Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/daf212-f009-4bd4-874d-624c3e788cdf/1/0C8on7ePk6VH0-TtqPRamQ7LHfM.roa
File: 0C8on7ePk6VH0-TtqPRamQ7LHfM.roa (raw, json)
Hash identifier: g64NGLoIVhy68OuEmz8TQNxpNT2sPkYeIX6JDzFChxQ=
Subject key identifier: D0:2F:28:9F:B7:8F:93:A5:47:D3:E4:ED:A8:F4:5A:99:0E:CB:1D:F3
Certificate issuer: /CN=b660d78320860d5efe729e208b5eb4b2abebe078
Certificate serial: 01828CCADE98AF9A999E058D1C59BF831994
Authority key identifier: B6:60:D7:83:20:86:0D:5E:FE:72:9E:20:8B:5E:B4:B2:AB:EB:E0:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tmDXgyCGDV7-cp4gi160sqvr4Hg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/daf212-f009-4bd4-874d-624c3e788cdf/1/0C8on7ePk6VH0-TtqPRamQ7LHfM.roa
Signing time: Thu 11 Aug 2022 12:04:41 +0000
ROA not before: Thu 11 Aug 2022 12:04:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51198
IP address blocks: 45.132.9.0/24 maxlen: 24
45.132.10.0/24 maxlen: 24
2a13:7d00::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:8c:ca:de:98:af:9a:99:9e:05:8d:1c:59:bf:83:19:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b660d78320860d5efe729e208b5eb4b2abebe078
Validity
Not Before: Aug 11 12:04:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d02f289fb78f93a547d3e4eda8f45a990ecb1df3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:cd:97:7c:05:56:2b:ae:95:cd:1d:53:02:96:
cd:c6:53:9b:fc:94:8f:66:40:3f:7a:bc:35:45:f6:
68:7e:8b:60:b6:84:6d:b0:ee:aa:e6:3e:04:cb:58:
e2:b1:2a:35:f4:da:29:1d:29:90:da:66:a2:15:c9:
93:19:ba:40:85:99:a2:02:af:02:46:2f:9c:49:1c:
27:f8:76:77:9e:09:e6:31:6a:7e:d1:93:a0:10:9b:
83:38:fc:97:7a:9d:ee:57:21:d2:9e:eb:ab:f0:30:
a3:4b:f1:bd:dd:77:55:05:03:b2:dc:06:23:54:ba:
5e:32:7a:24:51:42:29:bb:d5:1d:1e:b4:d9:12:62:
0a:15:b7:15:b4:48:0c:f2:42:b1:84:74:ab:b1:0a:
05:40:57:a1:ea:b0:9a:d4:dd:bd:07:2f:11:87:cc:
41:c3:28:b0:df:2e:37:ec:46:b6:d7:07:e6:f6:ce:
19:0c:5f:88:2d:dc:32:fe:6c:75:dd:f3:7f:2c:dd:
e7:42:3d:4b:38:df:08:71:0b:a0:68:d0:a4:a2:a2:
13:d5:ec:8c:22:4f:70:8b:59:fe:53:f9:aa:80:2d:
59:45:51:75:93:31:bf:6f:aa:9b:d1:00:7f:6e:27:
47:81:c3:09:94:1b:ea:d0:34:dc:c9:9d:ad:66:1c:
fb:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:2F:28:9F:B7:8F:93:A5:47:D3:E4:ED:A8:F4:5A:99:0E:CB:1D:F3
X509v3 Authority Key Identifier:
keyid:B6:60:D7:83:20:86:0D:5E:FE:72:9E:20:8B:5E:B4:B2:AB:EB:E0:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tmDXgyCGDV7-cp4gi160sqvr4Hg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/daf212-f009-4bd4-874d-624c3e788cdf/1/0C8on7ePk6VH0-TtqPRamQ7LHfM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/daf212-f009-4bd4-874d-624c3e788cdf/1/tmDXgyCGDV7-cp4gi160sqvr4Hg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.9.0-45.132.10.255
IPv6:
2a13:7d00::/29
Signature Algorithm: sha256WithRSAEncryption
18:67:87:f1:9a:0a:11:a8:5b:83:cb:5c:ac:a0:1e:a3:d1:cd:
ff:7d:b3:25:90:d8:3d:b1:3e:17:89:23:25:0b:48:6a:f7:75:
22:02:9e:1a:b1:b3:6e:9e:53:83:67:53:ef:db:3d:48:c0:73:
3b:21:0d:cb:51:81:1e:c1:f6:03:d6:34:56:e9:e2:29:71:25:
51:9f:2f:3f:33:c3:5c:56:34:df:bc:61:45:2c:2a:ec:bd:f2:
a2:91:21:3d:9d:5e:d1:d5:f2:07:bc:46:bd:be:7d:cd:e7:45:
ce:51:24:f6:2d:92:3e:40:54:89:ba:3f:bc:3a:bd:84:ee:04:
ce:db:e7:42:66:4d:96:24:9a:bc:21:0d:d6:5e:4d:cc:82:9c:
84:93:ee:b7:cf:77:2f:89:66:a4:d5:6d:a1:45:b7:30:25:6d:
95:d0:52:ca:ac:2b:de:25:ae:9d:c5:c8:c2:58:6e:62:8a:0c:
d7:3d:89:d2:93:70:1d:38:26:38:f6:3e:4c:22:98:2b:8c:62:
01:05:dc:8f:18:e0:48:91:d0:d0:5a:37:39:75:75:38:77:24:
bc:19:ea:73:59:eb:e2:4c:76:d4:0b:01:2f:6a:08:fd:13:36:
3f:b5:a3:39:6a:ad:bc:26:7a:5e:6f:8b:b8:c0:10:cc:43:06:
8d:0d:3c:a6
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYKMyt6Yr5qZngWNHFm/gxmUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2NjBkNzgzMjA4NjBkNWVmZTcyOWUyMDhiNWViNGIyYWJl
YmUwNzgwHhcNMjIwODExMTIwNDQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDJmMjg5ZmI3OGY5M2E1NDdkM2U0ZWRhOGY0NWE5OTBlY2IxZGYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvc2XfAVWK66VzR1TApbNxlOb/JSP
ZkA/erw1RfZofotgtoRtsO6q5j4Ey1jisSo19NopHSmQ2maiFcmTGbpAhZmiAq8C
Ri+cSRwn+HZ3ngnmMWp+0ZOgEJuDOPyXep3uVyHSnuur8DCjS/G93XdVBQOy3AYj
VLpeMnokUUIpu9UdHrTZEmIKFbcVtEgM8kKxhHSrsQoFQFeh6rCa1N29By8Rh8xB
wyiw3y437Ea21wfm9s4ZDF+ILdwy/mx13fN/LN3nQj1LON8IcQugaNCkoqIT1eyM
Ik9wi1n+U/mqgC1ZRVF1kzG/b6qb0QB/bidHgcMJlBvq0DTcyZ2tZhz7CQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFNAvKJ+3j5OlR9Pk7aj0WpkOyx3zMB8GA1UdIwQY
MBaAFLZg14Mghg1e/nKeIItetLKr6+B4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdG1EWGd5Q0dEVjctY3A0Z2kxNjBzcXZyNEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS9kYWYyMTItZjAwOS00YmQ0LTg3NGQt
NjI0YzNlNzg4Y2RmLzEvMEM4b243ZVBrNlZIMC1UdHFQUmFtUTdMSGZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS9kYWYyMTItZjAwOS00YmQ0LTg3NGQtNjI0YzNlNzg4Y2Rm
LzEvdG1EWGd5Q0dEVjctY3A0Z2kxNjBzcXZyNEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAAthAkD
BAAthAowDQQCAAIwBwMFAyoTfQAwDQYJKoZIhvcNAQELBQADggEBABhnh/GaChGo
W4PLXKygHqPRzf99syWQ2D2xPheJIyULSGr3dSICnhqxs26eU4NnU+/bPUjAczsh
DctRgR7B9gPWNFbp4ilxJVGfLz8zw1xWNN+8YUUsKuy98qKRIT2dXtHV8ge8Rr2+
fc3nRc5RJPYtkj5AVIm6P7w6vYTuBM7b50JmTZYkmrwhDdZeTcyCnIST7rfPdy+J
ZqTVbaFFtzAlbZXQUsqsK94lrp3FyMJYbmKKDNc9idKTcB04Jjj2PkwimCuMYgEF
3I8Y4EiR0NBaNzl1dTh3JLwZ6nNZ6+JMdtQLAS9qCP0TNj+1ozlqrbwmel5vi7jA
EMxDBo0NPKY=
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:21:17 2025 by rpki-client