Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/pnaSdU3uDtXI4CCQ8I0MxbNQ4Io.roa
File: pnaSdU3uDtXI4CCQ8I0MxbNQ4Io.roa (raw, json)
Hash identifier: 7kLSmmJrow4P5qZeYElksqKhlGfuIvKsDJerCDBD9dI=
Subject key identifier: A6:76:92:75:4D:EE:0E:D5:C8:E0:20:90:F0:8D:0C:C5:B3:50:E0:8A
Certificate issuer: /CN=359f0f5ff620e0db5311f64736909973ac60f6f3
Certificate serial: 018570B983B1E1CFA1CA0BD0EA3DB147EA3D
Authority key identifier: 35:9F:0F:5F:F6:20:E0:DB:53:11:F6:47:36:90:99:73:AC:60:F6:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/pnaSdU3uDtXI4CCQ8I0MxbNQ4Io.roa
Signing time: Mon 02 Jan 2023 04:24:44 +0000
ROA not before: Mon 02 Jan 2023 04:24:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204666
IP address blocks: 45.153.192.0/22 maxlen: 24
45.153.194.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:b9:83:b1:e1:cf:a1:ca:0b:d0:ea:3d:b1:47:ea:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=359f0f5ff620e0db5311f64736909973ac60f6f3
Validity
Not Before: Jan 2 04:24:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a67692754dee0ed5c8e02090f08d0cc5b350e08a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:b5:16:61:44:e4:e7:a5:55:bc:96:12:61:54:
67:86:a1:e8:48:96:a4:fc:28:f8:15:71:d3:5f:95:
11:8f:10:7d:ea:14:06:01:6d:0f:2a:55:8c:b2:6d:
fd:4d:c5:ce:35:93:1b:a4:ee:02:e3:d4:92:91:c9:
9c:86:f0:ca:57:a9:fb:64:5e:57:30:80:ea:46:5a:
64:3b:a8:23:cb:3a:b8:90:56:09:9a:9b:3d:e0:c7:
3b:d9:4f:46:0f:07:00:1e:3f:cc:03:b5:10:e2:b5:
3c:7a:19:dd:81:5d:cf:91:a4:b8:c9:8d:c5:66:2c:
7a:52:4c:8b:c7:1f:df:c7:ef:d7:04:31:5d:1f:e7:
88:44:e5:f2:6d:2c:ed:7c:27:2b:87:59:76:a8:aa:
f5:a3:53:8d:95:25:29:c6:bf:36:a3:2f:06:b7:7b:
8a:96:35:25:26:b1:c9:5d:56:2f:93:49:5a:14:fa:
da:e0:83:63:83:5f:65:e0:17:f7:3d:fb:6f:20:c7:
ae:77:0f:a4:66:85:95:06:c3:a6:24:09:e2:3a:cb:
97:52:6f:34:d0:5a:a4:90:88:ec:a3:41:21:7c:66:
26:3d:15:a4:e4:aa:75:e0:14:eb:86:43:47:83:05:
d4:cd:e5:14:23:09:6a:1d:cd:a9:1c:72:81:24:d9:
1f:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:76:92:75:4D:EE:0E:D5:C8:E0:20:90:F0:8D:0C:C5:B3:50:E0:8A
X509v3 Authority Key Identifier:
keyid:35:9F:0F:5F:F6:20:E0:DB:53:11:F6:47:36:90:99:73:AC:60:F6:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/pnaSdU3uDtXI4CCQ8I0MxbNQ4Io.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.192.0/22
Signature Algorithm: sha256WithRSAEncryption
00:85:cd:19:c1:72:cc:af:41:12:f4:ce:b3:29:e4:64:9d:27:
16:03:2e:04:95:5e:05:5c:26:ae:60:b5:26:77:b2:32:31:07:
b6:5c:cf:20:34:fa:d5:bd:a6:1c:99:00:fe:43:ea:2f:fd:f4:
2f:a2:7f:50:a3:62:da:4f:cf:63:71:c8:12:f9:a2:de:83:0a:
80:95:e3:74:f2:90:4a:36:bd:f2:ee:87:ee:1a:9e:9e:06:5d:
61:2b:f0:8d:bc:d1:af:28:3a:65:fe:0d:90:07:fe:2f:1c:d6:
61:84:3c:c8:72:05:b0:43:e3:24:d3:c1:6c:8a:c6:72:b3:c9:
cf:84:41:ab:2d:12:04:1a:20:26:13:ad:e8:e6:14:33:ed:6a:
52:8f:5c:14:4d:cc:9b:d7:21:c0:b0:88:e0:fc:72:f8:c7:fc:
9c:d5:36:f9:8d:f0:98:cb:d1:12:2c:f9:2d:3e:14:f5:1f:2e:
c4:60:7e:71:62:3b:a3:b8:d7:43:a7:e8:a2:53:2b:c5:64:53:
55:18:c3:05:35:22:bf:a8:bd:98:42:25:f1:90:6e:59:4f:9e:
58:92:4f:63:c2:ba:c2:56:94:8c:d4:11:ec:0c:35:6e:88:59:
68:89:1a:51:99:9a:2b:33:87:99:51:18:0d:13:99:92:39:b2:
41:0d:26:42
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwuYOx4c+hygvQ6j2xR+o9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1OWYwZjVmZjYyMGUwZGI1MzExZjY0NzM2OTA5OTczYWM2
MGY2ZjMwHhcNMjMwMTAyMDQyNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjc2OTI3NTRkZWUwZWQ1YzhlMDIwOTBmMDhkMGNjNWIzNTBlMDhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3LUWYUTk56VVvJYSYVRnhqHoSJak
/Cj4FXHTX5URjxB96hQGAW0PKlWMsm39TcXONZMbpO4C49SSkcmchvDKV6n7ZF5X
MIDqRlpkO6gjyzq4kFYJmps94Mc72U9GDwcAHj/MA7UQ4rU8ehndgV3PkaS4yY3F
Zix6UkyLxx/fx+/XBDFdH+eIROXybSztfCcrh1l2qKr1o1ONlSUpxr82oy8Gt3uK
ljUlJrHJXVYvk0laFPra4INjg19l4Bf3PftvIMeudw+kZoWVBsOmJAniOsuXUm80
0FqkkIjso0EhfGYmPRWk5Kp14BTrhkNHgwXUzeUUIwlqHc2pHHKBJNkfqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKZ2knVN7g7VyOAgkPCNDMWzUOCKMB8GA1UdIwQY
MBaAFDWfD1/2IODbUxH2RzaQmXOsYPbzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlo4UFhfWWc0TnRURWZaSE5wQ1pjNnhnOXZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS80MGQ5YTUtMjU2Ni00OWUxLWE1N2It
ZDFhYmY0ZWUzMmNiLzEvcG5hU2RVM3VEdFhJNENDUThJME14Yk5RNElvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS80MGQ5YTUtMjU2Ni00OWUxLWE1N2ItZDFhYmY0ZWUzMmNi
LzEvTlo4UFhfWWc0TnRURWZaSE5wQ1pjNnhnOXZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZnAMA0G
CSqGSIb3DQEBCwUAA4IBAQAAhc0ZwXLMr0ES9M6zKeRknScWAy4ElV4FXCauYLUm
d7IyMQe2XM8gNPrVvaYcmQD+Q+ov/fQvon9Qo2LaT89jccgS+aLegwqAleN08pBK
Nr3y7ofuGp6eBl1hK/CNvNGvKDpl/g2QB/4vHNZhhDzIcgWwQ+Mk08FsisZys8nP
hEGrLRIEGiAmE63o5hQz7WpSj1wUTcyb1yHAsIjg/HL4x/yc1Tb5jfCYy9ESLPkt
PhT1Hy7EYH5xYjujuNdDp+iiUyvFZFNVGMMFNSK/qL2YQiXxkG5ZT55Ykk9jwrrC
VpSM1BHsDDVuiFloiRpRmZorM4eZURgNE5mSObJBDSZC
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:51:46 2025 by rpki-client