Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/RHBFlwFIKv7PBb7ILK9nFXK5UHw.roa
File: RHBFlwFIKv7PBb7ILK9nFXK5UHw.roa (raw, json)
Hash identifier: tsLBo7emyF7i+fv5EXhYN93RSICqnDH3xAyf8qzTbfQ=
Subject key identifier: 44:70:45:97:01:48:2A:FE:CF:05:BE:C8:2C:AF:67:15:72:B9:50:7C
Certificate issuer: /CN=71bddeaf0f30fbdaf9e75b92ac7d5bd13f285de7
Certificate serial: 0187A49417B7461113AB069CC2BB46CF82AF
Authority key identifier: 71:BD:DE:AF:0F:30:FB:DA:F9:E7:5B:92:AC:7D:5B:D1:3F:28:5D:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cb3erw8w-9r551uSrH1b0T8oXec.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/RHBFlwFIKv7PBb7ILK9nFXK5UHw.roa
Signing time: Fri 21 Apr 2023 16:09:41 +0000
ROA not before: Fri 21 Apr 2023 16:09:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198789
IP address blocks: 45.142.3.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:a4:94:17:b7:46:11:13:ab:06:9c:c2:bb:46:cf:82:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71bddeaf0f30fbdaf9e75b92ac7d5bd13f285de7
Validity
Not Before: Apr 21 16:09:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4470459701482afecf05bec82caf671572b9507c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:8b:32:1a:b7:99:26:c7:db:99:4b:8d:e0:cd:
99:bd:65:85:4c:a0:22:ed:d0:78:60:b1:e2:87:c1:
d6:45:27:9c:a9:b7:da:63:8f:82:6b:d4:c1:65:ce:
10:52:24:82:e2:c9:1c:b5:8a:94:47:f4:44:c8:46:
1b:21:c6:4c:45:37:de:de:73:3d:b2:1b:3b:eb:b5:
cb:77:3b:b5:a9:25:c7:73:6b:89:22:29:be:2f:37:
94:01:18:22:93:00:86:e3:d6:59:54:98:ee:c7:57:
f5:21:7f:35:ba:7f:f2:94:08:f4:fc:ec:ee:f5:81:
d2:09:44:09:1c:32:2a:5e:e6:b1:53:dd:fc:d4:a5:
99:c8:92:58:8c:d8:2f:73:c9:fa:61:00:c9:91:33:
16:0d:c0:33:04:62:11:75:b5:f9:62:f3:f5:fe:40:
81:ce:b8:7e:07:3d:81:e2:f7:0b:e8:eb:1d:4e:c7:
9d:5b:4d:5c:31:4b:f6:f4:5a:21:f4:62:56:cd:95:
11:6c:60:31:99:c9:69:d5:e1:2b:4e:7d:43:af:54:
bf:7d:21:e9:a9:e1:63:3d:07:85:7a:58:95:78:ef:
37:50:e4:29:09:be:9d:3d:b6:78:f0:a6:4a:a8:42:
19:b5:b5:fc:3d:a0:ad:3b:d3:03:34:11:a8:e2:b2:
64:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:70:45:97:01:48:2A:FE:CF:05:BE:C8:2C:AF:67:15:72:B9:50:7C
X509v3 Authority Key Identifier:
keyid:71:BD:DE:AF:0F:30:FB:DA:F9:E7:5B:92:AC:7D:5B:D1:3F:28:5D:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb3erw8w-9r551uSrH1b0T8oXec.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/RHBFlwFIKv7PBb7ILK9nFXK5UHw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/cb3erw8w-9r551uSrH1b0T8oXec.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.3.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:5a:76:88:a5:fe:dc:19:f7:ed:a5:83:8c:d8:c8:c2:e3:0d:
c4:82:15:19:72:bc:70:48:89:ee:2a:b9:54:8f:b5:b1:9b:e9:
f4:3f:14:91:19:cf:7b:61:1e:11:6f:89:ed:43:59:17:9b:18:
3e:75:e0:69:71:11:7b:a8:3b:ea:a8:6b:9e:a5:4f:9b:86:36:
46:10:c2:58:1c:a5:dd:60:17:79:35:40:c5:33:55:c2:e6:82:
02:dd:5f:48:e3:8d:7a:70:c9:5b:69:2c:76:04:04:78:9e:a5:
ac:5d:5f:20:d7:05:c8:d6:be:d5:d5:fa:72:fd:d5:78:bd:bd:
87:8b:74:d5:ec:39:ea:a3:8b:d3:ac:3b:e2:45:72:60:c2:0a:
01:7f:8c:bb:05:44:cb:5b:9d:59:a8:f1:be:d0:3f:e6:82:8b:
00:d4:08:65:66:cc:cd:98:e6:90:3e:43:88:0f:f7:78:56:16:
4b:e9:61:8d:36:8a:0f:5b:dc:79:54:39:e9:c7:17:14:84:61:
61:61:4a:1a:04:b6:30:10:42:b1:db:72:55:58:69:86:8a:22:
99:58:d8:46:5b:c8:41:c6:48:5b:c1:e4:07:2b:d4:ad:6e:40:
92:74:74:6e:1c:98:c1:78:cb:0e:61:6d:a6:9b:f6:cc:af:c5:
5f:40:aa:0e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYeklBe3RhETqwacwrtGz4KvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxYmRkZWFmMGYzMGZiZGFmOWU3NWI5MmFjN2Q1YmQxM2Yy
ODVkZTcwHhcNMjMwNDIxMTYwOTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDcwNDU5NzAxNDgyYWZlY2YwNWJlYzgyY2FmNjcxNTcyYjk1MDdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh4syGreZJsfbmUuN4M2ZvWWFTKAi
7dB4YLHih8HWRSecqbfaY4+Ca9TBZc4QUiSC4skctYqUR/REyEYbIcZMRTfe3nM9
shs767XLdzu1qSXHc2uJIim+LzeUARgikwCG49ZZVJjux1f1IX81un/ylAj0/Ozu
9YHSCUQJHDIqXuaxU9381KWZyJJYjNgvc8n6YQDJkTMWDcAzBGIRdbX5YvP1/kCB
zrh+Bz2B4vcL6OsdTsedW01cMUv29Foh9GJWzZURbGAxmclp1eErTn1Dr1S/fSHp
qeFjPQeFeliVeO83UOQpCb6dPbZ48KZKqEIZtbX8PaCtO9MDNBGo4rJkAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFERwRZcBSCr+zwW+yCyvZxVyuVB8MB8GA1UdIwQY
MBaAFHG93q8PMPva+edbkqx9W9E/KF3nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2IzZXJ3OHctOXI1NTF1U3JIMWIwVDhvWGVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS84MTRlYzUtOWU0MS00YjVhLWE2ZmUt
NDc3MjMxMTkxYTM1LzEvUkhCRmx3RklLdjdQQmI3SUxLOW5GWEs1VUh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS84MTRlYzUtOWU0MS00YjVhLWE2ZmUtNDc3MjMxMTkxYTM1
LzEvY2IzZXJ3OHctOXI1NTF1U3JIMWIwVDhvWGVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALY4DMA0G
CSqGSIb3DQEBCwUAA4IBAQBMWnaIpf7cGfftpYOM2MjC4w3EghUZcrxwSInuKrlU
j7Wxm+n0PxSRGc97YR4Rb4ntQ1kXmxg+deBpcRF7qDvqqGuepU+bhjZGEMJYHKXd
YBd5NUDFM1XC5oIC3V9I4416cMlbaSx2BAR4nqWsXV8g1wXI1r7V1fpy/dV4vb2H
i3TV7Dnqo4vTrDviRXJgwgoBf4y7BUTLW51ZqPG+0D/mgosA1AhlZszNmOaQPkOI
D/d4VhZL6WGNNooPW9x5VDnpxxcUhGFhYUoaBLYwEEKx23JVWGmGiiKZWNhGW8hB
xkhbweQHK9StbkCSdHRuHJjBeMsOYW2mm/bMr8VfQKoO
-----END CERTIFICATE-----
Generated at Thu Apr 17 13:36:37 2025 by rpki-client