Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/e90ff2-6c91-4eb8-a4b1-c5febe487c40/1/adKFP4YhLwB7u77YwyquQoELP1I.roa
File: adKFP4YhLwB7u77YwyquQoELP1I.roa (raw, json)
Hash identifier: Gfu9F0jIETqvuFMIPeT8jCmkj0r8trtIdUj8gDNnID8=
Subject key identifier: 69:D2:85:3F:86:21:2F:00:7B:BB:BE:D8:C3:2A:AE:42:81:0B:3F:52
Certificate issuer: /CN=8133d89c06a8a1cc9dbc362201f7ec559d7fdd48
Certificate serial: 018AF5F27B2AD6C5831C7C8FEEC8FD066935
Authority key identifier: 81:33:D8:9C:06:A8:A1:CC:9D:BC:36:22:01:F7:EC:55:9D:7F:DD:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gTPYnAaoocydvDYiAffsVZ1_3Ug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/e90ff2-6c91-4eb8-a4b1-c5febe487c40/1/adKFP4YhLwB7u77YwyquQoELP1I.roa
Signing time: Tue 03 Oct 2023 14:30:23 +0000
ROA not before: Tue 03 Oct 2023 14:30:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203446
IP address blocks: 45.157.11.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f5:f2:7b:2a:d6:c5:83:1c:7c:8f:ee:c8:fd:06:69:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8133d89c06a8a1cc9dbc362201f7ec559d7fdd48
Validity
Not Before: Oct 3 14:30:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=69d2853f86212f007bbbbed8c32aae42810b3f52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:6c:5d:aa:d4:79:c2:0b:f1:d1:97:b2:25:7a:
a2:9b:5f:0a:39:dc:74:69:de:16:af:d8:a7:6f:1b:
a2:4b:a4:18:19:b1:6b:6e:fc:c2:60:8a:00:56:7e:
73:f4:c0:be:eb:84:d6:6d:42:d4:72:f6:29:6f:12:
4b:07:38:57:f3:8d:15:cf:6e:10:31:d8:4a:1c:77:
08:da:fa:3f:ce:14:5c:0f:aa:08:7b:a9:de:bb:c9:
61:40:ee:9d:f6:6d:75:27:a4:62:ac:ef:a4:7d:38:
bd:ad:98:e8:05:90:54:05:ee:63:f7:26:78:b5:4b:
7b:c2:d7:11:93:80:67:b1:f4:f1:63:17:3e:83:2d:
cd:21:ff:94:7d:52:47:67:fc:ad:33:e8:c6:0f:07:
47:61:e5:52:89:0d:34:70:b8:6f:aa:ea:08:39:aa:
21:16:91:3d:65:d8:60:82:7c:75:8c:d8:45:1b:6f:
04:b9:46:a5:1c:a9:b0:95:44:d7:24:19:52:29:f9:
02:64:89:d6:82:48:93:ad:60:a2:47:49:0d:8d:9f:
0a:7c:bb:65:1e:9a:16:1a:af:f9:e1:b2:e5:0a:5f:
24:28:af:ad:7a:eb:d1:7f:cc:78:42:2c:2d:04:87:
10:78:6a:06:d1:27:26:73:2a:b9:6b:6e:e7:fa:81:
2a:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:D2:85:3F:86:21:2F:00:7B:BB:BE:D8:C3:2A:AE:42:81:0B:3F:52
X509v3 Authority Key Identifier:
keyid:81:33:D8:9C:06:A8:A1:CC:9D:BC:36:22:01:F7:EC:55:9D:7F:DD:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gTPYnAaoocydvDYiAffsVZ1_3Ug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/e90ff2-6c91-4eb8-a4b1-c5febe487c40/1/adKFP4YhLwB7u77YwyquQoELP1I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/e90ff2-6c91-4eb8-a4b1-c5febe487c40/1/gTPYnAaoocydvDYiAffsVZ1_3Ug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.11.0/24
Signature Algorithm: sha256WithRSAEncryption
24:29:75:9e:9f:36:37:52:8f:2f:b5:22:52:8c:c0:68:6b:ac:
03:94:9e:8e:89:2b:32:dd:e9:f2:44:2a:a2:17:68:54:00:6f:
85:aa:e0:4a:4b:59:28:e0:f3:b3:c1:7f:3f:9b:50:a0:89:ae:
1b:e2:c8:a0:1c:df:15:dd:e1:8f:73:35:6d:cd:4b:8c:69:a2:
45:6f:15:a1:77:10:7b:7a:7d:bb:20:95:98:d8:fe:40:ad:b8:
25:63:f8:b2:58:fd:18:26:7f:36:35:a5:68:0d:5a:76:1d:65:
dc:c8:0a:63:ba:a1:6f:3d:4d:e9:d1:55:33:62:9d:41:87:b6:
1c:14:1c:22:7b:4a:87:a7:ba:e3:62:f0:20:67:7c:ea:e9:4f:
0a:fc:7a:23:6b:a8:03:f5:4d:af:89:8d:0c:de:ab:30:aa:69:
d7:28:4f:8e:2b:9e:d0:ab:86:44:11:6f:89:06:17:21:44:3f:
49:10:52:f6:e0:6f:bd:7c:01:57:0b:66:93:5b:25:88:c0:cf:
28:40:ef:94:e1:de:b0:d4:02:39:50:29:ac:4e:fd:8c:58:3a:
4d:e0:db:76:3a:8a:11:74:39:b7:02:56:6a:7c:e6:34:91:53:
e7:63:fe:23:d4:1d:b4:20:a1:c7:6a:62:b6:4d:db:13:bf:b8:
f6:a1:1e:7d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYr18nsq1sWDHHyP7sj9Bmk1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxMzNkODljMDZhOGExY2M5ZGJjMzYyMjAxZjdlYzU1OWQ3
ZmRkNDgwHhcNMjMxMDAzMTQzMDIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWQyODUzZjg2MjEyZjAwN2JiYmJlZDhjMzJhYWU0MjgxMGIzZjUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw2xdqtR5wgvx0ZeyJXqim18KOdx0
ad4Wr9inbxuiS6QYGbFrbvzCYIoAVn5z9MC+64TWbULUcvYpbxJLBzhX840Vz24Q
MdhKHHcI2vo/zhRcD6oIe6neu8lhQO6d9m11J6RirO+kfTi9rZjoBZBUBe5j9yZ4
tUt7wtcRk4BnsfTxYxc+gy3NIf+UfVJHZ/ytM+jGDwdHYeVSiQ00cLhvquoIOaoh
FpE9Zdhggnx1jNhFG28EuUalHKmwlUTXJBlSKfkCZInWgkiTrWCiR0kNjZ8KfLtl
HpoWGq/54bLlCl8kKK+teuvRf8x4QiwtBIcQeGoG0Scmcyq5a27n+oEqpwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGnShT+GIS8Ae7u+2MMqrkKBCz9SMB8GA1UdIwQY
MBaAFIEz2JwGqKHMnbw2IgH37FWdf91IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1RQWW5BYW9vY3lkdkRZaUFmZnNWWjFfM1VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC9lOTBmZjItNmM5MS00ZWI4LWE0YjEt
YzVmZWJlNDg3YzQwLzEvYWRLRlA0WWhMd0I3dTc3WXd5cXVRb0VMUDFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC9lOTBmZjItNmM5MS00ZWI4LWE0YjEtYzVmZWJlNDg3YzQw
LzEvZ1RQWW5BYW9vY3lkdkRZaUFmZnNWWjFfM1VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZ0LMA0G
CSqGSIb3DQEBCwUAA4IBAQAkKXWenzY3Uo8vtSJSjMBoa6wDlJ6OiSsy3enyRCqi
F2hUAG+FquBKS1ko4POzwX8/m1Cgia4b4sigHN8V3eGPczVtzUuMaaJFbxWhdxB7
en27IJWY2P5ArbglY/iyWP0YJn82NaVoDVp2HWXcyApjuqFvPU3p0VUzYp1Bh7Yc
FBwie0qHp7rjYvAgZ3zq6U8K/Hoja6gD9U2viY0M3qswqmnXKE+OK57Qq4ZEEW+J
BhchRD9JEFL24G+9fAFXC2aTWyWIwM8oQO+U4d6w1AI5UCmsTv2MWDpN4Nt2OooR
dDm3AlZqfOY0kVPnY/4j1B20IKHHamK2TdsTv7j2oR59
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:25:04 2025 by rpki-client