Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/7011dd-c2d9-4341-9236-2167cf01cf4a/1/9FkjgQvRNrmjT-XpOf0Ngdodgck.roa
File: 9FkjgQvRNrmjT-XpOf0Ngdodgck.roa (raw, json)
Hash identifier: KseMwxXSy6OkoUGZXP6pgq3p8nFj5WzuUTjfkYuDAXU=
Subject key identifier: F4:59:23:81:0B:D1:36:B9:A3:4F:E5:E9:39:FD:0D:81:DA:1D:81:C9
Certificate issuer: /CN=c12ac9b14fd261a8d2763aad417432bebc49a0d6
Certificate serial: 0184ED2B2C8135F97D1B72B51CF4A8974376
Authority key identifier: C1:2A:C9:B1:4F:D2:61:A8:D2:76:3A:AD:41:74:32:BE:BC:49:A0:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wSrJsU_SYajSdjqtQXQyvrxJoNY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/7011dd-c2d9-4341-9236-2167cf01cf4a/1/9FkjgQvRNrmjT-XpOf0Ngdodgck.roa
Signing time: Wed 07 Dec 2022 15:19:00 +0000
ROA not before: Wed 07 Dec 2022 15:19:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203735
IP address blocks: 45.143.30.0/24 maxlen: 24
45.143.29.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:ed:2b:2c:81:35:f9:7d:1b:72:b5:1c:f4:a8:97:43:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c12ac9b14fd261a8d2763aad417432bebc49a0d6
Validity
Not Before: Dec 7 15:19:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f45923810bd136b9a34fe5e939fd0d81da1d81c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:c8:2d:9c:95:1c:6a:3b:08:62:54:e2:fb:fa:
a9:94:b4:ee:5e:6f:f1:93:a0:78:fd:f0:20:42:f1:
3b:b4:62:37:b4:0a:65:60:5e:7a:88:52:b1:4b:79:
9e:13:fd:da:6a:07:c3:f1:08:b7:1d:13:37:b0:71:
79:1f:b0:e7:45:4f:1b:b4:03:15:c6:f5:29:65:c1:
bc:c5:19:85:2f:07:72:c1:27:68:d6:27:22:62:2e:
33:fb:67:2d:cf:24:2f:59:96:90:9f:ec:5c:6e:39:
8a:52:e6:20:58:df:d0:ce:9b:9f:eb:b5:dd:0a:10:
ec:2f:5b:4d:20:74:ee:9c:3f:10:46:30:dd:b4:32:
f5:23:4c:79:7f:35:80:09:e7:12:f0:d6:52:11:18:
9f:bd:de:13:2f:bd:92:ca:dd:61:ce:fe:76:5f:b3:
73:4b:f4:de:84:d0:a2:77:47:06:49:06:9d:f2:97:
bb:91:6e:b5:5c:95:3b:3b:bb:cb:18:d6:21:62:da:
b4:a2:f2:92:41:84:cb:69:cf:7e:0b:97:40:e3:aa:
ba:e7:51:d3:ec:ba:9b:ad:35:74:30:e9:b3:ce:49:
bf:c6:3d:4e:2c:ea:99:d1:ee:0b:35:e3:57:61:49:
79:d9:ba:52:cc:25:91:88:27:94:3d:ff:e5:ce:d3:
de:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:59:23:81:0B:D1:36:B9:A3:4F:E5:E9:39:FD:0D:81:DA:1D:81:C9
X509v3 Authority Key Identifier:
keyid:C1:2A:C9:B1:4F:D2:61:A8:D2:76:3A:AD:41:74:32:BE:BC:49:A0:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wSrJsU_SYajSdjqtQXQyvrxJoNY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/7011dd-c2d9-4341-9236-2167cf01cf4a/1/9FkjgQvRNrmjT-XpOf0Ngdodgck.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/7011dd-c2d9-4341-9236-2167cf01cf4a/1/wSrJsU_SYajSdjqtQXQyvrxJoNY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.29.0-45.143.30.255
Signature Algorithm: sha256WithRSAEncryption
6d:41:7a:6b:28:80:d0:d8:54:ac:a5:d0:00:38:bc:96:6a:7d:
84:22:1f:71:6f:c2:85:6e:63:f0:82:4d:d9:4d:ba:42:08:b3:
28:86:54:58:22:fb:22:6b:49:bc:49:19:3c:dd:a0:42:29:5e:
be:ff:8c:53:83:2b:77:b6:a9:9d:55:28:8c:85:47:5b:39:81:
cf:6a:0f:1e:ba:12:a0:ee:11:88:46:4d:79:24:4c:94:e3:05:
43:f8:95:f6:da:c0:36:ac:d3:91:68:79:a3:15:8c:c3:89:2e:
7d:23:a0:7e:20:75:2c:b0:4b:39:45:cf:19:c3:b7:dd:df:ce:
fd:53:1a:91:eb:10:bf:f6:1c:5b:94:00:6c:93:02:85:37:ac:
22:12:12:dd:de:4d:e4:9f:20:10:9d:38:2c:4d:a5:2c:e8:80:
98:0b:d6:ae:f7:fb:6d:46:04:af:05:bd:c1:7c:ba:30:d5:05:
31:fe:84:b7:98:02:a8:7e:a4:57:c7:46:95:9c:f4:56:36:69:
23:29:ba:ea:3c:e1:04:d7:e9:ae:e2:6f:c5:49:1c:be:08:a0:
a8:94:5a:95:7c:cd:12:51:bc:66:96:f1:86:4b:f8:1d:e3:65:
4c:c4:d4:a9:f0:30:dd:ef:a4:47:a8:31:6e:87:ee:77:7f:fb:
82:d0:32:ea
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYTtKyyBNfl9G3K1HPSol0N2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxMmFjOWIxNGZkMjYxYThkMjc2M2FhZDQxNzQzMmJlYmM0
OWEwZDYwHhcNMjIxMjA3MTUxOTAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDU5MjM4MTBiZDEzNmI5YTM0ZmU1ZTkzOWZkMGQ4MWRhMWQ4MWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzMgtnJUcajsIYlTi+/qplLTuXm/x
k6B4/fAgQvE7tGI3tAplYF56iFKxS3meE/3aagfD8Qi3HRM3sHF5H7DnRU8btAMV
xvUpZcG8xRmFLwdywSdo1iciYi4z+2ctzyQvWZaQn+xcbjmKUuYgWN/Qzpuf67Xd
ChDsL1tNIHTunD8QRjDdtDL1I0x5fzWACecS8NZSERifvd4TL72Syt1hzv52X7Nz
S/TehNCid0cGSQad8pe7kW61XJU7O7vLGNYhYtq0ovKSQYTLac9+C5dA46q651HT
7LqbrTV0MOmzzkm/xj1OLOqZ0e4LNeNXYUl52bpSzCWRiCeUPf/lztPeAQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFPRZI4EL0Ta5o0/l6Tn9DYHaHYHJMB8GA1UdIwQY
MBaAFMEqybFP0mGo0nY6rUF0Mr68SaDWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd1NySnNVX1NZYWpTZGpxdFFYUXl2cnhKb05ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS83MDExZGQtYzJkOS00MzQxLTkyMzYt
MjE2N2NmMDFjZjRhLzEvOUZramdRdlJOcm1qVC1YcE9mME5nZG9kZ2NrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS83MDExZGQtYzJkOS00MzQxLTkyMzYtMjE2N2NmMDFjZjRh
LzEvd1NySnNVX1NZYWpTZGpxdFFYUXl2cnhKb05ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAAtjx0D
BAAtjx4wDQYJKoZIhvcNAQELBQADggEBAG1BemsogNDYVKyl0AA4vJZqfYQiH3Fv
woVuY/CCTdlNukIIsyiGVFgi+yJrSbxJGTzdoEIpXr7/jFODK3e2qZ1VKIyFR1s5
gc9qDx66EqDuEYhGTXkkTJTjBUP4lfbawDas05FoeaMVjMOJLn0joH4gdSywSzlF
zxnDt93fzv1TGpHrEL/2HFuUAGyTAoU3rCISEt3eTeSfIBCdOCxNpSzogJgL1q73
+21GBK8FvcF8ujDVBTH+hLeYAqh+pFfHRpWc9FY2aSMpuuo84QTX6a7ib8VJHL4I
oKiUWpV8zRJRvGaW8YZL+B3jZUzE1KnwMN3vpEeoMW6H7nd/+4LQMuo=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:33:48 2025 by rpki-client