Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/7011dd-c2d9-4341-9236-2167cf01cf4a/1/XxuqD8VPGuiecx7fvatiIwVkM6M.roa
File: XxuqD8VPGuiecx7fvatiIwVkM6M.roa (raw, json)
Hash identifier: R/PVwgwlSPX+pvM2lixSQxC5VXNhJSCEML7kE2Z0B8w=
Subject key identifier: 5F:1B:AA:0F:C5:4F:1A:E8:9E:73:1E:DF:BD:AB:62:23:05:64:33:A3
Certificate issuer: /CN=c12ac9b14fd261a8d2763aad417432bebc49a0d6
Certificate serial: 0184F9120C6776E92E3EFB3CEC9364E3B242
Authority key identifier: C1:2A:C9:B1:4F:D2:61:A8:D2:76:3A:AD:41:74:32:BE:BC:49:A0:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wSrJsU_SYajSdjqtQXQyvrxJoNY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/7011dd-c2d9-4341-9236-2167cf01cf4a/1/XxuqD8VPGuiecx7fvatiIwVkM6M.roa
Signing time: Fri 09 Dec 2022 22:47:00 +0000
ROA not before: Fri 09 Dec 2022 22:47:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203735
IP address blocks: 45.143.30.0/24 maxlen: 24
45.143.29.0/24 maxlen: 24
45.143.31.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:f9:12:0c:67:76:e9:2e:3e:fb:3c:ec:93:64:e3:b2:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c12ac9b14fd261a8d2763aad417432bebc49a0d6
Validity
Not Before: Dec 9 22:47:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5f1baa0fc54f1ae89e731edfbdab6223056433a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:d9:68:22:eb:4a:4c:98:6b:5b:b3:5a:f7:1c:
e0:83:51:15:72:96:96:13:1a:5d:de:92:38:52:c0:
f0:ec:f5:b3:65:03:42:47:32:cc:18:34:fd:52:21:
77:df:f4:35:f3:49:40:ce:6d:fd:a9:43:26:5f:d7:
03:ea:39:dc:f0:0c:51:c2:80:c3:93:bd:d2:d6:e4:
d1:81:0c:7d:da:8f:28:08:33:fa:ba:8f:41:0d:11:
6f:7e:2c:51:18:8a:c1:83:a7:ae:4f:4d:43:04:44:
b5:b1:4f:f6:c5:c6:da:54:8c:49:53:1f:f5:6c:71:
5c:04:19:64:6f:78:b6:43:54:8f:f1:57:ff:8a:3f:
9e:92:14:5d:9a:a8:5d:cd:e4:6d:0b:7d:66:67:8b:
2b:9b:01:02:78:8b:4e:10:b3:14:ed:2d:b8:4b:66:
1f:4a:73:35:db:c7:1d:56:9b:d2:ea:72:71:3b:c9:
22:25:f7:e4:26:46:2d:73:7d:ad:1f:0a:1e:1f:73:
61:c7:fa:62:21:a6:e5:0f:d4:4a:60:17:f1:bc:30:
bc:85:6f:45:5e:5f:71:f3:99:18:dd:6f:2b:33:0d:
02:8f:d3:40:c8:65:2c:7c:5b:cd:5e:7d:bc:b7:70:
29:48:42:b4:7d:3f:f1:7d:8d:8e:56:b9:0d:07:12:
e7:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:1B:AA:0F:C5:4F:1A:E8:9E:73:1E:DF:BD:AB:62:23:05:64:33:A3
X509v3 Authority Key Identifier:
keyid:C1:2A:C9:B1:4F:D2:61:A8:D2:76:3A:AD:41:74:32:BE:BC:49:A0:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wSrJsU_SYajSdjqtQXQyvrxJoNY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/7011dd-c2d9-4341-9236-2167cf01cf4a/1/XxuqD8VPGuiecx7fvatiIwVkM6M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/7011dd-c2d9-4341-9236-2167cf01cf4a/1/wSrJsU_SYajSdjqtQXQyvrxJoNY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.29.0-45.143.31.255
Signature Algorithm: sha256WithRSAEncryption
68:fa:a1:94:45:15:ca:b5:51:a3:12:81:74:b2:9d:86:96:ed:
12:98:68:91:12:ec:37:50:a0:5a:93:ca:83:c8:d8:dc:4e:85:
fa:d6:4c:3f:25:94:5f:5e:e8:68:41:c2:d9:e5:b3:d6:5e:de:
9d:ea:5e:90:a2:33:af:96:0e:ac:86:22:88:b3:89:63:17:4e:
b0:63:02:0e:1f:67:2d:26:b4:45:32:ff:c2:4b:bc:0f:d5:1b:
ef:65:ed:f0:5b:8f:84:f2:ad:4c:8e:8c:81:0a:f1:ca:5e:64:
b7:ad:c5:31:40:73:e2:66:dd:e8:48:1f:5c:41:be:e3:d7:76:
86:a4:77:7c:e2:97:b2:ed:04:a3:d5:8b:73:1b:15:51:9e:ac:
74:3f:f8:50:ea:1a:93:7b:4f:35:59:85:cc:b3:aa:67:62:61:
de:d7:ce:6d:8e:29:e4:69:dd:95:1b:90:22:7a:db:fe:44:15:
d4:33:fd:94:ad:95:da:b0:86:24:3a:98:17:90:b8:ab:32:0b:
bf:df:6c:e1:10:35:cf:45:ed:d5:68:d5:3d:04:8e:62:75:97:
be:33:83:34:ad:5a:9b:22:3c:84:f9:0e:9c:29:ca:d2:8f:42:
e0:d6:59:d2:8b:f4:42:a8:ef:32:bd:06:87:34:22:5b:a7:46:
19:ad:bf:e7
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYT5EgxndukuPvs87JNk47JCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxMmFjOWIxNGZkMjYxYThkMjc2M2FhZDQxNzQzMmJlYmM0
OWEwZDYwHhcNMjIxMjA5MjI0NzAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjFiYWEwZmM1NGYxYWU4OWU3MzFlZGZiZGFiNjIyMzA1NjQzM2EzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlNloIutKTJhrW7Na9xzgg1EVcpaW
Expd3pI4UsDw7PWzZQNCRzLMGDT9UiF33/Q180lAzm39qUMmX9cD6jnc8AxRwoDD
k73S1uTRgQx92o8oCDP6uo9BDRFvfixRGIrBg6euT01DBES1sU/2xcbaVIxJUx/1
bHFcBBlkb3i2Q1SP8Vf/ij+ekhRdmqhdzeRtC31mZ4srmwECeItOELMU7S24S2Yf
SnM128cdVpvS6nJxO8kiJffkJkYtc32tHwoeH3Nhx/piIablD9RKYBfxvDC8hW9F
Xl9x85kY3W8rMw0Cj9NAyGUsfFvNXn28t3ApSEK0fT/xfY2OVrkNBxLn1wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFF8bqg/FTxronnMe372rYiMFZDOjMB8GA1UdIwQY
MBaAFMEqybFP0mGo0nY6rUF0Mr68SaDWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd1NySnNVX1NZYWpTZGpxdFFYUXl2cnhKb05ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS83MDExZGQtYzJkOS00MzQxLTkyMzYt
MjE2N2NmMDFjZjRhLzEvWHh1cUQ4VlBHdWllY3g3ZnZhdGlJd1ZrTTZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS83MDExZGQtYzJkOS00MzQxLTkyMzYtMjE2N2NmMDFjZjRh
LzEvd1NySnNVX1NZYWpTZGpxdFFYUXl2cnhKb05ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAAtjx0D
BAUtjwAwDQYJKoZIhvcNAQELBQADggEBAGj6oZRFFcq1UaMSgXSynYaW7RKYaJES
7DdQoFqTyoPI2NxOhfrWTD8llF9e6GhBwtnls9Ze3p3qXpCiM6+WDqyGIoiziWMX
TrBjAg4fZy0mtEUy/8JLvA/VG+9l7fBbj4TyrUyOjIEK8cpeZLetxTFAc+Jm3ehI
H1xBvuPXdoakd3zil7LtBKPVi3MbFVGerHQ/+FDqGpN7TzVZhcyzqmdiYd7Xzm2O
KeRp3ZUbkCJ62/5EFdQz/ZStldqwhiQ6mBeQuKsyC7/fbOEQNc9F7dVo1T0EjmJ1
l74zgzStWpsiPIT5DpwpytKPQuDWWdKL9EKo7zK9Boc0IlunRhmtv+c=
-----END CERTIFICATE-----
Generated at Sat Apr 19 08:16:56 2025 by rpki-client