Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/cd703a-06f9-4106-8c8d-b7289b370b6d/1/0JU79hG6z5rE7HdTDT9Kw14sJls.roa
File: 0JU79hG6z5rE7HdTDT9Kw14sJls.roa (raw, json)
Hash identifier: +gxJ01fPaR7lhYSXGBM0Kb2b48HbfQ7RohojrahBNmk=
Subject key identifier: D0:95:3B:F6:11:BA:CF:9A:C4:EC:77:53:0D:3F:4A:C3:5E:2C:26:5B
Certificate issuer: /CN=446158c75b1e3203b22b583cc184c3f5488b25d6
Certificate serial: 01856FA6FC9053D03A1CFAE983BF0E20F915
Authority key identifier: 44:61:58:C7:5B:1E:32:03:B2:2B:58:3C:C1:84:C3:F5:48:8B:25:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RGFYx1seMgOyK1g8wYTD9UiLJdY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/cd703a-06f9-4106-8c8d-b7289b370b6d/1/0JU79hG6z5rE7HdTDT9Kw14sJls.roa
Signing time: Sun 01 Jan 2023 23:24:52 +0000
ROA not before: Sun 01 Jan 2023 23:24:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204860
IP address blocks: 45.150.36.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:a6:fc:90:53:d0:3a:1c:fa:e9:83:bf:0e:20:f9:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=446158c75b1e3203b22b583cc184c3f5488b25d6
Validity
Not Before: Jan 1 23:24:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d0953bf611bacf9ac4ec77530d3f4ac35e2c265b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:cd:a7:a8:06:7d:29:50:6a:73:6a:56:f7:bd:
46:03:30:05:28:ac:6e:74:3b:36:4e:f2:0d:a8:4c:
35:f0:31:13:a0:8c:7a:b0:8f:cc:eb:7a:63:37:72:
69:7e:02:89:dd:16:46:69:7f:cd:41:ff:28:5c:53:
e4:68:1f:16:0c:7d:cc:97:65:50:f7:88:ba:36:7d:
92:40:ab:54:4c:7e:d5:51:f7:91:71:be:72:00:2a:
02:59:c9:b7:4a:6a:04:65:0e:cb:4d:88:6b:df:17:
b7:d5:d4:31:68:8a:c0:fd:86:92:3c:28:12:dd:9c:
be:90:10:af:c2:da:d3:0d:f1:cf:45:cc:ff:ea:30:
d6:d3:f4:05:0c:4a:0e:f1:e1:79:dd:d3:69:76:d6:
ce:e3:07:23:42:34:eb:7d:36:48:bd:68:73:3a:54:
64:85:d3:dc:a5:4c:f2:b2:09:54:b4:e3:39:a5:b5:
1a:dc:0d:85:6d:ce:ab:31:a6:cc:3f:2f:f2:bc:c5:
d1:bf:74:a3:d2:de:85:bb:da:6d:bd:fd:84:b2:0f:
b3:1b:d5:87:5b:2b:a9:0a:94:f5:70:1e:4f:50:ad:
5e:eb:e6:fa:2d:98:a4:19:71:f0:ca:5e:85:0c:58:
85:f0:a4:a2:7a:de:fb:43:03:fb:c5:79:a9:5a:ca:
c1:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:95:3B:F6:11:BA:CF:9A:C4:EC:77:53:0D:3F:4A:C3:5E:2C:26:5B
X509v3 Authority Key Identifier:
keyid:44:61:58:C7:5B:1E:32:03:B2:2B:58:3C:C1:84:C3:F5:48:8B:25:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RGFYx1seMgOyK1g8wYTD9UiLJdY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/cd703a-06f9-4106-8c8d-b7289b370b6d/1/0JU79hG6z5rE7HdTDT9Kw14sJls.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/cd703a-06f9-4106-8c8d-b7289b370b6d/1/RGFYx1seMgOyK1g8wYTD9UiLJdY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.150.36.0/22
Signature Algorithm: sha256WithRSAEncryption
8c:60:15:a5:fb:e3:ea:73:7a:fc:af:ff:02:1e:34:af:b9:c1:
f7:b2:63:e3:52:98:6a:06:8f:ec:05:ab:f8:81:8f:d0:48:e0:
b8:62:44:2f:43:86:a8:ee:b4:a4:14:8d:68:be:c6:8b:06:cf:
77:6e:4e:8d:08:d9:c7:5a:2b:3f:2f:3a:56:ee:21:fc:32:2b:
0e:4c:65:4a:8d:8e:e9:3c:0d:4b:d9:52:29:cf:69:15:01:bc:
50:89:f5:31:39:1a:66:34:23:1e:bf:8f:73:cf:18:dd:4b:4b:
64:8c:3d:66:e0:08:fe:22:bf:4c:40:04:27:e0:eb:aa:25:b3:
75:11:01:d4:b1:bd:34:b4:36:7a:da:c0:a6:3c:4f:46:6e:b3:
40:b4:ee:ff:8f:8f:6e:84:e9:43:9e:7c:99:5c:5e:d8:57:de:
4e:37:a3:e2:58:98:a7:3b:2e:bd:f9:4f:1a:a9:3f:36:15:b9:
9a:1c:0a:15:59:cf:b7:93:82:7b:90:ef:43:d6:ba:72:f3:08:
7b:ef:55:58:44:c2:62:f5:a9:7a:ae:08:00:80:63:9e:ca:7b:
f7:76:16:e2:60:9e:03:28:67:94:9e:cf:bf:bd:22:17:3d:7f:
18:83:41:01:ce:14:af:a2:ca:16:f1:db:51:09:9c:3e:28:f0:
dc:11:2e:bd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvpvyQU9A6HPrpg78OIPkVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NjE1OGM3NWIxZTMyMDNiMjJiNTgzY2MxODRjM2Y1NDg4
YjI1ZDYwHhcNMjMwMTAxMjMyNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDk1M2JmNjExYmFjZjlhYzRlYzc3NTMwZDNmNGFjMzVlMmMyNjViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj82nqAZ9KVBqc2pW971GAzAFKKxu
dDs2TvINqEw18DEToIx6sI/M63pjN3JpfgKJ3RZGaX/NQf8oXFPkaB8WDH3Ml2VQ
94i6Nn2SQKtUTH7VUfeRcb5yACoCWcm3SmoEZQ7LTYhr3xe31dQxaIrA/YaSPCgS
3Zy+kBCvwtrTDfHPRcz/6jDW0/QFDEoO8eF53dNpdtbO4wcjQjTrfTZIvWhzOlRk
hdPcpUzysglUtOM5pbUa3A2Fbc6rMabMPy/yvMXRv3Sj0t6Fu9ptvf2Esg+zG9WH
WyupCpT1cB5PUK1e6+b6LZikGXHwyl6FDFiF8KSiet77QwP7xXmpWsrBVQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNCVO/YRus+axOx3Uw0/SsNeLCZbMB8GA1UdIwQY
MBaAFERhWMdbHjIDsitYPMGEw/VIiyXWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkdGWXgxc2VNZ095SzFnOHdZVEQ5VWlMSmRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi9jZDcwM2EtMDZmOS00MTA2LThjOGQt
YjcyODliMzcwYjZkLzEvMEpVNzloRzZ6NXJFN0hkVERUOUt3MTRzSmxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi9jZDcwM2EtMDZmOS00MTA2LThjOGQtYjcyODliMzcwYjZk
LzEvUkdGWXgxc2VNZ095SzFnOHdZVEQ5VWlMSmRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZYkMA0G
CSqGSIb3DQEBCwUAA4IBAQCMYBWl++Pqc3r8r/8CHjSvucH3smPjUphqBo/sBav4
gY/QSOC4YkQvQ4ao7rSkFI1ovsaLBs93bk6NCNnHWis/LzpW7iH8MisOTGVKjY7p
PA1L2VIpz2kVAbxQifUxORpmNCMev49zzxjdS0tkjD1m4Aj+Ir9MQAQn4OuqJbN1
EQHUsb00tDZ62sCmPE9GbrNAtO7/j49uhOlDnnyZXF7YV95ON6PiWJinOy69+U8a
qT82FbmaHAoVWc+3k4J7kO9D1rpy8wh771VYRMJi9al6rggAgGOeynv3dhbiYJ4D
KGeUns+/vSIXPX8Yg0EBzhSvosoW8dtRCZw+KPDcES69
-----END CERTIFICATE-----
Generated at Fri Apr 18 12:43:03 2025 by rpki-client