Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/eb7a65-f9e6-4784-8ff7-4b4f0f6f7522/1/3ubs0MQjXWj8RLksMTdWNrtz1kU.roa
File: 3ubs0MQjXWj8RLksMTdWNrtz1kU.roa (raw, json)
Hash identifier: 66LL15hLwu9n2vLpoDNv+HU76ItUTpkCBZA03AR9nAU=
Subject key identifier: DE:E6:EC:D0:C4:23:5D:68:FC:44:B9:2C:31:37:56:36:BB:73:D6:45
Certificate issuer: /CN=afdac241f3010b1ae484bc31f584ad0f9d206734
Certificate serial: 01825DCBA82CC9CC53ADD27C2D5B750AEFC8
Authority key identifier: AF:DA:C2:41:F3:01:0B:1A:E4:84:BC:31:F5:84:AD:0F:9D:20:67:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r9rCQfMBCxrkhLwx9YStD50gZzQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/eb7a65-f9e6-4784-8ff7-4b4f0f6f7522/1/3ubs0MQjXWj8RLksMTdWNrtz1kU.roa
Signing time: Tue 02 Aug 2022 09:03:24 +0000
ROA not before: Tue 02 Aug 2022 09:03:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44407
IP address blocks: 45.138.112.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:5d:cb:a8:2c:c9:cc:53:ad:d2:7c:2d:5b:75:0a:ef:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=afdac241f3010b1ae484bc31f584ad0f9d206734
Validity
Not Before: Aug 2 09:03:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dee6ecd0c4235d68fc44b92c31375636bb73d645
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:e1:c4:f7:2f:f3:48:a7:d3:f9:8c:c1:f5:89:
2a:fc:f6:45:d5:af:f0:23:0f:6c:15:f7:32:5e:8a:
d4:a7:66:be:5e:90:6d:11:10:f5:51:4b:3d:0f:dc:
63:d2:ca:03:12:fc:d9:0d:0a:2a:4b:5a:ec:c3:ba:
cd:89:72:1c:9b:eb:71:4b:e2:1b:2e:c9:f0:76:b7:
32:c5:7d:63:28:3a:25:4f:b6:19:0c:9a:e0:3f:80:
2f:92:ac:41:19:67:c9:70:b0:72:16:92:c6:51:d8:
6a:d7:dc:64:d5:5e:39:6c:a6:8d:f3:90:66:c5:8a:
dd:d0:9b:e8:a6:ca:e2:ae:6a:ea:6c:64:db:ea:03:
95:45:66:0b:ef:37:85:f8:bb:4c:a8:09:82:17:04:
ee:4e:0e:be:56:83:09:59:c5:9f:cf:a6:8f:5c:86:
57:5f:d1:d2:35:08:17:7f:82:a1:da:58:ea:96:d6:
16:d1:d6:92:e4:83:a6:bb:a0:c7:0e:e6:de:ae:dc:
14:67:09:c5:e0:cf:e1:84:88:30:ab:a4:28:48:c7:
3d:a9:c8:3a:ad:34:7e:7c:84:8c:08:77:86:70:47:
f2:f7:88:0c:2c:e4:9d:7f:3b:7f:00:f6:f4:7c:6d:
98:13:98:49:8f:87:e1:d9:68:53:87:a0:29:5b:55:
d2:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:E6:EC:D0:C4:23:5D:68:FC:44:B9:2C:31:37:56:36:BB:73:D6:45
X509v3 Authority Key Identifier:
keyid:AF:DA:C2:41:F3:01:0B:1A:E4:84:BC:31:F5:84:AD:0F:9D:20:67:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r9rCQfMBCxrkhLwx9YStD50gZzQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/eb7a65-f9e6-4784-8ff7-4b4f0f6f7522/1/3ubs0MQjXWj8RLksMTdWNrtz1kU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/eb7a65-f9e6-4784-8ff7-4b4f0f6f7522/1/r9rCQfMBCxrkhLwx9YStD50gZzQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.138.112.0/22
Signature Algorithm: sha256WithRSAEncryption
7e:d0:e3:8d:f5:16:85:17:a4:5b:1f:f9:2b:c4:ee:eb:39:79:
30:87:5e:db:16:cc:f9:78:ef:2b:2a:c4:3e:a3:52:68:47:8d:
d0:6b:83:eb:f9:00:de:06:ac:c4:96:2a:b2:71:2f:fc:78:d9:
b9:97:3c:7e:7b:89:e8:68:c5:bd:ad:22:50:42:ef:24:09:d2:
01:6a:7a:2d:d8:5b:d8:e5:60:f8:c2:86:96:ca:dc:de:ee:3b:
00:9d:d9:a5:8f:5b:28:02:01:a3:90:24:be:df:92:00:e1:a0:
53:35:3a:fa:35:55:08:9a:68:fc:32:38:49:c6:40:e5:6b:f0:
e4:f3:80:5b:32:94:96:07:b3:46:c4:b5:3f:8b:ce:90:90:f7:
35:94:03:f1:24:09:09:03:a3:88:e3:cf:a3:b5:e7:2f:8d:61:
e2:c5:97:4f:a5:69:25:2e:62:50:84:1a:d8:73:4a:d9:1a:fe:
39:df:bc:c0:c1:ce:4f:f8:6a:97:24:93:92:27:38:85:a8:d1:
6e:da:8a:1a:a4:35:ce:61:03:1d:d0:ad:20:75:1d:63:f7:d5:
26:01:b9:2f:73:6f:93:94:74:7b:b6:d5:98:54:44:d2:64:c7:
63:c3:2b:2e:03:f5:59:ba:6c:ba:6e:d8:68:96:16:83:ff:7d:
74:09:cd:41
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYJdy6gsycxTrdJ8LVt1Cu/IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmZGFjMjQxZjMwMTBiMWFlNDg0YmMzMWY1ODRhZDBmOWQy
MDY3MzQwHhcNMjIwODAyMDkwMzI0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWU2ZWNkMGM0MjM1ZDY4ZmM0NGI5MmMzMTM3NTYzNmJiNzNkNjQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsOHE9y/zSKfT+YzB9Ykq/PZF1a/w
Iw9sFfcyXorUp2a+XpBtERD1UUs9D9xj0soDEvzZDQoqS1rsw7rNiXIcm+txS+Ib
LsnwdrcyxX1jKDolT7YZDJrgP4AvkqxBGWfJcLByFpLGUdhq19xk1V45bKaN85Bm
xYrd0JvopsrirmrqbGTb6gOVRWYL7zeF+LtMqAmCFwTuTg6+VoMJWcWfz6aPXIZX
X9HSNQgXf4Kh2ljqltYW0daS5IOmu6DHDubertwUZwnF4M/hhIgwq6QoSMc9qcg6
rTR+fISMCHeGcEfy94gMLOSdfzt/APb0fG2YE5hJj4fh2WhTh6ApW1XS9QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN7m7NDEI11o/ES5LDE3Vja7c9ZFMB8GA1UdIwQY
MBaAFK/awkHzAQsa5IS8MfWErQ+dIGc0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjlyQ1FmTUJDeHJraEx3eDlZU3RENTBnWnpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9lYjdhNjUtZjllNi00Nzg0LThmZjct
NGI0ZjBmNmY3NTIyLzEvM3ViczBNUWpYV2o4Ukxrc01UZFdOcnR6MWtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS9lYjdhNjUtZjllNi00Nzg0LThmZjctNGI0ZjBmNmY3NTIy
LzEvcjlyQ1FmTUJDeHJraEx3eDlZU3RENTBnWnpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLYpwMA0G
CSqGSIb3DQEBCwUAA4IBAQB+0OON9RaFF6RbH/krxO7rOXkwh17bFsz5eO8rKsQ+
o1JoR43Qa4Pr+QDeBqzEliqycS/8eNm5lzx+e4noaMW9rSJQQu8kCdIBanot2FvY
5WD4woaWytze7jsAndmlj1soAgGjkCS+35IA4aBTNTr6NVUImmj8MjhJxkDla/Dk
84BbMpSWB7NGxLU/i86QkPc1lAPxJAkJA6OI48+jtecvjWHixZdPpWklLmJQhBrY
c0rZGv4537zAwc5P+GqXJJOSJziFqNFu2ooapDXOYQMd0K0gdR1j99UmAbkvc2+T
lHR7ttWYVETSZMdjwysuA/VZumy6btholhaD/310Cc1B
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:05:42 2025 by rpki-client