Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/a8a364-7430-4da6-8f43-eb7bf2bddd08/1/OBqpx_-towqCNtnOdit3iuITwSY.roa
File: OBqpx_-towqCNtnOdit3iuITwSY.roa (raw, json)
Hash identifier: 3vKwGRFdMpMWFot0Tv68eVQvhXlJV638gdcQGEQN1hg=
Subject key identifier: 38:1A:A9:C7:FF:AD:A3:0A:82:36:D9:CE:76:2B:77:8A:E2:13:C1:26
Certificate issuer: /CN=f97fdecadb3261334387cf091d02e0713b781d31
Certificate serial: 01857230EE99E4924302BAE33A80A340CEFD
Authority key identifier: F9:7F:DE:CA:DB:32:61:33:43:87:CF:09:1D:02:E0:71:3B:78:1D:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-X_eytsyYTNDh88JHQLgcTt4HTE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/a8a364-7430-4da6-8f43-eb7bf2bddd08/1/OBqpx_-towqCNtnOdit3iuITwSY.roa
Signing time: Mon 02 Jan 2023 11:14:47 +0000
ROA not before: Mon 02 Jan 2023 11:14:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51185
IP address blocks: 45.13.144.0/23 maxlen: 23
45.13.144.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:30:ee:99:e4:92:43:02:ba:e3:3a:80:a3:40:ce:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f97fdecadb3261334387cf091d02e0713b781d31
Validity
Not Before: Jan 2 11:14:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=381aa9c7ffada30a8236d9ce762b778ae213c126
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:5e:b7:72:8b:1e:37:e3:12:ab:5c:1e:3e:d7:
25:d7:df:8b:f5:68:f6:7d:ea:a3:f4:cd:ef:93:ed:
5b:dc:f0:9a:e9:72:14:5a:9c:e8:37:19:ab:f7:48:
b5:e2:18:08:ea:eb:05:35:d6:93:c9:0e:71:f9:48:
2b:b6:6e:46:4b:39:a5:3f:b4:6c:ac:62:4c:ff:ba:
c8:da:8c:31:28:d3:e2:a4:87:1f:eb:aa:49:0a:fb:
17:2a:6b:64:f5:b9:35:64:7e:fa:88:07:38:01:9c:
e4:aa:e2:86:a4:41:62:ce:f1:a4:d2:a5:48:3f:9f:
6b:cc:7c:d8:d1:14:bb:9a:05:ce:f5:25:17:d0:a8:
cc:3a:c2:8a:19:5e:56:4c:a9:57:4f:b4:63:3a:67:
f9:59:be:71:10:85:c0:f4:7d:ae:c7:b9:44:19:a5:
7a:26:e8:72:eb:0f:67:49:6b:15:01:3c:9d:12:17:
93:d1:c9:d9:9c:97:b5:30:0d:5f:fb:6d:60:42:c4:
e2:60:00:de:52:88:e1:3b:73:c6:35:02:70:8c:f3:
cb:2c:00:b6:62:1f:5e:41:73:b8:6f:79:31:3b:dc:
44:d4:af:0c:5c:6e:b7:dc:b9:08:32:c8:41:d8:67:
1b:ba:70:43:43:39:82:10:61:3b:b9:66:10:52:b1:
81:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:1A:A9:C7:FF:AD:A3:0A:82:36:D9:CE:76:2B:77:8A:E2:13:C1:26
X509v3 Authority Key Identifier:
keyid:F9:7F:DE:CA:DB:32:61:33:43:87:CF:09:1D:02:E0:71:3B:78:1D:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-X_eytsyYTNDh88JHQLgcTt4HTE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/a8a364-7430-4da6-8f43-eb7bf2bddd08/1/OBqpx_-towqCNtnOdit3iuITwSY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/a8a364-7430-4da6-8f43-eb7bf2bddd08/1/1-X_eytsyYTNDh88JHQLgcTt4HTE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.144.0/22
Signature Algorithm: sha256WithRSAEncryption
40:ce:af:20:45:49:37:dc:a0:95:59:3b:ab:97:34:03:f3:42:
83:a2:21:33:52:5b:63:6a:ef:f6:e6:3f:7b:82:2b:fd:8b:2e:
8f:49:67:a8:c4:27:d6:36:4b:ba:81:e5:8c:10:74:35:05:6b:
fc:3d:ee:ea:ca:3f:79:e6:3d:b5:5d:ca:be:3e:1d:46:50:bd:
6a:32:e9:3f:1c:72:92:cb:aa:8d:b2:ee:94:44:68:40:32:30:
01:64:93:b2:83:ed:5b:41:a9:31:f4:e8:fc:75:77:9d:d6:43:
8f:a4:99:eb:cf:3d:63:34:38:1e:d6:06:67:20:56:5e:d1:1d:
95:d3:eb:c3:0f:8d:7d:c1:20:53:e4:2f:5e:84:b3:d7:93:c6:
58:1d:a8:06:1b:e1:dc:eb:d4:e4:f6:3a:e6:6b:8a:bd:d7:c4:
cd:87:6a:50:e2:89:63:de:15:f3:bc:8f:92:f3:3b:bd:22:4d:
81:3f:0d:c6:f6:e6:5c:77:56:89:81:37:b4:88:8c:1b:92:eb:
5a:d0:f2:63:b2:ec:59:4a:82:b3:b9:24:0e:12:b8:69:26:77:
46:74:f0:4d:c1:49:b1:ba:99:08:c7:29:78:86:85:09:ce:d7:
b8:60:93:93:50:7b:aa:49:4a:13:c8:28:78:62:9d:de:e8:52:
1f:d9:cc:a2
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVyMO6Z5JJDArrjOoCjQM79MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5N2ZkZWNhZGIzMjYxMzM0Mzg3Y2YwOTFkMDJlMDcxM2I3
ODFkMzEwHhcNMjMwMTAyMTExNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODFhYTljN2ZmYWRhMzBhODIzNmQ5Y2U3NjJiNzc4YWUyMTNjMTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk163coseN+MSq1wePtcl19+L9Wj2
feqj9M3vk+1b3PCa6XIUWpzoNxmr90i14hgI6usFNdaTyQ5x+Ugrtm5GSzmlP7Rs
rGJM/7rI2owxKNPipIcf66pJCvsXKmtk9bk1ZH76iAc4AZzkquKGpEFizvGk0qVI
P59rzHzY0RS7mgXO9SUX0KjMOsKKGV5WTKlXT7RjOmf5Wb5xEIXA9H2ux7lEGaV6
Juhy6w9nSWsVATydEheT0cnZnJe1MA1f+21gQsTiYADeUojhO3PGNQJwjPPLLAC2
Yh9eQXO4b3kxO9xE1K8MXG633LkIMshB2GcbunBDQzmCEGE7uWYQUrGBaQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFDgaqcf/raMKgjbZznYrd4riE8EmMB8GA1UdIwQY
MBaAFPl/3srbMmEzQ4fPCR0C4HE7eB0xMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1YX2V5dHN5WVRORGg4OEpIUUxnY1R0NEhURS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTgvYThhMzY0LTc0MzAtNGRhNi04ZjQz
LWViN2JmMmJkZGQwOC8xL09CcXB4Xy10b3dxQ050bk9kaXQzaXVJVHdTWS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOTgvYThhMzY0LTc0MzAtNGRhNi04ZjQzLWViN2JmMmJkZGQw
OC8xLzEtWF9leXRzeVlUTkRoODhKSFFMZ2NUdDRIVEUuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAItDZAw
DQYJKoZIhvcNAQELBQADggEBAEDOryBFSTfcoJVZO6uXNAPzQoOiITNSW2Nq7/bm
P3uCK/2LLo9JZ6jEJ9Y2S7qB5YwQdDUFa/w97urKP3nmPbVdyr4+HUZQvWoy6T8c
cpLLqo2y7pREaEAyMAFkk7KD7VtBqTH06Px1d53WQ4+kmevPPWM0OB7WBmcgVl7R
HZXT68MPjX3BIFPkL16Es9eTxlgdqAYb4dzr1OT2OuZrir3XxM2HalDiiWPeFfO8
j5LzO70iTYE/Dcb25lx3VomBN7SIjBuS61rQ8mOy7FlKgrO5JA4SuGkmd0Z08E3B
SbG6mQjHKXiGhQnO17hgk5NQe6pJShPIKHhind7oUh/ZzKI=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:23:37 2025 by rpki-client