Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/36d6e4-8d77-48d5-afb6-e0ac7263db12/1/wFS8vunOAXC-jBSETWSiNHUS8aI.roa
File: wFS8vunOAXC-jBSETWSiNHUS8aI.roa (raw, json)
Hash identifier: eJCrQLfi3Dy+bX1BsBjwg0+8suwOP5kug9/h+HnFsNU=
Subject key identifier: C0:54:BC:BE:E9:CE:01:70:BE:8C:14:84:4D:64:A2:34:75:12:F1:A2
Certificate issuer: /CN=3de2681dda00702a7597a71257e14f7a725e890e
Certificate serial: 01856C00FC70F1AF38ECF02A071C4C280E49
Authority key identifier: 3D:E2:68:1D:DA:00:70:2A:75:97:A7:12:57:E1:4F:7A:72:5E:89:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PeJoHdoAcCp1l6cSV-FPenJeiQ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/36d6e4-8d77-48d5-afb6-e0ac7263db12/1/wFS8vunOAXC-jBSETWSiNHUS8aI.roa
Signing time: Sun 01 Jan 2023 06:24:41 +0000
ROA not before: Sun 01 Jan 2023 06:24:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15830
IP address blocks: 145.43.244.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:00:fc:70:f1:af:38:ec:f0:2a:07:1c:4c:28:0e:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3de2681dda00702a7597a71257e14f7a725e890e
Validity
Not Before: Jan 1 06:24:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c054bcbee9ce0170be8c14844d64a2347512f1a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:ef:04:79:9b:42:15:bf:f8:42:91:ef:2f:4a:
c0:d6:8b:f3:c7:35:3e:f0:b2:cb:3b:d5:bb:1b:1b:
fd:59:e9:a9:9f:df:b8:74:0d:5a:7e:e6:6a:f3:f5:
87:92:dc:65:95:24:82:16:1a:ee:7c:69:2c:07:44:
12:29:83:48:5f:58:17:eb:0a:f1:e9:9d:12:3c:aa:
99:14:a1:7b:e0:d8:3b:9e:ae:8e:74:f8:01:5d:75:
91:f7:aa:1c:2c:99:bb:7a:a4:e2:00:76:e1:13:35:
39:14:e4:25:74:40:5f:14:24:4a:4d:46:a0:3b:a2:
f2:71:ee:86:7f:1c:22:fa:37:f8:98:f2:48:22:64:
60:37:39:5f:5f:72:a8:e5:88:ff:ad:45:10:e2:ca:
b7:6a:b6:9f:39:67:b9:4c:6f:b1:95:51:3e:e4:f6:
50:36:da:9f:46:7b:dd:ec:23:11:9e:c7:7d:82:da:
cb:e0:26:12:46:a9:93:ea:38:0b:b7:2e:1c:a5:64:
ad:30:3d:31:d5:a6:85:53:fe:4b:09:d9:c6:6c:84:
24:d1:78:4b:66:e1:9b:df:5f:49:ff:e0:bd:0c:fe:
06:96:53:d8:89:1a:16:84:22:be:d9:38:fd:ab:f2:
81:ab:3c:2f:c5:09:07:ef:7c:b5:bb:2c:48:6e:b3:
18:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:54:BC:BE:E9:CE:01:70:BE:8C:14:84:4D:64:A2:34:75:12:F1:A2
X509v3 Authority Key Identifier:
keyid:3D:E2:68:1D:DA:00:70:2A:75:97:A7:12:57:E1:4F:7A:72:5E:89:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PeJoHdoAcCp1l6cSV-FPenJeiQ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/36d6e4-8d77-48d5-afb6-e0ac7263db12/1/wFS8vunOAXC-jBSETWSiNHUS8aI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/36d6e4-8d77-48d5-afb6-e0ac7263db12/1/PeJoHdoAcCp1l6cSV-FPenJeiQ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.43.244.0/22
Signature Algorithm: sha256WithRSAEncryption
05:d4:7d:56:e7:f0:66:2b:11:dd:70:ec:78:83:40:bb:43:62:
c8:d4:91:56:c4:7b:5c:65:3d:ed:47:4c:46:3d:47:01:76:42:
67:43:eb:4a:af:15:fc:fd:3b:28:d2:09:db:20:dd:89:04:83:
96:00:7d:c6:e0:db:a5:65:88:5f:24:e2:fc:23:8e:a3:42:8f:
8e:9a:68:fb:53:53:d5:4e:6e:56:05:3f:43:e2:63:da:20:0c:
3e:c3:c4:d2:89:67:2c:23:a8:10:4d:9b:bc:a7:87:f6:20:7a:
c3:cd:bd:ad:60:01:63:f6:02:34:b1:27:19:df:bb:70:aa:6f:
09:9a:43:58:09:a0:9b:3f:4d:dc:df:95:15:ed:a3:43:1b:d4:
72:ed:cc:18:af:b3:cd:da:77:42:c6:27:37:7a:4f:f6:31:ec:
2d:cd:7c:74:5a:58:bb:a7:68:ec:61:34:4f:30:1d:ba:4a:90:
0f:a6:9f:3c:6c:34:4a:46:fd:64:11:67:83:f2:fb:ec:75:8a:
9c:f7:04:96:69:e3:b3:84:b6:25:2b:18:57:12:78:26:af:ca:
1d:64:f0:1c:ac:7e:58:d7:46:9e:5c:f3:ff:35:56:85:1d:a7:
16:25:75:17:f2:93:24:d2:b8:08:76:8f:52:2e:1e:4b:e4:b1:
9e:00:86:f4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsAPxw8a847PAqBxxMKA5JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkZTI2ODFkZGEwMDcwMmE3NTk3YTcxMjU3ZTE0ZjdhNzI1
ZTg5MGUwHhcNMjMwMTAxMDYyNDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDU0YmNiZWU5Y2UwMTcwYmU4YzE0ODQ0ZDY0YTIzNDc1MTJmMWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmu8EeZtCFb/4QpHvL0rA1ovzxzU+
8LLLO9W7Gxv9Wempn9+4dA1afuZq8/WHktxllSSCFhrufGksB0QSKYNIX1gX6wrx
6Z0SPKqZFKF74Ng7nq6OdPgBXXWR96ocLJm7eqTiAHbhEzU5FOQldEBfFCRKTUag
O6Lyce6Gfxwi+jf4mPJIImRgNzlfX3Ko5Yj/rUUQ4sq3arafOWe5TG+xlVE+5PZQ
NtqfRnvd7CMRnsd9gtrL4CYSRqmT6jgLty4cpWStMD0x1aaFU/5LCdnGbIQk0XhL
ZuGb319J/+C9DP4GllPYiRoWhCK+2Tj9q/KBqzwvxQkH73y1uyxIbrMYzwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMBUvL7pzgFwvowUhE1kojR1EvGiMB8GA1UdIwQY
MBaAFD3iaB3aAHAqdZenElfhT3pyXokOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGVKb0hkb0FjQ3AxbDZjU1YtRlBlbkplaVE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS8zNmQ2ZTQtOGQ3Ny00OGQ1LWFmYjYt
ZTBhYzcyNjNkYjEyLzEvd0ZTOHZ1bk9BWEMtakJTRVRXU2lOSFVTOGFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS8zNmQ2ZTQtOGQ3Ny00OGQ1LWFmYjYtZTBhYzcyNjNkYjEy
LzEvUGVKb0hkb0FjQ3AxbDZjU1YtRlBlbkplaVE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCkSv0MA0G
CSqGSIb3DQEBCwUAA4IBAQAF1H1W5/BmKxHdcOx4g0C7Q2LI1JFWxHtcZT3tR0xG
PUcBdkJnQ+tKrxX8/Tso0gnbIN2JBIOWAH3G4NulZYhfJOL8I46jQo+Ommj7U1PV
Tm5WBT9D4mPaIAw+w8TSiWcsI6gQTZu8p4f2IHrDzb2tYAFj9gI0sScZ37twqm8J
mkNYCaCbP03c35UV7aNDG9Ry7cwYr7PN2ndCxic3ek/2MewtzXx0Wli7p2jsYTRP
MB26SpAPpp88bDRKRv1kEWeD8vvsdYqc9wSWaeOzhLYlKxhXEngmr8odZPAcrH5Y
10aeXPP/NVaFHacWJXUX8pMk0rgIdo9SLh5L5LGeAIb0
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:18:08 2025 by rpki-client