Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/160f8f-dbab-482d-b39c-ad2fda47988e/1/r-sFZzl_MughtLc-6o2eHseaMa4.roa
File: r-sFZzl_MughtLc-6o2eHseaMa4.roa (raw, json)
Hash identifier: 7QFIGFvrLUSy2PdQuyKaY6F9/bZU9BYB5OXQ8X63Cz0=
Subject key identifier: AF:EB:05:67:39:7F:32:E8:21:B4:B7:3E:EA:8D:9E:1E:C7:9A:31:AE
Certificate issuer: /CN=c0e549fdceeb02912c8a8741c816806bbe19c448
Certificate serial: 01872D441494A8E47C7C1905A0D95E680310
Authority key identifier: C0:E5:49:FD:CE:EB:02:91:2C:8A:87:41:C8:16:80:6B:BE:19:C4:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wOVJ_c7rApEsiodByBaAa74ZxEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/160f8f-dbab-482d-b39c-ad2fda47988e/1/r-sFZzl_MughtLc-6o2eHseaMa4.roa
Signing time: Wed 29 Mar 2023 12:07:29 +0000
ROA not before: Wed 29 Mar 2023 12:07:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 272877
IP address blocks: 45.80.198.0/23 maxlen: 23
45.80.196.0/23 maxlen: 23
103.23.62.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:2d:44:14:94:a8:e4:7c:7c:19:05:a0:d9:5e:68:03:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c0e549fdceeb02912c8a8741c816806bbe19c448
Validity
Not Before: Mar 29 12:07:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=afeb0567397f32e821b4b73eea8d9e1ec79a31ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:9b:e7:03:d1:69:bd:6e:4f:d0:3d:41:b1:b8:
bb:88:c3:51:7a:33:45:ff:a6:02:5d:1f:1e:f2:d1:
ae:83:ff:fa:5e:5e:0f:6b:f6:86:14:1f:cc:94:16:
d3:a0:78:52:c9:4f:d2:cc:29:ba:a8:00:df:56:6a:
9a:3a:cb:7d:76:6b:6e:c4:41:33:3a:66:78:af:24:
78:05:7f:f5:ef:4a:e8:75:f3:78:c7:c4:7d:73:b3:
c4:1e:cf:5d:0d:fd:8a:0e:2f:14:5f:f0:3d:a1:14:
a2:eb:81:0b:ca:a1:23:1a:8b:56:5f:cd:75:cb:1a:
1c:e8:70:83:f8:ab:a8:c4:c6:73:77:e7:37:d1:9b:
7e:3a:6e:6a:30:06:91:bb:89:84:95:58:1a:00:1b:
25:2c:a2:f4:e7:dd:89:77:64:98:05:ac:5a:2f:88:
1b:9b:83:d9:00:11:78:ec:8a:97:b3:7e:ad:e3:80:
d4:c5:e3:3c:0b:2b:a1:53:d4:76:e1:85:fd:8b:c5:
27:49:0a:40:c9:a3:e8:12:aa:8a:fe:2a:ea:53:d3:
d5:3a:cb:77:17:ba:fb:6f:02:39:5d:7c:26:b8:8b:
d1:7d:bc:da:80:f0:61:4c:29:97:ea:21:22:89:0d:
9f:26:95:4c:56:fa:6d:44:d7:e3:5a:a3:26:d4:09:
fe:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:EB:05:67:39:7F:32:E8:21:B4:B7:3E:EA:8D:9E:1E:C7:9A:31:AE
X509v3 Authority Key Identifier:
keyid:C0:E5:49:FD:CE:EB:02:91:2C:8A:87:41:C8:16:80:6B:BE:19:C4:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wOVJ_c7rApEsiodByBaAa74ZxEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/160f8f-dbab-482d-b39c-ad2fda47988e/1/r-sFZzl_MughtLc-6o2eHseaMa4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/160f8f-dbab-482d-b39c-ad2fda47988e/1/wOVJ_c7rApEsiodByBaAa74ZxEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.80.196.0/22
103.23.62.0/24
Signature Algorithm: sha256WithRSAEncryption
91:b1:c9:d7:2b:18:ba:9b:29:f9:79:e9:de:c4:01:65:50:8f:
fb:89:98:0a:5d:5c:64:9e:3f:b7:52:64:b2:57:66:e6:c5:75:
60:1a:a4:2c:eb:cb:9e:ea:38:ce:70:5b:d8:18:68:a1:04:69:
c9:d4:d8:ca:6c:74:c7:0e:91:76:20:f5:e1:de:87:15:44:6b:
bd:f4:62:23:e1:c3:66:e7:70:99:1b:84:7b:34:46:b4:48:5a:
d4:c5:03:19:8b:71:fe:ca:b7:8a:a9:24:c3:c0:0d:5c:09:84:
1b:1f:51:1d:2e:8a:c6:9f:b1:47:5d:2e:bd:7c:7d:e7:67:c3:
e5:10:6a:70:7d:ea:11:18:b3:fb:a1:c3:63:c0:d7:9d:f0:da:
79:5f:29:e7:c5:a3:de:ae:2c:32:4c:18:df:c6:c4:41:cc:43:
63:ab:a5:22:c3:a5:08:1e:3a:4e:68:d5:cc:4c:a1:60:b9:9e:
b8:4c:8e:b4:ef:bc:c2:98:48:b5:93:c6:a7:18:75:d5:ea:67:
b6:e3:f8:a4:00:75:4f:68:55:e0:30:7c:b0:cc:bf:d8:2c:3b:
9e:90:88:b9:f0:07:5b:cb:cf:81:82:f8:ca:36:a9:73:9b:86:
e5:2d:93:7d:a7:0f:ef:ac:1b:4f:95:1e:45:c2:66:70:6b:ea:
21:54:73:29
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYctRBSUqOR8fBkFoNleaAMQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwZTU0OWZkY2VlYjAyOTEyYzhhODc0MWM4MTY4MDZiYmUx
OWM0NDgwHhcNMjMwMzI5MTIwNzI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZmViMDU2NzM5N2YzMmU4MjFiNGI3M2VlYThkOWUxZWM3OWEzMWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmZvnA9FpvW5P0D1Bsbi7iMNRejNF
/6YCXR8e8tGug//6Xl4Pa/aGFB/MlBbToHhSyU/SzCm6qADfVmqaOst9dmtuxEEz
OmZ4ryR4BX/170rodfN4x8R9c7PEHs9dDf2KDi8UX/A9oRSi64ELyqEjGotWX811
yxoc6HCD+KuoxMZzd+c30Zt+Om5qMAaRu4mElVgaABslLKL0592Jd2SYBaxaL4gb
m4PZABF47IqXs36t44DUxeM8CyuhU9R24YX9i8UnSQpAyaPoEqqK/irqU9PVOst3
F7r7bwI5XXwmuIvRfbzagPBhTCmX6iEiiQ2fJpVMVvptRNfjWqMm1An+cQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFK/rBWc5fzLoIbS3PuqNnh7HmjGuMB8GA1UdIwQY
MBaAFMDlSf3O6wKRLIqHQcgWgGu+GcRIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd09WSl9jN3JBcEVzaW9kQnlCYUFhNzRaeEVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8xNjBmOGYtZGJhYi00ODJkLWIzOWMt
YWQyZmRhNDc5ODhlLzEvci1zRlp6bF9NdWdodExjLTZvMmVIc2VhTWE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8xNjBmOGYtZGJhYi00ODJkLWIzOWMtYWQyZmRhNDc5ODhl
LzEvd09WSl9jN3JBcEVzaW9kQnlCYUFhNzRaeEVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLVDEAwQA
Zxc+MA0GCSqGSIb3DQEBCwUAA4IBAQCRscnXKxi6myn5eenexAFlUI/7iZgKXVxk
nj+3UmSyV2bmxXVgGqQs68ue6jjOcFvYGGihBGnJ1NjKbHTHDpF2IPXh3ocVRGu9
9GIj4cNm53CZG4R7NEa0SFrUxQMZi3H+yreKqSTDwA1cCYQbH1EdLorGn7FHXS69
fH3nZ8PlEGpwfeoRGLP7ocNjwNed8Np5XynnxaPeriwyTBjfxsRBzENjq6Uiw6UI
HjpOaNXMTKFguZ64TI6077zCmEi1k8anGHXV6me24/ikAHVPaFXgMHywzL/YLDue
kIi58Adby8+BgvjKNqlzm4blLZN9pw/vrBtPlR5FwmZwa+ohVHMp
-----END CERTIFICATE-----
Generated at Thu Apr 10 22:02:30 2025 by rpki-client