Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/6b9DP_lVBMd0lnVZgV_MdqFCA9A.roa
File: 6b9DP_lVBMd0lnVZgV_MdqFCA9A.roa (raw, json)
Hash identifier: 6hdMTPw72Yrnil059mlgRdVlT7PUDx3wLUe1tzokkpU=
Subject key identifier: E9:BF:43:3F:F9:55:04:C7:74:96:75:59:81:5F:CC:76:A1:42:03:D0
Certificate issuer: /CN=cec5afe769b94346e1cd362eb85f875b23b17277
Certificate serial: 0187C3149F2561E4EABE74B438AD6665A487
Authority key identifier: CE:C5:AF:E7:69:B9:43:46:E1:CD:36:2E:B8:5F:87:5B:23:B1:72:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zsWv52m5Q0bhzTYuuF-HWyOxcnc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/6b9DP_lVBMd0lnVZgV_MdqFCA9A.roa
Signing time: Thu 27 Apr 2023 14:18:41 +0000
ROA not before: Thu 27 Apr 2023 14:18:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44547
IP address blocks: 45.145.154.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:c3:14:9f:25:61:e4:ea:be:74:b4:38:ad:66:65:a4:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cec5afe769b94346e1cd362eb85f875b23b17277
Validity
Not Before: Apr 27 14:18:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e9bf433ff95504c774967559815fcc76a14203d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:db:95:85:ed:43:f7:ac:23:e7:99:b1:d4:b9:
85:ca:c0:17:33:87:a7:33:ab:ea:c6:e6:43:36:c5:
a4:c6:50:69:a9:00:21:cc:5f:5f:1c:08:c1:28:fa:
54:a5:b4:07:e2:e5:03:c7:2f:19:dd:67:6f:a5:08:
d4:7f:d5:78:5d:49:4b:a7:2c:6c:82:3d:02:b2:78:
3b:dd:04:93:a9:9c:cb:e1:3c:41:ad:67:b6:9b:e4:
52:bb:8a:ca:39:4d:15:72:f8:37:56:32:6e:23:3b:
f5:d5:9f:3c:2d:fd:1d:7f:79:fb:b7:3d:11:24:53:
ac:f7:15:60:c7:d1:cd:2a:f4:e4:ef:96:ee:b0:49:
8a:8c:4e:f3:d8:85:23:e2:74:b1:b4:24:c9:22:bb:
76:49:6f:56:bd:e0:20:b4:67:48:fb:25:c6:f6:08:
39:33:0d:fa:98:7f:d8:ad:87:e9:1a:14:9d:78:96:
77:b4:d7:f9:f9:d5:52:0c:c4:83:78:cc:13:ff:4c:
3a:ee:fb:f0:54:c8:1e:34:7d:1d:ee:de:0d:16:59:
00:de:2d:d9:aa:58:ce:d3:be:a8:4d:97:8e:11:18:
69:bf:a1:13:a9:11:7d:70:b4:e7:6d:b1:2a:f0:2c:
fe:44:d9:89:83:6e:a7:ac:89:cc:4a:5d:cd:ec:e5:
e2:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:BF:43:3F:F9:55:04:C7:74:96:75:59:81:5F:CC:76:A1:42:03:D0
X509v3 Authority Key Identifier:
keyid:CE:C5:AF:E7:69:B9:43:46:E1:CD:36:2E:B8:5F:87:5B:23:B1:72:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zsWv52m5Q0bhzTYuuF-HWyOxcnc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/6b9DP_lVBMd0lnVZgV_MdqFCA9A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/zsWv52m5Q0bhzTYuuF-HWyOxcnc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.145.154.0/23
Signature Algorithm: sha256WithRSAEncryption
3e:57:46:89:cf:03:e4:8f:9b:a4:6d:9b:c2:2b:90:4c:67:28:
40:18:9c:54:fb:33:7a:f4:f0:54:87:6a:63:da:e0:9b:d8:25:
14:13:0f:df:5a:79:61:b0:97:13:8d:03:1a:ca:e2:3a:0d:97:
8a:92:0e:0e:81:ae:4c:86:b0:fc:77:ab:7e:3e:4e:37:f2:e9:
d4:b1:d3:34:19:97:93:ce:91:e3:c1:96:c2:25:2a:f2:19:ec:
5f:42:47:77:8f:1b:8b:b8:84:a0:45:f0:9e:be:51:f6:8e:27:
f5:b1:11:65:20:e7:a6:b7:8c:88:ff:09:79:2b:b6:9d:85:36:
11:9d:9a:c6:38:9e:42:16:06:c7:e9:dc:c9:70:c7:17:cb:8b:
d0:fa:d1:bc:3d:22:86:be:8c:3e:1c:8f:70:c3:ec:05:a2:63:
56:68:93:cf:33:7a:e2:fc:41:a1:4d:95:06:fd:c7:a6:cc:f8:
c0:51:fa:3f:b2:49:13:e2:62:c6:90:8b:10:20:57:83:05:a2:
41:73:e9:f9:4e:15:9d:73:8e:7b:75:99:cf:c3:09:e0:d3:fb:
29:36:c6:43:a9:14:09:14:90:09:08:a8:22:d7:94:1a:0e:13:
a2:16:47:be:ae:dd:b0:56:ec:01:ce:f0:d7:2b:5d:1b:12:a8:
28:ca:16:22
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYfDFJ8lYeTqvnS0OK1mZaSHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlYzVhZmU3NjliOTQzNDZlMWNkMzYyZWI4NWY4NzViMjNi
MTcyNzcwHhcNMjMwNDI3MTQxODQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOWJmNDMzZmY5NTUwNGM3NzQ5Njc1NTk4MTVmY2M3NmExNDIwM2QwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiduVhe1D96wj55mx1LmFysAXM4en
M6vqxuZDNsWkxlBpqQAhzF9fHAjBKPpUpbQH4uUDxy8Z3WdvpQjUf9V4XUlLpyxs
gj0Csng73QSTqZzL4TxBrWe2m+RSu4rKOU0Vcvg3VjJuIzv11Z88Lf0df3n7tz0R
JFOs9xVgx9HNKvTk75busEmKjE7z2IUj4nSxtCTJIrt2SW9WveAgtGdI+yXG9gg5
Mw36mH/YrYfpGhSdeJZ3tNf5+dVSDMSDeMwT/0w67vvwVMgeNH0d7t4NFlkA3i3Z
qljO076oTZeOERhpv6ETqRF9cLTnbbEq8Cz+RNmJg26nrInMSl3N7OXicQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOm/Qz/5VQTHdJZ1WYFfzHahQgPQMB8GA1UdIwQY
MBaAFM7Fr+dpuUNG4c02Lrhfh1sjsXJ3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenNXdjUybTVRMGJoelRZdXVGLUhXeU94Y25jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi8zZDU2OWMtMTkwNy00ZDJjLWFjZWQt
MzMyNDdjOGUxYzFmLzEvNmI5RFBfbFZCTWQwbG5WWmdWX01kcUZDQTlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi8zZDU2OWMtMTkwNy00ZDJjLWFjZWQtMzMyNDdjOGUxYzFm
LzEvenNXdjUybTVRMGJoelRZdXVGLUhXeU94Y25jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLZGaMA0G
CSqGSIb3DQEBCwUAA4IBAQA+V0aJzwPkj5ukbZvCK5BMZyhAGJxU+zN69PBUh2pj
2uCb2CUUEw/fWnlhsJcTjQMayuI6DZeKkg4Oga5MhrD8d6t+Pk438unUsdM0GZeT
zpHjwZbCJSryGexfQkd3jxuLuISgRfCevlH2jif1sRFlIOemt4yI/wl5K7adhTYR
nZrGOJ5CFgbH6dzJcMcXy4vQ+tG8PSKGvow+HI9ww+wFomNWaJPPM3ri/EGhTZUG
/cemzPjAUfo/skkT4mLGkIsQIFeDBaJBc+n5ThWdc457dZnPwwng0/spNsZDqRQJ
FJAJCKgi15QaDhOiFke+rt2wVuwBzvDXK10bEqgoyhYi
-----END CERTIFICATE-----
Generated at Sun Apr 6 03:22:13 2025 by rpki-client