Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/877e40-6ca1-4a2b-89a5-8abf5ee6c4ad/1/zy29ORoF0bkAAHJjQKEEWP1hfhc.roa
File: zy29ORoF0bkAAHJjQKEEWP1hfhc.roa (raw, json)
Hash identifier: xms5KzxoBco2OGax4tBD+EIr1F05cT+GCK65XIUA+vc=
Subject key identifier: CF:2D:BD:39:1A:05:D1:B9:00:00:72:63:40:A1:04:58:FD:61:7E:17
Certificate issuer: /CN=cac21641bdbcfac24c54b6a4859483c5e41640b6
Certificate serial: 018337730BEAF198A63D2917AC81E0FE94AD
Authority key identifier: CA:C2:16:41:BD:BC:FA:C2:4C:54:B6:A4:85:94:83:C5:E4:16:40:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ysIWQb28-sJMVLakhZSDxeQWQLY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/877e40-6ca1-4a2b-89a5-8abf5ee6c4ad/1/zy29ORoF0bkAAHJjQKEEWP1hfhc.roa
Signing time: Tue 13 Sep 2022 15:23:50 +0000
ROA not before: Tue 13 Sep 2022 15:23:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 14618
IP address blocks: 45.56.224.0/21 maxlen: 21
45.56.228.0/22 maxlen: 22
45.56.236.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:37:73:0b:ea:f1:98:a6:3d:29:17:ac:81:e0:fe:94:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cac21641bdbcfac24c54b6a4859483c5e41640b6
Validity
Not Before: Sep 13 15:23:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cf2dbd391a05d1b90000726340a10458fd617e17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:85:83:4d:80:1d:5b:c5:53:30:6e:59:89:a8:
0f:02:be:9c:2c:f4:38:28:9f:ef:fe:55:a0:aa:f5:
3c:b5:85:7d:2b:56:5d:aa:97:36:cf:25:99:46:02:
f9:88:76:5d:c0:b1:6b:41:30:b6:21:7f:20:51:3f:
2f:9f:c8:d1:81:94:8d:a8:d9:6f:53:19:27:00:e0:
32:24:1e:72:0e:e7:fd:96:bc:ea:92:47:ef:f0:e8:
cb:ff:f0:44:40:bb:f0:9c:32:1c:a4:5c:f9:bc:de:
f6:15:a3:43:2e:f9:1a:2a:48:95:e5:54:b8:a4:f2:
f2:c3:29:c4:09:48:1b:b2:8b:7b:d6:df:87:70:15:
53:fa:55:df:f2:c8:d4:81:4d:8d:c9:8e:0d:a3:d9:
36:8f:6e:b2:e7:e8:27:08:20:e0:5f:c0:31:8f:63:
c6:23:e4:1a:43:29:ce:b6:e1:81:db:1e:f4:7d:ff:
de:32:2a:d7:88:d3:5c:3d:7d:c1:57:b3:61:b6:7a:
7f:4a:cb:61:f5:25:2a:d7:ad:7d:06:87:ea:58:cc:
c7:79:9d:01:f1:cf:28:a2:87:6d:3a:cb:d1:9f:0a:
91:9e:07:8c:b6:c5:b0:87:dc:fd:77:3a:0b:22:7a:
b4:44:f6:ac:7b:8f:5c:4e:a3:87:60:f6:e4:4f:5b:
be:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:2D:BD:39:1A:05:D1:B9:00:00:72:63:40:A1:04:58:FD:61:7E:17
X509v3 Authority Key Identifier:
keyid:CA:C2:16:41:BD:BC:FA:C2:4C:54:B6:A4:85:94:83:C5:E4:16:40:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ysIWQb28-sJMVLakhZSDxeQWQLY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/877e40-6ca1-4a2b-89a5-8abf5ee6c4ad/1/zy29ORoF0bkAAHJjQKEEWP1hfhc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/877e40-6ca1-4a2b-89a5-8abf5ee6c4ad/1/ysIWQb28-sJMVLakhZSDxeQWQLY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.56.224.0/21
45.56.236.0/23
Signature Algorithm: sha256WithRSAEncryption
85:0d:9f:b8:eb:f2:23:ca:92:18:d2:bb:38:da:11:c8:86:fb:
14:e9:08:04:c5:de:dd:d5:7b:a1:52:f1:c1:f4:f1:4a:a7:eb:
25:99:4a:de:4d:37:ef:d3:5c:06:c6:3d:9b:2e:13:a3:24:52:
64:ed:8a:3e:17:37:c9:4f:fd:85:fb:3d:b0:bb:68:2e:72:59:
58:16:5b:4e:55:72:97:e7:00:b2:ff:4f:92:15:a3:40:b8:8b:
8c:49:a7:58:d3:f5:89:d4:14:48:24:89:11:dd:e9:4c:a4:76:
d8:06:5a:5d:b1:f0:7c:9b:56:10:3a:37:25:5e:05:2f:2a:93:
3f:35:f3:bd:30:92:cf:94:c5:15:d4:f7:d6:9a:f4:54:0b:96:
85:7f:87:67:0a:0a:86:3e:ed:6c:39:ae:da:2e:8b:8c:92:1c:
77:a1:52:9e:23:50:d8:83:63:07:93:51:21:98:4b:d8:a3:bf:
d9:2d:c9:08:e5:97:61:c8:2f:5c:a0:5e:d9:e9:15:80:f3:71:
da:53:f2:76:05:d4:0b:6b:2b:23:81:0d:e8:08:4a:c6:c4:d5:
fb:cf:89:e7:15:4b:91:47:b9:91:ac:cd:53:9a:19:a0:65:ae:
6c:61:ec:36:39:50:64:1b:a7:c2:f2:39:f9:f7:97:12:54:1d:
32:75:ce:bf
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYM3cwvq8ZimPSkXrIHg/pStMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhYzIxNjQxYmRiY2ZhYzI0YzU0YjZhNDg1OTQ4M2M1ZTQx
NjQwYjYwHhcNMjIwOTEzMTUyMzUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjJkYmQzOTFhMDVkMWI5MDAwMDcyNjM0MGExMDQ1OGZkNjE3ZTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtYWDTYAdW8VTMG5ZiagPAr6cLPQ4
KJ/v/lWgqvU8tYV9K1Zdqpc2zyWZRgL5iHZdwLFrQTC2IX8gUT8vn8jRgZSNqNlv
UxknAOAyJB5yDuf9lrzqkkfv8OjL//BEQLvwnDIcpFz5vN72FaNDLvkaKkiV5VS4
pPLywynECUgbsot71t+HcBVT+lXf8sjUgU2NyY4No9k2j26y5+gnCCDgX8Axj2PG
I+QaQynOtuGB2x70ff/eMirXiNNcPX3BV7Nhtnp/Ssth9SUq1619BofqWMzHeZ0B
8c8ooodtOsvRnwqRngeMtsWwh9z9dzoLInq0RPase49cTqOHYPbkT1u+2wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFM8tvTkaBdG5AAByY0ChBFj9YX4XMB8GA1UdIwQY
MBaAFMrCFkG9vPrCTFS2pIWUg8XkFkC2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXNJV1FiMjgtc0pNVkxha2haU0R4ZVFXUUxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi84NzdlNDAtNmNhMS00YTJiLTg5YTUt
OGFiZjVlZTZjNGFkLzEvenkyOU9Sb0YwYmtBQUhKalFLRUVXUDFoZmhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi84NzdlNDAtNmNhMS00YTJiLTg5YTUtOGFiZjVlZTZjNGFk
LzEveXNJV1FiMjgtc0pNVkxha2haU0R4ZVFXUUxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDLTjgAwQB
LTjsMA0GCSqGSIb3DQEBCwUAA4IBAQCFDZ+46/IjypIY0rs42hHIhvsU6QgExd7d
1XuhUvHB9PFKp+slmUreTTfv01wGxj2bLhOjJFJk7Yo+FzfJT/2F+z2wu2gucllY
FltOVXKX5wCy/0+SFaNAuIuMSadY0/WJ1BRIJIkR3elMpHbYBlpdsfB8m1YQOjcl
XgUvKpM/NfO9MJLPlMUV1PfWmvRUC5aFf4dnCgqGPu1sOa7aLouMkhx3oVKeI1DY
g2MHk1EhmEvYo7/ZLckI5ZdhyC9coF7Z6RWA83HaU/J2BdQLaysjgQ3oCErGxNX7
z4nnFUuRR7mRrM1TmhmgZa5sYew2OVBkG6fC8jn595cSVB0ydc6/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:30 2024 by rpki-client on console-fra.rpki-client.org