Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/AyScAJiDEqhpzdRQIXvuSCiNK1Y.roa
File: AyScAJiDEqhpzdRQIXvuSCiNK1Y.roa (raw, json)
Hash identifier: S3P8+Aw4MUC0ogSBmd627mt9krAVTwyTFMMdXsB9MAs=
Subject key identifier: 03:24:9C:00:98:83:12:A8:69:CD:D4:50:21:7B:EE:48:28:8D:2B:56
Certificate issuer: /CN=71bddeaf0f30fbdaf9e75b92ac7d5bd13f285de7
Certificate serial: 0186EC052B4BB6F6EFAA4636DCA8826E6366
Authority key identifier: 71:BD:DE:AF:0F:30:FB:DA:F9:E7:5B:92:AC:7D:5B:D1:3F:28:5D:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cb3erw8w-9r551uSrH1b0T8oXec.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/AyScAJiDEqhpzdRQIXvuSCiNK1Y.roa
Signing time: Thu 16 Mar 2023 20:03:27 +0000
ROA not before: Thu 16 Mar 2023 20:03:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15440
IP address blocks: 45.148.145.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:ec:05:2b:4b:b6:f6:ef:aa:46:36:dc:a8:82:6e:63:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71bddeaf0f30fbdaf9e75b92ac7d5bd13f285de7
Validity
Not Before: Mar 16 20:03:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=03249c00988312a869cdd450217bee48288d2b56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:1f:37:06:91:b3:21:e7:b6:79:cd:6e:1d:71:
7d:0b:27:a7:06:f1:24:a0:07:95:c0:e8:01:ad:e8:
27:bb:e2:d4:dc:94:f0:59:95:10:da:2e:ca:1f:16:
5d:3c:bd:b2:36:57:1e:c3:73:01:ee:94:83:07:3e:
18:4f:92:8c:0c:30:f9:7d:6c:3b:3c:22:1a:2b:ee:
b7:24:64:47:54:db:18:c3:b5:73:4a:a8:41:6c:45:
22:d7:92:e6:9f:e3:a5:9b:a0:f2:b7:67:a0:9f:6d:
72:52:bf:7d:62:58:d8:5c:e0:cb:03:44:06:c3:09:
40:e9:8e:38:80:63:38:6e:c6:d8:d2:f7:cf:72:47:
b7:15:ec:d5:27:14:89:59:65:d0:84:fc:2d:6d:10:
5e:d5:6b:6a:90:60:9f:1e:f4:a1:52:36:94:6f:e3:
5a:fb:03:67:77:a2:a7:a6:90:50:74:d2:ac:30:d5:
76:f7:13:bd:a8:5c:40:88:2c:b3:bb:a2:d3:e0:c4:
01:ef:73:93:d0:6a:51:39:c7:f5:b7:e9:e0:56:ce:
69:a8:ec:7e:c3:af:c4:f6:ba:e6:53:38:f1:ab:7b:
94:fb:92:11:33:32:96:e0:d3:c2:66:b9:a4:d0:6a:
e9:01:1b:28:c6:8c:62:cb:1f:ce:f8:cd:8b:7e:4a:
af:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:24:9C:00:98:83:12:A8:69:CD:D4:50:21:7B:EE:48:28:8D:2B:56
X509v3 Authority Key Identifier:
keyid:71:BD:DE:AF:0F:30:FB:DA:F9:E7:5B:92:AC:7D:5B:D1:3F:28:5D:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb3erw8w-9r551uSrH1b0T8oXec.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/AyScAJiDEqhpzdRQIXvuSCiNK1Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/cb3erw8w-9r551uSrH1b0T8oXec.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.148.145.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:b3:3e:9b:0f:52:76:2f:42:8e:77:0f:62:11:91:16:ff:05:
47:eb:da:06:37:b9:25:f7:4f:b1:7a:71:ab:9c:0b:7e:e3:bb:
4c:6b:a7:62:85:fb:23:95:a1:cd:dc:f1:9f:40:88:2c:50:c7:
1f:fc:04:2e:d2:47:1c:67:c5:66:1d:bc:b4:92:f5:9e:a2:51:
c2:51:b4:11:fa:81:0e:95:09:b2:86:77:e6:fd:bf:de:0f:9b:
db:be:e4:f0:cc:6d:ee:2a:fb:6d:15:49:c6:01:b6:39:20:14:
69:03:ef:d7:30:dc:89:b8:ff:43:6c:1a:d1:68:b2:86:fe:b2:
cb:b1:8b:eb:f0:7b:b5:6d:49:16:be:2d:e9:88:78:5a:0a:3c:
ba:a7:92:f9:2a:1c:d9:50:48:ed:ae:55:1c:e4:b4:03:90:d8:
73:83:07:dd:c9:d4:1c:fc:cd:24:22:87:36:70:4d:eb:3d:0c:
63:84:b4:1b:88:d5:8b:3f:03:41:fd:f3:00:b3:ee:ac:3e:76:
31:6e:15:18:0a:8f:6c:a4:50:fe:e3:8b:d6:b0:7e:98:ca:8b:
b5:66:7d:a2:a6:ba:d0:bd:c0:2c:de:ed:9b:b1:60:3b:f3:19:
fc:12:62:f6:9c:bb:60:fa:e1:36:20:a8:12:64:20:69:fd:bd:
da:c5:58:72
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYbsBStLtvbvqkY23KiCbmNmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxYmRkZWFmMGYzMGZiZGFmOWU3NWI5MmFjN2Q1YmQxM2Yy
ODVkZTcwHhcNMjMwMzE2MjAwMzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzI0OWMwMDk4ODMxMmE4NjljZGQ0NTAyMTdiZWU0ODI4OGQyYjU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxB83BpGzIee2ec1uHXF9CyenBvEk
oAeVwOgBregnu+LU3JTwWZUQ2i7KHxZdPL2yNlcew3MB7pSDBz4YT5KMDDD5fWw7
PCIaK+63JGRHVNsYw7VzSqhBbEUi15Lmn+Olm6Dyt2egn21yUr99YljYXODLA0QG
wwlA6Y44gGM4bsbY0vfPcke3FezVJxSJWWXQhPwtbRBe1WtqkGCfHvShUjaUb+Na
+wNnd6KnppBQdNKsMNV29xO9qFxAiCyzu6LT4MQB73OT0GpROcf1t+ngVs5pqOx+
w6/E9rrmUzjxq3uU+5IRMzKW4NPCZrmk0GrpARsoxoxiyx/O+M2LfkqvIQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAMknACYgxKoac3UUCF77kgojStWMB8GA1UdIwQY
MBaAFHG93q8PMPva+edbkqx9W9E/KF3nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2IzZXJ3OHctOXI1NTF1U3JIMWIwVDhvWGVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS84MTRlYzUtOWU0MS00YjVhLWE2ZmUt
NDc3MjMxMTkxYTM1LzEvQXlTY0FKaURFcWhwemRSUUlYdnVTQ2lOSzFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS84MTRlYzUtOWU0MS00YjVhLWE2ZmUtNDc3MjMxMTkxYTM1
LzEvY2IzZXJ3OHctOXI1NTF1U3JIMWIwVDhvWGVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZSRMA0G
CSqGSIb3DQEBCwUAA4IBAQB+sz6bD1J2L0KOdw9iEZEW/wVH69oGN7kl90+xenGr
nAt+47tMa6dihfsjlaHN3PGfQIgsUMcf/AQu0kccZ8VmHby0kvWeolHCUbQR+oEO
lQmyhnfm/b/eD5vbvuTwzG3uKvttFUnGAbY5IBRpA+/XMNyJuP9DbBrRaLKG/rLL
sYvr8Hu1bUkWvi3piHhaCjy6p5L5KhzZUEjtrlUc5LQDkNhzgwfdydQc/M0kIoc2
cE3rPQxjhLQbiNWLPwNB/fMAs+6sPnYxbhUYCo9spFD+44vWsH6Yyou1Zn2iprrQ
vcAs3u2bsWA78xn8EmL2nLtg+uE2IKgSZCBp/b3axVhy
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:17:16 2025 by rpki-client