Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/72806a-0394-4ad5-8e04-b5b8d02448b8/1/L_dO5A-C42jWtfk6bceI9hB94Aw.roa
File: L_dO5A-C42jWtfk6bceI9hB94Aw.roa (raw, json)
Hash identifier: tjx4z3IaYDCCFyZJFr/PU0ifwUtjSQHwLLytOlNBg6E=
Subject key identifier: 2F:F7:4E:E4:0F:82:E3:68:D6:B5:F9:3A:6D:C7:88:F6:10:7D:E0:0C
Certificate issuer: /CN=8da60e9000c75a75d67e37fe07b14e07b22c5887
Certificate serial: 0185715546D72BACD13543F1B7EAD829291E
Authority key identifier: 8D:A6:0E:90:00:C7:5A:75:D6:7E:37:FE:07:B1:4E:07:B2:2C:58:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jaYOkADHWnXWfjf-B7FOB7IsWIc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/72806a-0394-4ad5-8e04-b5b8d02448b8/1/L_dO5A-C42jWtfk6bceI9hB94Aw.roa
Signing time: Mon 02 Jan 2023 07:14:52 +0000
ROA not before: Mon 02 Jan 2023 07:14:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208327
IP address blocks: 45.145.92.0/22 maxlen: 22
2a0c:4d80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:55:46:d7:2b:ac:d1:35:43:f1:b7:ea:d8:29:29:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8da60e9000c75a75d67e37fe07b14e07b22c5887
Validity
Not Before: Jan 2 07:14:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2ff74ee40f82e368d6b5f93a6dc788f6107de00c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:6c:e5:25:e6:bb:40:f9:44:25:8e:cb:e2:7b:
be:d0:1e:36:33:bd:18:0d:65:f0:61:ff:31:e0:89:
d7:62:c6:cf:5f:3f:c6:41:5a:ba:13:22:bd:d2:86:
ae:f3:ef:fa:35:e5:7b:22:a0:5f:04:72:70:d9:1f:
34:8e:06:4c:2d:4e:de:26:be:33:64:1b:20:a9:be:
a7:d8:96:57:91:97:17:1d:c5:ca:9c:27:32:00:6d:
f0:3d:a6:53:53:b7:df:01:0b:c6:6d:36:72:73:ce:
b9:28:8a:f2:28:05:4e:a7:df:2e:ae:1b:ac:9d:fc:
b4:ce:5a:90:15:13:a1:be:85:0a:0c:0b:1a:c8:c0:
9e:56:cf:0b:3c:e7:e4:6c:69:96:f5:59:d6:c5:e2:
cf:4b:67:e5:9f:e0:46:ca:5c:a2:66:30:4b:bc:ad:
c9:5c:cb:8a:8d:37:52:a2:bb:1f:c7:68:7c:bb:1a:
67:7d:5f:f1:3b:7a:e0:2b:30:d4:51:27:df:7c:56:
8c:1a:eb:9c:0c:41:52:cd:9f:34:c7:ad:25:83:d7:
1a:6e:79:06:b3:b3:c5:f7:02:21:35:85:78:23:5a:
74:f7:83:6a:7c:78:75:20:bc:97:19:5d:bc:6a:be:
1e:c5:17:61:4f:81:39:b6:09:71:22:ab:0f:8f:65:
36:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:F7:4E:E4:0F:82:E3:68:D6:B5:F9:3A:6D:C7:88:F6:10:7D:E0:0C
X509v3 Authority Key Identifier:
keyid:8D:A6:0E:90:00:C7:5A:75:D6:7E:37:FE:07:B1:4E:07:B2:2C:58:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jaYOkADHWnXWfjf-B7FOB7IsWIc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/72806a-0394-4ad5-8e04-b5b8d02448b8/1/L_dO5A-C42jWtfk6bceI9hB94Aw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/72806a-0394-4ad5-8e04-b5b8d02448b8/1/jaYOkADHWnXWfjf-B7FOB7IsWIc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.145.92.0/22
IPv6:
2a0c:4d80::/29
Signature Algorithm: sha256WithRSAEncryption
8b:df:69:b6:9f:b3:5f:8e:2b:82:b0:2a:cc:6f:d0:5a:6c:9f:
11:ad:0b:d1:6c:b4:a0:44:78:dc:4d:7e:17:21:a6:ba:21:10:
63:68:79:27:c0:a5:03:0c:85:da:8a:5c:ae:0e:27:61:66:a7:
f9:91:e4:4a:ef:da:e4:03:f0:c0:a1:1a:48:6b:3a:70:3c:66:
07:9d:23:a3:72:68:b8:a9:23:98:4f:cc:d5:b2:4a:73:90:60:
3f:c7:d9:9a:17:da:f4:2f:19:a6:9e:bb:89:40:a9:ed:3a:13:
2f:83:63:d6:c5:e4:2c:92:21:a1:2d:e4:87:b6:68:74:c4:71:
3e:fd:1a:5f:3a:ed:b5:ea:98:ba:94:05:24:70:c0:03:90:8c:
ae:97:f0:21:69:80:1e:46:41:27:54:a8:24:10:8e:fb:5b:a8:
05:66:90:76:62:b0:45:aa:ed:33:89:04:c6:fb:f6:83:bb:29:
50:f3:e9:84:46:c7:7d:3d:49:0c:23:35:4d:dc:c9:51:df:0d:
ce:20:f2:09:46:95:12:71:8d:2d:55:5e:a4:47:6d:2e:cc:6e:
fc:88:bc:45:e8:9e:c4:e7:73:14:c5:20:5f:5a:19:94:f7:3f:
c2:14:ef:dd:d4:42:c1:70:28:fb:a9:38:5a:32:36:0d:7c:aa:
99:cb:47:3a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVxVUbXK6zRNUPxt+rYKSkeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkYTYwZTkwMDBjNzVhNzVkNjdlMzdmZTA3YjE0ZTA3YjIy
YzU4ODcwHhcNMjMwMTAyMDcxNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmY3NGVlNDBmODJlMzY4ZDZiNWY5M2E2ZGM3ODhmNjEwN2RlMDBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA12zlJea7QPlEJY7L4nu+0B42M70Y
DWXwYf8x4InXYsbPXz/GQVq6EyK90oau8+/6NeV7IqBfBHJw2R80jgZMLU7eJr4z
ZBsgqb6n2JZXkZcXHcXKnCcyAG3wPaZTU7ffAQvGbTZyc865KIryKAVOp98urhus
nfy0zlqQFROhvoUKDAsayMCeVs8LPOfkbGmW9VnWxeLPS2fln+BGylyiZjBLvK3J
XMuKjTdSorsfx2h8uxpnfV/xO3rgKzDUUSfffFaMGuucDEFSzZ80x60lg9cabnkG
s7PF9wIhNYV4I1p094NqfHh1ILyXGV28ar4exRdhT4E5tglxIqsPj2U2KQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFC/3TuQPguNo1rX5Om3HiPYQfeAMMB8GA1UdIwQY
MBaAFI2mDpAAx1p11n43/gexTgeyLFiHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamFZT2tBREhXblhXZmpmLUI3Rk9CN0lzV0ljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS83MjgwNmEtMDM5NC00YWQ1LThlMDQt
YjViOGQwMjQ0OGI4LzEvTF9kTzVBLUM0MmpXdGZrNmJjZUk5aEI5NEF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS83MjgwNmEtMDM5NC00YWQ1LThlMDQtYjViOGQwMjQ0OGI4
LzEvamFZT2tBREhXblhXZmpmLUI3Rk9CN0lzV0ljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLZFcMA0E
AgACMAcDBQMqDE2AMA0GCSqGSIb3DQEBCwUAA4IBAQCL32m2n7NfjiuCsCrMb9Ba
bJ8RrQvRbLSgRHjcTX4XIaa6IRBjaHknwKUDDIXailyuDidhZqf5keRK79rkA/DA
oRpIazpwPGYHnSOjcmi4qSOYT8zVskpzkGA/x9maF9r0LxmmnruJQKntOhMvg2PW
xeQskiGhLeSHtmh0xHE+/RpfOu216pi6lAUkcMADkIyul/AhaYAeRkEnVKgkEI77
W6gFZpB2YrBFqu0ziQTG+/aDuylQ8+mERsd9PUkMIzVN3MlR3w3OIPIJRpUScY0t
VV6kR20uzG78iLxF6J7E53MUxSBfWhmU9z/CFO/d1ELBcCj7qThaMjYNfKqZy0c6
-----END CERTIFICATE-----
Generated at Sun Apr 20 12:57:09 2025 by rpki-client