Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/702b28-e158-40c0-8330-24fddc6d147b/1/l0A1O59-OQjtpVtuPFdwNWiwRj0.roa
File: l0A1O59-OQjtpVtuPFdwNWiwRj0.roa (raw, json)
Hash identifier: N54CDwLDGNzptdlNSKW5W6PtZnzOhA0PJ3U17cTSrq4=
Subject key identifier: 97:40:35:3B:9F:7E:39:08:ED:A5:5B:6E:3C:57:70:35:68:B0:46:3D
Certificate issuer: /CN=1c7b06bf41300dc4d30f3d0e180c9b95d2bcddff
Certificate serial: 01856D01CEF95B856318233456607968841B
Authority key identifier: 1C:7B:06:BF:41:30:0D:C4:D3:0F:3D:0E:18:0C:9B:95:D2:BC:DD:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HHsGv0EwDcTTDz0OGAybldK83f8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/702b28-e158-40c0-8330-24fddc6d147b/1/l0A1O59-OQjtpVtuPFdwNWiwRj0.roa
Signing time: Sun 01 Jan 2023 11:05:13 +0000
ROA not before: Sun 01 Jan 2023 11:05:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205379
IP address blocks: 145.14.7.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:01:ce:f9:5b:85:63:18:23:34:56:60:79:68:84:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c7b06bf41300dc4d30f3d0e180c9b95d2bcddff
Validity
Not Before: Jan 1 11:05:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9740353b9f7e3908eda55b6e3c57703568b0463d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:0c:8d:0e:87:cd:fb:90:42:be:c7:40:6d:75:
32:05:30:19:d3:18:13:4a:8b:6c:b0:ea:c4:ec:94:
3d:2c:3c:11:f5:da:f3:fc:84:5e:cb:3d:7f:db:ef:
97:e8:8a:74:1a:ef:77:60:78:13:f7:cc:5e:53:b8:
d2:89:ac:30:db:02:63:ab:e2:17:00:05:4f:72:4d:
f6:5d:61:18:bc:a9:27:3a:38:13:1a:18:4e:e2:f1:
b9:a2:35:65:9d:e9:58:69:2a:97:11:b1:58:6c:54:
77:f1:8e:93:c8:cd:e4:57:e4:da:87:7c:51:5d:92:
f7:00:99:8d:3b:0d:79:e5:41:e0:90:66:b6:ae:55:
cf:e7:20:eb:c1:47:70:95:ae:46:46:89:2a:88:a2:
4f:66:60:8c:4b:8c:b4:9d:c1:25:45:c3:54:04:a6:
ae:0a:8c:b9:c1:bd:c0:71:93:43:57:da:fb:ba:ee:
d9:08:77:b7:d1:10:46:24:29:c3:64:ed:e3:c6:fa:
00:8a:c9:65:37:18:db:29:6c:19:03:46:50:fb:b6:
8b:88:27:97:1a:b1:30:1d:3c:3b:3f:e6:88:5d:06:
da:5a:c9:fd:a5:bf:ee:a1:5d:8d:c6:3d:de:a7:31:
95:b6:8c:38:05:62:11:88:e7:65:ad:1b:74:10:73:
cc:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:40:35:3B:9F:7E:39:08:ED:A5:5B:6E:3C:57:70:35:68:B0:46:3D
X509v3 Authority Key Identifier:
keyid:1C:7B:06:BF:41:30:0D:C4:D3:0F:3D:0E:18:0C:9B:95:D2:BC:DD:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HHsGv0EwDcTTDz0OGAybldK83f8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/702b28-e158-40c0-8330-24fddc6d147b/1/l0A1O59-OQjtpVtuPFdwNWiwRj0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/702b28-e158-40c0-8330-24fddc6d147b/1/HHsGv0EwDcTTDz0OGAybldK83f8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.14.7.0/24
Signature Algorithm: sha256WithRSAEncryption
12:75:6c:41:0b:8d:b2:9f:79:8c:d5:4b:4e:a5:fa:3f:0f:ca:
63:d6:63:24:df:dc:c1:06:4b:32:2b:a5:db:a5:ca:f7:16:d9:
c5:d0:41:6d:49:6c:8f:d0:6c:0c:b1:af:cd:e5:41:df:58:39:
81:00:87:17:c4:74:b9:35:ae:a2:e6:39:8f:b5:33:26:df:d9:
a9:3c:41:2f:c8:56:84:81:51:53:02:3c:6b:2f:b9:9d:3f:3e:
09:0d:2b:5d:db:92:69:c7:86:c7:41:6f:a8:5d:fc:47:1a:77:
34:e2:6c:ff:02:a8:9d:e9:ec:68:d6:a7:e5:e7:8b:b2:f8:9f:
9e:44:1c:62:86:c1:a8:cd:de:c4:8d:ef:43:14:61:a9:c8:11:
7f:6e:05:1b:e9:61:76:eb:c9:fa:39:7a:02:42:2d:0e:57:7f:
81:26:63:b8:ba:e1:0a:45:68:56:42:8d:4c:ea:13:b1:d4:e0:
9d:15:8b:2e:f9:76:7e:68:69:11:82:1a:88:60:f6:a0:3b:da:
64:b9:92:67:1a:a5:94:ff:05:87:1d:b9:b8:fd:84:21:2e:44:
a0:a8:28:13:3f:c4:9f:ac:c0:af:b2:3d:94:49:8c:68:07:da:
11:d8:69:47:6c:e4:f5:a6:ca:36:09:61:89:c5:16:04:01:bf:
48:03:1e:15
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtAc75W4VjGCM0VmB5aIQbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjN2IwNmJmNDEzMDBkYzRkMzBmM2QwZTE4MGM5Yjk1ZDJi
Y2RkZmYwHhcNMjMwMTAxMTEwNTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzQwMzUzYjlmN2UzOTA4ZWRhNTViNmUzYzU3NzAzNTY4YjA0NjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQyNDofN+5BCvsdAbXUyBTAZ0xgT
SotssOrE7JQ9LDwR9drz/IReyz1/2++X6Ip0Gu93YHgT98xeU7jSiaww2wJjq+IX
AAVPck32XWEYvKknOjgTGhhO4vG5ojVlnelYaSqXEbFYbFR38Y6TyM3kV+Tah3xR
XZL3AJmNOw155UHgkGa2rlXP5yDrwUdwla5GRokqiKJPZmCMS4y0ncElRcNUBKau
Coy5wb3AcZNDV9r7uu7ZCHe30RBGJCnDZO3jxvoAisllNxjbKWwZA0ZQ+7aLiCeX
GrEwHTw7P+aIXQbaWsn9pb/uoV2Nxj3epzGVtow4BWIRiOdlrRt0EHPMMwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJdANTuffjkI7aVbbjxXcDVosEY9MB8GA1UdIwQY
MBaAFBx7Br9BMA3E0w89DhgMm5XSvN3/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEhzR3YwRXdEY1RURHowT0dBeWJsZEs4M2Y4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS83MDJiMjgtZTE1OC00MGMwLTgzMzAt
MjRmZGRjNmQxNDdiLzEvbDBBMU81OS1PUWp0cFZ0dVBGZHdOV2l3UmowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS83MDJiMjgtZTE1OC00MGMwLTgzMzAtMjRmZGRjNmQxNDdi
LzEvSEhzR3YwRXdEY1RURHowT0dBeWJsZEs4M2Y4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkQ4HMA0G
CSqGSIb3DQEBCwUAA4IBAQASdWxBC42yn3mM1UtOpfo/D8pj1mMk39zBBksyK6Xb
pcr3FtnF0EFtSWyP0GwMsa/N5UHfWDmBAIcXxHS5Na6i5jmPtTMm39mpPEEvyFaE
gVFTAjxrL7mdPz4JDStd25Jpx4bHQW+oXfxHGnc04mz/Aqid6exo1qfl54uy+J+e
RBxihsGozd7Eje9DFGGpyBF/bgUb6WF268n6OXoCQi0OV3+BJmO4uuEKRWhWQo1M
6hOx1OCdFYsu+XZ+aGkRghqIYPagO9pkuZJnGqWU/wWHHbm4/YQhLkSgqCgTP8Sf
rMCvsj2USYxoB9oR2GlHbOT1pso2CWGJxRYEAb9IAx4V
-----END CERTIFICATE-----
Generated at Tue Apr 8 07:48:53 2025 by rpki-client