Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/5b4185-b080-498e-8cc7-6a6af5b74d38/1/8PAuEtPYUJpPmEOT7KO90BRBvSk.roa
File: 8PAuEtPYUJpPmEOT7KO90BRBvSk.roa (raw, json)
Hash identifier: 3GRjjO/yWOVR0fGZd+bOZCS81njFdQkX8tjDfLW8X9Y=
Subject key identifier: F0:F0:2E:12:D3:D8:50:9A:4F:98:43:93:EC:A3:BD:D0:14:41:BD:29
Certificate issuer: /CN=d2323101b29596ff442d3749373b8e9983354670
Certificate serial: 03A04AE3
Authority key identifier: D2:32:31:01:B2:95:96:FF:44:2D:37:49:37:3B:8E:99:83:35:46:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0jIxAbKVlv9ELTdJNzuOmYM1RnA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/5b4185-b080-498e-8cc7-6a6af5b74d38/1/8PAuEtPYUJpPmEOT7KO90BRBvSk.roa
Signing time: Sat 01 Jan 2022 05:51:40 +0000
ROA not before: Sat 01 Jan 2022 05:51:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39130
IP address blocks: 45.152.24.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60836579 (0x3a04ae3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2323101b29596ff442d3749373b8e9983354670
Validity
Not Before: Jan 1 05:51:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f0f02e12d3d8509a4f984393eca3bdd01441bd29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:ad:ac:62:26:60:c9:62:79:3d:fc:d8:cb:db:
dc:95:38:54:98:a4:41:6c:76:c7:e5:11:55:0b:96:
37:d4:a6:a9:af:b2:f3:9f:1d:81:ae:d5:0a:63:fa:
7e:b6:2c:f9:6f:ab:08:1b:23:14:d4:96:01:09:40:
50:12:98:8a:45:03:a5:4f:48:7c:3c:63:e5:02:90:
fc:e2:4e:c1:4e:86:3b:15:d1:d7:89:5d:c6:a9:8f:
6d:49:93:14:f2:72:8e:bf:09:c7:43:55:a5:cc:ea:
94:84:84:1c:01:38:35:1c:28:60:02:9c:71:ca:38:
3e:4d:45:bc:91:08:bc:26:a7:aa:56:10:a9:ab:53:
fb:44:c0:1c:3e:b2:11:82:b5:03:a4:24:d4:79:52:
9e:9b:10:db:c1:50:4d:84:b5:bd:be:71:09:15:42:
4e:4f:9a:12:50:1e:34:e4:06:1f:93:1a:2b:d2:a1:
11:45:6d:db:47:4d:bc:7a:96:f4:12:08:4e:bc:95:
b4:47:bd:44:2f:3a:6a:36:06:c1:a7:8d:31:23:53:
47:64:18:d8:88:10:6a:9c:36:96:df:5b:65:73:be:
e7:32:6e:17:09:a1:dc:3f:38:67:b5:20:be:6f:b2:
d2:de:a7:83:ce:63:6e:19:b0:fb:5b:a8:0f:61:bc:
a1:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:F0:2E:12:D3:D8:50:9A:4F:98:43:93:EC:A3:BD:D0:14:41:BD:29
X509v3 Authority Key Identifier:
keyid:D2:32:31:01:B2:95:96:FF:44:2D:37:49:37:3B:8E:99:83:35:46:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0jIxAbKVlv9ELTdJNzuOmYM1RnA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/5b4185-b080-498e-8cc7-6a6af5b74d38/1/8PAuEtPYUJpPmEOT7KO90BRBvSk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/5b4185-b080-498e-8cc7-6a6af5b74d38/1/0jIxAbKVlv9ELTdJNzuOmYM1RnA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.152.24.0/22
Signature Algorithm: sha256WithRSAEncryption
15:b2:46:ad:10:85:28:d5:c0:cd:58:73:f9:33:77:10:93:a0:
95:9f:a6:c2:1d:d5:55:63:c6:85:33:94:03:c4:fc:db:55:0a:
38:b9:b0:06:eb:32:e4:b3:28:b4:f2:cd:3d:b0:22:4b:15:38:
38:c1:43:53:6e:d7:35:1e:6b:26:f5:61:16:1d:12:a7:90:a0:
f7:8d:49:b5:91:59:cb:52:dd:18:3a:7e:65:26:fc:f7:83:d3:
5f:73:30:c8:81:72:58:1a:97:06:70:ef:76:f1:5a:5d:fb:c4:
2c:f6:f6:b0:04:32:27:fe:39:28:70:95:38:0f:50:c9:e0:86:
e3:2d:47:c3:36:f2:fa:4f:fc:ca:d9:61:70:84:ff:b0:1d:5e:
c5:86:7b:31:b0:c8:28:1a:8d:02:a9:92:a5:06:2e:2d:88:e3:
24:10:1b:a6:28:e5:2f:25:5b:34:20:31:85:a8:4f:0f:52:8a:
28:92:b1:14:95:e5:1f:58:bd:d2:e9:5b:47:44:72:f2:3c:99:
ca:c5:54:f4:98:44:f2:96:3a:2d:41:82:d5:6d:84:84:8d:0d:
e3:cd:12:64:2d:a8:fc:4c:94:fb:56:11:80:4d:12:2a:29:40:
f1:84:56:8e:0e:a7:5a:e9:6b:52:f9:d5:34:c4:25:7a:ef:cd:
da:1a:0d:1f
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA6BK4zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MjMyMzEwMWIyOTU5NmZmNDQyZDM3NDkzNzNiOGU5OTgzMzU0NjcwMB4XDTIyMDEw
MTA1NTE0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjBmMDJlMTJkM2Q4
NTA5YTRmOTg0MzkzZWNhM2JkZDAxNDQxYmQyOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJetrGImYMlieT382Mvb3JU4VJikQWx2x+URVQuWN9Smqa+y
858dga7VCmP6frYs+W+rCBsjFNSWAQlAUBKYikUDpU9IfDxj5QKQ/OJOwU6GOxXR
14ldxqmPbUmTFPJyjr8Jx0NVpczqlISEHAE4NRwoYAKccco4Pk1FvJEIvCanqlYQ
qatT+0TAHD6yEYK1A6Qk1HlSnpsQ28FQTYS1vb5xCRVCTk+aElAeNOQGH5MaK9Kh
EUVt20dNvHqW9BIITryVtEe9RC86ajYGwaeNMSNTR2QY2IgQapw2lt9bZXO+5zJu
Fwmh3D84Z7Ugvm+y0t6ng85jbhmw+1uoD2G8oQcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTw8C4S09hQmk+YQ5Pso73QFEG9KTAfBgNVHSMEGDAWgBTSMjEBspWW/0Qt
N0k3O46ZgzVGcDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzBqSXhBYktWbHY5RUxUZEpOenVPbVlNMVJuQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2UvNWI0MTg1LWIwODAtNDk4ZS04Y2M3LTZhNmFmNWI3NGQzOC8x
LzhQQXVFdFBZVUpwUG1FT1Q3S085MEJSQnZTay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Uv
NWI0MTg1LWIwODAtNDk4ZS04Y2M3LTZhNmFmNWI3NGQzOC8xLzBqSXhBYktWbHY5
RUxUZEpOenVPbVlNMVJuQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi2YGDANBgkqhkiG9w0BAQsFAAOC
AQEAFbJGrRCFKNXAzVhz+TN3EJOglZ+mwh3VVWPGhTOUA8T821UKOLmwBusy5LMo
tPLNPbAiSxU4OMFDU27XNR5rJvVhFh0Sp5Cg941JtZFZy1LdGDp+ZSb894PTX3Mw
yIFyWBqXBnDvdvFaXfvELPb2sAQyJ/45KHCVOA9QyeCG4y1Hwzby+k/8ytlhcIT/
sB1exYZ7MbDIKBqNAqmSpQYuLYjjJBAbpijlLyVbNCAxhahPD1KKKJKxFJXlH1i9
0ulbR0Ry8jyZysVU9JhE8pY6LUGC1W2EhI0N480SZC2o/EyU+1YRgE0SKilA8YRW
jg6nWulrUvnVNMQleu/N2hoNHw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:36:47 2025 by rpki-client