Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/6cf712-dd0b-4a90-958e-693bf67e61f3/1/Qm6XPOq3X9UevqQpTtL8qluo52k.roa
File: Qm6XPOq3X9UevqQpTtL8qluo52k.roa (raw, json)
Hash identifier: 2Vb6fg6AMaqrNFGbgA3OeVtallu5gHrq/mkLqVtGyl4=
Subject key identifier: 42:6E:97:3C:EA:B7:5F:D5:1E:BE:A4:29:4E:D2:FC:AA:5B:A8:E7:69
Certificate issuer: /CN=a39b4943e7d6b4b0e1de85c9bc38b857554dd47d
Certificate serial: 0188DED84A0E4E6742BDF1F3B66CF7928487
Authority key identifier: A3:9B:49:43:E7:D6:B4:B0:E1:DE:85:C9:BC:38:B8:57:55:4D:D4:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o5tJQ-fWtLDh3oXJvDi4V1VN1H0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/6cf712-dd0b-4a90-958e-693bf67e61f3/1/Qm6XPOq3X9UevqQpTtL8qluo52k.roa
Signing time: Wed 21 Jun 2023 16:44:56 +0000
ROA not before: Wed 21 Jun 2023 16:44:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29467
IP address blocks: 45.67.254.0/24 maxlen: 24
45.67.255.0/24 maxlen: 24
45.67.252.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:de:d8:4a:0e:4e:67:42:bd:f1:f3:b6:6c:f7:92:84:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a39b4943e7d6b4b0e1de85c9bc38b857554dd47d
Validity
Not Before: Jun 21 16:44:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=426e973ceab75fd51ebea4294ed2fcaa5ba8e769
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:81:d9:43:af:65:fc:44:08:50:83:1d:06:13:
3e:00:92:29:a3:7f:9b:8f:38:e2:ee:fd:43:2e:20:
96:34:67:19:af:f3:4a:ae:f7:dd:05:cb:4d:be:1d:
2f:b0:a0:1d:1b:c7:90:9f:16:2e:67:e1:ef:b9:d0:
86:ef:e6:47:e9:0b:25:e5:ac:69:f5:35:86:d5:f2:
ed:fc:95:ba:e6:3a:f3:e3:b2:45:9f:e0:95:ad:3b:
6b:b7:b8:da:a6:2a:18:bf:f3:61:ea:6d:3e:7e:71:
8a:a7:de:e2:3b:e3:ba:bb:37:c9:4d:4d:0f:32:3a:
19:2f:c7:cb:f9:ad:02:93:22:4a:3d:b8:f7:42:f3:
08:ee:7a:df:01:0d:d3:90:26:be:57:91:fa:8a:ad:
cf:a0:1b:3f:bc:6e:46:e9:2c:31:5f:fd:17:63:84:
fc:57:a1:a3:c7:ed:1b:be:09:0c:49:22:e9:f1:6d:
c2:9d:da:4d:bf:fc:31:bf:d6:14:c6:3c:22:d4:5b:
58:14:09:98:a1:8d:e4:31:ce:80:d3:93:cc:d9:80:
d4:f1:15:db:e0:81:a9:18:b5:8a:42:6d:62:51:df:
5e:40:ba:11:82:cb:f5:22:cf:a8:a7:fa:46:74:43:
cc:6a:e0:3a:d0:7a:bd:ba:c3:89:ed:d3:41:1a:ba:
eb:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:6E:97:3C:EA:B7:5F:D5:1E:BE:A4:29:4E:D2:FC:AA:5B:A8:E7:69
X509v3 Authority Key Identifier:
keyid:A3:9B:49:43:E7:D6:B4:B0:E1:DE:85:C9:BC:38:B8:57:55:4D:D4:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o5tJQ-fWtLDh3oXJvDi4V1VN1H0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/6cf712-dd0b-4a90-958e-693bf67e61f3/1/Qm6XPOq3X9UevqQpTtL8qluo52k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/6cf712-dd0b-4a90-958e-693bf67e61f3/1/o5tJQ-fWtLDh3oXJvDi4V1VN1H0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.252.0/24
45.67.254.0/23
Signature Algorithm: sha256WithRSAEncryption
7e:0c:fd:f8:83:e2:7f:18:55:9e:17:35:7c:53:e8:83:b5:61:
94:77:0e:c9:93:3a:53:3e:2f:61:97:78:4e:d0:54:53:8d:b2:
31:a0:35:e6:0f:20:2d:b1:5f:8f:fc:f8:a2:4c:ce:9f:06:57:
b9:7e:b4:28:2d:19:94:c7:5f:ed:b0:4b:98:fb:4c:75:b4:50:
96:a1:20:a3:31:a0:69:7a:f1:77:9b:1a:da:6c:78:1b:f9:24:
60:29:f2:7b:3a:bc:8a:8d:37:72:e5:e5:34:ad:97:d1:13:f6:
13:50:d6:17:20:d9:36:0f:a0:ac:b9:79:2c:54:a5:6f:7d:1c:
fd:43:7d:8c:ab:52:c1:2e:93:46:dc:32:1f:3d:ea:17:ba:2e:
27:1f:d8:d4:74:ea:5f:55:4e:4a:53:e9:6d:3f:fc:66:92:fc:
e6:e4:98:94:50:25:b9:e2:65:97:76:27:ce:fc:67:d4:1a:57:
8d:db:18:2e:0a:9f:66:5a:3d:b2:1c:5e:48:8a:5f:e5:23:7e:
bb:61:af:13:81:3b:61:d6:e2:bf:90:68:55:02:b2:d4:04:12:
ca:8a:9e:3d:4f:0c:05:af:62:fc:07:4c:a9:84:d3:06:5a:5a:
38:5f:f8:08:79:07:eb:81:65:73:75:56:a7:20:ae:77:20:83:
d8:7e:68:ae
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYje2EoOTmdCvfHztmz3koSHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzOWI0OTQzZTdkNmI0YjBlMWRlODVjOWJjMzhiODU3NTU0
ZGQ0N2QwHhcNMjMwNjIxMTY0NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjZlOTczY2VhYjc1ZmQ1MWViZWE0Mjk0ZWQyZmNhYTViYThlNzY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo4HZQ69l/EQIUIMdBhM+AJIpo3+b
jzji7v1DLiCWNGcZr/NKrvfdBctNvh0vsKAdG8eQnxYuZ+HvudCG7+ZH6Qsl5axp
9TWG1fLt/JW65jrz47JFn+CVrTtrt7japioYv/Nh6m0+fnGKp97iO+O6uzfJTU0P
MjoZL8fL+a0CkyJKPbj3QvMI7nrfAQ3TkCa+V5H6iq3PoBs/vG5G6SwxX/0XY4T8
V6Gjx+0bvgkMSSLp8W3CndpNv/wxv9YUxjwi1FtYFAmYoY3kMc6A05PM2YDU8RXb
4IGpGLWKQm1iUd9eQLoRgsv1Is+op/pGdEPMauA60Hq9usOJ7dNBGrrr8wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEJulzzqt1/VHr6kKU7S/KpbqOdpMB8GA1UdIwQY
MBaAFKObSUPn1rSw4d6Fybw4uFdVTdR9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzV0SlEtZld0TERoM29YSnZEaTRWMVZOMUgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS82Y2Y3MTItZGQwYi00YTkwLTk1OGUt
NjkzYmY2N2U2MWYzLzEvUW02WFBPcTNYOVVldnFRcFR0TDhxbHVvNTJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS82Y2Y3MTItZGQwYi00YTkwLTk1OGUtNjkzYmY2N2U2MWYz
LzEvbzV0SlEtZld0TERoM29YSnZEaTRWMVZOMUgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALUP8AwQB
LUP+MA0GCSqGSIb3DQEBCwUAA4IBAQB+DP34g+J/GFWeFzV8U+iDtWGUdw7JkzpT
Pi9hl3hO0FRTjbIxoDXmDyAtsV+P/PiiTM6fBle5frQoLRmUx1/tsEuY+0x1tFCW
oSCjMaBpevF3mxrabHgb+SRgKfJ7OryKjTdy5eU0rZfRE/YTUNYXINk2D6CsuXks
VKVvfRz9Q32Mq1LBLpNG3DIfPeoXui4nH9jUdOpfVU5KU+ltP/xmkvzm5JiUUCW5
4mWXdifO/GfUGleN2xguCp9mWj2yHF5Iil/lI367Ya8TgTth1uK/kGhVArLUBBLK
ip49TwwFr2L8B0yphNMGWlo4X/gIeQfrgWVzdVanIK53IIPYfmiu
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:48:24 2025 by rpki-client