Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/53a947-fd03-4014-9827-c5d8950818ec/1/PXkNS6oP8am4x4HU0nYyHTmtrM4.roa
File: PXkNS6oP8am4x4HU0nYyHTmtrM4.roa (raw, json)
Hash identifier: sB6hinffLda6ZBs3vg05D6//TMkAYXZVEPboWk4Br/0=
Subject key identifier: 3D:79:0D:4B:AA:0F:F1:A9:B8:C7:81:D4:D2:76:32:1D:39:AD:AC:CE
Certificate issuer: /CN=ff44dbaca56dac319401f68a50d917f5424611ad
Certificate serial: 0183A2D0F1DD501D8CCB01E7FBCBF8FCABDD
Authority key identifier: FF:44:DB:AC:A5:6D:AC:31:94:01:F6:8A:50:D9:17:F5:42:46:11:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_0TbrKVtrDGUAfaKUNkX9UJGEa0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/53a947-fd03-4014-9827-c5d8950818ec/1/PXkNS6oP8am4x4HU0nYyHTmtrM4.roa
Signing time: Tue 04 Oct 2022 11:45:45 +0000
ROA not before: Tue 04 Oct 2022 11:45:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 399045
IP address blocks: 45.143.9.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:a2:d0:f1:dd:50:1d:8c:cb:01:e7:fb:cb:f8:fc:ab:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff44dbaca56dac319401f68a50d917f5424611ad
Validity
Not Before: Oct 4 11:45:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3d790d4baa0ff1a9b8c781d4d276321d39adacce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:08:41:b7:0f:c8:0a:4b:00:dd:25:e0:e7:36:
26:1b:1e:07:1a:d2:ef:9a:a6:20:24:7d:63:03:16:
15:0f:f5:42:56:85:3e:f8:06:4d:13:e2:46:ef:ef:
2a:aa:cf:e1:d6:c4:ed:1c:05:94:a5:89:cf:21:91:
18:de:7a:88:d6:a5:e7:80:2e:4d:37:c8:83:3a:0f:
d4:6a:77:92:49:5d:e4:bf:97:a4:ec:a6:ae:f3:f6:
7d:0f:eb:b6:6f:8b:54:c2:95:b9:90:eb:4c:9b:4c:
79:67:46:a8:b3:1b:d8:11:6a:3b:0b:60:7c:b6:ec:
d2:6f:68:e2:a4:32:44:ab:ef:0f:45:de:b5:5c:cf:
85:cf:4e:e6:3b:e5:02:82:4d:b2:8b:49:e3:70:b8:
db:27:b3:cd:fd:17:70:3a:b5:2b:2b:1f:f1:77:25:
20:54:32:6e:75:db:c1:db:cb:97:b7:d0:2d:ba:1b:
94:6f:06:cd:a3:33:a5:65:c3:25:52:cc:35:41:1f:
a7:0a:26:5c:bb:08:75:1e:42:e6:88:c7:8b:be:6a:
a9:59:a8:05:37:a9:f6:ce:91:99:82:b5:e2:e4:05:
c6:37:64:e3:ed:7d:df:d0:18:8d:a8:74:c2:bd:8b:
4c:ee:3e:0e:81:cc:46:a1:c4:db:a4:17:15:fd:eb:
2d:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:79:0D:4B:AA:0F:F1:A9:B8:C7:81:D4:D2:76:32:1D:39:AD:AC:CE
X509v3 Authority Key Identifier:
keyid:FF:44:DB:AC:A5:6D:AC:31:94:01:F6:8A:50:D9:17:F5:42:46:11:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_0TbrKVtrDGUAfaKUNkX9UJGEa0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/53a947-fd03-4014-9827-c5d8950818ec/1/PXkNS6oP8am4x4HU0nYyHTmtrM4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/53a947-fd03-4014-9827-c5d8950818ec/1/_0TbrKVtrDGUAfaKUNkX9UJGEa0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.9.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:22:a8:16:48:a7:ca:95:11:eb:18:98:26:5c:81:ea:01:25:
ae:50:66:db:e3:f0:4c:bc:39:8c:52:a9:47:bc:13:8f:12:b8:
4b:8e:e7:93:a8:19:3d:1f:70:ea:50:a9:cb:61:f4:a1:0b:0e:
f8:dc:e1:7b:b5:67:68:39:f5:bb:27:94:3e:a1:7d:07:c8:e9:
42:e6:02:b2:f2:46:f6:c3:43:54:64:70:0c:45:28:1e:01:1e:
bf:be:67:e2:27:2e:40:4d:8a:87:16:9b:b6:72:ca:8a:f2:e7:
c4:9a:2f:49:1d:d4:30:db:5c:19:ab:66:73:3b:de:60:06:46:
cd:ef:51:bc:79:4a:8a:93:04:f3:84:7a:e2:e8:7b:c7:95:d0:
d6:c3:2a:e0:30:83:23:e5:a7:67:d2:f8:2b:ef:6b:d2:19:e8:
a9:2d:63:f0:5e:c3:08:a0:e4:e2:a9:c9:19:ee:d5:ee:66:b6:
bf:fa:1a:fc:e1:c1:b4:dd:45:73:a5:cd:c5:e3:91:3f:fd:52:
9b:b1:de:26:71:04:1b:15:a1:cc:3f:f2:e2:84:f2:3c:5d:22:
60:07:aa:f1:e0:7a:21:1a:1a:83:65:f0:bd:18:8b:fc:f9:77:
14:49:80:6c:d3:97:f5:15:96:db:21:01:63:63:18:2e:2f:fb:
b6:70:de:11
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYOi0PHdUB2MywHn+8v4/KvdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmNDRkYmFjYTU2ZGFjMzE5NDAxZjY4YTUwZDkxN2Y1NDI0
NjExYWQwHhcNMjIxMDA0MTE0NTQ1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDc5MGQ0YmFhMGZmMWE5YjhjNzgxZDRkMjc2MzIxZDM5YWRhY2NlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqwhBtw/ICksA3SXg5zYmGx4HGtLv
mqYgJH1jAxYVD/VCVoU++AZNE+JG7+8qqs/h1sTtHAWUpYnPIZEY3nqI1qXngC5N
N8iDOg/UaneSSV3kv5ek7Kau8/Z9D+u2b4tUwpW5kOtMm0x5Z0aosxvYEWo7C2B8
tuzSb2jipDJEq+8PRd61XM+Fz07mO+UCgk2yi0njcLjbJ7PN/RdwOrUrKx/xdyUg
VDJuddvB28uXt9AtuhuUbwbNozOlZcMlUsw1QR+nCiZcuwh1HkLmiMeLvmqpWagF
N6n2zpGZgrXi5AXGN2Tj7X3f0BiNqHTCvYtM7j4OgcxGocTbpBcV/estNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD15DUuqD/GpuMeB1NJ2Mh05razOMB8GA1UdIwQY
MBaAFP9E26ylbawxlAH2ilDZF/VCRhGtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzBUYnJLVnRyREdVQWZhS1VOa1g5VUpHRWEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi81M2E5NDctZmQwMy00MDE0LTk4Mjct
YzVkODk1MDgxOGVjLzEvUFhrTlM2b1A4YW00eDRIVTBuWXlIVG10ck00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi81M2E5NDctZmQwMy00MDE0LTk4MjctYzVkODk1MDgxOGVj
LzEvXzBUYnJLVnRyREdVQWZhS1VOa1g5VUpHRWEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALY8JMA0G
CSqGSIb3DQEBCwUAA4IBAQBeIqgWSKfKlRHrGJgmXIHqASWuUGbb4/BMvDmMUqlH
vBOPErhLjueTqBk9H3DqUKnLYfShCw743OF7tWdoOfW7J5Q+oX0HyOlC5gKy8kb2
w0NUZHAMRSgeAR6/vmfiJy5ATYqHFpu2csqK8ufEmi9JHdQw21wZq2ZzO95gBkbN
71G8eUqKkwTzhHri6HvHldDWwyrgMIMj5adn0vgr72vSGeipLWPwXsMIoOTiqckZ
7tXuZra/+hr84cG03UVzpc3F45E//VKbsd4mcQQbFaHMP/LihPI8XSJgB6rx4Hoh
GhqDZfC9GIv8+XcUSYBs05f1FZbbIQFjYxguL/u2cN4R
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:00:59 2025 by rpki-client