Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/86ed6d-e126-4279-ad98-6692fc619567/1/45QOIDXK0h8VbBQb6vyf8EKcAzY.roa
File: 45QOIDXK0h8VbBQb6vyf8EKcAzY.roa (raw, json)
Hash identifier: yKJhD01t4JlyAuaV4fgTGI81ysWm8c0sY+2Wa5smXzg=
Subject key identifier: E3:94:0E:20:35:CA:D2:1F:15:6C:14:1B:EA:FC:9F:F0:42:9C:03:36
Certificate issuer: /CN=397879aff2c4369d06c4f119a6fd7a5a13db8697
Certificate serial: 01831CC91B245ACAEF78CBEF088C933F7F22
Authority key identifier: 39:78:79:AF:F2:C4:36:9D:06:C4:F1:19:A6:FD:7A:5A:13:DB:86:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OXh5r_LENp0GxPEZpv16WhPbhpc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/86ed6d-e126-4279-ad98-6692fc619567/1/45QOIDXK0h8VbBQb6vyf8EKcAzY.roa
Signing time: Thu 08 Sep 2022 11:08:05 +0000
ROA not before: Thu 08 Sep 2022 11:08:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200697
IP address blocks: 185.98.24.0/24 maxlen: 24
185.98.27.0/24 maxlen: 24
185.98.25.0/24 maxlen: 24
185.98.26.0/24 maxlen: 24
2a04:7800::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:1c:c9:1b:24:5a:ca:ef:78:cb:ef:08:8c:93:3f:7f:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=397879aff2c4369d06c4f119a6fd7a5a13db8697
Validity
Not Before: Sep 8 11:08:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e3940e2035cad21f156c141beafc9ff0429c0336
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:3e:d7:12:78:a6:7e:62:72:85:54:bb:51:a2:
7a:f1:55:14:7e:8b:4c:7e:72:2e:6c:a2:b8:21:93:
5b:73:6e:19:d6:54:00:c9:28:a5:8e:a7:e1:a2:93:
4a:9d:cf:ae:42:ae:58:ff:29:f9:ed:97:f9:7f:63:
c8:5a:cc:eb:79:9f:1c:98:a4:0a:c7:1a:16:3e:25:
d8:08:f6:d0:ca:3a:09:d0:c1:c0:c6:96:69:c5:5b:
ab:4c:b0:ad:bb:46:6f:4c:4d:8c:48:37:ff:bd:3a:
4f:fc:dc:68:7a:a9:2a:32:64:10:17:c8:99:52:78:
29:b7:c9:c4:05:d3:cb:2b:95:5c:7d:81:44:a9:bd:
a0:ce:8c:3c:3d:e5:c1:51:12:6a:76:8f:d3:3e:dd:
3e:7d:82:52:cf:92:50:13:4c:57:65:6b:cd:e0:b7:
07:5c:73:d9:6d:9a:22:36:00:16:6c:78:70:90:25:
12:43:30:f7:33:18:5a:5d:9c:7a:0c:92:69:83:88:
ff:d5:a1:8f:64:e4:3f:62:43:4d:2c:b9:4f:78:6e:
dc:ad:ea:07:32:98:01:fa:10:ac:ed:7f:33:35:f3:
b8:0e:e4:31:59:d6:4d:bd:bc:a2:1a:08:39:93:0d:
1d:8c:6e:07:8a:70:fa:3b:56:ed:fc:ae:cb:b7:ef:
23:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:94:0E:20:35:CA:D2:1F:15:6C:14:1B:EA:FC:9F:F0:42:9C:03:36
X509v3 Authority Key Identifier:
keyid:39:78:79:AF:F2:C4:36:9D:06:C4:F1:19:A6:FD:7A:5A:13:DB:86:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OXh5r_LENp0GxPEZpv16WhPbhpc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/86ed6d-e126-4279-ad98-6692fc619567/1/45QOIDXK0h8VbBQb6vyf8EKcAzY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/86ed6d-e126-4279-ad98-6692fc619567/1/OXh5r_LENp0GxPEZpv16WhPbhpc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.98.24.0/22
IPv6:
2a04:7800::/29
Signature Algorithm: sha256WithRSAEncryption
ac:b5:7e:1a:20:ca:07:34:93:c9:64:eb:21:04:cb:b6:62:a2:
ef:9e:31:9d:41:49:e5:2d:62:7b:6d:10:49:09:a8:57:b4:ef:
c4:5e:b7:29:97:6a:6c:71:0d:28:f3:ef:fa:32:44:1d:0d:22:
95:38:d3:07:20:49:db:28:32:e7:aa:ce:f0:20:b4:a0:cc:47:
f4:ba:fa:4c:eb:2a:03:81:ac:16:7e:d3:3c:49:c9:2c:6c:8b:
7b:16:e6:4f:78:a8:24:d1:69:02:66:83:3a:e8:a1:dd:79:8d:
87:88:cf:0d:98:2b:99:e9:af:3c:0b:14:0c:6e:53:5a:c2:c9:
5c:f9:91:97:c1:80:a9:fe:72:fc:07:b3:f5:fe:b8:8a:73:7f:
48:53:c5:5f:98:13:bd:26:9e:54:48:1d:dd:71:60:4d:c1:eb:
6e:a7:6a:52:ac:76:41:f2:8c:1a:ea:52:f3:23:17:db:8b:c2:
d1:0f:01:cf:34:41:47:ef:ea:76:9f:09:9d:7a:4b:a7:9d:b0:
a2:75:ca:5a:42:85:b1:75:df:19:af:86:39:ef:1e:5d:ad:c5:
54:36:cf:56:36:47:29:56:2a:88:d8:48:ae:f0:6e:c0:d9:e4:
6d:4c:4c:b4:1a:b9:65:ed:19:31:19:b3:46:6e:24:b8:ef:1d:
94:18:d5:4b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYMcyRskWsrveMvvCIyTP38iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5Nzg3OWFmZjJjNDM2OWQwNmM0ZjExOWE2ZmQ3YTVhMTNk
Yjg2OTcwHhcNMjIwOTA4MTEwODA1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzk0MGUyMDM1Y2FkMjFmMTU2YzE0MWJlYWZjOWZmMDQyOWMwMzM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArT7XEnimfmJyhVS7UaJ68VUUfotM
fnIubKK4IZNbc24Z1lQAySiljqfhopNKnc+uQq5Y/yn57Zf5f2PIWszreZ8cmKQK
xxoWPiXYCPbQyjoJ0MHAxpZpxVurTLCtu0ZvTE2MSDf/vTpP/NxoeqkqMmQQF8iZ
Ungpt8nEBdPLK5VcfYFEqb2gzow8PeXBURJqdo/TPt0+fYJSz5JQE0xXZWvN4LcH
XHPZbZoiNgAWbHhwkCUSQzD3MxhaXZx6DJJpg4j/1aGPZOQ/YkNNLLlPeG7creoH
MpgB+hCs7X8zNfO4DuQxWdZNvbyiGgg5kw0djG4HinD6O1bt/K7Lt+8jSQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOOUDiA1ytIfFWwUG+r8n/BCnAM2MB8GA1UdIwQY
MBaAFDl4ea/yxDadBsTxGab9eloT24aXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1hoNXJfTEVOcDBHeFBFWnB2MTZXaFBiaHBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy84NmVkNmQtZTEyNi00Mjc5LWFkOTgt
NjY5MmZjNjE5NTY3LzEvNDVRT0lEWEswaDhWYkJRYjZ2eWY4RUtjQXpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy84NmVkNmQtZTEyNi00Mjc5LWFkOTgtNjY5MmZjNjE5NTY3
LzEvT1hoNXJfTEVOcDBHeFBFWnB2MTZXaFBiaHBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuWIYMA0E
AgACMAcDBQMqBHgAMA0GCSqGSIb3DQEBCwUAA4IBAQCstX4aIMoHNJPJZOshBMu2
YqLvnjGdQUnlLWJ7bRBJCahXtO/EXrcpl2pscQ0o8+/6MkQdDSKVONMHIEnbKDLn
qs7wILSgzEf0uvpM6yoDgawWftM8ScksbIt7FuZPeKgk0WkCZoM66KHdeY2HiM8N
mCuZ6a88CxQMblNawslc+ZGXwYCp/nL8B7P1/riKc39IU8VfmBO9Jp5USB3dcWBN
wetup2pSrHZB8owa6lLzIxfbi8LRDwHPNEFH7+p2nwmdekunnbCidcpaQoWxdd8Z
r4Y57x5drcVUNs9WNkcpViqI2Eiu8G7A2eRtTEy0Grll7RkxGbNGbiS47x2UGNVL
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:40:40 2025 by rpki-client