Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/36d6e4-8d77-48d5-afb6-e0ac7263db12/1/qCsIaK6rR_bpdWv_sefHUvkp1jk.roa
File: qCsIaK6rR_bpdWv_sefHUvkp1jk.roa (raw, json)
Hash identifier: YW4pifpfcS5j+KTnGypsdOUCAwdSv/FXIbxKF8RuaL8=
Subject key identifier: A8:2B:08:68:AE:AB:47:F6:E9:75:6B:FF:B1:E7:C7:52:F9:29:D6:39
Certificate issuer: /CN=3de2681dda00702a7597a71257e14f7a725e890e
Certificate serial: 01856C00FF0CE793FD2ACFE333B5B669ADDB
Authority key identifier: 3D:E2:68:1D:DA:00:70:2A:75:97:A7:12:57:E1:4F:7A:72:5E:89:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PeJoHdoAcCp1l6cSV-FPenJeiQ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/36d6e4-8d77-48d5-afb6-e0ac7263db12/1/qCsIaK6rR_bpdWv_sefHUvkp1jk.roa
Signing time: Sun 01 Jan 2023 06:24:42 +0000
ROA not before: Sun 01 Jan 2023 06:24:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206024
IP address blocks: 145.43.254.0/23 maxlen: 23
145.43.253.0/24 maxlen: 24
145.43.252.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:00:ff:0c:e7:93:fd:2a:cf:e3:33:b5:b6:69:ad:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3de2681dda00702a7597a71257e14f7a725e890e
Validity
Not Before: Jan 1 06:24:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a82b0868aeab47f6e9756bffb1e7c752f929d639
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:d0:85:e8:ae:2b:6b:cb:86:cf:78:92:fb:c3:
ae:b9:94:a5:a2:78:9a:b3:28:69:c9:cd:ac:0b:3b:
09:90:5e:6a:ec:03:ab:e4:67:9b:08:54:04:c9:3d:
5a:7f:7c:55:c1:d2:40:b5:2a:bc:71:87:90:33:a5:
31:10:4d:1a:11:69:eb:ae:0b:4f:dd:51:be:bf:9c:
07:66:e6:a7:c7:9d:db:f1:c3:4d:57:31:a4:7b:72:
ef:af:ab:f8:a6:60:44:6c:40:d1:b1:5f:9a:fd:f0:
59:90:ba:89:9f:af:82:9d:20:28:ba:d3:4c:a6:af:
bc:14:ec:9a:2e:b4:e6:e3:c3:22:7f:f6:eb:a5:52:
bf:22:b0:4f:b7:07:35:a6:92:60:69:5c:50:ea:6e:
d8:57:2a:9b:65:c4:56:e2:48:81:f3:3b:d2:7b:40:
14:97:96:26:d4:a9:99:06:91:d8:5f:62:e0:fa:e0:
03:de:cf:1b:81:38:68:3c:3e:07:bd:58:02:6a:4f:
3d:b5:70:80:05:8a:cc:90:b1:c5:40:90:e1:b4:d3:
4c:de:f3:1c:c8:e6:5c:3f:71:4d:1e:f3:82:11:6c:
ee:75:eb:24:70:92:f3:d3:5e:5e:1a:2e:cc:3a:06:
43:f1:18:f2:00:b6:c5:0f:a1:9e:f3:8c:11:6d:ce:
ef:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:2B:08:68:AE:AB:47:F6:E9:75:6B:FF:B1:E7:C7:52:F9:29:D6:39
X509v3 Authority Key Identifier:
keyid:3D:E2:68:1D:DA:00:70:2A:75:97:A7:12:57:E1:4F:7A:72:5E:89:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PeJoHdoAcCp1l6cSV-FPenJeiQ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/36d6e4-8d77-48d5-afb6-e0ac7263db12/1/qCsIaK6rR_bpdWv_sefHUvkp1jk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/36d6e4-8d77-48d5-afb6-e0ac7263db12/1/PeJoHdoAcCp1l6cSV-FPenJeiQ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.43.252.0/22
Signature Algorithm: sha256WithRSAEncryption
51:7a:06:0e:1a:83:7f:b5:b6:bf:2a:7c:d7:be:a1:76:aa:c2:
d3:2a:df:10:df:2d:32:25:3a:96:b1:62:c5:df:c5:74:51:65:
00:ee:1d:f1:b0:6c:af:d0:0e:da:f3:0b:88:0a:ac:ad:c1:5a:
97:69:c4:f8:d5:9f:32:dd:4d:d1:7e:ca:2d:1d:17:ce:49:d6:
5b:5e:d5:18:ab:52:85:ac:51:82:9a:58:3d:e3:bb:b6:35:e6:
c4:3d:29:c5:ca:ac:dd:7a:3d:77:27:80:a2:3d:35:5f:f2:da:
7b:48:34:23:06:fb:97:eb:ec:f9:87:8f:a0:bc:74:32:69:b1:
b1:dc:54:d9:f0:53:06:92:9e:0e:a8:7f:a1:59:36:da:ef:57:
3e:f5:a2:34:d3:19:5b:6b:dc:0b:cd:9f:66:57:2f:62:50:27:
08:35:10:5c:d1:41:cc:3c:3d:f9:d4:47:16:80:31:bf:b9:fd:
70:86:3a:51:35:1b:5e:ec:7a:d9:88:23:a2:6f:88:1b:bf:3b:
b5:a7:ce:50:fd:99:0b:9c:19:2e:2b:33:31:77:f1:5b:ce:99:
36:89:4b:61:a4:2a:9f:59:82:e1:25:97:4e:9f:16:58:1f:85:
c6:d5:0e:52:77:36:c8:74:a6:a4:e0:08:47:20:3f:b0:52:9d:
ea:2b:73:e7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsAP8M55P9Ks/jM7W2aa3bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkZTI2ODFkZGEwMDcwMmE3NTk3YTcxMjU3ZTE0ZjdhNzI1
ZTg5MGUwHhcNMjMwMTAxMDYyNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODJiMDg2OGFlYWI0N2Y2ZTk3NTZiZmZiMWU3Yzc1MmY5MjlkNjM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAstCF6K4ra8uGz3iS+8OuuZSlonia
syhpyc2sCzsJkF5q7AOr5GebCFQEyT1af3xVwdJAtSq8cYeQM6UxEE0aEWnrrgtP
3VG+v5wHZuanx53b8cNNVzGke3Lvr6v4pmBEbEDRsV+a/fBZkLqJn6+CnSAoutNM
pq+8FOyaLrTm48Mif/brpVK/IrBPtwc1ppJgaVxQ6m7YVyqbZcRW4kiB8zvSe0AU
l5Ym1KmZBpHYX2Lg+uAD3s8bgThoPD4HvVgCak89tXCABYrMkLHFQJDhtNNM3vMc
yOZcP3FNHvOCEWzudeskcJLz015eGi7MOgZD8RjyALbFD6Ge84wRbc7vuQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKgrCGiuq0f26XVr/7Hnx1L5KdY5MB8GA1UdIwQY
MBaAFD3iaB3aAHAqdZenElfhT3pyXokOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGVKb0hkb0FjQ3AxbDZjU1YtRlBlbkplaVE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS8zNmQ2ZTQtOGQ3Ny00OGQ1LWFmYjYt
ZTBhYzcyNjNkYjEyLzEvcUNzSWFLNnJSX2JwZFd2X3NlZkhVdmtwMWprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS8zNmQ2ZTQtOGQ3Ny00OGQ1LWFmYjYtZTBhYzcyNjNkYjEy
LzEvUGVKb0hkb0FjQ3AxbDZjU1YtRlBlbkplaVE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCkSv8MA0G
CSqGSIb3DQEBCwUAA4IBAQBRegYOGoN/tba/KnzXvqF2qsLTKt8Q3y0yJTqWsWLF
38V0UWUA7h3xsGyv0A7a8wuICqytwVqXacT41Z8y3U3RfsotHRfOSdZbXtUYq1KF
rFGCmlg947u2NebEPSnFyqzdej13J4CiPTVf8tp7SDQjBvuX6+z5h4+gvHQyabGx
3FTZ8FMGkp4OqH+hWTba71c+9aI00xlba9wLzZ9mVy9iUCcINRBc0UHMPD351EcW
gDG/uf1whjpRNRte7HrZiCOib4gbvzu1p85Q/ZkLnBkuKzMxd/Fbzpk2iUthpCqf
WYLhJZdOnxZYH4XG1Q5SdzbIdKak4AhHID+wUp3qK3Pn
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:20:55 2025 by rpki-client