Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/9fddd4-526a-4807-b127-1bc31c62401f/1/b-9SwH5BrWscxPOEk_V-vPExY-c.roa
File: b-9SwH5BrWscxPOEk_V-vPExY-c.roa (raw, json)
Hash identifier: jWKkdWWP1mKzzFHskprKL90gY2rpl0q6TON5UWibxOs=
Subject key identifier: 6F:EF:52:C0:7E:41:AD:6B:1C:C4:F3:84:93:F5:7E:BC:F1:31:63:E7
Certificate issuer: /CN=aafc41aafbbccaa96711849745ef722a5260ac7e
Certificate serial: 01856E144B3BB1775D051573D7923A2EFA98
Authority key identifier: AA:FC:41:AA:FB:BC:CA:A9:67:11:84:97:45:EF:72:2A:52:60:AC:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qvxBqvu8yqlnEYSXRe9yKlJgrH4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/9fddd4-526a-4807-b127-1bc31c62401f/1/b-9SwH5BrWscxPOEk_V-vPExY-c.roa
Signing time: Sun 01 Jan 2023 16:05:01 +0000
ROA not before: Sun 01 Jan 2023 16:05:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31027
IP address blocks: 45.67.92.0/22 maxlen: 24
2a09:7440::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:14:4b:3b:b1:77:5d:05:15:73:d7:92:3a:2e:fa:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aafc41aafbbccaa96711849745ef722a5260ac7e
Validity
Not Before: Jan 1 16:05:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6fef52c07e41ad6b1cc4f38493f57ebcf13163e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:99:81:b0:e4:ce:35:82:32:ef:8e:2c:74:53:
ac:32:77:76:26:92:4e:5d:e8:9a:73:32:e8:8c:37:
55:7a:5a:1d:ef:47:1d:cb:82:b7:1c:60:24:b1:d9:
d0:0e:7d:c1:82:0d:1c:71:71:89:ac:f7:8e:2b:92:
0c:69:ed:76:ef:86:6f:b1:71:c3:80:c2:bf:e8:99:
5a:f0:8b:d0:14:c1:51:47:6f:01:1c:15:4e:40:2c:
0c:e9:3f:99:a0:b1:b6:51:0a:b3:d0:d7:46:b0:ba:
91:a5:83:a7:68:67:61:a4:00:a8:70:5a:11:4b:d5:
c7:f1:69:4c:c3:92:54:8f:3e:a7:d5:c0:1b:8d:29:
54:20:29:dd:93:56:91:70:56:6b:67:99:7c:65:2e:
c4:fe:fd:78:ec:0d:ab:1e:d7:2f:1a:5d:7d:ea:e2:
27:74:6d:7b:e5:55:94:74:7b:eb:7e:79:c4:a7:c4:
9a:00:0a:52:58:6e:27:a0:29:b9:99:d2:64:90:b3:
95:09:92:c4:5e:d2:6a:f0:a9:2f:e3:0d:64:4c:6a:
4d:ac:25:4b:94:3c:75:2a:29:f4:e4:1f:b9:e6:fe:
e4:4f:cc:c9:dc:de:72:e4:14:07:26:58:a3:bc:e6:
cc:fb:73:f2:c5:53:b3:46:64:56:e9:cf:61:ff:e9:
16:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:EF:52:C0:7E:41:AD:6B:1C:C4:F3:84:93:F5:7E:BC:F1:31:63:E7
X509v3 Authority Key Identifier:
keyid:AA:FC:41:AA:FB:BC:CA:A9:67:11:84:97:45:EF:72:2A:52:60:AC:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qvxBqvu8yqlnEYSXRe9yKlJgrH4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/9fddd4-526a-4807-b127-1bc31c62401f/1/b-9SwH5BrWscxPOEk_V-vPExY-c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/9fddd4-526a-4807-b127-1bc31c62401f/1/qvxBqvu8yqlnEYSXRe9yKlJgrH4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.92.0/22
IPv6:
2a09:7440::/32
Signature Algorithm: sha256WithRSAEncryption
38:92:42:f6:35:2b:1a:3e:e0:35:87:56:3d:63:5e:c5:05:f6:
8d:f9:47:c5:9e:15:1b:62:c2:c3:98:8e:57:73:71:65:b5:e7:
c9:27:21:1c:18:ea:9e:17:57:ba:8a:14:31:9e:d6:fe:e4:f5:
58:fb:8d:24:e8:73:c1:f8:39:e2:cb:7c:00:ff:d6:c7:0b:c3:
b6:c2:0c:8e:58:b5:4e:9a:ea:a8:60:fd:4c:3a:05:fa:39:45:
7d:fc:7f:94:ca:89:dc:ae:a3:36:d0:0f:0e:4e:dc:f7:71:3b:
cf:ac:43:49:ce:04:57:de:4d:a7:8c:27:40:13:96:b9:71:e3:
d0:a6:13:f6:37:8f:47:e4:11:6d:58:f7:6f:e2:e7:ca:f3:67:
65:4f:73:d2:14:3a:f8:3e:22:3a:ba:40:b6:e3:c3:e0:2b:e3:
a1:31:d4:84:f1:aa:a6:ef:45:c7:fb:20:12:e7:e6:54:6f:56:
c5:02:c7:7b:ab:bc:ed:60:8e:aa:39:ac:c7:34:f6:84:36:6c:
90:13:c0:ae:d6:72:d1:d1:46:10:98:9b:29:7f:2c:73:7c:9d:
58:cf:4c:2f:33:c8:2e:20:aa:30:2c:a5:86:f8:0f:6f:fd:b1:
8c:32:f1:e5:11:a4:a2:d9:f8:66:63:56:38:35:f0:3a:73:d0:
c2:f8:d8:52
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVuFEs7sXddBRVz15I6LvqYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhZmM0MWFhZmJiY2NhYTk2NzExODQ5NzQ1ZWY3MjJhNTI2
MGFjN2UwHhcNMjMwMTAxMTYwNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmVmNTJjMDdlNDFhZDZiMWNjNGYzODQ5M2Y1N2ViY2YxMzE2M2U3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6pmBsOTONYIy744sdFOsMnd2JpJO
XeiaczLojDdVelod70cdy4K3HGAksdnQDn3Bgg0ccXGJrPeOK5IMae1274ZvsXHD
gMK/6Jla8IvQFMFRR28BHBVOQCwM6T+ZoLG2UQqz0NdGsLqRpYOnaGdhpACocFoR
S9XH8WlMw5JUjz6n1cAbjSlUICndk1aRcFZrZ5l8ZS7E/v147A2rHtcvGl196uIn
dG175VWUdHvrfnnEp8SaAApSWG4noCm5mdJkkLOVCZLEXtJq8Kkv4w1kTGpNrCVL
lDx1Kin05B+55v7kT8zJ3N5y5BQHJlijvObM+3PyxVOzRmRW6c9h/+kWBQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFG/vUsB+Qa1rHMTzhJP1frzxMWPnMB8GA1UdIwQY
MBaAFKr8Qar7vMqpZxGEl0XvcipSYKx+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXZ4QnF2dTh5cWxuRVlTWFJlOXlLbEpnckg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85ZmRkZDQtNTI2YS00ODA3LWIxMjct
MWJjMzFjNjI0MDFmLzEvYi05U3dINUJyV3NjeFBPRWtfVi12UEV4WS1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85ZmRkZDQtNTI2YS00ODA3LWIxMjctMWJjMzFjNjI0MDFm
LzEvcXZ4QnF2dTh5cWxuRVlTWFJlOXlLbEpnckg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLUNcMA0E
AgACMAcDBQAqCXRAMA0GCSqGSIb3DQEBCwUAA4IBAQA4kkL2NSsaPuA1h1Y9Y17F
BfaN+UfFnhUbYsLDmI5Xc3FltefJJyEcGOqeF1e6ihQxntb+5PVY+40k6HPB+Dni
y3wA/9bHC8O2wgyOWLVOmuqoYP1MOgX6OUV9/H+UyoncrqM20A8OTtz3cTvPrENJ
zgRX3k2njCdAE5a5cePQphP2N49H5BFtWPdv4ufK82dlT3PSFDr4PiI6ukC248Pg
K+OhMdSE8aqm70XH+yAS5+ZUb1bFAsd7q7ztYI6qOazHNPaENmyQE8Cu1nLR0UYQ
mJspfyxzfJ1Yz0wvM8guIKowLKWG+A9v/bGMMvHlEaSi2fhmY1Y4NfA6c9DC+NhS
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:23:57 2025 by rpki-client