Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/4b6354-a7a3-4351-a7de-aeac5d9cdc7b/1/pQ57QSKlSQz0VuaYJGiniybp3ow.roa
File: pQ57QSKlSQz0VuaYJGiniybp3ow.roa (raw, json)
Hash identifier: oSzKH/nTbRg7YPzdViqrAr7czcgnClJ3y/RCmppFpyA=
Subject key identifier: A5:0E:7B:41:22:A5:49:0C:F4:56:E6:98:24:68:A7:8B:26:E9:DE:8C
Certificate issuer: /CN=048eefb5b26483561711c990f20ff552ac4e2c9c
Certificate serial: 01857094DCCF44FD3C2C8E74D3DEC7D9CD6C
Authority key identifier: 04:8E:EF:B5:B2:64:83:56:17:11:C9:90:F2:0F:F5:52:AC:4E:2C:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BI7vtbJkg1YXEcmQ8g_1UqxOLJw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/4b6354-a7a3-4351-a7de-aeac5d9cdc7b/1/pQ57QSKlSQz0VuaYJGiniybp3ow.roa
Signing time: Mon 02 Jan 2023 03:44:42 +0000
ROA not before: Mon 02 Jan 2023 03:44:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15491
IP address blocks: 146.255.224.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:94:dc:cf:44:fd:3c:2c:8e:74:d3:de:c7:d9:cd:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=048eefb5b26483561711c990f20ff552ac4e2c9c
Validity
Not Before: Jan 2 03:44:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a50e7b4122a5490cf456e6982468a78b26e9de8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:34:b1:df:e8:ec:d6:68:69:55:30:21:55:27:
04:46:0a:51:97:d4:dc:ef:bd:d4:6d:10:e4:c7:d8:
e2:3b:0e:32:9a:bf:d7:a3:71:c1:5e:fb:9e:3e:92:
f6:47:3c:82:f8:7a:0d:c3:2a:e4:0b:61:7f:f5:9f:
ec:68:e8:36:e1:d3:51:bf:9f:ad:30:2e:25:4e:12:
50:99:07:5b:13:2c:e8:5e:4c:af:a4:8c:7a:74:6b:
29:2b:99:d6:e8:bc:3a:3f:5a:5d:eb:09:d7:60:c8:
67:af:06:cf:f7:91:4d:23:94:8b:7a:ea:02:f1:ec:
ce:91:d4:6f:26:6a:ff:c6:01:9d:73:63:10:2a:5f:
42:04:e3:b7:8b:5c:98:81:22:2e:c3:62:93:0d:ca:
ae:c4:ec:c1:f0:46:3d:95:be:17:87:27:cb:fc:09:
94:71:11:f5:9e:7b:f1:6e:62:8c:b6:42:a7:85:a7:
64:ee:b9:15:1d:11:1e:03:e3:85:fe:47:45:92:9b:
51:a2:b0:87:25:35:b1:40:cf:82:ee:33:cf:6a:74:
bf:4d:34:56:dd:8f:80:d0:a8:d3:61:62:78:62:2b:
d5:8c:d0:60:62:5d:3e:66:3a:ea:11:36:c6:77:d5:
6c:bf:37:56:b0:43:92:5b:3b:0e:ac:6e:b3:35:e0:
42:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:0E:7B:41:22:A5:49:0C:F4:56:E6:98:24:68:A7:8B:26:E9:DE:8C
X509v3 Authority Key Identifier:
keyid:04:8E:EF:B5:B2:64:83:56:17:11:C9:90:F2:0F:F5:52:AC:4E:2C:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BI7vtbJkg1YXEcmQ8g_1UqxOLJw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/4b6354-a7a3-4351-a7de-aeac5d9cdc7b/1/pQ57QSKlSQz0VuaYJGiniybp3ow.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/4b6354-a7a3-4351-a7de-aeac5d9cdc7b/1/BI7vtbJkg1YXEcmQ8g_1UqxOLJw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.255.224.0/19
Signature Algorithm: sha256WithRSAEncryption
84:89:6f:bd:12:08:4f:d4:cc:2b:81:73:53:85:75:2f:a1:12:
35:ae:90:ba:e6:28:dd:be:a5:e0:a7:c2:c4:1b:a2:90:56:c1:
54:cd:de:9c:29:8d:49:2d:85:17:f5:19:68:d7:af:54:e9:e3:
19:91:01:81:5f:8b:90:e5:e2:7a:22:fc:2f:75:b2:d6:35:a8:
84:8a:21:cc:89:fc:f2:b5:04:5b:37:6e:ae:bd:39:51:9d:a6:
d0:fe:c9:8e:ea:c2:25:73:25:f5:a2:a5:03:53:1c:9a:92:7b:
94:98:8b:72:c6:54:93:01:a4:85:5c:17:88:f7:ff:70:10:bd:
18:8f:d8:7c:b5:bc:e1:80:2f:d4:d7:60:81:3d:ec:9a:41:a0:
d0:e2:84:72:f6:a3:58:7b:48:83:80:1a:b4:42:28:b8:46:45:
cf:ea:3c:88:51:a4:12:d4:28:49:85:89:47:fc:31:57:eb:67:
ae:06:0a:58:6e:be:c0:c8:ef:12:ac:98:02:21:81:96:b5:83:
fc:9d:91:df:18:ea:d8:41:ae:86:50:92:ca:ae:40:93:d8:b3:
66:39:12:ac:6e:05:dd:13:c4:61:e0:81:e9:22:c4:0f:6e:b0:
ef:9d:d0:10:9f:37:6a:23:80:f8:a4:92:b0:6b:c3:db:4d:b6:
56:87:07:7b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwlNzPRP08LI50097H2c1sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0OGVlZmI1YjI2NDgzNTYxNzExYzk5MGYyMGZmNTUyYWM0
ZTJjOWMwHhcNMjMwMTAyMDM0NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTBlN2I0MTIyYTU0OTBjZjQ1NmU2OTgyNDY4YTc4YjI2ZTlkZThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgDSx3+js1mhpVTAhVScERgpRl9Tc
773UbRDkx9jiOw4ymr/Xo3HBXvuePpL2RzyC+HoNwyrkC2F/9Z/saOg24dNRv5+t
MC4lThJQmQdbEyzoXkyvpIx6dGspK5nW6Lw6P1pd6wnXYMhnrwbP95FNI5SLeuoC
8ezOkdRvJmr/xgGdc2MQKl9CBOO3i1yYgSIuw2KTDcquxOzB8EY9lb4XhyfL/AmU
cRH1nnvxbmKMtkKnhadk7rkVHREeA+OF/kdFkptRorCHJTWxQM+C7jPPanS/TTRW
3Y+A0KjTYWJ4YivVjNBgYl0+ZjrqETbGd9VsvzdWsEOSWzsOrG6zNeBCxwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKUOe0EipUkM9FbmmCRop4sm6d6MMB8GA1UdIwQY
MBaAFASO77WyZINWFxHJkPIP9VKsTiycMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkk3dnRiSmtnMVlYRWNtUThnXzFVcXhPTEp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS80YjYzNTQtYTdhMy00MzUxLWE3ZGUt
YWVhYzVkOWNkYzdiLzEvcFE1N1FTS2xTUXowVnVhWUpHaW5peWJwM293LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS80YjYzNTQtYTdhMy00MzUxLWE3ZGUtYWVhYzVkOWNkYzdi
LzEvQkk3dnRiSmtnMVlYRWNtUThnXzFVcXhPTEp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFkv/gMA0G
CSqGSIb3DQEBCwUAA4IBAQCEiW+9EghP1MwrgXNThXUvoRI1rpC65ijdvqXgp8LE
G6KQVsFUzd6cKY1JLYUX9Rlo169U6eMZkQGBX4uQ5eJ6IvwvdbLWNaiEiiHMifzy
tQRbN26uvTlRnabQ/smO6sIlcyX1oqUDUxyaknuUmItyxlSTAaSFXBeI9/9wEL0Y
j9h8tbzhgC/U12CBPeyaQaDQ4oRy9qNYe0iDgBq0Qii4RkXP6jyIUaQS1ChJhYlH
/DFX62euBgpYbr7AyO8SrJgCIYGWtYP8nZHfGOrYQa6GUJLKrkCT2LNmORKsbgXd
E8Rh4IHpIsQPbrDvndAQnzdqI4D4pJKwa8PbTbZWhwd7
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:18:36 2025 by rpki-client