Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/R8rXOz6XRl_INj8qUq5tFUsiqns.roa
File: R8rXOz6XRl_INj8qUq5tFUsiqns.roa (raw, json)
Hash identifier: yc9EUGxPsIaXL5foYbW34DjJmQfIU1AZOgxCPbUHb7c=
Subject key identifier: 47:CA:D7:3B:3E:97:46:5F:C8:36:3F:2A:52:AE:6D:15:4B:22:AA:7B
Certificate issuer: /CN=71bddeaf0f30fbdaf9e75b92ac7d5bd13f285de7
Certificate serial: 01877AE689E56E70818893FECDEF40DE0C3A
Authority key identifier: 71:BD:DE:AF:0F:30:FB:DA:F9:E7:5B:92:AC:7D:5B:D1:3F:28:5D:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cb3erw8w-9r551uSrH1b0T8oXec.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/R8rXOz6XRl_INj8qUq5tFUsiqns.roa
Signing time: Thu 13 Apr 2023 13:55:41 +0000
ROA not before: Thu 13 Apr 2023 13:55:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205552
IP address blocks: 45.142.3.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:7a:e6:89:e5:6e:70:81:88:93:fe:cd:ef:40:de:0c:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71bddeaf0f30fbdaf9e75b92ac7d5bd13f285de7
Validity
Not Before: Apr 13 13:55:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=47cad73b3e97465fc8363f2a52ae6d154b22aa7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:cc:6d:41:6e:2d:62:77:aa:ab:80:81:80:f6:
62:29:7a:20:55:fc:69:57:4a:a1:08:57:74:a4:6b:
6c:22:e2:ba:35:ee:81:59:a4:a6:44:08:c2:12:88:
cf:c9:b8:97:82:07:aa:bd:0e:6a:2e:63:1f:c4:bb:
bb:41:21:53:b8:f6:91:e1:78:19:45:39:f7:b4:6e:
80:fb:ca:e4:b5:3e:6c:ac:c3:8c:de:27:f2:71:c8:
45:33:ea:28:13:70:7e:d9:22:57:ab:9d:4c:c6:bd:
dd:5c:4d:93:77:6e:5e:3e:e1:3e:22:e2:33:b0:bc:
ac:61:cc:67:e8:81:5e:79:5f:76:8b:2a:7a:d6:4f:
67:53:95:ab:0d:8a:2c:a6:fe:a4:63:2b:07:07:89:
86:2c:51:f0:17:c0:74:ed:82:44:dd:e7:e0:11:1b:
a7:db:99:ad:80:f8:47:78:02:b9:19:1e:9c:34:a1:
e5:9c:0f:4d:29:29:e0:33:f2:1d:b9:bf:b5:08:46:
98:17:dc:8f:aa:92:42:df:87:51:4f:c2:26:28:b4:
73:c9:c3:5f:2e:35:69:1b:ea:7e:a5:60:83:56:2b:
bb:38:65:18:ad:9b:9f:67:7e:3e:64:2f:81:73:fa:
60:f8:e6:b5:a2:91:d8:39:37:c7:e6:6e:21:31:7f:
44:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:CA:D7:3B:3E:97:46:5F:C8:36:3F:2A:52:AE:6D:15:4B:22:AA:7B
X509v3 Authority Key Identifier:
keyid:71:BD:DE:AF:0F:30:FB:DA:F9:E7:5B:92:AC:7D:5B:D1:3F:28:5D:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb3erw8w-9r551uSrH1b0T8oXec.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/R8rXOz6XRl_INj8qUq5tFUsiqns.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/cb3erw8w-9r551uSrH1b0T8oXec.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.3.0/24
Signature Algorithm: sha256WithRSAEncryption
77:2c:e6:76:91:ec:e6:de:e0:50:23:5a:12:de:a7:18:7c:f3:
cb:55:f6:25:9a:29:d1:32:b4:9a:7b:b9:a7:bf:88:5b:37:7c:
ec:ce:2d:fc:11:69:df:44:2c:69:e7:bf:58:42:a8:38:5b:1a:
23:1f:aa:ea:ab:80:fa:c3:1d:f8:ab:00:7c:13:e4:b1:a7:d9:
43:38:1c:e5:74:2f:34:6e:9b:a0:21:4d:64:5c:d9:0f:67:db:
a6:17:ce:5f:90:be:6a:cd:0b:d5:84:0a:19:ef:f6:21:67:38:
8c:f4:1e:02:08:31:1d:eb:2d:84:cd:f0:97:b9:ee:3d:0a:90:
5e:df:4d:0e:06:3a:09:fd:92:90:98:be:d7:e1:87:a8:cb:9b:
b0:f1:21:a8:02:1b:a0:b3:6d:b7:25:af:20:d1:42:5e:4c:49:
4c:d1:97:53:0c:1a:f6:0d:e0:a6:c3:3d:ff:5c:6a:4e:f3:81:
51:9c:c0:e4:44:9b:3e:1a:46:2a:03:c4:e8:c8:eb:61:03:47:
23:a4:b6:75:04:f6:5a:91:e9:3e:fe:33:88:d7:65:f9:17:f6:
5c:06:7c:f8:98:34:7d:1a:11:3f:6d:b7:a1:78:4f:c3:84:eb:
b6:4b:73:45:17:10:3a:33:3e:0a:b5:0f:6c:ed:a7:e4:69:a2:
12:fe:3b:05
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYd65onlbnCBiJP+ze9A3gw6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxYmRkZWFmMGYzMGZiZGFmOWU3NWI5MmFjN2Q1YmQxM2Yy
ODVkZTcwHhcNMjMwNDEzMTM1NTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0N2NhZDczYjNlOTc0NjVmYzgzNjNmMmE1MmFlNmQxNTRiMjJhYTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgcxtQW4tYneqq4CBgPZiKXogVfxp
V0qhCFd0pGtsIuK6Ne6BWaSmRAjCEojPybiXggeqvQ5qLmMfxLu7QSFTuPaR4XgZ
RTn3tG6A+8rktT5srMOM3ifycchFM+ooE3B+2SJXq51Mxr3dXE2Td25ePuE+IuIz
sLysYcxn6IFeeV92iyp61k9nU5WrDYospv6kYysHB4mGLFHwF8B07YJE3efgERun
25mtgPhHeAK5GR6cNKHlnA9NKSngM/Idub+1CEaYF9yPqpJC34dRT8ImKLRzycNf
LjVpG+p+pWCDViu7OGUYrZufZ34+ZC+Bc/pg+Oa1opHYOTfH5m4hMX9EyQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEfK1zs+l0ZfyDY/KlKubRVLIqp7MB8GA1UdIwQY
MBaAFHG93q8PMPva+edbkqx9W9E/KF3nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2IzZXJ3OHctOXI1NTF1U3JIMWIwVDhvWGVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS84MTRlYzUtOWU0MS00YjVhLWE2ZmUt
NDc3MjMxMTkxYTM1LzEvUjhyWE96NlhSbF9JTmo4cVVxNXRGVXNpcW5zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS84MTRlYzUtOWU0MS00YjVhLWE2ZmUtNDc3MjMxMTkxYTM1
LzEvY2IzZXJ3OHctOXI1NTF1U3JIMWIwVDhvWGVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALY4DMA0G
CSqGSIb3DQEBCwUAA4IBAQB3LOZ2kezm3uBQI1oS3qcYfPPLVfYlminRMrSae7mn
v4hbN3zszi38EWnfRCxp579YQqg4WxojH6rqq4D6wx34qwB8E+Sxp9lDOBzldC80
bpugIU1kXNkPZ9umF85fkL5qzQvVhAoZ7/YhZziM9B4CCDEd6y2EzfCXue49CpBe
300OBjoJ/ZKQmL7X4Yeoy5uw8SGoAhugs223Ja8g0UJeTElM0ZdTDBr2DeCmwz3/
XGpO84FRnMDkRJs+GkYqA8ToyOthA0cjpLZ1BPZakek+/jOI12X5F/ZcBnz4mDR9
GhE/bbeheE/DhOu2S3NFFxA6Mz4KtQ9s7afkaaIS/jsF
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:21:21 2025 by rpki-client