Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/173306-2dbd-4ad8-bd51-b1f3bcc67aae/1/mqQr9yLhr5BDuMFR6K-glTvyzvk.roa
File: mqQr9yLhr5BDuMFR6K-glTvyzvk.roa (raw, json)
Hash identifier: 2Zfjxkgh29lWy0EY6PVH/3/D8pYbEZ33jdRPBC+4yzI=
Subject key identifier: 9A:A4:2B:F7:22:E1:AF:90:43:B8:C1:51:E8:AF:A0:95:3B:F2:CE:F9
Certificate issuer: /CN=843d1afcf13bd2117d47df683e40a63287004cfe
Certificate serial: 018C1129CF6A24C657957B2339ED4F5EF022
Authority key identifier: 84:3D:1A:FC:F1:3B:D2:11:7D:47:DF:68:3E:40:A6:32:87:00:4C:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hD0a_PE70hF9R99oPkCmMocATP4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/173306-2dbd-4ad8-bd51-b1f3bcc67aae/1/mqQr9yLhr5BDuMFR6K-glTvyzvk.roa
Signing time: Mon 27 Nov 2023 14:23:21 +0000
ROA not before: Mon 27 Nov 2023 14:23:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 215937
IP address blocks: 45.142.87.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:11:29:cf:6a:24:c6:57:95:7b:23:39:ed:4f:5e:f0:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=843d1afcf13bd2117d47df683e40a63287004cfe
Validity
Not Before: Nov 27 14:23:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9aa42bf722e1af9043b8c151e8afa0953bf2cef9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:58:0c:5f:16:2c:c5:17:6e:94:4f:c9:34:4f:
a1:58:d5:45:13:5f:02:b2:fc:15:82:b9:8e:39:96:
dc:5a:fb:94:bb:5a:6d:2d:e3:4b:57:eb:9c:c0:17:
84:77:83:8a:53:75:80:2e:2b:66:26:4d:44:a0:81:
19:7f:26:8d:60:31:63:96:c6:99:ca:8c:17:b7:a1:
dd:e9:ec:ed:8a:a1:af:40:19:f6:78:c4:19:b2:19:
13:16:0c:d8:7e:ff:c0:0a:8e:2c:3f:8c:a7:23:08:
d3:a6:a8:63:64:fe:92:85:a9:e4:74:6e:7f:d8:6e:
4b:d5:c0:44:38:ee:55:86:9e:67:3a:aa:d3:de:2f:
2b:4f:fa:a2:aa:b7:bf:31:2b:10:6e:35:71:6e:90:
a0:7a:20:c7:1b:9a:6c:79:a1:ba:f3:94:39:e0:4e:
eb:6e:66:32:74:14:47:0c:fd:c1:0e:99:8b:c2:4a:
d3:fe:f4:79:87:04:89:43:6e:c0:46:8e:16:29:f9:
9b:60:f5:f9:2e:8a:c1:cd:3d:df:ea:7b:c0:6a:0e:
fc:1c:7f:6b:1a:ba:2a:65:87:fe:df:7f:35:d1:41:
1b:50:7c:e5:0a:cb:1e:cf:fa:5b:6d:89:f3:a8:f2:
58:c0:10:f1:1c:8e:db:11:c2:13:44:4b:91:24:70:
89:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:A4:2B:F7:22:E1:AF:90:43:B8:C1:51:E8:AF:A0:95:3B:F2:CE:F9
X509v3 Authority Key Identifier:
keyid:84:3D:1A:FC:F1:3B:D2:11:7D:47:DF:68:3E:40:A6:32:87:00:4C:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hD0a_PE70hF9R99oPkCmMocATP4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/173306-2dbd-4ad8-bd51-b1f3bcc67aae/1/mqQr9yLhr5BDuMFR6K-glTvyzvk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/173306-2dbd-4ad8-bd51-b1f3bcc67aae/1/hD0a_PE70hF9R99oPkCmMocATP4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.87.0/24
Signature Algorithm: sha256WithRSAEncryption
f0:ce:39:3a:f0:ac:15:fc:e2:13:aa:02:81:2d:5d:c3:0e:4d:
02:71:48:b3:cc:c7:89:a4:a7:55:9d:f0:48:75:19:93:92:00:
a9:f3:9e:76:90:2c:c5:93:79:94:cc:4a:b3:fd:99:70:b9:0c:
db:08:a2:98:2c:ce:4d:c2:d1:2f:99:f1:e7:1d:c0:1c:ce:87:
4e:b0:5f:b0:af:3b:79:71:36:0b:c0:f8:e1:cf:20:36:8e:f4:
b5:3f:e6:4a:1c:04:99:64:dd:b8:46:7e:d0:90:5c:ac:db:96:
ee:89:94:25:1a:b4:25:61:4c:03:5a:55:9c:5b:4e:0e:28:e1:
24:da:15:fe:20:ec:da:68:56:d8:ae:8c:9d:99:56:a2:9d:05:
50:13:0f:5a:b0:cf:52:d7:af:82:a9:1a:95:67:81:ed:cf:47:
ba:1e:d5:d6:2b:78:7f:90:eb:74:29:4e:9c:9a:c2:87:25:51:
87:61:b0:6d:e0:4f:11:1c:e6:57:e3:93:18:40:cb:16:56:67:
b1:70:8a:af:87:25:67:44:88:18:21:6b:e7:86:17:a4:d2:c9:
59:83:48:9a:a1:1a:69:5f:18:53:b5:ff:34:f6:38:00:02:77:
11:e0:5d:27:98:78:25:a3:56:77:18:23:6b:cf:c6:39:97:37:
93:4b:f3:0d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYwRKc9qJMZXlXsjOe1PXvAiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0M2QxYWZjZjEzYmQyMTE3ZDQ3ZGY2ODNlNDBhNjMyODcw
MDRjZmUwHhcNMjMxMTI3MTQyMzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWE0MmJmNzIyZTFhZjkwNDNiOGMxNTFlOGFmYTA5NTNiZjJjZWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq1gMXxYsxRdulE/JNE+hWNVFE18C
svwVgrmOOZbcWvuUu1ptLeNLV+ucwBeEd4OKU3WALitmJk1EoIEZfyaNYDFjlsaZ
yowXt6Hd6eztiqGvQBn2eMQZshkTFgzYfv/ACo4sP4ynIwjTpqhjZP6ShankdG5/
2G5L1cBEOO5Vhp5nOqrT3i8rT/qiqre/MSsQbjVxbpCgeiDHG5pseaG685Q54E7r
bmYydBRHDP3BDpmLwkrT/vR5hwSJQ27ARo4WKfmbYPX5LorBzT3f6nvAag78HH9r
GroqZYf+33810UEbUHzlCssez/pbbYnzqPJYwBDxHI7bEcITREuRJHCJdwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJqkK/ci4a+QQ7jBUeivoJU78s75MB8GA1UdIwQY
MBaAFIQ9GvzxO9IRfUffaD5ApjKHAEz+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEQwYV9QRTcwaEY5Ujk5b1BrQ21Nb2NBVFA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS8xNzMzMDYtMmRiZC00YWQ4LWJkNTEt
YjFmM2JjYzY3YWFlLzEvbXFRcjl5TGhyNUJEdU1GUjZLLWdsVHZ5enZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS8xNzMzMDYtMmRiZC00YWQ4LWJkNTEtYjFmM2JjYzY3YWFl
LzEvaEQwYV9QRTcwaEY5Ujk5b1BrQ21Nb2NBVFA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALY5XMA0G
CSqGSIb3DQEBCwUAA4IBAQDwzjk68KwV/OITqgKBLV3DDk0CcUizzMeJpKdVnfBI
dRmTkgCp8552kCzFk3mUzEqz/ZlwuQzbCKKYLM5NwtEvmfHnHcAczodOsF+wrzt5
cTYLwPjhzyA2jvS1P+ZKHASZZN24Rn7QkFys25buiZQlGrQlYUwDWlWcW04OKOEk
2hX+IOzaaFbYroydmVainQVQEw9asM9S16+CqRqVZ4Htz0e6HtXWK3h/kOt0KU6c
msKHJVGHYbBt4E8RHOZX45MYQMsWVmexcIqvhyVnRIgYIWvnhhek0slZg0iaoRpp
XxhTtf809jgAAncR4F0nmHglo1Z3GCNrz8Y5lzeTS/MN
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:44:37 2025 by rpki-client