Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/7583cb-d31e-4e03-b14b-b20e28f5188f/1/rqBTZkQTvg9Z45sOScf8mtW45XE.roa
File: rqBTZkQTvg9Z45sOScf8mtW45XE.roa (raw, json)
Hash identifier: 3UHIPRPFvsoVwn3jLmeKM/Qpe8NQ1SKKRDoNPn/MyqQ=
Subject key identifier: AE:A0:53:66:44:13:BE:0F:59:E3:9B:0E:49:C7:FC:9A:D5:B8:E5:71
Certificate issuer: /CN=3a0b05f40a6916394782302d1b5660737257a48b
Certificate serial: 01856D819D123269437491F621CC24CD538A
Authority key identifier: 3A:0B:05:F4:0A:69:16:39:47:82:30:2D:1B:56:60:73:72:57:A4:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OgsF9AppFjlHgjAtG1Zgc3JXpIs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/7583cb-d31e-4e03-b14b-b20e28f5188f/1/rqBTZkQTvg9Z45sOScf8mtW45XE.roa
Signing time: Sun 01 Jan 2023 13:24:48 +0000
ROA not before: Sun 01 Jan 2023 13:24:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207459
IP address blocks: 45.158.15.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:81:9d:12:32:69:43:74:91:f6:21:cc:24:cd:53:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a0b05f40a6916394782302d1b5660737257a48b
Validity
Not Before: Jan 1 13:24:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aea053664413be0f59e39b0e49c7fc9ad5b8e571
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:7a:14:4c:23:53:41:8d:0f:7f:13:84:47:02:
b4:8f:4c:a6:16:95:01:b0:4a:c1:81:ac:2d:5f:71:
16:e9:e3:63:11:d7:81:1d:33:6f:95:23:0d:e0:d2:
6d:64:88:45:5f:39:77:ee:d9:8c:60:2b:5f:19:5f:
ee:cb:04:80:74:e2:38:22:11:7e:a7:53:ab:89:f8:
37:35:7f:d6:55:a9:ef:12:1c:58:f6:17:81:57:c6:
9e:fb:1c:93:c4:10:c8:15:40:67:9c:0c:4e:16:59:
2b:31:6f:b3:a5:af:61:00:ac:e2:27:8d:d0:35:cc:
6d:fa:9b:63:e9:2c:8e:ff:35:5a:9b:ea:9e:63:52:
c3:4b:97:07:1f:ec:87:d6:93:26:1f:bb:f2:48:af:
eb:b3:ce:77:05:02:45:53:94:4b:a0:d6:7a:7b:85:
00:0d:4e:19:7b:42:60:58:f2:66:61:3a:f6:3d:e2:
c0:f2:1d:30:ff:f8:dc:c0:7b:97:31:64:02:c5:b5:
7f:79:1e:8c:24:3f:bc:84:ae:9d:f5:49:77:52:42:
b5:eb:bc:9e:d1:09:cd:53:76:35:7e:6f:dd:a8:83:
89:55:2c:ae:60:c2:47:d2:16:ce:58:75:66:54:a4:
a0:0e:39:71:7a:8e:91:d4:bc:c1:57:85:00:77:23:
0c:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:A0:53:66:44:13:BE:0F:59:E3:9B:0E:49:C7:FC:9A:D5:B8:E5:71
X509v3 Authority Key Identifier:
keyid:3A:0B:05:F4:0A:69:16:39:47:82:30:2D:1B:56:60:73:72:57:A4:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OgsF9AppFjlHgjAtG1Zgc3JXpIs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/7583cb-d31e-4e03-b14b-b20e28f5188f/1/rqBTZkQTvg9Z45sOScf8mtW45XE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/7583cb-d31e-4e03-b14b-b20e28f5188f/1/OgsF9AppFjlHgjAtG1Zgc3JXpIs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.158.15.0/24
Signature Algorithm: sha256WithRSAEncryption
40:49:cf:27:45:e1:55:58:d4:00:e3:a3:2b:ca:de:b3:68:da:
b0:18:07:c8:c4:b3:cd:3a:75:8a:cb:a7:65:f0:6f:a2:58:2b:
fe:37:b2:ce:8e:07:ac:3f:af:c1:81:ac:35:76:af:17:ce:22:
af:2a:88:0a:ef:04:43:cc:b0:99:6a:c6:f2:5b:3c:b1:2b:33:
a8:90:c6:b0:80:37:9d:e4:b6:74:45:b6:ac:91:a5:3d:d2:4e:
94:e4:b2:da:a3:ee:52:59:2b:16:0a:50:0c:06:3f:ed:a3:a4:
26:31:29:3e:db:de:80:31:f0:18:2f:f3:7c:50:24:6c:42:30:
0c:47:23:00:2d:2c:20:86:87:4e:1d:06:75:ff:07:e4:7d:a0:
37:3d:ff:89:82:16:9e:e1:28:b1:2b:d8:7a:d9:95:68:08:23:
28:92:d9:86:38:1a:38:28:eb:bb:cf:7b:ac:8e:e9:2f:4c:d1:
68:37:10:be:8c:65:38:57:d0:0b:c5:71:00:4b:a2:f5:18:a7:
cf:b8:05:0b:cb:8f:88:d3:01:8f:51:33:81:f4:91:a7:cf:aa:
50:85:9b:17:2e:34:55:ed:66:54:fb:a4:16:66:d4:9e:c1:e5:
d3:6e:54:e2:82:98:80:92:83:0b:30:4d:8e:8b:ad:c4:2f:40:
0d:31:90:02
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtgZ0SMmlDdJH2IcwkzVOKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhMGIwNWY0MGE2OTE2Mzk0NzgyMzAyZDFiNTY2MDczNzI1
N2E0OGIwHhcNMjMwMTAxMTMyNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWEwNTM2NjQ0MTNiZTBmNTllMzliMGU0OWM3ZmM5YWQ1YjhlNTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApXoUTCNTQY0PfxOERwK0j0ymFpUB
sErBgawtX3EW6eNjEdeBHTNvlSMN4NJtZIhFXzl37tmMYCtfGV/uywSAdOI4IhF+
p1Orifg3NX/WVanvEhxY9heBV8ae+xyTxBDIFUBnnAxOFlkrMW+zpa9hAKziJ43Q
Ncxt+ptj6SyO/zVam+qeY1LDS5cHH+yH1pMmH7vySK/rs853BQJFU5RLoNZ6e4UA
DU4Ze0JgWPJmYTr2PeLA8h0w//jcwHuXMWQCxbV/eR6MJD+8hK6d9Ul3UkK167ye
0QnNU3Y1fm/dqIOJVSyuYMJH0hbOWHVmVKSgDjlxeo6R1LzBV4UAdyMMGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK6gU2ZEE74PWeObDknH/JrVuOVxMB8GA1UdIwQY
MBaAFDoLBfQKaRY5R4IwLRtWYHNyV6SLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2dzRjlBcHBGamxIZ2pBdEcxWmdjM0pYcElzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC83NTgzY2ItZDMxZS00ZTAzLWIxNGIt
YjIwZTI4ZjUxODhmLzEvcnFCVFprUVR2ZzlaNDVzT1NjZjhtdFc0NVhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC83NTgzY2ItZDMxZS00ZTAzLWIxNGItYjIwZTI4ZjUxODhm
LzEvT2dzRjlBcHBGamxIZ2pBdEcxWmdjM0pYcElzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZ4PMA0G
CSqGSIb3DQEBCwUAA4IBAQBASc8nReFVWNQA46Mryt6zaNqwGAfIxLPNOnWKy6dl
8G+iWCv+N7LOjgesP6/Bgaw1dq8XziKvKogK7wRDzLCZasbyWzyxKzOokMawgDed
5LZ0RbaskaU90k6U5LLao+5SWSsWClAMBj/to6QmMSk+296AMfAYL/N8UCRsQjAM
RyMALSwghodOHQZ1/wfkfaA3Pf+Jghae4SixK9h62ZVoCCMoktmGOBo4KOu7z3us
jukvTNFoNxC+jGU4V9ALxXEAS6L1GKfPuAULy4+I0wGPUTOB9JGnz6pQhZsXLjRV
7WZU+6QWZtSeweXTblTigpiAkoMLME2Oi63EL0ANMZAC
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:26:42 2025 by rpki-client