Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/160f8f-dbab-482d-b39c-ad2fda47988e/1/4nl_BRXAD-yKfAfccMUlcqaB-7U.roa
File: 4nl_BRXAD-yKfAfccMUlcqaB-7U.roa (raw, json)
Hash identifier: ClEATWP6LMi2a+qk8WDaBwx0NMSBitCnhZrZwSnQp6o=
Subject key identifier: E2:79:7F:05:15:C0:0F:EC:8A:7C:07:DC:70:C5:25:72:A6:81:FB:B5
Certificate issuer: /CN=c0e549fdceeb02912c8a8741c816806bbe19c448
Certificate serial: 01874693A9CE08B2AEF7EB0D1E173C004079
Authority key identifier: C0:E5:49:FD:CE:EB:02:91:2C:8A:87:41:C8:16:80:6B:BE:19:C4:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wOVJ_c7rApEsiodByBaAa74ZxEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/160f8f-dbab-482d-b39c-ad2fda47988e/1/4nl_BRXAD-yKfAfccMUlcqaB-7U.roa
Signing time: Mon 03 Apr 2023 10:04:54 +0000
ROA not before: Mon 03 Apr 2023 10:04:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 272877
IP address blocks: 45.80.198.0/23 maxlen: 23
45.80.196.0/23 maxlen: 23
103.23.62.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:46:93:a9:ce:08:b2:ae:f7:eb:0d:1e:17:3c:00:40:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c0e549fdceeb02912c8a8741c816806bbe19c448
Validity
Not Before: Apr 3 10:04:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e2797f0515c00fec8a7c07dc70c52572a681fbb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:2a:98:75:72:78:bf:f7:eb:42:4d:c6:de:55:
5b:9d:3d:12:4c:9a:f3:06:ee:a7:43:59:7a:d3:37:
f7:99:49:42:cc:d5:9c:01:25:d2:1b:25:ab:5a:a5:
24:1e:14:85:f6:02:d4:5b:cd:09:d8:5c:b1:0b:81:
9a:7d:fe:4e:11:f6:19:34:10:a5:aa:75:c0:ee:05:
83:38:a1:39:23:84:e0:60:a5:a0:4e:a1:e6:d5:01:
ab:aa:b3:45:bd:44:e1:bc:ca:d7:72:c2:79:43:1b:
27:e0:f4:78:e8:fb:15:78:69:29:2c:28:21:4b:2a:
2d:d5:14:91:95:3c:6d:a2:f6:49:ff:9a:a7:9e:b0:
32:73:4b:d3:08:41:bb:35:c5:43:d7:bd:0e:c1:08:
87:38:94:79:aa:1e:cb:27:51:0f:e9:aa:55:0f:78:
d8:30:39:7e:4d:8f:64:ac:75:60:1e:f7:ab:fc:5e:
90:72:71:3c:03:8a:d9:81:b6:6a:10:76:d0:ed:fe:
13:6d:00:3b:d8:0a:55:ef:a0:79:ff:47:6e:44:cd:
10:f1:93:ea:67:58:dc:f8:85:19:eb:54:d3:8f:e4:
a2:ad:8a:c1:9d:7d:ec:84:34:de:c9:73:18:e4:a3:
25:bf:3d:de:62:0d:3d:2d:d3:b4:40:c1:cc:12:9a:
fa:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:79:7F:05:15:C0:0F:EC:8A:7C:07:DC:70:C5:25:72:A6:81:FB:B5
X509v3 Authority Key Identifier:
keyid:C0:E5:49:FD:CE:EB:02:91:2C:8A:87:41:C8:16:80:6B:BE:19:C4:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wOVJ_c7rApEsiodByBaAa74ZxEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/160f8f-dbab-482d-b39c-ad2fda47988e/1/4nl_BRXAD-yKfAfccMUlcqaB-7U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/160f8f-dbab-482d-b39c-ad2fda47988e/1/wOVJ_c7rApEsiodByBaAa74ZxEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.80.196.0/22
103.23.62.0/23
Signature Algorithm: sha256WithRSAEncryption
0c:ec:93:ba:00:0b:a5:5d:07:48:a3:f7:17:e3:ff:10:b0:ad:
1f:82:66:f6:51:01:7a:07:3e:fb:ec:ee:db:78:53:8a:3c:69:
47:d1:2d:be:44:9e:0b:1c:03:c7:83:7b:76:f9:7e:1c:7d:0d:
01:55:80:28:10:fa:8d:95:04:1b:ca:b1:f1:6a:de:70:11:41:
20:3a:f8:4a:17:f5:8d:05:d3:13:26:87:58:a1:f0:c8:07:20:
e4:47:a4:93:08:58:75:33:5d:bc:55:0d:b0:e1:11:0d:07:60:
4d:04:c2:10:c9:6e:3f:61:be:a1:31:07:78:ef:18:1e:9c:22:
b5:a9:e8:62:b2:54:d3:45:33:40:a0:38:72:3c:b3:e5:9b:e7:
db:de:f7:fa:9c:15:f5:e1:14:a1:13:ab:f1:79:75:24:ee:a3:
c7:c2:6b:50:99:a0:7b:1e:28:5d:0b:de:bb:07:5d:58:aa:33:
eb:2c:30:f0:1c:5f:51:92:1f:a1:b8:57:48:09:c6:f7:fe:a7:
65:58:a9:51:15:d3:65:b3:c8:f4:89:79:51:6e:30:9b:0a:79:
ed:bd:b7:45:d1:f5:64:8d:e4:25:68:a5:bd:28:f2:38:1a:b3:
04:a1:87:80:c7:d6:f8:33:3e:a5:66:af:06:2f:3b:b5:e4:fc:
dd:10:8c:81
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYdGk6nOCLKu9+sNHhc8AEB5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwZTU0OWZkY2VlYjAyOTEyYzhhODc0MWM4MTY4MDZiYmUx
OWM0NDgwHhcNMjMwNDAzMTAwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjc5N2YwNTE1YzAwZmVjOGE3YzA3ZGM3MGM1MjU3MmE2ODFmYmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqiqYdXJ4v/frQk3G3lVbnT0STJrz
Bu6nQ1l60zf3mUlCzNWcASXSGyWrWqUkHhSF9gLUW80J2FyxC4Gaff5OEfYZNBCl
qnXA7gWDOKE5I4TgYKWgTqHm1QGrqrNFvUThvMrXcsJ5Qxsn4PR46PsVeGkpLCgh
Syot1RSRlTxtovZJ/5qnnrAyc0vTCEG7NcVD170OwQiHOJR5qh7LJ1EP6apVD3jY
MDl+TY9krHVgHver/F6QcnE8A4rZgbZqEHbQ7f4TbQA72ApV76B5/0duRM0Q8ZPq
Z1jc+IUZ61TTj+SirYrBnX3shDTeyXMY5KMlvz3eYg09LdO0QMHMEpr6wQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOJ5fwUVwA/sinwH3HDFJXKmgfu1MB8GA1UdIwQY
MBaAFMDlSf3O6wKRLIqHQcgWgGu+GcRIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd09WSl9jN3JBcEVzaW9kQnlCYUFhNzRaeEVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8xNjBmOGYtZGJhYi00ODJkLWIzOWMt
YWQyZmRhNDc5ODhlLzEvNG5sX0JSWEFELXlLZkFmY2NNVWxjcWFCLTdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8xNjBmOGYtZGJhYi00ODJkLWIzOWMtYWQyZmRhNDc5ODhl
LzEvd09WSl9jN3JBcEVzaW9kQnlCYUFhNzRaeEVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLVDEAwQB
Zxc+MA0GCSqGSIb3DQEBCwUAA4IBAQAM7JO6AAulXQdIo/cX4/8QsK0fgmb2UQF6
Bz777O7beFOKPGlH0S2+RJ4LHAPHg3t2+X4cfQ0BVYAoEPqNlQQbyrHxat5wEUEg
OvhKF/WNBdMTJodYofDIByDkR6STCFh1M128VQ2w4RENB2BNBMIQyW4/Yb6hMQd4
7xgenCK1qehislTTRTNAoDhyPLPlm+fb3vf6nBX14RShE6vxeXUk7qPHwmtQmaB7
HihdC967B11YqjPrLDDwHF9Rkh+huFdICcb3/qdlWKlRFdNls8j0iXlRbjCbCnnt
vbdF0fVkjeQlaKW9KPI4GrMEoYeAx9b4Mz6lZq8GLzu15PzdEIyB
-----END CERTIFICATE-----
Generated at Thu Apr 10 22:04:10 2025 by rpki-client