Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/9822bc-1593-498c-8f6a-703b6b70a7ec/1/ghjNL21TrQ4ks7LJ31Bm6BPLTVY.roa
File: ghjNL21TrQ4ks7LJ31Bm6BPLTVY.roa (raw, json)
Hash identifier: seOr/85pLPZF56xe7LdusZupmz4OqUOMZ3v3kworcJc=
Subject key identifier: 82:18:CD:2F:6D:53:AD:0E:24:B3:B2:C9:DF:50:66:E8:13:CB:4D:56
Certificate issuer: /CN=92af03ca2df6423b77d0ef3737b0f4791aa035a3
Certificate serial: 01848BB00CEEC9860F36ABD102241DE4F440
Authority key identifier: 92:AF:03:CA:2D:F6:42:3B:77:D0:EF:37:37:B0:F4:79:1A:A0:35:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kq8Dyi32Qjt30O83N7D0eRqgNaM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/9822bc-1593-498c-8f6a-703b6b70a7ec/1/ghjNL21TrQ4ks7LJ31Bm6BPLTVY.roa
Signing time: Fri 18 Nov 2022 17:01:21 +0000
ROA not before: Fri 18 Nov 2022 17:01:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42282
IP address blocks: 45.143.60.0/24 maxlen: 24
45.143.61.0/24 maxlen: 24
2a0e:e2c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:8b:b0:0c:ee:c9:86:0f:36:ab:d1:02:24:1d:e4:f4:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92af03ca2df6423b77d0ef3737b0f4791aa035a3
Validity
Not Before: Nov 18 17:01:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8218cd2f6d53ad0e24b3b2c9df5066e813cb4d56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:a8:2a:05:17:4a:91:46:c8:fb:74:fa:fd:c9:
d7:8d:39:5d:b8:97:df:38:18:b2:2f:a3:82:aa:9c:
62:b7:08:d9:3d:b9:10:55:14:0b:79:43:98:f7:ae:
ad:71:72:77:b0:f1:73:06:01:39:76:1d:07:5b:7b:
6f:1a:36:4d:1f:15:94:e4:ef:08:35:31:3e:f8:c6:
46:81:26:bc:64:51:83:6a:f8:23:0a:6d:f2:e4:ed:
de:5c:ef:06:82:8c:f6:f0:46:17:b1:bc:4a:77:0b:
ff:3f:4e:9b:42:88:0b:33:52:64:7e:42:29:74:33:
b0:65:14:e6:f8:e3:3b:8a:88:e9:5c:ac:b6:1a:88:
5d:ed:1e:13:e0:ac:5f:82:2f:41:ff:01:0f:b5:15:
b9:6d:49:b7:cf:7a:bf:7d:ae:6f:f3:e9:e5:8f:26:
b2:5f:0f:cd:ad:56:52:92:f7:35:27:4b:ed:3d:51:
b6:a1:61:31:3d:ec:19:cf:81:d3:f1:e0:e7:4f:82:
e1:ee:b9:92:89:19:79:b4:de:83:2b:9c:ad:ad:ef:
f6:bb:5e:0f:d9:fe:90:73:47:03:ce:fc:c4:3a:6a:
64:2f:cd:4f:33:03:42:f3:41:e2:d6:0c:dc:ad:a1:
a3:d9:80:bb:ee:49:bf:e9:53:a2:ef:e8:a8:d6:28:
3d:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:18:CD:2F:6D:53:AD:0E:24:B3:B2:C9:DF:50:66:E8:13:CB:4D:56
X509v3 Authority Key Identifier:
keyid:92:AF:03:CA:2D:F6:42:3B:77:D0:EF:37:37:B0:F4:79:1A:A0:35:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kq8Dyi32Qjt30O83N7D0eRqgNaM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/9822bc-1593-498c-8f6a-703b6b70a7ec/1/ghjNL21TrQ4ks7LJ31Bm6BPLTVY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/9822bc-1593-498c-8f6a-703b6b70a7ec/1/kq8Dyi32Qjt30O83N7D0eRqgNaM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.60.0/23
IPv6:
2a0e:e2c0::/29
Signature Algorithm: sha256WithRSAEncryption
73:07:8b:a5:96:78:ad:50:a3:fe:00:81:b6:25:9e:54:81:bf:
f6:21:ca:5d:6b:c1:c5:69:16:0c:4f:dc:88:ae:41:f0:c2:b1:
14:1a:e3:ad:c9:9b:e2:3b:58:e5:1f:8c:fc:14:c0:65:c3:dd:
91:24:87:11:1b:ad:78:8f:cd:c8:08:da:f7:10:ff:e9:d0:34:
35:ef:29:dd:02:a9:89:b9:36:2c:39:79:32:95:86:2b:37:41:
88:4b:48:1c:56:3e:64:df:93:66:54:f2:40:13:02:20:64:3e:
39:f9:b1:84:f9:c1:f4:e1:ba:49:c6:f1:eb:d6:4c:1c:2c:ba:
1b:17:56:80:06:36:45:b0:aa:e7:ef:71:58:b9:97:06:92:df:
6d:50:43:f0:20:f0:62:8c:b7:64:67:fc:af:c8:74:3c:ac:c6:
d1:4a:68:d1:9b:cc:3e:50:0f:31:d9:0d:d1:e8:c9:d6:ad:7f:
6c:ce:5c:1e:dd:db:d6:4f:bf:7f:79:57:0c:80:a5:0c:33:1a:
f7:40:93:a9:c0:38:8c:94:65:18:23:94:9c:d5:e4:44:35:b8:
a0:b7:63:ce:67:1c:b5:0d:cd:52:06:06:07:49:88:6f:b4:6a:
cb:8a:26:79:99:55:07:bc:a3:fc:13:7d:01:46:32:10:42:08:
7e:2f:e0:21
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYSLsAzuyYYPNqvRAiQd5PRAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyYWYwM2NhMmRmNjQyM2I3N2QwZWYzNzM3YjBmNDc5MWFh
MDM1YTMwHhcNMjIxMTE4MTcwMTIxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjE4Y2QyZjZkNTNhZDBlMjRiM2IyYzlkZjUwNjZlODEzY2I0ZDU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApagqBRdKkUbI+3T6/cnXjTlduJff
OBiyL6OCqpxitwjZPbkQVRQLeUOY966tcXJ3sPFzBgE5dh0HW3tvGjZNHxWU5O8I
NTE++MZGgSa8ZFGDavgjCm3y5O3eXO8Ggoz28EYXsbxKdwv/P06bQogLM1JkfkIp
dDOwZRTm+OM7iojpXKy2Gohd7R4T4Kxfgi9B/wEPtRW5bUm3z3q/fa5v8+nljyay
Xw/NrVZSkvc1J0vtPVG2oWExPewZz4HT8eDnT4Lh7rmSiRl5tN6DK5ytre/2u14P
2f6Qc0cDzvzEOmpkL81PMwNC80Hi1gzcraGj2YC77km/6VOi7+io1ig9lQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIIYzS9tU60OJLOyyd9QZugTy01WMB8GA1UdIwQY
MBaAFJKvA8ot9kI7d9DvNzew9HkaoDWjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3E4RHlpMzJRanQzME84M043RDBlUnFnTmFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS85ODIyYmMtMTU5My00OThjLThmNmEt
NzAzYjZiNzBhN2VjLzEvZ2hqTkwyMVRyUTRrczdMSjMxQm02QlBMVFZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS85ODIyYmMtMTU5My00OThjLThmNmEtNzAzYjZiNzBhN2Vj
LzEva3E4RHlpMzJRanQzME84M043RDBlUnFnTmFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBLY88MA0E
AgACMAcDBQMqDuLAMA0GCSqGSIb3DQEBCwUAA4IBAQBzB4ullnitUKP+AIG2JZ5U
gb/2Icpda8HFaRYMT9yIrkHwwrEUGuOtyZviO1jlH4z8FMBlw92RJIcRG614j83I
CNr3EP/p0DQ17yndAqmJuTYsOXkylYYrN0GIS0gcVj5k35NmVPJAEwIgZD45+bGE
+cH04bpJxvHr1kwcLLobF1aABjZFsKrn73FYuZcGkt9tUEPwIPBijLdkZ/yvyHQ8
rMbRSmjRm8w+UA8x2Q3R6MnWrX9szlwe3dvWT79/eVcMgKUMMxr3QJOpwDiMlGUY
I5Sc1eRENbigt2POZxy1Dc1SBgYHSYhvtGrLiiZ5mVUHvKP8E30BRjIQQgh+L+Ah
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:17 2024 by rpki-client on console-fra.rpki-client.org