Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/70777b-68b0-42a8-9e9d-e8ada51ee8ff/1/0jjKgSvuG2NYIX9Y4_kyCZY7XRI.roa
File: 0jjKgSvuG2NYIX9Y4_kyCZY7XRI.roa (raw, json)
Hash identifier: xY+GWJxrRDTsSH9JpnKBCgUzH874OBuWl8Rt+1OV8eg=
Subject key identifier: D2:38:CA:81:2B:EE:1B:63:58:21:7F:58:E3:F9:32:09:96:3B:5D:12
Certificate issuer: /CN=4987941e74c1c03e7aba3b878530095eb6fa874e
Certificate serial: 0184EBC44A08F8CE4B6B913846C099AA0B7F
Authority key identifier: 49:87:94:1E:74:C1:C0:3E:7A:BA:3B:87:85:30:09:5E:B6:FA:87:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SYeUHnTBwD56ujuHhTAJXrb6h04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/70777b-68b0-42a8-9e9d-e8ada51ee8ff/1/0jjKgSvuG2NYIX9Y4_kyCZY7XRI.roa
Signing time: Wed 07 Dec 2022 08:47:00 +0000
ROA not before: Wed 07 Dec 2022 08:47:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200736
IP address blocks: 45.66.40.0/22 maxlen: 24
2a10:9300::/29 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:eb:c4:4a:08:f8:ce:4b:6b:91:38:46:c0:99:aa:0b:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4987941e74c1c03e7aba3b878530095eb6fa874e
Validity
Not Before: Dec 7 08:47:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d238ca812bee1b6358217f58e3f93209963b5d12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:d3:95:34:ae:16:87:a7:96:f0:c2:aa:8c:0e:
0e:75:f4:4f:a0:0d:f3:df:8f:ad:c1:bd:e2:26:74:
06:ec:5b:a9:d1:41:38:a5:b6:fe:6f:db:60:fd:ac:
fa:df:46:1e:25:03:d9:69:5b:be:34:a0:1e:33:ed:
ec:49:8c:a5:fe:87:f0:72:99:29:cb:64:08:2a:35:
fc:cd:98:c7:03:bf:62:fc:de:15:ae:71:89:1e:d0:
3a:bc:5b:d2:75:cf:a8:5f:30:66:a5:37:27:f8:cc:
f5:a0:b7:a7:04:43:21:a6:69:5d:7c:ab:4c:be:c8:
58:56:dd:90:81:ce:c1:d0:72:78:b5:92:63:a3:dc:
12:11:43:d1:33:77:ba:51:ac:9f:ed:5e:66:f8:4e:
1e:28:f3:45:ef:18:b3:31:4a:5d:9f:b4:43:36:17:
2f:89:6b:6b:6a:8b:8a:2b:eb:6e:ad:cf:fc:ec:dd:
0f:91:d5:25:b4:89:df:63:e9:c4:e6:bf:14:3c:1c:
ea:01:be:9c:17:5f:a6:16:0e:d7:83:2d:a9:75:af:
7d:56:5f:fd:c7:db:75:74:c4:4c:9f:40:95:d9:9a:
c7:bc:f3:e1:88:24:90:f9:5b:41:88:ba:28:4f:56:
6b:7b:b7:3e:3b:88:85:e6:59:1e:65:a9:09:3d:0a:
de:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:38:CA:81:2B:EE:1B:63:58:21:7F:58:E3:F9:32:09:96:3B:5D:12
X509v3 Authority Key Identifier:
keyid:49:87:94:1E:74:C1:C0:3E:7A:BA:3B:87:85:30:09:5E:B6:FA:87:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SYeUHnTBwD56ujuHhTAJXrb6h04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/70777b-68b0-42a8-9e9d-e8ada51ee8ff/1/0jjKgSvuG2NYIX9Y4_kyCZY7XRI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/70777b-68b0-42a8-9e9d-e8ada51ee8ff/1/SYeUHnTBwD56ujuHhTAJXrb6h04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.40.0/22
IPv6:
2a10:9300::/29
Signature Algorithm: sha256WithRSAEncryption
28:f7:0c:0b:43:aa:22:21:3d:eb:82:43:75:1d:4c:09:9e:54:
53:2a:84:ac:84:84:3f:59:80:ca:1c:b2:d0:57:ba:09:aa:1e:
0c:83:9f:a3:8c:54:9c:f0:f6:03:39:19:c6:ab:64:51:d2:ed:
0f:35:82:ec:fc:64:71:3c:4c:5b:66:4b:b9:19:ed:c5:40:26:
a6:ef:b1:eb:ec:b4:19:33:52:0a:61:81:4b:d5:6a:95:29:99:
b4:fb:06:3d:e7:b2:c6:02:24:cf:0b:1a:32:cb:2e:06:af:77:
9f:16:41:be:2b:0c:7f:60:32:58:f8:06:fc:6a:2f:be:17:7c:
7d:06:21:79:56:0f:3e:25:c7:88:5a:c7:15:99:fe:ee:28:57:
1b:66:3c:e8:07:5e:6c:9d:b9:8b:84:a4:73:36:85:84:4e:52:
53:75:43:5c:78:36:25:aa:77:36:35:d1:7e:be:5c:29:12:ce:
f5:33:2a:99:82:91:b9:e3:d7:70:db:ff:c2:26:4e:34:83:a4:
09:58:b6:60:3f:cc:aa:f1:cd:d2:65:47:7a:b7:cf:80:1d:ba:
48:c2:a3:59:03:10:1e:cf:b3:4d:c1:05:7f:a2:a4:44:8c:57:
1e:60:6c:8a:97:08:29:09:6d:be:81:48:89:a9:4c:2c:55:9a:
c6:bc:5a:bf
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYTrxEoI+M5La5E4RsCZqgt/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ODc5NDFlNzRjMWMwM2U3YWJhM2I4Nzg1MzAwOTVlYjZm
YTg3NGUwHhcNMjIxMjA3MDg0NzAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjM4Y2E4MTJiZWUxYjYzNTgyMTdmNThlM2Y5MzIwOTk2M2I1ZDEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAidOVNK4Wh6eW8MKqjA4OdfRPoA3z
34+twb3iJnQG7Fup0UE4pbb+b9tg/az630YeJQPZaVu+NKAeM+3sSYyl/ofwcpkp
y2QIKjX8zZjHA79i/N4VrnGJHtA6vFvSdc+oXzBmpTcn+Mz1oLenBEMhpmldfKtM
vshYVt2Qgc7B0HJ4tZJjo9wSEUPRM3e6Uayf7V5m+E4eKPNF7xizMUpdn7RDNhcv
iWtraouKK+turc/87N0PkdUltInfY+nE5r8UPBzqAb6cF1+mFg7Xgy2pda99Vl/9
x9t1dMRMn0CV2ZrHvPPhiCSQ+VtBiLooT1Zre7c+O4iF5lkeZakJPQreuQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNI4yoEr7htjWCF/WOP5MgmWO10SMB8GA1UdIwQY
MBaAFEmHlB50wcA+ero7h4UwCV62+odOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1llVUhuVEJ3RDU2dWp1SGhUQUpYcmI2aDA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83MDc3N2ItNjhiMC00MmE4LTllOWQt
ZThhZGE1MWVlOGZmLzEvMGpqS2dTdnVHMk5ZSVg5WTRfa3lDWlk3WFJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83MDc3N2ItNjhiMC00MmE4LTllOWQtZThhZGE1MWVlOGZm
LzEvU1llVUhuVEJ3RDU2dWp1SGhUQUpYcmI2aDA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLUIoMA0E
AgACMAcDBQMqEJMAMA0GCSqGSIb3DQEBCwUAA4IBAQAo9wwLQ6oiIT3rgkN1HUwJ
nlRTKoSshIQ/WYDKHLLQV7oJqh4Mg5+jjFSc8PYDORnGq2RR0u0PNYLs/GRxPExb
Zku5Ge3FQCam77Hr7LQZM1IKYYFL1WqVKZm0+wY957LGAiTPCxoyyy4Gr3efFkG+
Kwx/YDJY+Ab8ai++F3x9BiF5Vg8+JceIWscVmf7uKFcbZjzoB15snbmLhKRzNoWE
TlJTdUNceDYlqnc2NdF+vlwpEs71MyqZgpG549dw2//CJk40g6QJWLZgP8yq8c3S
ZUd6t8+AHbpIwqNZAxAez7NNwQV/oqREjFceYGyKlwgpCW2+gUiJqUwsVZrGvFq/
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:21 2023 by rpki-client on console.sobornost.net