Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/5289c4-02b5-465e-8cbd-773732652f4f/1/42WFo3XjVWxeG87TsY3tmlgteKI.roa
File: 42WFo3XjVWxeG87TsY3tmlgteKI.roa (raw, json)
Hash identifier: LuqLHXKzA11njRw671iNviqV4RLd0m8htwXXux7XfQY=
Subject key identifier: E3:65:85:A3:75:E3:55:6C:5E:1B:CE:D3:B1:8D:ED:9A:58:2D:78:A2
Certificate issuer: /CN=529fbab5171a5cb22f6c54f10b3a2cb6db51723e
Certificate serial: 0187E0FDD137C27B908563583B6B8692C4A9
Authority key identifier: 52:9F:BA:B5:17:1A:5C:B2:2F:6C:54:F1:0B:3A:2C:B6:DB:51:72:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Up-6tRcaXLIvbFTxCzostttRcj4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/5289c4-02b5-465e-8cbd-773732652f4f/1/42WFo3XjVWxeG87TsY3tmlgteKI.roa
Signing time: Wed 03 May 2023 09:42:23 +0000
ROA not before: Wed 03 May 2023 09:42:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207942
IP address blocks: 45.152.248.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:e0:fd:d1:37:c2:7b:90:85:63:58:3b:6b:86:92:c4:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=529fbab5171a5cb22f6c54f10b3a2cb6db51723e
Validity
Not Before: May 3 09:42:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e36585a375e3556c5e1bced3b18ded9a582d78a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:d2:61:00:cb:41:f7:7e:13:a3:ac:d4:1e:7a:
27:aa:81:bb:f3:8c:c1:da:5b:e1:67:13:3b:e9:8a:
f9:3a:6d:ac:19:e1:7b:96:cd:fe:2b:d4:6f:28:eb:
38:dd:3c:2d:64:d7:51:c7:af:4a:24:38:ce:b5:7e:
7e:4f:d9:37:d2:76:e9:60:82:f3:03:94:b8:53:12:
cf:b3:39:ce:a3:e6:a9:01:fa:1e:2c:f0:36:93:63:
4b:b5:a2:5c:c2:26:65:58:f9:2f:b8:80:57:17:ea:
b0:26:5f:df:66:58:15:50:96:97:0d:df:18:a6:40:
a9:d3:5e:0d:d2:ac:16:a3:40:ee:5c:7b:64:bc:38:
ad:0b:c8:c0:1f:8c:6d:85:04:16:f7:65:9f:6b:ba:
23:7a:10:e0:21:95:0e:64:84:51:14:ce:62:b4:f0:
a9:f4:53:57:df:04:30:7f:4e:67:27:8c:75:9a:9f:
dc:d3:2e:8c:c5:ec:ad:ad:95:a7:57:10:ef:c3:c7:
8b:f7:97:a0:9b:97:1b:32:0e:b3:c2:9e:12:ad:e6:
b3:f2:ba:04:69:af:44:f7:dc:fb:48:17:6c:ba:69:
f5:5a:b5:45:ba:df:92:fa:d4:9b:1c:da:21:ec:6a:
9e:61:b9:79:b5:06:96:e6:ec:05:2c:c1:2d:f4:1a:
4c:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:65:85:A3:75:E3:55:6C:5E:1B:CE:D3:B1:8D:ED:9A:58:2D:78:A2
X509v3 Authority Key Identifier:
keyid:52:9F:BA:B5:17:1A:5C:B2:2F:6C:54:F1:0B:3A:2C:B6:DB:51:72:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Up-6tRcaXLIvbFTxCzostttRcj4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/5289c4-02b5-465e-8cbd-773732652f4f/1/42WFo3XjVWxeG87TsY3tmlgteKI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/5289c4-02b5-465e-8cbd-773732652f4f/1/Up-6tRcaXLIvbFTxCzostttRcj4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.152.248.0/24
Signature Algorithm: sha256WithRSAEncryption
46:0f:db:44:10:7b:5c:76:b3:5b:5d:df:64:75:f5:c5:3c:c2:
36:5c:b0:d8:d7:af:6a:05:05:0f:8c:17:9d:7b:80:90:89:1a:
26:91:76:6f:bf:a3:49:a1:e4:a5:ee:a0:46:42:93:b7:7f:68:
c2:ba:dc:f5:8b:0e:80:45:89:4c:a7:be:36:41:89:d3:f5:d9:
42:56:5a:a5:56:9f:7c:c9:16:79:84:fa:dd:49:85:0d:44:89:
44:11:7e:20:90:92:2b:49:3b:81:e9:fe:06:3b:61:d7:b8:e0:
2c:d3:ef:9f:30:d2:4a:ca:24:8a:4d:a2:da:45:9b:ab:f8:d6:
ee:56:87:2e:30:4a:d3:e5:20:b1:4f:5c:27:22:5b:51:87:e7:
9f:0f:c3:67:d0:cc:73:c1:b7:0b:c0:15:56:e0:82:e1:e0:55:
2b:47:d9:24:67:dc:2f:25:18:5d:40:3f:46:9d:8d:84:9e:b8:
1d:48:b4:ad:0a:45:c1:f0:ce:eb:78:7c:7f:6e:89:00:1f:c9:
58:ae:fc:35:ea:59:42:16:6d:ad:70:fe:a7:ef:63:28:28:fb:
2c:19:a3:f6:00:e5:fb:4c:b0:60:73:7b:fc:b8:cf:80:90:8a:
0a:68:03:a4:eb:56:f1:8b:cc:23:9f:5d:4a:80:51:3e:c8:9e:
7f:3f:f9:14
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYfg/dE3wnuQhWNYO2uGksSpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyOWZiYWI1MTcxYTVjYjIyZjZjNTRmMTBiM2EyY2I2ZGI1
MTcyM2UwHhcNMjMwNTAzMDk0MjIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzY1ODVhMzc1ZTM1NTZjNWUxYmNlZDNiMThkZWQ5YTU4MmQ3OGEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjNJhAMtB934To6zUHnonqoG784zB
2lvhZxM76Yr5Om2sGeF7ls3+K9RvKOs43TwtZNdRx69KJDjOtX5+T9k30nbpYILz
A5S4UxLPsznOo+apAfoeLPA2k2NLtaJcwiZlWPkvuIBXF+qwJl/fZlgVUJaXDd8Y
pkCp014N0qwWo0DuXHtkvDitC8jAH4xthQQW92Wfa7ojehDgIZUOZIRRFM5itPCp
9FNX3wQwf05nJ4x1mp/c0y6MxeytrZWnVxDvw8eL95egm5cbMg6zwp4Sreaz8roE
aa9E99z7SBdsumn1WrVFut+S+tSbHNoh7GqeYbl5tQaW5uwFLMEt9BpMiQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFONlhaN141VsXhvO07GN7ZpYLXiiMB8GA1UdIwQY
MBaAFFKfurUXGlyyL2xU8Qs6LLbbUXI+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXAtNnRSY2FYTEl2YkZUeEN6b3N0dHRSY2o0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS81Mjg5YzQtMDJiNS00NjVlLThjYmQt
NzczNzMyNjUyZjRmLzEvNDJXRm8zWGpWV3hlRzg3VHNZM3RtbGd0ZUtJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS81Mjg5YzQtMDJiNS00NjVlLThjYmQtNzczNzMyNjUyZjRm
LzEvVXAtNnRSY2FYTEl2YkZUeEN6b3N0dHRSY2o0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZj4MA0G
CSqGSIb3DQEBCwUAA4IBAQBGD9tEEHtcdrNbXd9kdfXFPMI2XLDY169qBQUPjBed
e4CQiRomkXZvv6NJoeSl7qBGQpO3f2jCutz1iw6ARYlMp742QYnT9dlCVlqlVp98
yRZ5hPrdSYUNRIlEEX4gkJIrSTuB6f4GO2HXuOAs0++fMNJKyiSKTaLaRZur+Nbu
VocuMErT5SCxT1wnIltRh+efD8Nn0MxzwbcLwBVW4ILh4FUrR9kkZ9wvJRhdQD9G
nY2EnrgdSLStCkXB8M7reHx/bokAH8lYrvw16llCFm2tcP6n72MoKPssGaP2AOX7
TLBgc3v8uM+AkIoKaAOk61bxi8wjn11KgFE+yJ5/P/kU
-----END CERTIFICATE-----
Generated at Fri Apr 18 15:16:43 2025 by rpki-client