Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/a64b09-64df-470c-a64d-1f6991877b26/1/rXjY32nao4KMTp7jIRzhxCJcgj0.roa
File: rXjY32nao4KMTp7jIRzhxCJcgj0.roa (raw, json)
Hash identifier: JvJ9Vpwos0n62JJpx1ufUl8dseLmZwxRB/Jm8JOKitQ=
Subject key identifier: AD:78:D8:DF:69:DA:A3:82:8C:4E:9E:E3:21:1C:E1:C4:22:5C:82:3D
Certificate issuer: /CN=4b72066d7e6ca8ad2ffa62a69b067923a42df96f
Certificate serial: 0183EF33C946563C05A97273B454BF64428E
Authority key identifier: 4B:72:06:6D:7E:6C:A8:AD:2F:FA:62:A6:9B:06:79:23:A4:2D:F9:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S3IGbX5sqK0v-mKmmwZ5I6Qt-W8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/a64b09-64df-470c-a64d-1f6991877b26/1/rXjY32nao4KMTp7jIRzhxCJcgj0.roa
Signing time: Wed 19 Oct 2022 07:44:51 +0000
ROA not before: Wed 19 Oct 2022 07:44:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212138
IP address blocks: 192.145.104.0/22 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:ef:33:c9:46:56:3c:05:a9:72:73:b4:54:bf:64:42:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b72066d7e6ca8ad2ffa62a69b067923a42df96f
Validity
Not Before: Oct 19 07:44:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ad78d8df69daa3828c4e9ee3211ce1c4225c823d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:a9:8a:de:f8:1a:a0:e5:10:cc:3f:8e:a4:ba:
97:f5:a5:57:38:60:a4:9b:28:aa:96:cd:84:4d:c8:
b4:21:0e:2b:4e:72:50:e7:2b:16:23:26:00:6a:26:
0d:79:97:92:9f:11:0f:e3:2b:f4:68:cd:62:ad:4f:
6c:a5:09:44:78:ce:67:79:5a:28:a6:87:80:f4:ce:
d8:ca:dd:37:c3:06:ad:68:55:44:bb:6f:92:fb:a8:
a7:f2:9d:1e:68:4a:97:b9:5f:05:bc:12:90:41:10:
23:15:ec:76:5b:0a:fb:cf:81:2c:c3:42:4f:c3:6e:
96:8c:9b:3c:c8:fe:fd:1a:52:ac:5d:dd:a5:a8:b8:
fd:23:6a:f2:22:18:65:41:88:c0:1f:e9:8f:ac:07:
a4:f5:c1:79:b5:b4:5b:c0:dd:b7:49:f1:cd:81:2f:
b7:c7:80:6a:60:eb:84:78:b8:e9:6f:39:3d:13:a9:
bb:e6:37:51:fe:6a:54:4a:e4:3a:9e:98:87:29:4f:
a9:88:8b:1e:64:88:7d:51:56:ff:d6:94:5b:0d:f5:
e1:0e:8e:be:c0:ae:63:5f:c9:6b:40:9e:18:69:3d:
0c:c2:31:62:11:5c:9a:7c:f1:4b:84:62:40:07:a3:
5d:b3:fb:d8:49:f2:04:e6:f4:82:8f:c0:a9:51:a5:
d3:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:78:D8:DF:69:DA:A3:82:8C:4E:9E:E3:21:1C:E1:C4:22:5C:82:3D
X509v3 Authority Key Identifier:
keyid:4B:72:06:6D:7E:6C:A8:AD:2F:FA:62:A6:9B:06:79:23:A4:2D:F9:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S3IGbX5sqK0v-mKmmwZ5I6Qt-W8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/a64b09-64df-470c-a64d-1f6991877b26/1/rXjY32nao4KMTp7jIRzhxCJcgj0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/a64b09-64df-470c-a64d-1f6991877b26/1/S3IGbX5sqK0v-mKmmwZ5I6Qt-W8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.145.104.0/22
Signature Algorithm: sha256WithRSAEncryption
b4:d4:c2:83:32:3e:d2:c0:22:4a:3d:9e:64:fb:13:09:a8:17:
22:96:e9:cd:4a:f0:c6:cb:8e:c2:a6:57:da:cb:02:88:ec:47:
b3:a3:be:9d:12:00:14:34:a8:3a:85:db:dc:ec:ec:b1:8b:30:
3e:87:bc:5f:84:3d:21:24:88:d2:cc:1c:44:17:c9:af:e8:09:
35:62:62:59:44:3d:51:c0:ed:bd:3f:53:e2:ca:7c:c9:3f:d5:
b5:de:c6:f1:55:cb:62:43:85:ab:b6:3b:ec:17:c7:7e:ce:b9:
b4:35:db:20:fe:08:85:2a:38:16:05:65:1d:8d:c9:f0:26:38:
e9:26:b5:a2:5d:6d:18:77:6e:2f:d1:dc:45:25:47:87:57:ef:
e3:7d:7f:83:b5:e4:b5:31:94:46:0b:0b:6d:95:50:d4:b8:ad:
e3:18:f2:fb:b4:35:79:e6:6f:67:c5:f1:22:76:6a:ee:1d:a3:
b0:05:b9:76:d8:48:b8:12:47:34:40:6a:50:3a:e8:fd:dc:24:
77:d1:d2:f4:05:38:70:10:b2:d0:21:eb:d9:be:03:78:ef:20:
04:0b:d7:c5:a3:55:39:a7:00:4a:e8:0a:5f:e1:dc:9c:a7:a7:
6d:ff:92:af:8c:83:a9:d4:c0:08:7a:58:bf:9d:89:46:65:53:
25:5c:d5:df
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYPvM8lGVjwFqXJztFS/ZEKOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiNzIwNjZkN2U2Y2E4YWQyZmZhNjJhNjliMDY3OTIzYTQy
ZGY5NmYwHhcNMjIxMDE5MDc0NDUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDc4ZDhkZjY5ZGFhMzgyOGM0ZTllZTMyMTFjZTFjNDIyNWM4MjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp6mK3vgaoOUQzD+OpLqX9aVXOGCk
myiqls2ETci0IQ4rTnJQ5ysWIyYAaiYNeZeSnxEP4yv0aM1irU9spQlEeM5neVoo
poeA9M7Yyt03wwataFVEu2+S+6in8p0eaEqXuV8FvBKQQRAjFex2Wwr7z4Esw0JP
w26WjJs8yP79GlKsXd2lqLj9I2ryIhhlQYjAH+mPrAek9cF5tbRbwN23SfHNgS+3
x4BqYOuEeLjpbzk9E6m75jdR/mpUSuQ6npiHKU+piIseZIh9UVb/1pRbDfXhDo6+
wK5jX8lrQJ4YaT0MwjFiEVyafPFLhGJAB6Nds/vYSfIE5vSCj8CpUaXTnwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK142N9p2qOCjE6e4yEc4cQiXII9MB8GA1UdIwQY
MBaAFEtyBm1+bKitL/pippsGeSOkLflvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzNJR2JYNXNxSzB2LW1LbW13WjVJNlF0LVc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9hNjRiMDktNjRkZi00NzBjLWE2NGQt
MWY2OTkxODc3YjI2LzEvclhqWTMybmFvNEtNVHA3aklSemh4Q0pjZ2owLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9hNjRiMDktNjRkZi00NzBjLWE2NGQtMWY2OTkxODc3YjI2
LzEvUzNJR2JYNXNxSzB2LW1LbW13WjVJNlF0LVc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwJFoMA0G
CSqGSIb3DQEBCwUAA4IBAQC01MKDMj7SwCJKPZ5k+xMJqBcilunNSvDGy47Cplfa
ywKI7Eezo76dEgAUNKg6hdvc7OyxizA+h7xfhD0hJIjSzBxEF8mv6Ak1YmJZRD1R
wO29P1PiynzJP9W13sbxVctiQ4WrtjvsF8d+zrm0Ndsg/giFKjgWBWUdjcnwJjjp
JrWiXW0Yd24v0dxFJUeHV+/jfX+DteS1MZRGCwttlVDUuK3jGPL7tDV55m9nxfEi
dmruHaOwBbl22Ei4Ekc0QGpQOuj93CR30dL0BThwELLQIevZvgN47yAEC9fFo1U5
pwBK6Apf4dycp6dt/5KvjIOp1MAIeli/nYlGZVMlXNXf
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:07 2023 by rpki-client on console.sobornost.net