Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/0b9cbf-25ae-4327-98aa-a7dd9aea1d7a/1/Y3Ni-bi2RGwGVUoOGRsRkBoY77w.roa
File: Y3Ni-bi2RGwGVUoOGRsRkBoY77w.roa (raw, json)
Hash identifier: 77V6heU1u/GPOq+sPAHkt3RLSo5FxOeeJeDEHEHzYZE=
Subject key identifier: 63:73:62:F9:B8:B6:44:6C:06:55:4A:0E:19:1B:11:90:1A:18:EF:BC
Certificate issuer: /CN=afc193ee11e54716169f94c8f931eae1fc854921
Certificate serial: 01832BE0C8CE71195DC6B4A55BC5FA5D987E
Authority key identifier: AF:C1:93:EE:11:E5:47:16:16:9F:94:C8:F9:31:EA:E1:FC:85:49:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r8GT7hHlRxYWn5TI-THq4fyFSSE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/0b9cbf-25ae-4327-98aa-a7dd9aea1d7a/1/Y3Ni-bi2RGwGVUoOGRsRkBoY77w.roa
Signing time: Sun 11 Sep 2022 09:28:15 +0000
ROA not before: Sun 11 Sep 2022 09:28:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208367
IP address blocks: 45.142.100.0/24 maxlen: 24
2a10:46c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:2b:e0:c8:ce:71:19:5d:c6:b4:a5:5b:c5:fa:5d:98:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=afc193ee11e54716169f94c8f931eae1fc854921
Validity
Not Before: Sep 11 09:28:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=637362f9b8b6446c06554a0e191b11901a18efbc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:a1:bb:65:5a:84:01:db:1f:19:bc:c2:3c:66:
d5:4d:ae:bf:48:48:d3:87:d0:ba:99:75:0d:38:a6:
19:7e:40:b1:01:30:15:20:15:f5:c5:94:b1:ae:07:
f7:a3:60:5c:32:d8:ee:55:97:b4:f6:67:01:2c:b8:
fe:28:f1:fa:fa:4f:56:f5:66:ab:0a:d1:bd:eb:00:
d0:d4:2d:4d:91:37:6f:95:40:4b:ea:0a:38:9d:50:
f7:2b:ff:91:92:de:dc:ac:99:f4:ac:df:25:24:e2:
5a:5b:26:de:8a:51:76:b6:5b:f0:da:47:1d:dc:0a:
13:ad:99:04:cd:1f:e2:1c:d6:5c:00:c3:de:b3:b6:
2f:51:90:ff:9f:d5:77:00:0b:b7:2e:29:43:f3:cf:
b5:c3:fc:ea:48:46:3a:47:93:c2:d7:0a:5d:3b:d3:
04:52:de:79:a6:02:93:fa:a2:69:6b:59:c1:f4:b9:
99:a8:42:28:d5:0f:d7:a1:1a:8e:ce:72:23:07:5e:
de:a1:5b:8f:4c:8e:eb:e5:cb:6a:2b:41:53:24:fa:
3f:53:c4:60:46:d8:ca:a5:7d:1c:b5:79:e5:0e:9b:
87:70:ed:9f:b4:15:44:23:18:79:a9:18:26:a7:1b:
99:18:96:ff:d9:a9:da:e8:e4:ab:37:4b:f7:9f:45:
5d:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:73:62:F9:B8:B6:44:6C:06:55:4A:0E:19:1B:11:90:1A:18:EF:BC
X509v3 Authority Key Identifier:
keyid:AF:C1:93:EE:11:E5:47:16:16:9F:94:C8:F9:31:EA:E1:FC:85:49:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r8GT7hHlRxYWn5TI-THq4fyFSSE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/0b9cbf-25ae-4327-98aa-a7dd9aea1d7a/1/Y3Ni-bi2RGwGVUoOGRsRkBoY77w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/0b9cbf-25ae-4327-98aa-a7dd9aea1d7a/1/r8GT7hHlRxYWn5TI-THq4fyFSSE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.100.0/24
IPv6:
2a10:46c0::/32
Signature Algorithm: sha256WithRSAEncryption
5d:96:63:8a:43:0c:70:da:b1:a7:ea:8f:1f:b8:6e:d7:4e:2b:
dd:31:e0:4b:e1:b5:21:62:6b:6c:45:c3:56:5c:0d:58:9d:39:
18:f6:86:46:5a:ee:24:31:c2:be:59:e0:a3:f2:6c:f3:90:cd:
6d:6c:cc:cd:80:17:c4:61:7e:d0:1a:e6:77:e0:b2:65:e2:59:
2d:cf:be:a2:d6:fd:13:e1:13:9e:5a:1c:18:61:62:7e:f8:07:
9c:ad:d6:9e:4f:4b:e7:81:2c:c0:a6:f2:30:4f:cc:dc:f6:10:
64:6b:c8:e2:23:3b:4a:92:2e:e4:36:78:59:34:b8:f6:54:5f:
7d:46:65:31:3d:fa:1e:f3:ac:ac:2c:e1:24:4e:dc:a6:74:8e:
84:96:e9:3e:d8:9a:83:c1:79:f9:a7:bf:fb:05:e1:2b:48:4a:
97:77:54:ad:74:35:55:fb:3a:56:77:c6:73:67:f4:86:f9:64:
0a:bf:39:9f:34:27:12:fa:a5:01:e9:5f:2a:4f:21:56:ec:8c:
f1:e6:7f:80:b2:f9:0b:54:b2:c5:c3:dc:cb:76:32:f1:30:08:
e2:56:b6:9b:10:03:3e:ba:a7:79:84:dc:4e:2e:64:89:4d:07:
83:fb:93:ca:b0:c4:91:c2:3f:f8:1c:1d:91:c1:62:03:f6:c7:
b3:80:05:54
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYMr4MjOcRldxrSlW8X6XZh+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmYzE5M2VlMTFlNTQ3MTYxNjlmOTRjOGY5MzFlYWUxZmM4
NTQ5MjEwHhcNMjIwOTExMDkyODE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzczNjJmOWI4YjY0NDZjMDY1NTRhMGUxOTFiMTE5MDFhMThlZmJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl6G7ZVqEAdsfGbzCPGbVTa6/SEjT
h9C6mXUNOKYZfkCxATAVIBX1xZSxrgf3o2BcMtjuVZe09mcBLLj+KPH6+k9W9War
CtG96wDQ1C1NkTdvlUBL6go4nVD3K/+Rkt7crJn0rN8lJOJaWybeilF2tlvw2kcd
3AoTrZkEzR/iHNZcAMPes7YvUZD/n9V3AAu3LilD88+1w/zqSEY6R5PC1wpdO9ME
Ut55pgKT+qJpa1nB9LmZqEIo1Q/XoRqOznIjB17eoVuPTI7r5ctqK0FTJPo/U8Rg
RtjKpX0ctXnlDpuHcO2ftBVEIxh5qRgmpxuZGJb/2ana6OSrN0v3n0Vd+QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGNzYvm4tkRsBlVKDhkbEZAaGO+8MB8GA1UdIwQY
MBaAFK/Bk+4R5UcWFp+UyPkx6uH8hUkhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjhHVDdoSGxSeFlXbjVUSS1USHE0ZnlGU1NFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy8wYjljYmYtMjVhZS00MzI3LTk4YWEt
YTdkZDlhZWExZDdhLzEvWTNOaS1iaTJSR3dHVlVvT0dSc1JrQm9ZNzd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy8wYjljYmYtMjVhZS00MzI3LTk4YWEtYTdkZDlhZWExZDdh
LzEvcjhHVDdoSGxSeFlXbjVUSS1USHE0ZnlGU1NFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQALY5kMA0E
AgACMAcDBQAqEEbAMA0GCSqGSIb3DQEBCwUAA4IBAQBdlmOKQwxw2rGn6o8fuG7X
TivdMeBL4bUhYmtsRcNWXA1YnTkY9oZGWu4kMcK+WeCj8mzzkM1tbMzNgBfEYX7Q
GuZ34LJl4lktz76i1v0T4ROeWhwYYWJ++AecrdaeT0vngSzApvIwT8zc9hBka8ji
IztKki7kNnhZNLj2VF99RmUxPfoe86ysLOEkTtymdI6Eluk+2JqDwXn5p7/7BeEr
SEqXd1StdDVV+zpWd8ZzZ/SG+WQKvzmfNCcS+qUB6V8qTyFW7Izx5n+AsvkLVLLF
w9zLdjLxMAjiVrabEAM+uqd5hNxOLmSJTQeD+5PKsMSRwj/4HB2RwWID9sezgAVU
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:16 2024 by rpki-client on console-fra.rpki-client.org