Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/3b1c1f-2d8c-4861-b71d-d03a2c435aec/1/U9QeEqRfAzmhnxu8CsxzCHDGJIw.roa
File: U9QeEqRfAzmhnxu8CsxzCHDGJIw.roa (raw, json)
Hash identifier: 0AsVPechShCh3e+6R7tiKQ8oCdyxZnO93yvqX6s7LBc=
Subject key identifier: 53:D4:1E:12:A4:5F:03:39:A1:9F:1B:BC:0A:CC:73:08:70:C6:24:8C
Certificate issuer: /CN=740f65f302335baa90ed81c05384d53f2332391a
Certificate serial: 018AA89AC62F6922FF11C51CAAD35AEBC1B9
Authority key identifier: 74:0F:65:F3:02:33:5B:AA:90:ED:81:C0:53:84:D5:3F:23:32:39:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dA9l8wIzW6qQ7YHAU4TVPyMyORo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/3b1c1f-2d8c-4861-b71d-d03a2c435aec/1/U9QeEqRfAzmhnxu8CsxzCHDGJIw.roa
Signing time: Mon 18 Sep 2023 14:03:50 +0000
ROA not before: Mon 18 Sep 2023 14:03:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206844
IP address blocks: 45.156.32.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:a8:9a:c6:2f:69:22:ff:11:c5:1c:aa:d3:5a:eb:c1:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=740f65f302335baa90ed81c05384d53f2332391a
Validity
Not Before: Sep 18 14:03:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=53d41e12a45f0339a19f1bbc0acc730870c6248c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:69:c4:33:cb:f4:f3:76:34:6f:09:ae:5b:97:
e8:83:69:53:b5:48:60:e1:65:42:94:54:cf:6f:aa:
a7:c2:f9:c0:7d:c0:3c:0a:0c:5d:da:49:1b:74:2b:
f4:f6:28:7b:df:2f:36:52:e0:bf:da:a2:b9:49:ee:
1c:b5:7e:6f:5a:3a:cb:6e:97:6d:5d:e4:e9:8c:7a:
ce:08:9b:44:d7:7a:55:cf:63:2b:e5:70:d2:32:4d:
70:85:02:54:b2:1c:ec:9d:b5:11:97:c1:a6:af:6e:
51:34:7c:9e:a9:10:7f:d6:62:50:5e:55:ab:d7:c6:
51:78:59:98:86:a6:6f:72:86:af:4a:ff:ed:6e:4c:
cf:3a:c4:e9:79:90:c8:7a:56:55:77:66:40:24:36:
ee:62:34:99:70:fd:fd:40:5f:2d:70:a1:63:2d:09:
9c:1f:33:44:a6:02:b2:90:15:32:62:74:d6:a0:25:
16:c9:f9:97:10:be:f3:e4:c1:11:2c:b1:4a:ac:32:
16:ae:b6:46:a0:55:97:ce:e6:08:e8:ef:6f:35:d1:
2d:fe:ba:db:59:bf:5e:02:c7:c8:fc:7f:ec:09:60:
1b:f4:96:e0:f4:27:2a:6d:6a:04:1f:83:55:a9:fc:
d2:a5:d0:c2:ca:2a:74:1f:0c:eb:cc:c5:67:54:3b:
b1:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:D4:1E:12:A4:5F:03:39:A1:9F:1B:BC:0A:CC:73:08:70:C6:24:8C
X509v3 Authority Key Identifier:
keyid:74:0F:65:F3:02:33:5B:AA:90:ED:81:C0:53:84:D5:3F:23:32:39:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dA9l8wIzW6qQ7YHAU4TVPyMyORo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/3b1c1f-2d8c-4861-b71d-d03a2c435aec/1/U9QeEqRfAzmhnxu8CsxzCHDGJIw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/3b1c1f-2d8c-4861-b71d-d03a2c435aec/1/dA9l8wIzW6qQ7YHAU4TVPyMyORo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.32.0/22
Signature Algorithm: sha256WithRSAEncryption
9c:78:92:64:74:97:49:a8:2b:b1:79:c8:2a:92:b4:58:d7:dc:
ad:0b:eb:ee:60:1d:05:50:21:b5:81:6a:ce:1a:2d:22:fe:ae:
87:d5:0b:b0:58:5f:38:19:d2:b9:5c:e0:f9:bf:be:ba:0d:81:
ee:c7:19:ec:89:5c:4d:1d:a3:f2:27:29:34:62:85:a7:a9:e6:
5e:c8:44:d7:ab:ce:07:06:2e:7d:1a:5f:fc:dd:75:f3:4d:e3:
43:b5:43:db:02:96:fc:51:6b:47:64:1c:71:dc:9e:f6:a7:30:
a7:68:5e:38:5a:5c:83:fe:fd:8a:9e:3b:5a:be:7b:dd:e5:d2:
38:08:03:df:9d:ef:56:ed:c0:c0:c1:e3:b4:00:31:b5:e6:7c:
b9:19:d8:f0:51:d7:c2:04:36:b9:3d:53:ef:16:cd:c8:e2:6c:
b2:b2:17:aa:b0:93:1d:26:9c:56:87:ef:2c:9c:b2:d2:99:cb:
d3:32:b6:d4:62:d5:9c:2a:c1:10:fc:5e:15:33:f7:d7:28:2a:
58:64:1d:03:81:60:55:eb:b9:cf:39:ea:5e:06:8d:6c:bf:38:
f4:19:7c:1c:b9:b9:e5:aa:ee:73:d3:67:88:68:24:17:e2:d5:
5d:8c:27:75:93:ca:ff:48:b5:84:f3:a6:b1:28:20:36:9b:23:
11:b5:3c:f7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYqomsYvaSL/EcUcqtNa68G5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0MGY2NWYzMDIzMzViYWE5MGVkODFjMDUzODRkNTNmMjMz
MjM5MWEwHhcNMjMwOTE4MTQwMzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2Q0MWUxMmE0NWYwMzM5YTE5ZjFiYmMwYWNjNzMwODcwYzYyNDhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvGnEM8v083Y0bwmuW5fog2lTtUhg
4WVClFTPb6qnwvnAfcA8Cgxd2kkbdCv09ih73y82UuC/2qK5Se4ctX5vWjrLbpdt
XeTpjHrOCJtE13pVz2Mr5XDSMk1whQJUshzsnbURl8Gmr25RNHyeqRB/1mJQXlWr
18ZReFmYhqZvcoavSv/tbkzPOsTpeZDIelZVd2ZAJDbuYjSZcP39QF8tcKFjLQmc
HzNEpgKykBUyYnTWoCUWyfmXEL7z5MERLLFKrDIWrrZGoFWXzuYI6O9vNdEt/rrb
Wb9eAsfI/H/sCWAb9Jbg9CcqbWoEH4NVqfzSpdDCyip0HwzrzMVnVDux3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFPUHhKkXwM5oZ8bvArMcwhwxiSMMB8GA1UdIwQY
MBaAFHQPZfMCM1uqkO2BwFOE1T8jMjkaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEE5bDh3SXpXNnFRN1lIQVU0VFZQeU15T1JvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS8zYjFjMWYtMmQ4Yy00ODYxLWI3MWQt
ZDAzYTJjNDM1YWVjLzEvVTlRZUVxUmZBem1obnh1OENzeHpDSERHSkl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS8zYjFjMWYtMmQ4Yy00ODYxLWI3MWQtZDAzYTJjNDM1YWVj
LzEvZEE5bDh3SXpXNnFRN1lIQVU0VFZQeU15T1JvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZwgMA0G
CSqGSIb3DQEBCwUAA4IBAQCceJJkdJdJqCuxecgqkrRY19ytC+vuYB0FUCG1gWrO
Gi0i/q6H1QuwWF84GdK5XOD5v766DYHuxxnsiVxNHaPyJyk0YoWnqeZeyETXq84H
Bi59Gl/83XXzTeNDtUPbApb8UWtHZBxx3J72pzCnaF44WlyD/v2Knjtavnvd5dI4
CAPfne9W7cDAweO0ADG15ny5GdjwUdfCBDa5PVPvFs3I4myysheqsJMdJpxWh+8s
nLLSmcvTMrbUYtWcKsEQ/F4VM/fXKCpYZB0DgWBV67nPOepeBo1svzj0GXwcubnl
qu5z02eIaCQX4tVdjCd1k8r/SLWE86axKCA2myMRtTz3
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:40:44 2025 by rpki-client