Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/SZrFkNdM6WV3lE3vj7qIjSb7otE.roa
File: SZrFkNdM6WV3lE3vj7qIjSb7otE.roa (raw, json)
Hash identifier: 9x5GlPrQ5gr0HQIr7MchXIijMmfiwCCb6/Egs5shx5s=
Subject key identifier: 49:9A:C5:90:D7:4C:E9:65:77:94:4D:EF:8F:BA:88:8D:26:FB:A2:D1
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 075CE729
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/SZrFkNdM6WV3lE3vj7qIjSb7otE.roa
Signing time: Thu 30 Jun 2022 18:37:25 +0000
ROA not before: Thu 30 Jun 2022 18:37:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60458
IP address blocks: 94.26.89.0/24 maxlen: 24
45.141.232.0/24 maxlen: 24
45.141.233.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 123529001 (0x75ce729)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Jun 30 18:37:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=499ac590d74ce96577944def8fba888d26fba2d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:38:5f:0c:53:00:c6:b0:12:2f:5a:7c:8b:33:
bd:26:cb:c9:92:b0:56:7b:66:8b:95:82:ee:46:9c:
a8:fd:15:91:73:a4:b3:8a:d8:92:75:be:89:ae:18:
ab:49:cd:5f:7c:74:fe:68:00:92:32:dc:b5:f1:42:
d7:f9:32:fc:5d:3e:c2:01:07:6c:2d:79:41:7e:8c:
50:4d:bb:8a:74:8a:65:aa:55:a1:e0:9b:89:63:83:
4d:33:6d:de:c0:e8:8e:56:e3:20:4a:ff:a9:2f:f0:
99:bb:f2:51:3c:06:91:cb:7d:fb:82:f9:e3:2d:b1:
01:ce:dd:c4:c0:88:f6:b2:58:86:0d:6b:6b:f5:8c:
19:ff:89:08:14:d8:15:d6:f0:99:1d:06:12:e8:27:
b0:d4:90:7c:44:ad:43:b1:fb:2e:e7:52:a7:a8:e5:
96:81:0a:f4:0b:83:bb:8c:c2:dc:6a:7b:67:f1:5c:
eb:d0:e5:14:08:a5:18:86:03:6a:9f:8d:f1:32:32:
85:72:82:6b:a1:68:f0:5f:60:3a:82:ae:6e:b1:7e:
17:5d:8c:c8:2c:6b:b6:c6:4a:7f:bf:5c:0c:2b:ab:
ec:5f:e5:6d:d0:22:cd:f8:9f:da:41:f0:08:bc:02:
b9:e2:35:0b:99:ad:b0:fb:58:df:66:9d:7d:e4:15:
23:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:9A:C5:90:D7:4C:E9:65:77:94:4D:EF:8F:BA:88:8D:26:FB:A2:D1
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/SZrFkNdM6WV3lE3vj7qIjSb7otE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.232.0/23
94.26.89.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:98:c0:77:03:4d:58:b1:ec:cc:c9:b1:06:cf:4b:3a:cd:e7:
23:be:a8:96:99:5e:17:23:8f:60:c1:48:2f:14:9b:7c:fc:6f:
3d:28:c7:59:58:ec:5b:c4:a7:7b:b3:73:76:6c:a8:59:ea:5a:
3e:02:82:78:ad:40:19:16:c0:ce:c8:8b:ca:cc:3f:c6:28:f1:
54:11:83:68:87:25:ef:5d:99:a5:60:29:8f:b2:e5:c1:92:3a:
5e:f5:6a:88:a3:1b:92:74:31:1b:b6:5e:64:49:e8:82:0d:bc:
c2:d5:06:e9:8b:77:91:ee:3f:35:cb:41:a7:bd:63:7a:f2:c2:
e2:4c:5b:4b:ff:63:5d:30:d4:b3:df:f6:87:0d:93:84:6b:8d:
5c:17:1f:75:9e:ba:1a:ac:c4:c2:6b:3f:5b:30:aa:dc:02:55:
4d:8b:bb:da:fe:39:0b:c8:e0:73:3b:57:65:6d:e4:4d:99:aa:
11:46:bc:be:25:2c:0b:dd:21:ad:5b:10:2b:ae:be:8e:cd:79:
f9:79:62:ae:fc:63:16:90:eb:db:f3:98:bc:41:0d:f0:4b:12:
95:7a:b4:5c:68:9f:37:09:40:ee:93:55:e4:a3:78:59:08:96:
d0:2d:38:23:0a:67:31:6e:38:61:7f:a6:e2:38:bf:76:72:f6:
15:cb:c6:df
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEB1znKTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ZDFjYWE2OTM1OGY4Yzk4ZjdhNzE5ZjI1OTdkNWRhZGRiZDAwMThjMB4XDTIyMDYz
MDE4MzcyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDk5YWM1OTBkNzRj
ZTk2NTc3OTQ0ZGVmOGZiYTg4OGQyNmZiYTJkMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIs4XwxTAMawEi9afIszvSbLyZKwVntmi5WC7kacqP0VkXOk
s4rYknW+ia4Yq0nNX3x0/mgAkjLctfFC1/ky/F0+wgEHbC15QX6MUE27inSKZapV
oeCbiWODTTNt3sDojlbjIEr/qS/wmbvyUTwGkct9+4L54y2xAc7dxMCI9rJYhg1r
a/WMGf+JCBTYFdbwmR0GEugnsNSQfEStQ7H7LudSp6jlloEK9AuDu4zC3Gp7Z/Fc
69DlFAilGIYDap+N8TIyhXKCa6Fo8F9gOoKubrF+F12MyCxrtsZKf79cDCur7F/l
bdAizfif2kHwCLwCueI1C5mtsPtY32adfeQVI0UCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRJmsWQ10zpZXeUTe+PuoiNJvui0TAfBgNVHSMEGDAWgBQtHKppNY+MmPen
GfJZfV2t29ABjDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0xSeXFhVFdQakpqM3B4bnlXWDFkcmR2UUFZdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGYvYTkzNjk5LTE4OGItNDcwYS05NmI3LTI5YjA4NWRkMjNhZC8x
L1NackZrTmRNNldWM2xFM3ZqN3FJalNiN290RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGYv
YTkzNjk5LTE4OGItNDcwYS05NmI3LTI5YjA4NWRkMjNhZC8xL0xSeXFhVFdQakpq
M3B4bnlXWDFkcmR2UUFZdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAS2N6AMEAF4aWTANBgkqhkiG9w0B
AQsFAAOCAQEATZjAdwNNWLHszMmxBs9LOs3nI76olpleFyOPYMFILxSbfPxvPSjH
WVjsW8Sne7NzdmyoWepaPgKCeK1AGRbAzsiLysw/xijxVBGDaIcl712ZpWApj7Ll
wZI6XvVqiKMbknQxG7ZeZEnogg28wtUG6Yt3ke4/NctBp71jevLC4kxbS/9jXTDU
s9/2hw2ThGuNXBcfdZ66GqzEwms/WzCq3AJVTYu72v45C8jgcztXZW3kTZmqEUa8
viUsC90hrVsQK66+js15+XlirvxjFpDr2/OYvEEN8EsSlXq0XGifNwlA7pNV5KN4
WQiW0C04IwpnMW44YX+m4ji/dnL2FcvG3w==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:07 2023 by rpki-client on console-fra.rpki-client.org