Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ac9c32-7dbc-4d6c-bc08-5d584fbc5d27/1/h_QVhXexlk85Fq4MzJ2YANSy_Os.roa
File: h_QVhXexlk85Fq4MzJ2YANSy_Os.roa (raw, json)
Hash identifier: /YZvCiBivs4aVmSrjIpCCJB3dHXQIbvWn/E9KrXoyyY=
Subject key identifier: 87:F4:15:85:77:B1:96:4F:39:16:AE:0C:CC:9D:98:00:D4:B2:FC:EB
Certificate issuer: /CN=ba9d30e6035be8b8386061f271481c707e04ce2b
Certificate serial: 0AADC2F5
Authority key identifier: BA:9D:30:E6:03:5B:E8:B8:38:60:61:F2:71:48:1C:70:7E:04:CE:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/up0w5gNb6Lg4YGHycUgccH4Ezis.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ac9c32-7dbc-4d6c-bc08-5d584fbc5d27/1/h_QVhXexlk85Fq4MzJ2YANSy_Os.roa
Signing time: Sat 01 Jan 2022 12:00:23 +0000
ROA not before: Sat 01 Jan 2022 12:00:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51206
IP address blocks: 92.45.3.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 179159797 (0xaadc2f5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba9d30e6035be8b8386061f271481c707e04ce2b
Validity
Not Before: Jan 1 12:00:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=87f4158577b1964f3916ae0ccc9d9800d4b2fceb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:4a:41:e2:c3:96:8e:5b:46:e2:ad:3e:cc:74:
62:15:a2:ec:6e:a9:0e:8c:4a:48:e6:ab:3a:6e:c5:
2f:ed:73:24:7e:69:4c:92:04:9e:5f:39:2a:c1:2c:
be:2f:8f:a9:71:6f:2a:9d:3d:b1:23:98:da:cd:af:
54:a6:73:b3:12:f9:45:eb:fa:9c:8d:24:77:0c:4c:
72:f7:8b:9d:56:99:de:d6:db:e1:3e:90:5f:75:1c:
98:33:c2:5e:e1:65:35:b6:9d:6f:e9:9b:0f:a3:0e:
a1:4a:1f:e6:3a:d6:a8:b0:af:b4:25:31:1e:ef:4a:
4a:5d:43:ce:8c:43:7a:ad:b8:ac:09:42:2f:ae:fd:
77:52:0a:f2:2f:35:e0:63:0d:c7:63:ac:b6:4e:ed:
c8:95:1e:16:42:30:d5:48:d2:88:72:a8:01:22:b4:
97:fd:20:7a:9d:49:37:43:f8:fb:8f:89:16:de:7b:
d0:14:e1:66:11:c8:10:d3:a7:24:32:0c:32:eb:e4:
50:af:5c:fa:ec:6c:7e:4e:01:ce:f2:56:41:15:bf:
b0:df:f8:0f:9e:2b:9f:27:59:45:31:c6:e2:e7:32:
bc:76:cc:a3:0a:e4:b2:b3:ff:43:09:e8:cd:9d:e2:
37:0d:30:92:e5:e6:e5:96:2f:74:c8:53:d1:9b:6d:
fb:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:F4:15:85:77:B1:96:4F:39:16:AE:0C:CC:9D:98:00:D4:B2:FC:EB
X509v3 Authority Key Identifier:
keyid:BA:9D:30:E6:03:5B:E8:B8:38:60:61:F2:71:48:1C:70:7E:04:CE:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/up0w5gNb6Lg4YGHycUgccH4Ezis.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ac9c32-7dbc-4d6c-bc08-5d584fbc5d27/1/h_QVhXexlk85Fq4MzJ2YANSy_Os.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ac9c32-7dbc-4d6c-bc08-5d584fbc5d27/1/up0w5gNb6Lg4YGHycUgccH4Ezis.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.45.3.0/24
Signature Algorithm: sha256WithRSAEncryption
32:ef:b0:32:8a:86:e9:a5:34:92:ad:bd:b4:af:49:01:99:8a:
a4:97:ef:20:a7:d5:0b:d5:e7:e7:29:99:dc:f9:57:66:c6:88:
da:2f:11:82:ed:de:7f:25:57:94:55:49:7f:9e:f1:f9:65:97:
f0:f5:6f:d9:e2:74:5c:cf:e1:f7:99:6e:c8:58:3a:97:a7:95:
16:c4:21:3b:0a:e8:90:72:80:9e:f6:39:22:f0:36:77:b6:54:
ce:3d:24:3f:d9:a8:68:7b:43:c9:6e:4d:45:bc:a1:8a:07:1b:
d9:42:69:8c:db:cb:1e:b7:37:8e:82:91:7f:c0:b3:29:36:77:
a8:5e:93:af:d3:f6:3d:9f:3b:c2:bd:c9:9f:88:13:be:23:7a:
8e:8e:05:2f:92:0e:28:59:f2:2e:93:65:71:d1:42:cb:3f:29:
c7:35:e4:a8:82:e7:c9:13:4c:58:bf:6b:0f:cf:d8:2a:ce:5f:
55:ba:62:0b:cc:c8:7c:68:77:28:00:f3:8b:e7:4f:97:c5:d9:
2d:90:17:be:5b:3d:f8:18:f3:c6:92:75:73:bd:41:2e:f3:9e:
13:5e:b7:55:5e:1f:c2:67:8a:ff:b2:94:2e:f0:14:a8:3a:26:
9a:27:aa:01:1f:58:4b:9f:01:a0:0e:8d:05:b9:25:73:ef:5c:
e9:22:93:ab
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECq3C9TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
YTlkMzBlNjAzNWJlOGI4Mzg2MDYxZjI3MTQ4MWM3MDdlMDRjZTJiMB4XDTIyMDEw
MTEyMDAyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODdmNDE1ODU3N2Ix
OTY0ZjM5MTZhZTBjY2M5ZDk4MDBkNGIyZmNlYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALVKQeLDlo5bRuKtPsx0YhWi7G6pDoxKSOarOm7FL+1zJH5p
TJIEnl85KsEsvi+PqXFvKp09sSOY2s2vVKZzsxL5Rev6nI0kdwxMcveLnVaZ3tbb
4T6QX3UcmDPCXuFlNbadb+mbD6MOoUof5jrWqLCvtCUxHu9KSl1DzoxDeq24rAlC
L679d1IK8i814GMNx2Ostk7tyJUeFkIw1UjSiHKoASK0l/0gep1JN0P4+4+JFt57
0BThZhHIENOnJDIMMuvkUK9c+uxsfk4BzvJWQRW/sN/4D54rnydZRTHG4ucyvHbM
owrksrP/QwnozZ3iNw0wkuXm5ZYvdMhT0Ztt+zkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSH9BWFd7GWTzkWrgzMnZgA1LL86zAfBgNVHSMEGDAWgBS6nTDmA1vouDhg
YfJxSBxwfgTOKzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3VwMHc1Z05iNkxnNFlHSHljVWdjY0g0RXppcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzYvYWM5YzMyLTdkYmMtNGQ2Yy1iYzA4LTVkNTg0ZmJjNWQyNy8x
L2hfUVZoWGV4bGs4NUZxNE16SjJZQU5TeV9Pcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzYv
YWM5YzMyLTdkYmMtNGQ2Yy1iYzA4LTVkNTg0ZmJjNWQyNy8xL3VwMHc1Z05iNkxn
NFlHSHljVWdjY0g0RXppcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFwtAzANBgkqhkiG9w0BAQsFAAOC
AQEAMu+wMoqG6aU0kq29tK9JAZmKpJfvIKfVC9Xn5ymZ3PlXZsaI2i8Rgu3efyVX
lFVJf57x+WWX8PVv2eJ0XM/h95luyFg6l6eVFsQhOwrokHKAnvY5IvA2d7ZUzj0k
P9moaHtDyW5NRbyhigcb2UJpjNvLHrc3joKRf8CzKTZ3qF6Tr9P2PZ87wr3Jn4gT
viN6jo4FL5IOKFnyLpNlcdFCyz8pxzXkqILnyRNMWL9rD8/YKs5fVbpiC8zIfGh3
KADzi+dPl8XZLZAXvls9+BjzxpJ1c71BLvOeE163VV4fwmeK/7KULvAUqDommieq
AR9YS58BoA6NBbklc+9c6SKTqw==
-----END CERTIFICATE-----
Generated at Thu Apr 17 18:40:54 2025 by rpki-client