Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/604346-c97c-4097-8997-55c3d129ec28/1/OM7397tRGJPgMhMRlEDp4SER3X0.roa
File: OM7397tRGJPgMhMRlEDp4SER3X0.roa (raw, json)
Hash identifier: QLCE721LK86zgKOXZpaSWKIb9E4UoXxf/p2/ztWYn1A=
Subject key identifier: 38:CE:F7:F7:BB:51:18:93:E0:32:13:11:94:40:E9:E1:21:11:DD:7D
Certificate issuer: /CN=646579561eca5879a747025e5798487b19cd2a97
Certificate serial: 0184D2A7290A8DA2EE2DE9B04B541C314C37
Authority key identifier: 64:65:79:56:1E:CA:58:79:A7:47:02:5E:57:98:48:7B:19:CD:2A:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZGV5Vh7KWHmnRwJeV5hIexnNKpc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/604346-c97c-4097-8997-55c3d129ec28/1/OM7397tRGJPgMhMRlEDp4SER3X0.roa
Signing time: Fri 02 Dec 2022 11:44:41 +0000
ROA not before: Fri 02 Dec 2022 11:44:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16509
IP address blocks: 45.146.156.0/24 maxlen: 24
45.146.159.0/24 maxlen: 24
45.146.158.0/24 maxlen: 24
45.146.157.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:d2:a7:29:0a:8d:a2:ee:2d:e9:b0:4b:54:1c:31:4c:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=646579561eca5879a747025e5798487b19cd2a97
Validity
Not Before: Dec 2 11:44:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=38cef7f7bb511893e03213119440e9e12111dd7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:f5:22:66:ae:cb:2e:a2:93:a8:ca:1c:51:36:
03:a5:b3:ba:d4:11:e7:d1:72:7e:65:a0:58:e9:51:
e5:69:88:5d:92:6f:31:5c:6a:05:76:7b:1e:1e:74:
fd:99:38:ab:e8:54:13:cf:be:ca:9a:f1:63:9f:15:
99:e7:f5:2d:07:71:f4:08:29:de:3e:a6:8e:0d:9a:
18:42:05:87:db:36:df:b5:41:25:4a:3c:24:d7:48:
2d:f6:66:6c:4e:44:8f:5f:e5:78:59:18:f5:1b:86:
93:33:f3:45:a3:e6:f7:fb:44:42:b1:d2:9c:7b:f8:
13:b1:5c:d9:ff:82:af:86:32:d1:f8:e6:d1:72:06:
a1:ca:88:9c:8d:7e:23:a8:02:13:26:81:5e:66:0a:
a2:f2:ee:c4:e7:f0:ac:85:12:ad:df:bd:d3:e8:eb:
ab:e0:2e:30:8a:bb:5f:c5:89:d9:01:ec:bf:6e:2d:
f2:ab:c5:e5:e7:22:d8:e1:a4:3e:19:6f:27:1b:7d:
18:cb:c8:84:f3:0e:ea:fc:d8:ce:a9:08:60:ad:cf:
88:8d:c7:cd:ac:0a:59:da:3b:41:fa:0b:90:76:bc:
98:22:99:1f:11:19:e2:70:bb:4f:00:e7:6c:f3:f8:
20:b9:55:74:56:b9:a0:cb:04:45:cf:1e:00:10:5d:
b2:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:CE:F7:F7:BB:51:18:93:E0:32:13:11:94:40:E9:E1:21:11:DD:7D
X509v3 Authority Key Identifier:
keyid:64:65:79:56:1E:CA:58:79:A7:47:02:5E:57:98:48:7B:19:CD:2A:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZGV5Vh7KWHmnRwJeV5hIexnNKpc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/604346-c97c-4097-8997-55c3d129ec28/1/OM7397tRGJPgMhMRlEDp4SER3X0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/604346-c97c-4097-8997-55c3d129ec28/1/ZGV5Vh7KWHmnRwJeV5hIexnNKpc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.156.0/22
Signature Algorithm: sha256WithRSAEncryption
1c:84:af:8a:e0:24:81:3e:bc:cb:91:4f:2f:b8:63:fd:bb:b7:
6c:7f:e0:28:57:3a:e1:76:06:c0:f9:c4:60:69:e4:b5:4a:3d:
68:9b:16:bc:e9:75:9c:c4:56:d3:ae:e4:76:05:0c:4a:06:22:
39:18:29:ce:f5:a8:ef:81:6c:20:c1:d8:7c:ba:2d:6f:64:f8:
29:99:ea:d8:5e:a6:3d:1e:a9:ba:f4:1e:d6:e9:47:0a:6d:b6:
da:85:62:7d:e1:27:a7:dd:34:90:2f:1c:0e:9e:1c:a6:d3:e1:
b7:38:c5:0e:6c:79:d9:92:43:6c:ea:18:57:dd:6f:72:28:71:
f3:3f:ab:a8:a6:38:c6:33:34:a9:a7:04:ca:0f:ba:f2:2d:9d:
81:9e:4f:f5:33:6c:5f:01:bb:53:dc:60:75:0f:6f:e4:c5:4c:
fe:7d:06:cd:77:5b:19:3c:92:c2:e6:3e:47:4e:c7:56:2d:87:
68:cb:c0:f9:6d:b7:22:da:07:e4:47:51:83:9c:9a:5f:06:42:
15:16:08:be:06:08:3d:e2:d6:51:78:e2:c3:48:8b:d4:c9:03:
26:4d:a0:ad:26:51:8f:c0:18:86:d9:b3:d3:f1:57:d5:66:20:
30:91:72:00:7b:04:e3:0c:83:65:1b:bc:2e:2c:80:5c:59:7b:
0c:69:3a:24
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYTSpykKjaLuLemwS1QcMUw3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0NjU3OTU2MWVjYTU4NzlhNzQ3MDI1ZTU3OTg0ODdiMTlj
ZDJhOTcwHhcNMjIxMjAyMTE0NDQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGNlZjdmN2JiNTExODkzZTAzMjEzMTE5NDQwZTllMTIxMTFkZDdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzvUiZq7LLqKTqMocUTYDpbO61BHn
0XJ+ZaBY6VHlaYhdkm8xXGoFdnseHnT9mTir6FQTz77KmvFjnxWZ5/UtB3H0CCne
PqaODZoYQgWH2zbftUElSjwk10gt9mZsTkSPX+V4WRj1G4aTM/NFo+b3+0RCsdKc
e/gTsVzZ/4KvhjLR+ObRcgahyoicjX4jqAITJoFeZgqi8u7E5/CshRKt373T6Our
4C4wirtfxYnZAey/bi3yq8Xl5yLY4aQ+GW8nG30Yy8iE8w7q/NjOqQhgrc+IjcfN
rApZ2jtB+guQdryYIpkfERnicLtPAOds8/gguVV0VrmgywRFzx4AEF2yqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDjO9/e7URiT4DITEZRA6eEhEd19MB8GA1UdIwQY
MBaAFGRleVYeylh5p0cCXleYSHsZzSqXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkdWNVZoN0tXSG1uUndKZVY1aElleG5OS3BjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi82MDQzNDYtYzk3Yy00MDk3LTg5OTct
NTVjM2QxMjllYzI4LzEvT003Mzk3dFJHSlBnTWhNUmxFRHA0U0VSM1gwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi82MDQzNDYtYzk3Yy00MDk3LTg5OTctNTVjM2QxMjllYzI4
LzEvWkdWNVZoN0tXSG1uUndKZVY1aElleG5OS3BjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZKcMA0G
CSqGSIb3DQEBCwUAA4IBAQAchK+K4CSBPrzLkU8vuGP9u7dsf+AoVzrhdgbA+cRg
aeS1Sj1omxa86XWcxFbTruR2BQxKBiI5GCnO9ajvgWwgwdh8ui1vZPgpmerYXqY9
Hqm69B7W6UcKbbbahWJ94Sen3TSQLxwOnhym0+G3OMUObHnZkkNs6hhX3W9yKHHz
P6uopjjGMzSppwTKD7ryLZ2Bnk/1M2xfAbtT3GB1D2/kxUz+fQbNd1sZPJLC5j5H
TsdWLYdoy8D5bbci2gfkR1GDnJpfBkIVFgi+Bgg94tZReOLDSIvUyQMmTaCtJlGP
wBiG2bPT8VfVZiAwkXIAewTjDINlG7wuLIBcWXsMaTok
-----END CERTIFICATE-----
Generated at Mon Apr 21 17:10:27 2025 by rpki-client