Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/7011dd-c2d9-4341-9236-2167cf01cf4a/1/72RukujOAfXkApSyMzaygNlNyFk.roa
File: 72RukujOAfXkApSyMzaygNlNyFk.roa (raw, json)
Hash identifier: Ouurafgp5A/lzyLGQAnyqRlyWf9Q+17hRBpjQP+I39Q=
Subject key identifier: EF:64:6E:92:E8:CE:01:F5:E4:02:94:B2:33:36:B2:80:D9:4D:C8:59
Certificate issuer: /CN=c12ac9b14fd261a8d2763aad417432bebc49a0d6
Certificate serial: 01856C93991567A27882A43628B7799C3DCF
Authority key identifier: C1:2A:C9:B1:4F:D2:61:A8:D2:76:3A:AD:41:74:32:BE:BC:49:A0:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wSrJsU_SYajSdjqtQXQyvrxJoNY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/7011dd-c2d9-4341-9236-2167cf01cf4a/1/72RukujOAfXkApSyMzaygNlNyFk.roa
Signing time: Sun 01 Jan 2023 09:04:50 +0000
ROA not before: Sun 01 Jan 2023 09:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208341
IP address blocks: 45.143.29.0/24 maxlen: 24
45.143.28.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:93:99:15:67:a2:78:82:a4:36:28:b7:79:9c:3d:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c12ac9b14fd261a8d2763aad417432bebc49a0d6
Validity
Not Before: Jan 1 09:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ef646e92e8ce01f5e40294b23336b280d94dc859
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:10:a8:40:1c:15:92:7f:89:c7:92:9d:79:7b:
56:81:c5:1b:cf:9e:ee:5f:a4:af:7d:4b:bf:79:3a:
70:dd:7e:34:a0:ea:29:42:96:8c:30:c3:50:f0:92:
91:d0:5e:c6:56:7b:ef:5a:ed:86:ee:fe:d4:00:89:
a4:a8:a0:7c:4c:81:e0:de:32:b3:e5:3b:98:35:33:
6e:61:ca:57:83:33:e2:0c:cb:91:85:1e:84:7c:b3:
9f:0e:fe:e2:c9:22:02:21:40:9d:b2:7c:e9:d0:59:
47:17:e7:4d:8d:79:92:af:f4:8f:06:d3:d0:c0:a1:
43:ed:08:9f:f0:12:67:77:a4:a3:89:1b:9d:f8:f7:
15:32:17:ce:58:51:1a:87:9c:50:7b:f6:45:62:1c:
06:73:8b:1a:99:1f:a7:4d:ca:34:ca:57:69:59:68:
5f:b4:c3:c6:1f:e2:d1:f7:c7:17:e3:fa:cc:87:65:
eb:2b:5f:e4:12:c9:86:94:73:5b:9c:af:31:01:d3:
57:bb:70:a0:ec:1d:1e:7d:e6:68:e6:0e:93:a3:7b:
d7:f3:f7:ec:1e:e5:aa:ae:33:62:15:b5:87:ad:36:
54:02:fe:80:f5:05:d3:6a:e6:f8:74:4d:e1:91:34:
04:81:28:ec:67:8e:15:af:8a:df:8b:4c:7c:25:81:
63:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:64:6E:92:E8:CE:01:F5:E4:02:94:B2:33:36:B2:80:D9:4D:C8:59
X509v3 Authority Key Identifier:
keyid:C1:2A:C9:B1:4F:D2:61:A8:D2:76:3A:AD:41:74:32:BE:BC:49:A0:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wSrJsU_SYajSdjqtQXQyvrxJoNY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/7011dd-c2d9-4341-9236-2167cf01cf4a/1/72RukujOAfXkApSyMzaygNlNyFk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/7011dd-c2d9-4341-9236-2167cf01cf4a/1/wSrJsU_SYajSdjqtQXQyvrxJoNY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.28.0/23
Signature Algorithm: sha256WithRSAEncryption
a7:fc:87:33:37:ef:5c:a5:43:16:5d:8c:b1:94:ee:79:f0:ff:
96:2e:6f:58:9e:15:4d:8b:17:8c:8b:3a:b6:9d:80:35:f1:0e:
4b:c6:0f:a6:06:fa:72:f2:c2:98:b6:93:43:78:b1:08:9b:7f:
6e:b1:1e:3f:1f:6e:b5:d1:b4:52:ba:43:4f:c7:e0:39:d5:41:
2a:ec:68:3f:0a:76:e7:0c:46:e8:6f:b8:8f:13:13:c0:0d:c3:
45:ab:82:06:ca:c6:2b:96:f3:47:46:6e:57:e7:dd:57:97:89:
10:e4:63:c7:17:ea:20:b9:5a:4c:c7:e7:08:d9:45:d3:81:6f:
f4:2a:0f:49:9a:1c:ac:d5:ac:59:b7:72:d0:30:87:83:aa:7d:
60:c8:3c:e7:d8:ce:61:4e:2f:c9:90:1d:77:c5:e8:5a:64:7d:
a0:58:c5:73:5c:a5:42:56:d7:2a:e1:48:59:1f:bd:54:a0:b1:
7f:4b:40:93:49:de:5b:1d:fe:d4:b7:9b:20:06:bf:d1:55:1f:
32:fe:c1:ca:ae:30:49:6a:a7:8c:3c:00:7a:07:02:d5:f7:fc:
2f:3d:21:08:75:e7:ff:c8:09:b2:a4:d3:86:a3:1d:03:62:89:
66:a4:17:2c:f0:27:32:ab:6c:0c:ba:ec:bb:90:21:c4:f4:51:
42:e1:75:f4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsk5kVZ6J4gqQ2KLd5nD3PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxMmFjOWIxNGZkMjYxYThkMjc2M2FhZDQxNzQzMmJlYmM0
OWEwZDYwHhcNMjMwMTAxMDkwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjY0NmU5MmU4Y2UwMWY1ZTQwMjk0YjIzMzM2YjI4MGQ5NGRjODU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwBCoQBwVkn+Jx5KdeXtWgcUbz57u
X6SvfUu/eTpw3X40oOopQpaMMMNQ8JKR0F7GVnvvWu2G7v7UAImkqKB8TIHg3jKz
5TuYNTNuYcpXgzPiDMuRhR6EfLOfDv7iySICIUCdsnzp0FlHF+dNjXmSr/SPBtPQ
wKFD7Qif8BJnd6SjiRud+PcVMhfOWFEah5xQe/ZFYhwGc4samR+nTco0yldpWWhf
tMPGH+LR98cX4/rMh2XrK1/kEsmGlHNbnK8xAdNXu3Cg7B0efeZo5g6To3vX8/fs
HuWqrjNiFbWHrTZUAv6A9QXTaub4dE3hkTQEgSjsZ44Vr4rfi0x8JYFj2QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO9kbpLozgH15AKUsjM2soDZTchZMB8GA1UdIwQY
MBaAFMEqybFP0mGo0nY6rUF0Mr68SaDWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd1NySnNVX1NZYWpTZGpxdFFYUXl2cnhKb05ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS83MDExZGQtYzJkOS00MzQxLTkyMzYt
MjE2N2NmMDFjZjRhLzEvNzJSdWt1ak9BZlhrQXBTeU16YXlnTmxOeUZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS83MDExZGQtYzJkOS00MzQxLTkyMzYtMjE2N2NmMDFjZjRh
LzEvd1NySnNVX1NZYWpTZGpxdFFYUXl2cnhKb05ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLY8cMA0G
CSqGSIb3DQEBCwUAA4IBAQCn/IczN+9cpUMWXYyxlO558P+WLm9YnhVNixeMizq2
nYA18Q5Lxg+mBvpy8sKYtpNDeLEIm39usR4/H2610bRSukNPx+A51UEq7Gg/Cnbn
DEbob7iPExPADcNFq4IGysYrlvNHRm5X591Xl4kQ5GPHF+oguVpMx+cI2UXTgW/0
Kg9Jmhys1axZt3LQMIeDqn1gyDzn2M5hTi/JkB13xehaZH2gWMVzXKVCVtcq4UhZ
H71UoLF/S0CTSd5bHf7Ut5sgBr/RVR8y/sHKrjBJaqeMPAB6BwLV9/wvPSEIdef/
yAmypNOGox0DYolmpBcs8Ccyq2wMuuy7kCHE9FFC4XX0
-----END CERTIFICATE-----
Generated at Sat Apr 19 08:16:52 2025 by rpki-client