Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/Kpd4moC_XOMikdR6gJZlLI0zK9g.roa
File: Kpd4moC_XOMikdR6gJZlLI0zK9g.roa (raw, json)
Hash identifier: BZw9gSAqUtILcBq5nWiCojYuBjnTh9vLsmMYlxVUArU=
Subject key identifier: 2A:97:78:9A:80:BF:5C:E3:22:91:D4:7A:80:96:65:2C:8D:33:2B:D8
Certificate issuer: /CN=8e1c11658d2041eaf2502fe5408ed493bbd4f318
Certificate serial: 018BD1F37DA3B39D586A9C74F0C61257E451
Authority key identifier: 8E:1C:11:65:8D:20:41:EA:F2:50:2F:E5:40:8E:D4:93:BB:D4:F3:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/Kpd4moC_XOMikdR6gJZlLI0zK9g.roa
Signing time: Wed 15 Nov 2023 07:47:57 +0000
ROA not before: Wed 15 Nov 2023 07:47:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 137409
IP address blocks: 45.8.24.0/24 maxlen: 24
45.8.25.0/24 maxlen: 24
2a0e:4201::/32 maxlen: 48
2a0e:4202::/32 maxlen: 48
2a0e:4205::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d1:f3:7d:a3:b3:9d:58:6a:9c:74:f0:c6:12:57:e4:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e1c11658d2041eaf2502fe5408ed493bbd4f318
Validity
Not Before: Nov 15 07:47:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2a97789a80bf5ce32291d47a8096652c8d332bd8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:14:d8:97:79:b8:26:42:db:99:a0:64:08:f5:
96:26:a8:72:99:da:eb:0e:50:d4:62:7d:21:8c:33:
de:29:f3:fe:a5:94:96:6f:5b:49:30:7b:93:bd:85:
17:b2:b2:62:1c:79:ec:f9:f7:11:dd:48:55:ea:ff:
af:91:8f:da:af:48:02:e2:38:0b:1f:a8:7c:6f:34:
5a:09:67:d8:3e:6c:20:2b:ad:48:3c:fe:7f:9e:b3:
df:28:99:42:ed:25:10:80:ad:0a:72:1c:9d:67:ef:
8f:b3:a2:bf:bd:5d:fe:17:90:e0:09:79:0e:d6:f0:
b9:ab:d1:d4:c8:06:bd:10:3a:81:e8:c0:ca:78:07:
33:b1:a8:b4:01:c5:3b:a5:9c:7f:0d:6b:15:b9:c1:
6b:d6:48:29:f9:08:e5:8e:0c:f8:cb:ec:ad:6d:67:
07:57:ab:80:b6:d4:eb:c4:14:4c:0a:eb:ce:65:40:
45:9a:7e:0c:3c:07:2c:56:d0:4e:84:cd:5a:1c:6c:
7e:42:5c:27:97:5f:06:4b:14:33:f8:48:f0:d6:bd:
2c:fd:c3:07:6a:cb:fa:7f:c3:9c:44:ea:da:fb:61:
76:95:18:a7:b3:77:45:5d:eb:06:23:78:b8:3d:ea:
03:03:32:03:ce:5a:7e:04:80:17:d4:ec:30:48:c1:
db:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:97:78:9A:80:BF:5C:E3:22:91:D4:7A:80:96:65:2C:8D:33:2B:D8
X509v3 Authority Key Identifier:
keyid:8E:1C:11:65:8D:20:41:EA:F2:50:2F:E5:40:8E:D4:93:BB:D4:F3:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/Kpd4moC_XOMikdR6gJZlLI0zK9g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/jhwRZY0gQeryUC_lQI7Uk7vU8xg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.24.0/23
IPv6:
2a0e:4201::-2a0e:4202:ffff:ffff:ffff:ffff:ffff:ffff
2a0e:4205::/32
Signature Algorithm: sha256WithRSAEncryption
49:a2:9b:55:e1:7c:f4:a1:a8:a4:64:47:55:04:34:43:cc:d0:
8c:60:13:0b:e1:ef:7e:41:f9:1e:24:ed:44:94:2f:8a:a8:dd:
62:63:82:c3:35:e2:c2:65:af:ae:c6:71:42:93:9d:8c:67:81:
01:2d:7d:9a:db:01:31:eb:e0:80:69:87:6e:9e:fa:6f:a5:bd:
e2:0c:bd:2a:7b:62:4e:b6:92:e6:d9:56:eb:56:38:4a:e1:79:
c9:77:4f:c6:b5:9f:71:09:6f:7e:a6:dc:85:37:13:03:74:bc:
08:75:ed:e4:6c:05:74:45:f8:f4:34:21:9e:d0:16:9f:ca:aa:
cd:8c:33:fe:ea:51:ce:d8:83:60:d0:27:1c:0a:d3:47:a0:a4:
7c:9e:09:be:62:3b:49:3d:e6:6f:41:ca:2a:76:cf:ca:f4:b6:
4e:1f:c3:fc:3c:86:13:a2:3a:92:68:a8:f4:ff:06:96:ac:5b:
7f:7a:15:96:b2:8e:e1:dc:05:41:fb:4c:eb:3e:0a:d9:95:25:
f4:2e:03:d0:33:6b:ce:91:ce:fb:04:ce:1b:f5:b9:96:99:f7:
d7:00:a7:fc:19:09:0e:91:a6:4f:c1:4f:13:04:59:c8:b4:f3:
86:86:02:b9:ba:63:28:a4:2a:fa:90:24:1c:7f:0b:43:38:df:
76:e1:27:40
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAYvR832js51Yapx08MYSV+RRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlMWMxMTY1OGQyMDQxZWFmMjUwMmZlNTQwOGVkNDkzYmJk
NGYzMTgwHhcNMjMxMTE1MDc0NzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTk3Nzg5YTgwYmY1Y2UzMjI5MWQ0N2E4MDk2NjUyYzhkMzMyYmQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlhTYl3m4JkLbmaBkCPWWJqhymdrr
DlDUYn0hjDPeKfP+pZSWb1tJMHuTvYUXsrJiHHns+fcR3UhV6v+vkY/ar0gC4jgL
H6h8bzRaCWfYPmwgK61IPP5/nrPfKJlC7SUQgK0KchydZ++Ps6K/vV3+F5DgCXkO
1vC5q9HUyAa9EDqB6MDKeAczsai0AcU7pZx/DWsVucFr1kgp+Qjljgz4y+ytbWcH
V6uAttTrxBRMCuvOZUBFmn4MPAcsVtBOhM1aHGx+Qlwnl18GSxQz+Ejw1r0s/cMH
asv6f8OcROra+2F2lRins3dFXesGI3i4PeoDAzIDzlp+BIAX1OwwSMHblQIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFCqXeJqAv1zjIpHUeoCWZSyNMyvYMB8GA1UdIwQY
MBaAFI4cEWWNIEHq8lAv5UCO1JO71PMYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamh3UlpZMGdRZXJ5VUNfbFFJN1VrN3ZVOHhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi83MGJmOGItZDhjNC00MGMzLTkwMjIt
NjMzNDhjZGJmMDI0LzEvS3BkNG1vQ19YT01pa2RSNmdKWmxMSTB6SzlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi83MGJmOGItZDhjNC00MGMzLTkwMjItNjMzNDhjZGJmMDI0
LzEvamh3UlpZMGdRZXJ5VUNfbFFJN1VrN3ZVOHhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTAMBAIAATAGAwQBLQgYMB0E
AgACMBcwDgMFACoOQgEDBQAqDkICAwUAKg5CBTANBgkqhkiG9w0BAQsFAAOCAQEA
SaKbVeF89KGopGRHVQQ0Q8zQjGATC+HvfkH5HiTtRJQviqjdYmOCwzXiwmWvrsZx
QpOdjGeBAS19mtsBMevggGmHbp76b6W94gy9KntiTraS5tlW61Y4SuF5yXdPxrWf
cQlvfqbchTcTA3S8CHXt5GwFdEX49DQhntAWn8qqzYwz/upRztiDYNAnHArTR6Ck
fJ4JvmI7ST3mb0HKKnbPyvS2Th/D/DyGE6I6kmio9P8Glqxbf3oVlrKO4dwFQftM
6z4K2ZUl9C4D0DNrzpHO+wTOG/W5lpn31wCn/BkJDpGmT8FPEwRZyLTzhoYCubpj
KKQq+pAkHH8LQzjfduEnQA==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:10:30 2025 by rpki-client