Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/e90ff2-6c91-4eb8-a4b1-c5febe487c40/1/C4MggNbotPRiqXjagDxJt7xvS4Y.roa
File: C4MggNbotPRiqXjagDxJt7xvS4Y.roa (raw, json)
Hash identifier: bvYgpaXGNSU4tPt4oY8TI9NViJoG4a4sdJjAJsTpwa0=
Subject key identifier: 0B:83:20:80:D6:E8:B4:F4:62:A9:78:DA:80:3C:49:B7:BC:6F:4B:86
Certificate issuer: /CN=8133d89c06a8a1cc9dbc362201f7ec559d7fdd48
Certificate serial: 0189C2265373A3AC2A68CD233EF0C3AABD7A
Authority key identifier: 81:33:D8:9C:06:A8:A1:CC:9D:BC:36:22:01:F7:EC:55:9D:7F:DD:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gTPYnAaoocydvDYiAffsVZ1_3Ug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/e90ff2-6c91-4eb8-a4b1-c5febe487c40/1/C4MggNbotPRiqXjagDxJt7xvS4Y.roa
Signing time: Fri 04 Aug 2023 20:03:58 +0000
ROA not before: Fri 04 Aug 2023 20:03:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203446
IP address blocks: 45.157.11.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:c2:26:53:73:a3:ac:2a:68:cd:23:3e:f0:c3:aa:bd:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8133d89c06a8a1cc9dbc362201f7ec559d7fdd48
Validity
Not Before: Aug 4 20:03:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0b832080d6e8b4f462a978da803c49b7bc6f4b86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:15:eb:f7:fd:d9:24:33:84:c5:a1:a5:7e:5c:
b5:c4:ce:d4:11:30:d2:ea:fe:b3:d1:2a:b5:2c:74:
1c:48:5e:75:4b:d4:55:84:62:21:2a:b6:4b:43:c2:
c4:b7:fd:d6:70:7e:0e:cb:63:18:8c:67:7b:12:30:
99:aa:f4:0c:46:30:6f:e7:ff:46:a1:bb:af:aa:17:
0e:75:5a:83:93:eb:f9:48:19:29:b7:e4:06:e2:90:
ee:b9:cf:23:fe:74:f5:96:73:c4:da:0f:f3:db:6e:
27:75:d6:95:3d:3d:c5:86:1a:ff:f0:2d:cf:39:34:
4f:0f:b6:19:30:cb:d7:49:6b:e5:96:d7:43:ca:7c:
76:e6:60:32:bc:f6:d4:e9:1f:ac:e9:f6:0f:11:c4:
90:48:4f:39:fd:b7:74:8f:87:53:3f:13:73:80:de:
a6:af:fd:12:9c:28:07:bd:2c:53:c5:14:55:a8:04:
db:7b:9b:bd:53:23:f5:72:96:e5:96:e8:d4:ce:1a:
87:8e:79:a0:70:c7:35:1e:3c:06:35:1d:02:66:25:
2f:b4:8c:16:39:ad:24:ba:32:22:2d:eb:5a:1b:bd:
a8:06:af:73:14:d4:7a:83:e4:d9:0b:44:92:32:82:
c5:db:71:a8:82:ff:b4:14:3f:ee:6b:e5:8f:5c:4e:
4c:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:83:20:80:D6:E8:B4:F4:62:A9:78:DA:80:3C:49:B7:BC:6F:4B:86
X509v3 Authority Key Identifier:
keyid:81:33:D8:9C:06:A8:A1:CC:9D:BC:36:22:01:F7:EC:55:9D:7F:DD:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gTPYnAaoocydvDYiAffsVZ1_3Ug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/e90ff2-6c91-4eb8-a4b1-c5febe487c40/1/C4MggNbotPRiqXjagDxJt7xvS4Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/e90ff2-6c91-4eb8-a4b1-c5febe487c40/1/gTPYnAaoocydvDYiAffsVZ1_3Ug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.11.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:b7:8d:e9:a3:a2:ba:32:fb:cb:c3:a3:b9:81:69:c5:15:2d:
c0:77:3f:f9:47:5f:14:80:6c:56:ff:af:ae:73:9d:11:08:7c:
a4:9b:e9:8a:d4:96:6b:e9:1e:30:f7:ab:f4:00:9e:51:3e:e6:
67:aa:2b:08:c5:de:03:5e:a0:73:e4:96:f3:2e:81:7d:70:4b:
71:86:e6:90:cb:31:07:8a:21:7f:f3:df:1f:5f:82:8e:97:d7:
7a:6b:f2:19:bc:aa:3f:90:c9:0c:4c:18:a4:49:1b:55:c3:76:
e7:90:ac:7a:bd:cb:e3:17:4c:0e:49:06:22:05:24:d4:5d:4c:
eb:22:de:b9:df:b9:aa:37:3c:dc:d4:e1:2b:9a:7e:bc:72:d1:
8d:cb:97:d7:6b:9d:34:5b:b2:02:e4:de:3b:7b:56:4f:85:9c:
d3:b9:3b:86:54:30:2d:5b:d7:80:46:b6:56:aa:83:02:39:65:
35:29:00:12:8f:f1:3a:3a:92:c8:b5:00:8c:90:35:23:23:89:
c3:20:ea:b7:1f:9c:61:42:45:98:9c:99:89:c9:c5:60:be:73:
b1:1f:43:8c:05:32:4a:22:7c:5d:3f:0a:67:88:4b:80:d6:e6:
b4:d3:50:2e:e0:e5:39:90:50:54:ce:48:cf:78:47:cd:68:3a:
97:59:0d:8e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYnCJlNzo6wqaM0jPvDDqr16MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxMzNkODljMDZhOGExY2M5ZGJjMzYyMjAxZjdlYzU1OWQ3
ZmRkNDgwHhcNMjMwODA0MjAwMzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjgzMjA4MGQ2ZThiNGY0NjJhOTc4ZGE4MDNjNDliN2JjNmY0Yjg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhBXr9/3ZJDOExaGlfly1xM7UETDS
6v6z0Sq1LHQcSF51S9RVhGIhKrZLQ8LEt/3WcH4Oy2MYjGd7EjCZqvQMRjBv5/9G
obuvqhcOdVqDk+v5SBkpt+QG4pDuuc8j/nT1lnPE2g/z224nddaVPT3Fhhr/8C3P
OTRPD7YZMMvXSWvlltdDynx25mAyvPbU6R+s6fYPEcSQSE85/bd0j4dTPxNzgN6m
r/0SnCgHvSxTxRRVqATbe5u9UyP1cpbllujUzhqHjnmgcMc1HjwGNR0CZiUvtIwW
Oa0kujIiLetaG72oBq9zFNR6g+TZC0SSMoLF23Gogv+0FD/ua+WPXE5MOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAuDIIDW6LT0Yql42oA8Sbe8b0uGMB8GA1UdIwQY
MBaAFIEz2JwGqKHMnbw2IgH37FWdf91IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1RQWW5BYW9vY3lkdkRZaUFmZnNWWjFfM1VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC9lOTBmZjItNmM5MS00ZWI4LWE0YjEt
YzVmZWJlNDg3YzQwLzEvQzRNZ2dOYm90UFJpcVhqYWdEeEp0N3h2UzRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC9lOTBmZjItNmM5MS00ZWI4LWE0YjEtYzVmZWJlNDg3YzQw
LzEvZ1RQWW5BYW9vY3lkdkRZaUFmZnNWWjFfM1VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZ0LMA0G
CSqGSIb3DQEBCwUAA4IBAQAqt43po6K6MvvLw6O5gWnFFS3Adz/5R18UgGxW/6+u
c50RCHykm+mK1JZr6R4w96v0AJ5RPuZnqisIxd4DXqBz5JbzLoF9cEtxhuaQyzEH
iiF/898fX4KOl9d6a/IZvKo/kMkMTBikSRtVw3bnkKx6vcvjF0wOSQYiBSTUXUzr
It6537mqNzzc1OErmn68ctGNy5fXa500W7IC5N47e1ZPhZzTuTuGVDAtW9eARrZW
qoMCOWU1KQASj/E6OpLItQCMkDUjI4nDIOq3H5xhQkWYnJmJycVgvnOxH0OMBTJK
InxdPwpniEuA1ua001Au4OU5kFBUzkjPeEfNaDqXWQ2O
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:23:52 2025 by rpki-client