Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/6693e3-89ca-44a1-a8b6-894805289cc0/1/XCi8uJKa1DQ7eU2gg-AngCtjyB4.roa
File: XCi8uJKa1DQ7eU2gg-AngCtjyB4.roa (raw, json)
Hash identifier: NsMFdipy2PY8lPoDFh6/pHF8VxEqoxgwv18MdIrdWTU=
Subject key identifier: 5C:28:BC:B8:92:9A:D4:34:3B:79:4D:A0:83:E0:27:80:2B:63:C8:1E
Certificate issuer: /CN=f030658f16d2d88d34164592fcd4de13131f1695
Certificate serial: 0184D33C33A07990EAD7210B8BEA93641042
Authority key identifier: F0:30:65:8F:16:D2:D8:8D:34:16:45:92:FC:D4:DE:13:13:1F:16:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8DBljxbS2I00FkWS_NTeExMfFpU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/6693e3-89ca-44a1-a8b6-894805289cc0/1/XCi8uJKa1DQ7eU2gg-AngCtjyB4.roa
Signing time: Fri 02 Dec 2022 14:27:28 +0000
ROA not before: Fri 02 Dec 2022 14:27:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210644
IP address blocks: 45.15.159.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:d3:3c:33:a0:79:90:ea:d7:21:0b:8b:ea:93:64:10:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f030658f16d2d88d34164592fcd4de13131f1695
Validity
Not Before: Dec 2 14:27:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5c28bcb8929ad4343b794da083e027802b63c81e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:37:28:b8:e1:54:73:10:25:f0:35:60:c1:5c:
1d:62:a2:32:0c:72:7e:ac:ea:f3:84:b4:7b:cf:40:
f9:79:b3:a1:89:22:cb:ff:6a:99:b4:dd:93:d6:79:
b9:a9:71:82:e4:aa:ab:0e:72:f4:8d:ea:05:0f:d3:
dc:b2:00:35:3e:f5:b3:1f:cb:03:1a:10:1e:db:c0:
0b:42:6e:64:37:70:5b:ad:bd:18:a7:81:e2:77:e0:
d9:0c:72:4f:d6:33:ba:a6:fe:94:71:74:61:73:5e:
5e:9a:d8:c6:9f:6d:08:e9:64:ff:75:da:5a:cc:16:
98:93:e6:5e:be:0a:0b:0b:e0:56:d6:e6:c5:cd:20:
39:78:ae:ca:72:9f:59:fe:e9:7e:12:2e:39:0f:1a:
5d:1d:01:c1:cb:18:00:a0:79:f9:af:b8:71:10:7d:
eb:e0:d3:67:77:57:ff:3c:1d:38:c4:ba:a3:2e:fe:
f3:87:64:fe:e9:19:f4:13:de:31:49:73:3d:21:32:
4e:de:54:8b:53:94:13:8d:fb:d6:bc:02:c3:be:0f:
0d:9f:99:ac:d0:07:ca:71:c9:ba:13:57:b8:9e:4b:
3e:ad:e9:2b:7d:05:85:ef:e1:3a:ba:61:f9:56:ac:
60:a6:e5:c7:c6:48:74:69:46:82:5c:55:2d:4f:91:
0f:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:28:BC:B8:92:9A:D4:34:3B:79:4D:A0:83:E0:27:80:2B:63:C8:1E
X509v3 Authority Key Identifier:
keyid:F0:30:65:8F:16:D2:D8:8D:34:16:45:92:FC:D4:DE:13:13:1F:16:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8DBljxbS2I00FkWS_NTeExMfFpU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/6693e3-89ca-44a1-a8b6-894805289cc0/1/XCi8uJKa1DQ7eU2gg-AngCtjyB4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/6693e3-89ca-44a1-a8b6-894805289cc0/1/8DBljxbS2I00FkWS_NTeExMfFpU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.159.0/24
Signature Algorithm: sha256WithRSAEncryption
32:db:39:c6:d9:e7:86:00:65:e4:65:9e:21:8f:2e:37:48:32:
db:4d:e5:0d:70:1e:5a:10:e8:4c:90:67:f3:fe:a4:30:ec:ee:
3a:70:bc:3c:d7:be:c3:a0:19:41:27:46:0e:b0:31:bc:f1:ef:
34:2b:5c:90:96:8b:16:24:84:9e:aa:76:cb:d8:82:2f:4a:fc:
e8:a3:07:8b:2b:82:fd:16:d2:28:c9:42:d4:0d:f6:d4:9e:59:
5e:15:c2:fd:4b:92:6f:10:1c:be:0d:80:dd:47:2b:be:fb:59:
2e:49:63:11:82:2e:c6:bb:4a:19:10:5c:79:9d:9b:cb:46:c9:
7b:05:8e:d4:35:34:f7:0f:3d:82:2a:95:b3:e4:86:f1:b5:ab:
54:53:66:34:4e:e3:ba:04:1e:2a:86:78:d3:d9:8b:f0:b9:3e:
1f:81:3f:ed:bb:9c:8f:bf:a6:85:7f:19:78:79:8f:81:83:17:
e6:00:5f:56:da:4f:d9:d6:1d:9c:04:15:97:eb:56:c6:d6:7e:
a8:44:0c:05:a1:cb:fc:e5:90:87:be:b8:26:7a:bd:85:92:d2:
dd:93:2c:b7:44:75:a1:1e:b7:fd:85:cd:fd:ff:0a:4a:a6:eb:
31:53:32:4d:df:6a:d4:ed:13:2d:61:b3:d5:e6:34:b6:47:11:
4d:96:33:0b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYTTPDOgeZDq1yELi+qTZBBCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMzA2NThmMTZkMmQ4OGQzNDE2NDU5MmZjZDRkZTEzMTMx
ZjE2OTUwHhcNMjIxMjAyMTQyNzI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzI4YmNiODkyOWFkNDM0M2I3OTRkYTA4M2UwMjc4MDJiNjNjODFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsDcouOFUcxAl8DVgwVwdYqIyDHJ+
rOrzhLR7z0D5ebOhiSLL/2qZtN2T1nm5qXGC5KqrDnL0jeoFD9PcsgA1PvWzH8sD
GhAe28ALQm5kN3Bbrb0Yp4Hid+DZDHJP1jO6pv6UcXRhc15emtjGn20I6WT/ddpa
zBaYk+ZevgoLC+BW1ubFzSA5eK7Kcp9Z/ul+Ei45DxpdHQHByxgAoHn5r7hxEH3r
4NNnd1f/PB04xLqjLv7zh2T+6Rn0E94xSXM9ITJO3lSLU5QTjfvWvALDvg8Nn5ms
0AfKccm6E1e4nks+rekrfQWF7+E6umH5VqxgpuXHxkh0aUaCXFUtT5EPkwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFwovLiSmtQ0O3lNoIPgJ4ArY8geMB8GA1UdIwQY
MBaAFPAwZY8W0tiNNBZFkvzU3hMTHxaVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOERCbGp4YlMySTAwRmtXU19OVGVFeE1mRnBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi82NjkzZTMtODljYS00NGExLWE4YjYt
ODk0ODA1Mjg5Y2MwLzEvWENpOHVKS2ExRFE3ZVUyZ2ctQW5nQ3RqeUI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi82NjkzZTMtODljYS00NGExLWE4YjYtODk0ODA1Mjg5Y2Mw
LzEvOERCbGp4YlMySTAwRmtXU19OVGVFeE1mRnBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQ+fMA0G
CSqGSIb3DQEBCwUAA4IBAQAy2znG2eeGAGXkZZ4hjy43SDLbTeUNcB5aEOhMkGfz
/qQw7O46cLw8177DoBlBJ0YOsDG88e80K1yQlosWJISeqnbL2IIvSvzooweLK4L9
FtIoyULUDfbUnlleFcL9S5JvEBy+DYDdRyu++1kuSWMRgi7Gu0oZEFx5nZvLRsl7
BY7UNTT3Dz2CKpWz5IbxtatUU2Y0TuO6BB4qhnjT2YvwuT4fgT/tu5yPv6aFfxl4
eY+BgxfmAF9W2k/Z1h2cBBWX61bG1n6oRAwFocv85ZCHvrgmer2FktLdkyy3RHWh
Hrf9hc39/wpKpusxUzJN32rU7RMtYbPV5jS2RxFNljML
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:38:22 2025 by rpki-client