Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/9a0981-0ad8-48a5-bfec-8cc9833611e6/1/JOWgbvmx-ghtje839OosxpWD4aE.roa
File: JOWgbvmx-ghtje839OosxpWD4aE.roa (raw, json)
Hash identifier: 2RehW075s8XIbiRLehGXj+wJ/qKw7KOJYurfeENTjj8=
Subject key identifier: 24:E5:A0:6E:F9:B1:FA:08:6D:8D:EF:37:F4:EA:2C:C6:95:83:E1:A1
Certificate issuer: /CN=91f5fcedbdb84dd52fc6770d7ccfd3fc6684fa41
Certificate serial: 01857079A13048E79697354AA4DC992A7902
Authority key identifier: 91:F5:FC:ED:BD:B8:4D:D5:2F:C6:77:0D:7C:CF:D3:FC:66:84:FA:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kfX87b24TdUvxncNfM_T_GaE-kE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/9a0981-0ad8-48a5-bfec-8cc9833611e6/1/JOWgbvmx-ghtje839OosxpWD4aE.roa
Signing time: Mon 02 Jan 2023 03:14:56 +0000
ROA not before: Mon 02 Jan 2023 03:14:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202699
IP address blocks: 45.82.60.0/24 maxlen: 24
45.82.63.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:79:a1:30:48:e7:96:97:35:4a:a4:dc:99:2a:79:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91f5fcedbdb84dd52fc6770d7ccfd3fc6684fa41
Validity
Not Before: Jan 2 03:14:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=24e5a06ef9b1fa086d8def37f4ea2cc69583e1a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:fb:42:ab:85:1d:72:7f:8b:5b:6c:57:fa:70:
93:de:4f:89:ff:a0:ed:b3:8f:8c:c2:17:d7:52:11:
25:39:7d:b0:e5:0c:c3:d6:80:a9:73:aa:96:b1:11:
78:b2:20:f2:d3:fc:2d:11:fb:1e:99:2a:c5:96:cc:
f9:0c:8e:13:a8:b4:51:f0:41:57:6d:14:ea:1c:13:
57:06:69:cc:e6:7e:73:0c:78:ce:e7:13:c7:b8:d0:
cd:e9:bc:92:54:fd:ef:70:e9:49:a9:05:1e:1a:d7:
7c:d7:81:7a:2f:24:2e:7c:5f:ad:ce:9f:cc:2e:a9:
af:97:ce:7e:a7:f0:b1:88:4a:22:dc:8f:b3:b8:8a:
16:f5:46:52:80:7b:b0:04:2a:80:2a:ce:4b:db:41:
75:5b:9b:4e:a8:58:49:c2:69:a0:05:fa:21:99:36:
56:ab:46:db:ea:9f:17:22:2b:d6:b5:c8:bb:a0:89:
7a:dc:2b:f2:57:3b:15:9f:81:4b:16:9a:a3:da:fd:
76:94:34:3d:67:4c:39:d7:8d:ef:ce:95:df:a2:3f:
ad:d8:96:dd:a2:9a:9b:7a:04:ce:1d:70:f6:f3:bc:
a5:ee:69:f0:50:89:50:6c:ca:f5:f6:b2:de:75:f8:
b7:c5:1a:18:64:06:6f:08:82:6b:6c:a8:d3:87:58:
d7:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:E5:A0:6E:F9:B1:FA:08:6D:8D:EF:37:F4:EA:2C:C6:95:83:E1:A1
X509v3 Authority Key Identifier:
keyid:91:F5:FC:ED:BD:B8:4D:D5:2F:C6:77:0D:7C:CF:D3:FC:66:84:FA:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kfX87b24TdUvxncNfM_T_GaE-kE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/9a0981-0ad8-48a5-bfec-8cc9833611e6/1/JOWgbvmx-ghtje839OosxpWD4aE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/9a0981-0ad8-48a5-bfec-8cc9833611e6/1/kfX87b24TdUvxncNfM_T_GaE-kE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.82.60.0/24
45.82.63.0/24
Signature Algorithm: sha256WithRSAEncryption
18:6e:11:44:f8:8f:f4:8d:c2:ed:fb:16:e3:83:e6:a9:d7:63:
f7:ed:4b:41:f7:5e:f4:e7:d0:58:e6:17:3d:7a:b1:72:2b:92:
7b:c4:e6:a6:cb:99:51:f8:ae:29:a1:1f:6a:0a:4a:45:2a:af:
10:12:87:83:a7:9f:f5:20:25:05:b3:1e:92:9f:23:cb:d2:99:
97:9f:3f:02:3f:08:e2:07:50:78:07:72:8a:05:5f:88:ab:b2:
d4:dc:0d:9b:89:a0:44:01:b9:0b:30:bf:8e:66:3a:e5:ff:7e:
54:7e:b0:bf:85:5a:21:c3:2c:f7:b3:cf:0c:36:bd:6b:83:6b:
dc:90:10:5f:55:62:0f:e2:de:fe:84:d6:cf:a4:25:b8:73:38:
53:d9:27:40:49:ce:5c:a7:7f:20:16:87:5e:36:f4:c8:7b:85:
f4:66:5c:51:4f:56:fa:bf:7c:c5:10:47:51:06:8d:06:f8:6a:
93:83:72:22:24:d2:bd:da:9a:ed:a2:77:c4:38:63:5f:ff:c9:
ee:06:dd:ed:ce:d3:ea:35:0b:2c:2c:fa:af:5f:17:48:6e:87:
6c:04:0c:ed:3e:cb:b6:a1:31:84:78:f4:9a:aa:de:6a:77:66:
d7:86:73:b4:16:6d:b1:30:2e:68:34:9d:c6:3a:dd:c9:18:b7:
88:f8:8a:e0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVweaEwSOeWlzVKpNyZKnkCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZjVmY2VkYmRiODRkZDUyZmM2NzcwZDdjY2ZkM2ZjNjY4
NGZhNDEwHhcNMjMwMTAyMDMxNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGU1YTA2ZWY5YjFmYTA4NmQ4ZGVmMzdmNGVhMmNjNjk1ODNlMWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnPtCq4Udcn+LW2xX+nCT3k+J/6Dt
s4+MwhfXUhElOX2w5QzD1oCpc6qWsRF4siDy0/wtEfsemSrFlsz5DI4TqLRR8EFX
bRTqHBNXBmnM5n5zDHjO5xPHuNDN6bySVP3vcOlJqQUeGtd814F6LyQufF+tzp/M
Lqmvl85+p/CxiEoi3I+zuIoW9UZSgHuwBCqAKs5L20F1W5tOqFhJwmmgBfohmTZW
q0bb6p8XIivWtci7oIl63CvyVzsVn4FLFpqj2v12lDQ9Z0w5143vzpXfoj+t2Jbd
opqbegTOHXD287yl7mnwUIlQbMr19rLedfi3xRoYZAZvCIJrbKjTh1jXvwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCTloG75sfoIbY3vN/TqLMaVg+GhMB8GA1UdIwQY
MBaAFJH1/O29uE3VL8Z3DXzP0/xmhPpBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2ZYODdiMjRUZFV2eG5jTmZNX1RfR2FFLWtFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC85YTA5ODEtMGFkOC00OGE1LWJmZWMt
OGNjOTgzMzYxMWU2LzEvSk9XZ2J2bXgtZ2h0amU4MzlPb3N4cFdENGFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC85YTA5ODEtMGFkOC00OGE1LWJmZWMtOGNjOTgzMzYxMWU2
LzEva2ZYODdiMjRUZFV2eG5jTmZNX1RfR2FFLWtFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALVI8AwQA
LVI/MA0GCSqGSIb3DQEBCwUAA4IBAQAYbhFE+I/0jcLt+xbjg+ap12P37UtB9170
59BY5hc9erFyK5J7xOamy5lR+K4poR9qCkpFKq8QEoeDp5/1ICUFsx6SnyPL0pmX
nz8CPwjiB1B4B3KKBV+Iq7LU3A2biaBEAbkLML+OZjrl/35UfrC/hVohwyz3s88M
Nr1rg2vckBBfVWIP4t7+hNbPpCW4czhT2SdASc5cp38gFodeNvTIe4X0ZlxRT1b6
v3zFEEdRBo0G+GqTg3IiJNK92prtonfEOGNf/8nuBt3tztPqNQssLPqvXxdIbods
BAztPsu2oTGEePSaqt5qd2bXhnO0Fm2xMC5oNJ3GOt3JGLeI+Irg
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:49:07 2025 by rpki-client