Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/6dbc99-bfa9-4ef7-a798-a3032615660c/1/vykdWeC-mDgfhTcMPDIOeSwLdpA.roa
File: vykdWeC-mDgfhTcMPDIOeSwLdpA.roa (raw, json)
Hash identifier: K8drab+fi2U+lXxXMq3GpDaIwZeCDkOzprH/f9NQhig=
Subject key identifier: BF:29:1D:59:E0:BE:98:38:1F:85:37:0C:3C:32:0E:79:2C:0B:76:90
Certificate issuer: /CN=d98247d3f81472dbba06dbea9bd19c785d18babe
Certificate serial: 01857315F4DB7A89D062CDC3C76F56393863
Authority key identifier: D9:82:47:D3:F8:14:72:DB:BA:06:DB:EA:9B:D1:9C:78:5D:18:BA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2YJH0_gUctu6Btvqm9GceF0Yur4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/6dbc99-bfa9-4ef7-a798-a3032615660c/1/vykdWeC-mDgfhTcMPDIOeSwLdpA.roa
Signing time: Mon 02 Jan 2023 15:24:56 +0000
ROA not before: Mon 02 Jan 2023 15:24:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39383
IP address blocks: 45.153.88.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:15:f4:db:7a:89:d0:62:cd:c3:c7:6f:56:39:38:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d98247d3f81472dbba06dbea9bd19c785d18babe
Validity
Not Before: Jan 2 15:24:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bf291d59e0be98381f85370c3c320e792c0b7690
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:3a:c6:e5:d2:ce:be:6e:37:7b:95:8c:c0:96:
aa:ff:d5:c2:76:e4:ae:37:e6:87:4f:10:2f:8f:b0:
78:33:47:4a:93:42:14:e9:8d:a3:55:95:7e:83:b2:
ff:17:19:24:9d:1a:6a:cd:8f:ed:cf:8d:28:5d:e7:
70:36:c0:f9:ba:d4:6d:7c:38:46:19:1d:8a:ac:be:
e7:a6:2e:6b:6e:3a:0b:9f:66:c4:18:55:6c:40:8a:
a1:93:b8:15:e3:5c:b6:d6:14:e0:3e:f3:a4:eb:d7:
73:ca:36:9b:62:b3:b7:d5:6d:c3:52:00:46:b6:02:
f7:97:f2:1a:35:48:e3:e8:80:59:29:53:eb:1e:66:
f0:03:31:89:54:0b:65:f1:e2:a0:52:a8:ac:7a:3c:
c7:71:23:11:f1:44:11:09:a0:29:64:55:11:92:44:
e1:a1:49:95:d2:c6:e5:9e:88:fd:1b:47:fb:bf:8b:
30:f8:d6:ae:cf:9c:bd:8e:2a:33:6b:80:e1:34:8f:
bf:e3:d3:31:f0:94:38:93:bd:50:4c:ed:81:10:fb:
ec:a7:9a:e0:b9:aa:c1:aa:86:cb:44:47:89:70:f1:
47:2a:61:1b:20:a5:f9:e5:a1:38:02:b8:98:60:36:
fb:64:f0:37:08:a1:39:c7:7d:6f:17:af:30:45:71:
6f:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:29:1D:59:E0:BE:98:38:1F:85:37:0C:3C:32:0E:79:2C:0B:76:90
X509v3 Authority Key Identifier:
keyid:D9:82:47:D3:F8:14:72:DB:BA:06:DB:EA:9B:D1:9C:78:5D:18:BA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2YJH0_gUctu6Btvqm9GceF0Yur4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/6dbc99-bfa9-4ef7-a798-a3032615660c/1/vykdWeC-mDgfhTcMPDIOeSwLdpA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/6dbc99-bfa9-4ef7-a798-a3032615660c/1/2YJH0_gUctu6Btvqm9GceF0Yur4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.88.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:23:a7:f3:d4:82:66:68:f3:84:48:21:7c:0d:90:73:f6:48:
ef:63:5f:c4:81:bd:d6:91:f0:8c:b4:f7:b7:fa:8b:ed:a8:9c:
0d:5e:7d:99:88:e2:db:11:42:d3:4e:fc:d6:6c:32:0f:32:c3:
27:ae:d3:18:67:5a:29:5b:4f:fe:81:74:c5:3b:53:cf:2e:63:
29:cc:cf:47:2a:b1:c3:1b:19:76:22:f2:c7:72:be:ac:60:e0:
ba:86:5a:5c:61:85:d8:97:96:a0:c1:a3:ec:73:ff:80:31:bf:
4b:f3:ba:7c:53:1e:61:60:0e:32:60:1a:fc:4a:32:32:57:77:
fb:45:ec:d8:43:fd:64:e0:59:9e:9c:f1:c2:a9:f9:ac:88:3d:
1a:d8:0f:0b:91:ea:31:4f:1e:df:de:16:b8:bc:8b:53:9a:48:
f7:50:31:16:d9:4f:e6:74:13:3b:05:1a:b1:f4:50:38:e0:90:
84:fd:a2:6b:38:8a:12:6c:bc:19:54:5f:11:25:8b:ce:a4:0d:
55:c8:5f:7e:6f:9e:b5:91:a0:d6:b2:ee:0a:ab:52:ef:4a:ea:
28:0d:f0:43:a6:53:2c:58:b9:9c:7d:43:7b:9c:7d:aa:ef:1a:
16:cb:8e:0e:35:3e:c8:92:51:e9:75:1a:64:ff:af:fd:f6:e2:
64:87:5c:4d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzFfTbeonQYs3Dx29WOThjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ODI0N2QzZjgxNDcyZGJiYTA2ZGJlYTliZDE5Yzc4NWQx
OGJhYmUwHhcNMjMwMTAyMTUyNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjI5MWQ1OWUwYmU5ODM4MWY4NTM3MGMzYzMyMGU3OTJjMGI3NjkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArzrG5dLOvm43e5WMwJaq/9XCduSu
N+aHTxAvj7B4M0dKk0IU6Y2jVZV+g7L/FxkknRpqzY/tz40oXedwNsD5utRtfDhG
GR2KrL7npi5rbjoLn2bEGFVsQIqhk7gV41y21hTgPvOk69dzyjabYrO31W3DUgBG
tgL3l/IaNUjj6IBZKVPrHmbwAzGJVAtl8eKgUqisejzHcSMR8UQRCaApZFURkkTh
oUmV0sblnoj9G0f7v4sw+Nauz5y9jioza4DhNI+/49Mx8JQ4k71QTO2BEPvsp5rg
uarBqobLREeJcPFHKmEbIKX55aE4AriYYDb7ZPA3CKE5x31vF68wRXFvowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL8pHVngvpg4H4U3DDwyDnksC3aQMB8GA1UdIwQY
MBaAFNmCR9P4FHLbugbb6pvRnHhdGLq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMllKSDBfZ1VjdHU2QnR2cW05R2NlRjBZdXI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC82ZGJjOTktYmZhOS00ZWY3LWE3OTgt
YTMwMzI2MTU2NjBjLzEvdnlrZFdlQy1tRGdmaFRjTVBESU9lU3dMZHBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC82ZGJjOTktYmZhOS00ZWY3LWE3OTgtYTMwMzI2MTU2NjBj
LzEvMllKSDBfZ1VjdHU2QnR2cW05R2NlRjBZdXI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZlYMA0G
CSqGSIb3DQEBCwUAA4IBAQAPI6fz1IJmaPOESCF8DZBz9kjvY1/Egb3WkfCMtPe3
+ovtqJwNXn2ZiOLbEULTTvzWbDIPMsMnrtMYZ1opW0/+gXTFO1PPLmMpzM9HKrHD
Gxl2IvLHcr6sYOC6hlpcYYXYl5agwaPsc/+AMb9L87p8Ux5hYA4yYBr8SjIyV3f7
RezYQ/1k4FmenPHCqfmsiD0a2A8LkeoxTx7f3ha4vItTmkj3UDEW2U/mdBM7BRqx
9FA44JCE/aJrOIoSbLwZVF8RJYvOpA1VyF9+b561kaDWsu4Kq1LvSuooDfBDplMs
WLmcfUN7nH2q7xoWy44ONT7IklHpdRpk/6/99uJkh1xN
-----END CERTIFICATE-----
Generated at Sun Apr 20 12:11:42 2025 by rpki-client