Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/0e7b29-6297-42ca-8f33-5dfccd61a9b1/1/PXMK4LRVot8qNiZ7Yvfrf427XI0.roa
File: PXMK4LRVot8qNiZ7Yvfrf427XI0.roa (raw, json)
Hash identifier: asHBhebQfo1ZsTICACapPRZbaOs4v1UK06JiP9Vb8Nc=
Subject key identifier: 3D:73:0A:E0:B4:55:A2:DF:2A:36:26:7B:62:F7:EB:7F:8D:BB:5C:8D
Certificate issuer: /CN=54b48731e29f27d687576d6863adbda080709bfe
Certificate serial: 018572DECDB8192D1D26976907281A6AAD1D
Authority key identifier: 54:B4:87:31:E2:9F:27:D6:87:57:6D:68:63:AD:BD:A0:80:70:9B:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VLSHMeKfJ9aHV21oY629oIBwm_4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/0e7b29-6297-42ca-8f33-5dfccd61a9b1/1/PXMK4LRVot8qNiZ7Yvfrf427XI0.roa
Signing time: Mon 02 Jan 2023 14:24:42 +0000
ROA not before: Mon 02 Jan 2023 14:24:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201115
IP address blocks: 45.157.175.0/24 maxlen: 24
2a13:3840::/47 maxlen: 47
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:de:cd:b8:19:2d:1d:26:97:69:07:28:1a:6a:ad:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54b48731e29f27d687576d6863adbda080709bfe
Validity
Not Before: Jan 2 14:24:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3d730ae0b455a2df2a36267b62f7eb7f8dbb5c8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:cd:28:a7:f1:1e:23:fb:b1:2a:64:42:84:90:
f0:0e:b3:cf:a3:37:a6:0d:71:47:b1:a9:ee:72:dd:
55:86:8b:6a:71:65:7e:8f:bc:13:db:95:15:1e:c4:
07:c4:37:27:8d:72:0a:aa:f8:7e:6a:4a:bf:21:5f:
c8:61:f6:dc:b4:35:9a:8d:2f:1c:44:c0:5c:00:08:
34:9f:28:29:68:ac:7a:ed:79:1f:f4:61:32:f0:c9:
54:53:02:d5:ee:a9:9a:e1:f6:4f:87:62:a3:e2:0b:
2c:47:d0:a7:ff:62:df:5a:a4:05:8c:15:bf:f3:b6:
6c:33:79:6f:ce:65:0a:23:4d:44:d8:57:46:43:e3:
31:59:62:8d:aa:10:d1:86:24:df:5f:59:ba:bf:b3:
c9:8a:47:36:f9:4b:83:aa:1c:ab:0d:19:6f:dd:2c:
17:ac:fc:31:f6:c4:dc:fb:b7:41:f0:f7:52:3f:c1:
dd:f3:bc:fe:0e:17:72:ee:f6:9f:f4:c5:9b:46:b7:
a5:bf:4b:a7:7b:3b:51:ad:b8:16:68:fc:fb:c8:5c:
78:73:77:65:f0:60:e8:96:5c:8a:ae:06:a0:7d:56:
8d:4c:bd:32:09:3b:87:ac:32:c1:1d:54:90:97:d0:
c6:9e:2a:ea:0c:4c:2e:9c:e0:c1:fe:e0:1f:c8:17:
99:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:73:0A:E0:B4:55:A2:DF:2A:36:26:7B:62:F7:EB:7F:8D:BB:5C:8D
X509v3 Authority Key Identifier:
keyid:54:B4:87:31:E2:9F:27:D6:87:57:6D:68:63:AD:BD:A0:80:70:9B:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VLSHMeKfJ9aHV21oY629oIBwm_4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/0e7b29-6297-42ca-8f33-5dfccd61a9b1/1/PXMK4LRVot8qNiZ7Yvfrf427XI0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/0e7b29-6297-42ca-8f33-5dfccd61a9b1/1/VLSHMeKfJ9aHV21oY629oIBwm_4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.175.0/24
IPv6:
2a13:3840::/47
Signature Algorithm: sha256WithRSAEncryption
12:52:bc:26:0e:61:dc:8a:d7:f6:1e:42:c5:3b:72:2b:22:22:
9b:3e:31:41:52:c4:16:00:22:46:44:f0:2e:88:0e:e8:f8:e5:
20:0a:57:de:9b:e1:11:27:57:e5:78:da:68:7d:00:f1:89:02:
3d:c1:7d:56:1c:2c:30:21:c2:19:f2:25:5e:f8:36:a7:62:75:
64:e1:b9:83:6b:f1:a7:91:19:c4:07:94:06:eb:4c:f2:2b:d1:
18:63:3b:a4:ac:0c:7a:40:57:56:59:b1:6e:07:46:d3:c2:14:
09:49:fb:45:3c:6c:57:f4:8d:f3:a4:df:98:a4:b2:f0:b5:cf:
dc:8e:a5:39:bc:74:e0:53:e0:b4:19:30:a2:78:25:d3:99:eb:
7c:76:0c:f8:c5:38:d2:77:34:58:05:11:35:13:ab:45:db:22:
fc:6e:c2:21:03:c9:fe:75:cf:64:36:70:6d:7c:df:02:e7:0c:
2f:15:bb:c1:d6:c2:d5:34:be:bd:42:9d:30:a6:eb:e4:83:f6:
87:02:45:1a:cd:34:a3:2e:9e:e5:d3:ed:12:05:15:90:54:83:
04:cc:84:4e:f0:8d:d7:df:00:dc:34:3c:ba:a4:88:5f:b0:d3:
78:37:84:3a:a9:ef:76:9b:56:e1:70:00:f3:cd:f1:dd:34:10:
8d:c6:16:10
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVy3s24GS0dJpdpBygaaq0dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0YjQ4NzMxZTI5ZjI3ZDY4NzU3NmQ2ODYzYWRiZGEwODA3
MDliZmUwHhcNMjMwMTAyMTQyNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDczMGFlMGI0NTVhMmRmMmEzNjI2N2I2MmY3ZWI3ZjhkYmI1YzhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoM0op/EeI/uxKmRChJDwDrPPozem
DXFHsanuct1VhotqcWV+j7wT25UVHsQHxDcnjXIKqvh+akq/IV/IYfbctDWajS8c
RMBcAAg0nygpaKx67Xkf9GEy8MlUUwLV7qma4fZPh2Kj4gssR9Cn/2LfWqQFjBW/
87ZsM3lvzmUKI01E2FdGQ+MxWWKNqhDRhiTfX1m6v7PJikc2+UuDqhyrDRlv3SwX
rPwx9sTc+7dB8PdSP8Hd87z+Dhdy7vaf9MWbRrelv0uneztRrbgWaPz7yFx4c3dl
8GDollyKrgagfVaNTL0yCTuHrDLBHVSQl9DGnirqDEwunODB/uAfyBeZHQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFD1zCuC0VaLfKjYme2L363+Nu1yNMB8GA1UdIwQY
MBaAFFS0hzHinyfWh1dtaGOtvaCAcJv+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkxTSE1lS2ZKOWFIVjIxb1k2MjlvSUJ3bV80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8wZTdiMjktNjI5Ny00MmNhLThmMzMt
NWRmY2NkNjFhOWIxLzEvUFhNSzRMUlZvdDhxTmlaN1l2ZnJmNDI3WEkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8wZTdiMjktNjI5Ny00MmNhLThmMzMtNWRmY2NkNjFhOWIx
LzEvVkxTSE1lS2ZKOWFIVjIxb1k2MjlvSUJ3bV80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQALZ2vMA8E
AgACMAkDBwEqEzhAAAAwDQYJKoZIhvcNAQELBQADggEBABJSvCYOYdyK1/YeQsU7
cisiIps+MUFSxBYAIkZE8C6IDuj45SAKV96b4REnV+V42mh9APGJAj3BfVYcLDAh
whnyJV74NqdidWThuYNr8aeRGcQHlAbrTPIr0RhjO6SsDHpAV1ZZsW4HRtPCFAlJ
+0U8bFf0jfOk35iksvC1z9yOpTm8dOBT4LQZMKJ4JdOZ63x2DPjFONJ3NFgFETUT
q0XbIvxuwiEDyf51z2Q2cG183wLnDC8Vu8HWwtU0vr1CnTCm6+SD9ocCRRrNNKMu
nuXT7RIFFZBUgwTMhE7wjdffANw0PLqkiF+w03g3hDqp73abVuFwAPPN8d00EI3G
FhA=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:41:12 2025 by rpki-client