Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ab9e70-489a-4088-b28e-e68f6cf2c0d2/1/gKesMWpSarnbngb8w5Os52DZFWQ.roa
File: gKesMWpSarnbngb8w5Os52DZFWQ.roa (raw, json)
Hash identifier: 4CmbGLCURSRZbQ03XLbk9ORGhajfWo969q9Og6WVNLo=
Subject key identifier: 80:A7:AC:31:6A:52:6A:B9:DB:9E:06:FC:C3:93:AC:E7:60:D9:15:64
Certificate issuer: /CN=baaa7b4c01e929c38923981ab51c9727a1f9f07e
Certificate serial: 01856C783D40498A64FBCFE86533A8A216B5
Authority key identifier: BA:AA:7B:4C:01:E9:29:C3:89:23:98:1A:B5:1C:97:27:A1:F9:F0:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uqp7TAHpKcOJI5gatRyXJ6H58H4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ab9e70-489a-4088-b28e-e68f6cf2c0d2/1/gKesMWpSarnbngb8w5Os52DZFWQ.roa
Signing time: Sun 01 Jan 2023 08:34:57 +0000
ROA not before: Sun 01 Jan 2023 08:34:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 268624
IP address blocks: 45.141.214.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:78:3d:40:49:8a:64:fb:cf:e8:65:33:a8:a2:16:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=baaa7b4c01e929c38923981ab51c9727a1f9f07e
Validity
Not Before: Jan 1 08:34:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=80a7ac316a526ab9db9e06fcc393ace760d91564
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:15:29:c4:8b:4b:e3:d7:74:89:07:e7:39:b3:
db:af:d1:85:41:5f:85:2e:0e:ec:f6:46:e5:90:08:
06:5b:15:ba:ed:a7:66:34:59:5d:86:81:ea:5d:69:
f0:86:8a:9b:d1:cb:e8:ad:12:7c:15:c0:ec:9f:81:
07:ba:39:af:e7:28:87:f6:4d:81:6f:e8:73:57:35:
d0:1b:f9:d6:fc:d2:d4:86:97:27:b0:56:b4:6f:4e:
f3:5b:9e:e9:6f:0c:85:19:4c:17:2b:33:bc:d8:6f:
59:38:6a:3e:52:a7:73:63:ca:39:a2:6d:a9:3d:f4:
8e:a4:28:7b:21:1d:d9:a4:de:7f:e0:a5:34:c0:52:
a3:a9:d5:ca:ff:c4:fc:25:35:41:2a:14:da:3c:e9:
05:63:0b:af:f9:af:52:95:98:25:81:59:03:f6:c7:
f0:01:64:4b:dc:99:d4:22:f0:32:92:5a:90:f6:33:
25:7c:3a:93:e3:b6:8f:62:c0:75:05:5f:8e:89:f2:
d0:83:b0:0e:61:c5:6d:c7:02:a4:0f:07:25:c7:da:
34:ba:8a:c6:80:f9:1e:66:27:5f:17:b0:2b:bc:2a:
0c:87:a3:1a:03:c2:85:d3:fd:33:16:5a:26:2d:fd:
65:4b:71:34:3f:a3:ba:83:c1:b6:7c:67:40:01:11:
4c:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:A7:AC:31:6A:52:6A:B9:DB:9E:06:FC:C3:93:AC:E7:60:D9:15:64
X509v3 Authority Key Identifier:
keyid:BA:AA:7B:4C:01:E9:29:C3:89:23:98:1A:B5:1C:97:27:A1:F9:F0:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uqp7TAHpKcOJI5gatRyXJ6H58H4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ab9e70-489a-4088-b28e-e68f6cf2c0d2/1/gKesMWpSarnbngb8w5Os52DZFWQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ab9e70-489a-4088-b28e-e68f6cf2c0d2/1/uqp7TAHpKcOJI5gatRyXJ6H58H4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.214.0/24
Signature Algorithm: sha256WithRSAEncryption
ba:50:b4:04:12:86:2d:db:8e:e4:4e:c5:27:98:05:aa:49:fe:
d4:5a:07:05:f6:96:52:d6:4e:ac:54:6e:14:e7:e3:83:c0:67:
50:6d:f5:37:9b:eb:a0:0d:23:d6:aa:1e:0b:00:70:27:4a:2c:
bb:27:b5:d7:5f:a7:0c:b1:8a:ac:8f:48:2e:d3:20:38:df:a8:
1a:24:6d:91:02:20:0f:4c:4f:b1:59:41:03:b8:64:59:67:9f:
9f:90:b1:99:a7:0c:ea:e7:cb:a5:76:44:57:fa:63:eb:c5:18:
70:3a:de:3a:ab:c6:76:7b:8a:cb:2c:90:23:81:d5:d0:e2:23:
ec:1d:d8:27:01:21:40:a5:e6:d0:a6:fa:94:1d:40:48:28:f2:
4c:04:05:4c:c3:bb:75:8f:9b:71:47:42:62:17:6e:3b:03:95:
25:6c:e2:71:10:cc:e6:c2:9e:81:29:f1:e9:75:d7:c3:00:06:
c8:08:71:4f:64:76:2b:01:63:8d:b2:ec:0e:62:e2:67:d5:f0:
89:2c:94:76:e5:5c:fc:b8:ce:6e:43:88:20:a5:7f:3a:30:cd:
5a:16:3c:a7:cb:54:01:f8:3a:37:2c:ef:08:32:18:e5:91:3a:
aa:d5:f6:6b:fb:aa:94:05:10:42:9b:14:19:50:9d:ee:3d:5c:
a7:ba:b3:32
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVseD1ASYpk+8/oZTOooha1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYWE3YjRjMDFlOTI5YzM4OTIzOTgxYWI1MWM5NzI3YTFm
OWYwN2UwHhcNMjMwMTAxMDgzNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGE3YWMzMTZhNTI2YWI5ZGI5ZTA2ZmNjMzkzYWNlNzYwZDkxNTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmhUpxItL49d0iQfnObPbr9GFQV+F
Lg7s9kblkAgGWxW67admNFldhoHqXWnwhoqb0cvorRJ8FcDsn4EHujmv5yiH9k2B
b+hzVzXQG/nW/NLUhpcnsFa0b07zW57pbwyFGUwXKzO82G9ZOGo+UqdzY8o5om2p
PfSOpCh7IR3ZpN5/4KU0wFKjqdXK/8T8JTVBKhTaPOkFYwuv+a9SlZglgVkD9sfw
AWRL3JnUIvAyklqQ9jMlfDqT47aPYsB1BV+OifLQg7AOYcVtxwKkDwclx9o0uorG
gPkeZidfF7ArvCoMh6MaA8KF0/0zFlomLf1lS3E0P6O6g8G2fGdAARFMSwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFICnrDFqUmq5254G/MOTrOdg2RVkMB8GA1UdIwQY
MBaAFLqqe0wB6SnDiSOYGrUclyeh+fB+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXFwN1RBSHBLY09KSTVnYXRSeVhKNkg1OEg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYjllNzAtNDg5YS00MDg4LWIyOGUt
ZTY4ZjZjZjJjMGQyLzEvZ0tlc01XcFNhcm5ibmdiOHc1T3M1MkRaRldRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYjllNzAtNDg5YS00MDg4LWIyOGUtZTY4ZjZjZjJjMGQy
LzEvdXFwN1RBSHBLY09KSTVnYXRSeVhKNkg1OEg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALY3WMA0G
CSqGSIb3DQEBCwUAA4IBAQC6ULQEEoYt247kTsUnmAWqSf7UWgcF9pZS1k6sVG4U
5+ODwGdQbfU3m+ugDSPWqh4LAHAnSiy7J7XXX6cMsYqsj0gu0yA436gaJG2RAiAP
TE+xWUEDuGRZZ5+fkLGZpwzq58uldkRX+mPrxRhwOt46q8Z2e4rLLJAjgdXQ4iPs
HdgnASFApebQpvqUHUBIKPJMBAVMw7t1j5txR0JiF247A5UlbOJxEMzmwp6BKfHp
ddfDAAbICHFPZHYrAWONsuwOYuJn1fCJLJR25Vz8uM5uQ4ggpX86MM1aFjyny1QB
+Do3LO8IMhjlkTqq1fZr+6qUBRBCmxQZUJ3uPVynurMy
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:43:51 2025 by rpki-client