Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/613508-0832-41f6-acb7-831f7e6f5ccd/1/dldr9rE-qoTCxE3-74hn1e1qVNw.roa
File: dldr9rE-qoTCxE3-74hn1e1qVNw.roa (raw, json)
Hash identifier: Xav8t21LbtsSIdSNgWwlMWgJhw4ShaGZxMSlM62aEc8=
Subject key identifier: 76:57:6B:F6:B1:3E:AA:84:C2:C4:4D:FE:EF:88:67:D5:ED:6A:54:DC
Certificate issuer: /CN=424feffb576e411de511871dc1e0bd7a20e2c4d7
Certificate serial: 01856F8B91AB1C40D28DE056351C46038A68
Authority key identifier: 42:4F:EF:FB:57:6E:41:1D:E5:11:87:1D:C1:E0:BD:7A:20:E2:C4:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qk_v-1duQR3lEYcdweC9eiDixNc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/613508-0832-41f6-acb7-831f7e6f5ccd/1/dldr9rE-qoTCxE3-74hn1e1qVNw.roa
Signing time: Sun 01 Jan 2023 22:54:55 +0000
ROA not before: Sun 01 Jan 2023 22:54:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7922
IP address blocks: 45.92.232.0/22 maxlen: 24
45.147.32.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:8b:91:ab:1c:40:d2:8d:e0:56:35:1c:46:03:8a:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=424feffb576e411de511871dc1e0bd7a20e2c4d7
Validity
Not Before: Jan 1 22:54:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=76576bf6b13eaa84c2c44dfeef8867d5ed6a54dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:f6:66:80:75:44:c2:41:6d:47:8d:d9:d7:96:
95:26:93:3a:45:ae:c0:ce:fc:bf:b7:3d:1e:23:b0:
7e:84:38:e9:6d:d3:c1:0d:c7:45:ee:67:14:07:56:
cb:ac:d8:54:6d:c5:b8:fd:8b:98:31:45:b6:ac:6c:
eb:c5:eb:04:b7:6d:a6:94:7e:8a:b3:82:c4:52:0f:
4d:57:9b:f1:1d:b2:45:f9:24:91:f3:2a:19:4c:34:
12:ef:8b:08:14:c4:5f:99:93:24:7e:8f:81:56:27:
93:bf:1e:50:11:08:d4:64:c3:9d:15:c1:f4:78:ec:
35:26:40:d8:bc:24:60:7b:a1:91:b9:05:ab:b3:0f:
e8:67:a3:b1:fd:bf:07:66:a0:9b:3f:5f:69:73:d7:
b6:70:70:60:b2:b7:12:b0:ca:ae:44:92:44:c5:a4:
e0:6e:93:69:ac:2d:b2:9a:c7:59:80:76:b3:3e:c7:
8c:0c:53:80:6d:5c:ad:41:cc:78:eb:fe:92:c7:70:
f5:46:8b:ce:9a:5d:49:76:cc:7d:73:fa:df:32:b7:
f9:21:bc:52:b0:18:8e:1b:5b:93:9e:43:14:e0:32:
87:d2:b9:ac:af:c7:48:14:02:cd:b6:7d:08:bc:de:
e7:a5:ed:52:16:f9:37:3c:23:36:00:2f:4d:62:56:
9c:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:57:6B:F6:B1:3E:AA:84:C2:C4:4D:FE:EF:88:67:D5:ED:6A:54:DC
X509v3 Authority Key Identifier:
keyid:42:4F:EF:FB:57:6E:41:1D:E5:11:87:1D:C1:E0:BD:7A:20:E2:C4:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qk_v-1duQR3lEYcdweC9eiDixNc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/613508-0832-41f6-acb7-831f7e6f5ccd/1/dldr9rE-qoTCxE3-74hn1e1qVNw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/613508-0832-41f6-acb7-831f7e6f5ccd/1/Qk_v-1duQR3lEYcdweC9eiDixNc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.92.232.0/22
45.147.32.0/22
Signature Algorithm: sha256WithRSAEncryption
27:92:29:7e:50:e5:04:3d:d7:99:c6:50:92:e0:83:81:e0:10:
c0:3b:c4:6f:12:8c:6a:05:d6:38:4f:93:f9:1d:87:9c:2f:06:
41:2a:c9:43:f7:28:23:be:66:2d:51:be:09:47:5c:58:b7:de:
09:3c:97:85:ee:50:07:05:96:3a:f7:7a:d7:4d:32:68:85:16:
ff:54:67:93:50:4f:3f:55:d1:7b:40:fa:37:80:cf:6a:fd:f4:
c8:61:66:53:38:0e:84:3c:d9:95:a6:20:c3:3c:94:b9:c1:2d:
70:7d:4d:49:17:9c:63:01:68:4b:42:5f:be:57:ae:92:ef:b4:
8e:c4:a9:e8:dc:95:2a:d8:70:69:bc:48:f5:b2:a9:99:60:8d:
72:04:17:f3:bd:9f:ac:66:8e:26:67:fb:6c:78:9d:2f:03:34:
3a:34:71:5c:59:5f:4c:4c:a7:d9:c6:2f:a1:d0:92:92:a9:a4:
86:4e:cc:fd:f4:6a:02:58:d9:19:86:c5:6f:f2:26:71:c2:2d:
19:0f:15:7d:5c:00:ea:3e:b4:62:fd:40:87:c4:84:2e:0c:1f:
95:d8:77:51:9d:dd:d4:f7:61:88:5d:58:3f:a8:b0:ec:7d:86:
af:b9:f5:4f:ae:07:ad:42:f8:a1:2f:6a:e1:f7:3c:9c:49:a9:
61:09:f4:02
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvi5GrHEDSjeBWNRxGA4poMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyNGZlZmZiNTc2ZTQxMWRlNTExODcxZGMxZTBiZDdhMjBl
MmM0ZDcwHhcNMjMwMTAxMjI1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjU3NmJmNmIxM2VhYTg0YzJjNDRkZmVlZjg4NjdkNWVkNmE1NGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApPZmgHVEwkFtR43Z15aVJpM6Ra7A
zvy/tz0eI7B+hDjpbdPBDcdF7mcUB1bLrNhUbcW4/YuYMUW2rGzrxesEt22mlH6K
s4LEUg9NV5vxHbJF+SSR8yoZTDQS74sIFMRfmZMkfo+BVieTvx5QEQjUZMOdFcH0
eOw1JkDYvCRge6GRuQWrsw/oZ6Ox/b8HZqCbP19pc9e2cHBgsrcSsMquRJJExaTg
bpNprC2ymsdZgHazPseMDFOAbVytQcx46/6Sx3D1RovOml1Jdsx9c/rfMrf5IbxS
sBiOG1uTnkMU4DKH0rmsr8dIFALNtn0IvN7npe1SFvk3PCM2AC9NYlacHQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHZXa/axPqqEwsRN/u+IZ9XtalTcMB8GA1UdIwQY
MBaAFEJP7/tXbkEd5RGHHcHgvXog4sTXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWtfdi0xZHVRUjNsRVljZHdlQzllaURpeE5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy82MTM1MDgtMDgzMi00MWY2LWFjYjct
ODMxZjdlNmY1Y2NkLzEvZGxkcjlyRS1xb1RDeEUzLTc0aG4xZTFxVk53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy82MTM1MDgtMDgzMi00MWY2LWFjYjctODMxZjdlNmY1Y2Nk
LzEvUWtfdi0xZHVRUjNsRVljZHdlQzllaURpeE5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLVzoAwQC
LZMgMA0GCSqGSIb3DQEBCwUAA4IBAQAnkil+UOUEPdeZxlCS4IOB4BDAO8RvEoxq
BdY4T5P5HYecLwZBKslD9ygjvmYtUb4JR1xYt94JPJeF7lAHBZY693rXTTJohRb/
VGeTUE8/VdF7QPo3gM9q/fTIYWZTOA6EPNmVpiDDPJS5wS1wfU1JF5xjAWhLQl++
V66S77SOxKno3JUq2HBpvEj1sqmZYI1yBBfzvZ+sZo4mZ/tseJ0vAzQ6NHFcWV9M
TKfZxi+h0JKSqaSGTsz99GoCWNkZhsVv8iZxwi0ZDxV9XADqPrRi/UCHxIQuDB+V
2HdRnd3U92GIXVg/qLDsfYavufVPrgetQvihL2rh9zycSalhCfQC
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:36:56 2025 by rpki-client