Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/dfc110-7924-49a9-8564-0bebfcbde1f3/1/J9yWaelev3q5mwczVGyTGWcRioA.roa
File: J9yWaelev3q5mwczVGyTGWcRioA.roa (raw, json)
Hash identifier: fbaLWEa+f7AB8ZElUNnlY7DnMqTQkWIf3jN1XNMyF5E=
Subject key identifier: 27:DC:96:69:E9:5E:BF:7A:B9:9B:07:33:54:6C:93:19:67:11:8A:80
Certificate issuer: /CN=736d724e239efb7f2f7bea526a9e0c5e7fc89bbe
Certificate serial: 076A99A8
Authority key identifier: 73:6D:72:4E:23:9E:FB:7F:2F:7B:EA:52:6A:9E:0C:5E:7F:C8:9B:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c21yTiOe-38ve-pSap4MXn_Im74.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/dfc110-7924-49a9-8564-0bebfcbde1f3/1/J9yWaelev3q5mwczVGyTGWcRioA.roa
Signing time: Sat 01 Jan 2022 03:55:03 +0000
ROA not before: Sat 01 Jan 2022 03:55:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42072
IP address blocks: 45.154.74.0/23 maxlen: 24
2a0f:b300:2000::/36 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 124426664 (0x76a99a8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=736d724e239efb7f2f7bea526a9e0c5e7fc89bbe
Validity
Not Before: Jan 1 03:55:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=27dc9669e95ebf7ab99b0733546c931967118a80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:c6:70:a0:66:ed:24:aa:3b:e9:5b:69:3a:b2:
5f:a4:23:38:85:34:68:4e:48:c3:38:39:5a:1d:13:
01:b6:80:fc:d6:ea:6e:74:01:74:3f:4c:14:a4:a3:
5f:b2:18:9a:88:c8:83:79:cc:6a:41:e8:f7:44:fe:
94:19:6b:d7:ab:cc:fa:84:80:a2:b0:c3:1d:40:25:
3d:89:d4:77:bb:ef:57:7d:fc:2b:f7:5b:12:fb:e7:
f1:df:18:98:20:96:2c:c3:19:08:86:a7:63:bb:d2:
00:6a:60:46:60:e2:54:4a:3f:78:4a:cf:f9:23:b5:
c1:83:69:39:49:18:b9:43:d7:c8:59:55:fe:34:df:
5b:e5:ae:ae:9e:98:05:8c:89:e2:af:ef:3f:be:ba:
8c:8c:97:ff:e1:78:43:c5:f6:54:15:47:19:27:de:
a3:62:44:c8:f3:19:fb:fa:c8:fb:17:6d:ed:a4:86:
f9:94:96:40:1a:1c:80:eb:c5:04:45:e3:c6:45:fb:
2f:37:79:37:ac:3d:f1:4d:30:cc:75:90:b6:1c:8f:
dc:7e:28:e2:f7:31:73:d9:ea:4e:ee:0a:72:15:2b:
2b:6f:81:a6:b9:57:7e:5e:8e:4a:61:f8:04:e5:72:
dd:aa:d7:23:59:06:f2:3f:ea:05:3d:68:92:4c:93:
fc:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:DC:96:69:E9:5E:BF:7A:B9:9B:07:33:54:6C:93:19:67:11:8A:80
X509v3 Authority Key Identifier:
keyid:73:6D:72:4E:23:9E:FB:7F:2F:7B:EA:52:6A:9E:0C:5E:7F:C8:9B:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c21yTiOe-38ve-pSap4MXn_Im74.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/dfc110-7924-49a9-8564-0bebfcbde1f3/1/J9yWaelev3q5mwczVGyTGWcRioA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/dfc110-7924-49a9-8564-0bebfcbde1f3/1/c21yTiOe-38ve-pSap4MXn_Im74.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.74.0/23
IPv6:
2a0f:b300:2000::/36
Signature Algorithm: sha256WithRSAEncryption
0d:2f:fc:67:51:ab:2a:26:96:52:35:af:b3:bb:cb:54:4a:27:
d6:f4:c6:31:8e:69:1d:e7:3a:0a:f3:94:59:dc:c2:e4:00:9c:
97:f9:8c:13:bc:82:84:a8:18:7b:a1:56:46:8a:63:02:c5:dd:
fe:85:fc:bb:9f:17:d3:b5:ef:3c:61:4f:34:35:d7:5b:28:3f:
9f:8a:ad:4b:19:c6:aa:84:ca:98:be:06:bf:45:f0:2c:14:24:
03:19:89:28:72:04:ac:90:c3:5c:62:76:99:db:d7:06:c9:4d:
9d:9d:4b:76:95:d2:cb:02:61:04:7f:58:65:0a:5e:c7:ad:9b:
db:e0:d0:f1:91:31:94:07:1c:da:d8:ff:93:62:56:f2:82:2d:
94:36:48:88:dd:04:82:fb:a9:5f:15:02:9d:c5:8d:07:ef:79:
cd:24:54:ed:e2:c9:0f:62:3b:e1:90:68:88:0b:77:2b:bf:c7:
8a:07:70:63:c0:7a:d8:7b:b6:5c:fe:fb:34:cc:7c:6d:b1:4d:
ad:67:33:b9:50:87:23:d6:dc:36:38:2e:92:a8:48:b8:b6:1e:
c2:00:6f:1d:51:36:67:e4:1b:b2:c6:e5:5e:72:53:b0:00:5a:
ee:b4:ff:ef:74:15:7c:65:94:65:4c:5f:83:9e:34:54:e8:a3:
cf:9b:be:d1
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIEB2qZqDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MzZkNzI0ZTIzOWVmYjdmMmY3YmVhNTI2YTllMGM1ZTdmYzg5YmJlMB4XDTIyMDEw
MTAzNTUwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjdkYzk2NjllOTVl
YmY3YWI5OWIwNzMzNTQ2YzkzMTk2NzExOGE4MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMfGcKBm7SSqO+lbaTqyX6QjOIU0aE5Iwzg5Wh0TAbaA/Nbq
bnQBdD9MFKSjX7IYmojIg3nMakHo90T+lBlr16vM+oSAorDDHUAlPYnUd7vvV338
K/dbEvvn8d8YmCCWLMMZCIanY7vSAGpgRmDiVEo/eErP+SO1wYNpOUkYuUPXyFlV
/jTfW+Wurp6YBYyJ4q/vP766jIyX/+F4Q8X2VBVHGSfeo2JEyPMZ+/rI+xdt7aSG
+ZSWQBocgOvFBEXjxkX7Lzd5N6w98U0wzHWQthyP3H4o4vcxc9nqTu4KchUrK2+B
prlXfl6OSmH4BOVy3arXI1kG8j/qBT1okkyT/FcCAwEAAaOCAhkwggIVMB0GA1Ud
DgQWBBQn3JZp6V6/ermbBzNUbJMZZxGKgDAfBgNVHSMEGDAWgBRzbXJOI577fy97
6lJqngxef8ibvjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2MyMXlUaU9lLTM4dmUtcFNhcDRNWG5fSW03NC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTcvZGZjMTEwLTc5MjQtNDlhOS04NTY0LTBiZWJmY2JkZTFmMy8x
L0o5eVdhZWxldjNxNW13Y3pWR3lUR1djUmlvQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTcv
ZGZjMTEwLTc5MjQtNDlhOS04NTY0LTBiZWJmY2JkZTFmMy8xL2MyMXlUaU9lLTM4
dmUtcFNhcDRNWG5fSW03NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAv
BggrBgEFBQcBBwEB/wQgMB4wDAQCAAEwBgMEAS2aSjAOBAIAAjAIAwYEKg+zACAw
DQYJKoZIhvcNAQELBQADggEBAA0v/GdRqyomllI1r7O7y1RKJ9b0xjGOaR3nOgrz
lFncwuQAnJf5jBO8goSoGHuhVkaKYwLF3f6F/LufF9O17zxhTzQ111soP5+KrUsZ
xqqEypi+Br9F8CwUJAMZiShyBKyQw1xidpnb1wbJTZ2dS3aV0ssCYQR/WGUKXset
m9vg0PGRMZQHHNrY/5NiVvKCLZQ2SIjdBIL7qV8VAp3FjQfvec0kVO3iyQ9iO+GQ
aIgLdyu/x4oHcGPAeth7tlz++zTMfG2xTa1nM7lQhyPW3DY4LpKoSLi2HsIAbx1R
NmfkG7LG5V5yU7AAWu60/+90FXxllGVMX4OeNFToo8+bvtE=
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:15:17 2025 by rpki-client