Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/4aZfcwvoSkEhNdFV6pugUpdO6aQ.roa
File: 4aZfcwvoSkEhNdFV6pugUpdO6aQ.roa (raw, json)
Hash identifier: 7D88DrLmO5tXskxDD/YCvzVF60F8bhKlkMtLozxyc7s=
Subject key identifier: E1:A6:5F:73:0B:E8:4A:41:21:35:D1:55:EA:9B:A0:52:97:4E:E9:A4
Certificate issuer: /CN=0bf543e23e29fb03748d0939726f30fe9affa19e
Certificate serial: 0185726B707AABF9ECCC53A01153E1F63E61
Authority key identifier: 0B:F5:43:E2:3E:29:FB:03:74:8D:09:39:72:6F:30:FE:9A:FF:A1:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C_VD4j4p-wN0jQk5cm8w_pr_oZ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/4aZfcwvoSkEhNdFV6pugUpdO6aQ.roa
Signing time: Mon 02 Jan 2023 12:18:41 +0000
ROA not before: Mon 02 Jan 2023 12:18:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 19318
IP address blocks: 152.89.168.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:6b:70:7a:ab:f9:ec:cc:53:a0:11:53:e1:f6:3e:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0bf543e23e29fb03748d0939726f30fe9affa19e
Validity
Not Before: Jan 2 12:18:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e1a65f730be84a412135d155ea9ba052974ee9a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:6a:13:bc:8e:6c:c1:ba:7c:22:98:c7:2c:07:
84:64:89:09:5b:47:f8:c0:59:62:33:e6:1d:02:41:
57:aa:26:53:8e:1e:74:41:04:b4:fe:d4:f2:e6:d2:
13:2c:92:6e:99:d0:9f:d1:72:6c:31:f1:06:a8:e8:
a4:30:9c:3b:3b:d5:00:dc:8f:9a:81:31:96:1a:e6:
72:88:b1:9a:5d:24:93:c5:f9:28:1c:bf:73:e9:6b:
2c:d6:8f:45:b3:9f:83:8a:f6:65:c1:62:cb:fc:f8:
93:08:ae:09:3f:20:bd:be:c2:54:54:67:51:75:fc:
8c:c9:96:1b:ed:44:f1:95:42:86:78:fd:49:06:ee:
5c:c1:fc:10:f9:a0:15:24:3e:7a:1e:83:4d:3d:9c:
ac:d4:97:c6:ba:52:e5:2b:77:25:bf:fc:2f:5f:67:
bc:09:df:bd:15:3f:33:c7:7e:45:4c:d3:ca:0c:db:
dc:35:18:20:dd:6a:a6:4e:e9:02:de:65:cc:4f:0b:
9d:a8:36:33:22:d9:a4:d7:04:c7:a7:f3:33:76:b3:
82:8f:d3:03:d3:f1:db:5b:ed:8f:b5:91:34:ca:0c:
40:b3:86:29:4c:05:07:27:f2:ee:b8:af:aa:93:16:
6b:88:8f:8f:19:2e:91:7a:bf:43:cc:fa:0d:9a:d0:
01:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:A6:5F:73:0B:E8:4A:41:21:35:D1:55:EA:9B:A0:52:97:4E:E9:A4
X509v3 Authority Key Identifier:
keyid:0B:F5:43:E2:3E:29:FB:03:74:8D:09:39:72:6F:30:FE:9A:FF:A1:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C_VD4j4p-wN0jQk5cm8w_pr_oZ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/4aZfcwvoSkEhNdFV6pugUpdO6aQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/C_VD4j4p-wN0jQk5cm8w_pr_oZ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.168.0/24
Signature Algorithm: sha256WithRSAEncryption
84:6b:55:c3:22:e2:ce:bd:5f:23:00:6d:f6:b9:6e:34:5c:fe:
3b:8a:05:8e:e2:c1:bc:dc:62:6b:94:a2:0f:f2:03:6a:7f:08:
37:e5:c5:5c:31:08:80:4d:44:40:db:fe:07:f0:e3:38:49:3e:
b1:53:ab:09:72:cf:ef:95:f7:b0:9d:55:cd:86:5c:96:e0:6f:
34:35:50:e1:95:f8:f2:5a:03:41:3e:8b:2a:76:88:2f:97:2d:
04:07:a0:ea:08:07:4a:71:28:e9:f3:74:c8:27:f0:00:cf:f6:
3f:35:de:34:bc:56:a2:77:21:91:6c:75:9b:c9:b2:a1:41:44:
17:96:a6:5c:dc:4b:25:f9:74:ef:04:78:7a:15:d3:aa:7b:0f:
98:66:6b:c0:9e:0a:86:a1:66:f7:72:95:2d:8f:a2:12:0c:9e:
35:94:c7:ff:52:a6:ac:55:0a:d8:63:7b:25:d8:d6:0f:62:d4:
8f:26:2a:f5:b4:79:8a:8a:8e:20:f8:a4:5c:75:1e:f9:cc:97:
a4:27:16:66:71:d8:7b:86:43:e2:a2:09:ba:9a:05:7e:65:8d:
6d:eb:1c:7e:34:d8:4c:e9:42:af:ef:69:fc:ae:72:22:a0:a7:
cf:10:08:0f:6a:a7:f0:4c:b3:36:1a:36:5b:b0:b4:6b:64:a7:
9f:52:be:3a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVya3B6q/nszFOgEVPh9j5hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiZjU0M2UyM2UyOWZiMDM3NDhkMDkzOTcyNmYzMGZlOWFm
ZmExOWUwHhcNMjMwMTAyMTIxODQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMWE2NWY3MzBiZTg0YTQxMjEzNWQxNTVlYTliYTA1Mjk3NGVlOWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh2oTvI5swbp8IpjHLAeEZIkJW0f4
wFliM+YdAkFXqiZTjh50QQS0/tTy5tITLJJumdCf0XJsMfEGqOikMJw7O9UA3I+a
gTGWGuZyiLGaXSSTxfkoHL9z6Wss1o9Fs5+DivZlwWLL/PiTCK4JPyC9vsJUVGdR
dfyMyZYb7UTxlUKGeP1JBu5cwfwQ+aAVJD56HoNNPZys1JfGulLlK3clv/wvX2e8
Cd+9FT8zx35FTNPKDNvcNRgg3WqmTukC3mXMTwudqDYzItmk1wTHp/MzdrOCj9MD
0/HbW+2PtZE0ygxAs4YpTAUHJ/LuuK+qkxZriI+PGS6Rer9DzPoNmtABRwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOGmX3ML6EpBITXRVeqboFKXTumkMB8GA1UdIwQY
MBaAFAv1Q+I+KfsDdI0JOXJvMP6a/6GeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ19WRDRqNHAtd04walFrNWNtOHdfcHJfb1o0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9hZmEzNGMtZjNmMC00MDVjLWIwODMt
YTM1ZmM0MzhkNGNhLzEvNGFaZmN3dm9Ta0VoTmRGVjZwdWdVcGRPNmFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9hZmEzNGMtZjNmMC00MDVjLWIwODMtYTM1ZmM0MzhkNGNh
LzEvQ19WRDRqNHAtd04walFrNWNtOHdfcHJfb1o0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmFmoMA0G
CSqGSIb3DQEBCwUAA4IBAQCEa1XDIuLOvV8jAG32uW40XP47igWO4sG83GJrlKIP
8gNqfwg35cVcMQiATURA2/4H8OM4ST6xU6sJcs/vlfewnVXNhlyW4G80NVDhlfjy
WgNBPosqdogvly0EB6DqCAdKcSjp83TIJ/AAz/Y/Nd40vFaidyGRbHWbybKhQUQX
lqZc3Esl+XTvBHh6FdOqew+YZmvAngqGoWb3cpUtj6ISDJ41lMf/UqasVQrYY3sl
2NYPYtSPJir1tHmKio4g+KRcdR75zJekJxZmcdh7hkPiogm6mgV+ZY1t6xx+NNhM
6UKv72n8rnIioKfPEAgPaqfwTLM2GjZbsLRrZKefUr46
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:37:15 2025 by rpki-client