lMUMtiWISvdT8o7BPdN5XDKcyYp8rMFSkxn6TQv7/cxo
jTwEzeEumMumzccVnMISGTfRZ2I3bMEgzMINxfzyJbZ3rFlcD1E4ZUmcupuQrNnD
LZ0ZIVyCZy0JqKi+wZasSIi2BCcg8oryylXBCljf/RzRUD5KuOoSx82WcUu+2Vts
DH8Vq5xTR8w1XsTdL2x8QMpEjWZXavh4exXr2E6Z1w6bhjZZHzxbYqDP5ZiPpuLp
qZGe5YRL2A4ki4d1j/UqYFioOTGrsmicvMMW3TMoxPR7kxl4iloyb4ZvoFQ3rGeu
whfRe4DrfA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:23 2023 by rpki-client on console-ams.rpki-client.org