Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/c0301d-5801-4ac6-b503-44ea64721c9e/1/bQd-JfCO6MuAP1BbOxE3V9Qrt5w.roa
File: bQd-JfCO6MuAP1BbOxE3V9Qrt5w.roa (raw, json)
Hash identifier: IgUkYLhpCdGngkonsi3VWHvgQVvaNHiJUM89y/ipY/o=
Subject key identifier: 6D:07:7E:25:F0:8E:E8:CB:80:3F:50:5B:3B:11:37:57:D4:2B:B7:9C
Certificate issuer: /CN=7ca643bb399c6d87adc4c7cba5d2b72fbd00d046
Certificate serial: 01856FA71B4B19943C5A81F77CDC56ADD49C
Authority key identifier: 7C:A6:43:BB:39:9C:6D:87:AD:C4:C7:CB:A5:D2:B7:2F:BD:00:D0:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fKZDuzmcbYetxMfLpdK3L70A0EY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/c0301d-5801-4ac6-b503-44ea64721c9e/1/bQd-JfCO6MuAP1BbOxE3V9Qrt5w.roa
Signing time: Sun 01 Jan 2023 23:25:00 +0000
ROA not before: Sun 01 Jan 2023 23:25:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 46261
IP address blocks: 45.130.64.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:a7:1b:4b:19:94:3c:5a:81:f7:7c:dc:56:ad:d4:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ca643bb399c6d87adc4c7cba5d2b72fbd00d046
Validity
Not Before: Jan 1 23:25:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6d077e25f08ee8cb803f505b3b113757d42bb79c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:e8:ad:e9:fc:c6:6a:33:dd:eb:9f:64:35:32:
1c:16:1b:c6:09:3e:a9:1e:46:95:d5:88:c4:0f:d2:
05:2d:08:7e:8a:cd:28:5c:0b:86:7a:aa:89:23:91:
b4:92:7f:8a:e2:df:39:6f:98:ca:b6:a8:2e:ff:84:
85:6a:07:39:c1:d6:de:f3:3b:21:76:be:85:85:f7:
7b:44:c3:e6:e2:6d:da:06:91:3d:cd:a3:79:ea:07:
76:91:32:09:ff:b3:b9:04:a7:fc:4b:34:81:77:37:
56:ab:bb:44:40:77:a8:2c:74:27:c6:a2:3d:46:17:
5b:00:0a:01:24:20:ab:5f:1f:74:df:af:a6:69:25:
cf:9f:a2:f2:7a:f1:e0:fb:c9:49:f3:47:88:dc:57:
40:5e:91:76:51:61:90:88:26:5d:0d:32:49:64:6b:
cb:f7:de:08:c8:33:39:0b:34:55:45:2c:2b:fd:85:
18:a9:5a:64:45:bf:64:f2:5b:df:bd:a1:18:64:25:
98:49:a4:dd:d1:9b:6d:36:14:67:09:29:c5:29:e8:
05:9e:0c:b8:07:5a:40:af:72:c0:15:4c:02:f3:1f:
bc:bc:bd:d2:78:e3:60:eb:6d:da:b5:d6:d7:23:c4:
76:5e:73:80:5f:36:c9:20:c5:ea:4c:35:51:54:d1:
70:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:07:7E:25:F0:8E:E8:CB:80:3F:50:5B:3B:11:37:57:D4:2B:B7:9C
X509v3 Authority Key Identifier:
keyid:7C:A6:43:BB:39:9C:6D:87:AD:C4:C7:CB:A5:D2:B7:2F:BD:00:D0:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fKZDuzmcbYetxMfLpdK3L70A0EY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/c0301d-5801-4ac6-b503-44ea64721c9e/1/bQd-JfCO6MuAP1BbOxE3V9Qrt5w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/c0301d-5801-4ac6-b503-44ea64721c9e/1/fKZDuzmcbYetxMfLpdK3L70A0EY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.130.64.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:17:51:03:ff:49:d4:2d:a7:a5:1a:6d:69:e6:cb:69:e4:43:
ab:5e:fb:5c:10:0d:f8:7c:8d:6f:29:1c:d0:93:19:16:4e:e4:
8f:7b:45:ac:c9:c0:94:71:56:4f:91:20:f4:e1:25:bb:ef:b7:
b2:4c:4f:4f:23:de:da:f8:4c:64:c9:9a:c6:ec:38:ab:b1:d7:
85:d6:83:f7:27:8c:b9:93:6d:1c:66:e3:a3:fe:3c:ec:e8:1e:
ed:5d:cb:45:d3:88:d7:a2:9c:89:8f:1f:92:44:2b:e7:29:f7:
33:f4:e6:79:15:d5:3c:79:76:f5:34:d1:12:de:70:ea:b4:4a:
d9:fa:1c:23:b6:aa:74:01:11:c7:3a:3e:e8:14:56:ef:24:10:
05:f0:da:5d:c7:ed:37:40:6c:75:2d:33:d3:89:a9:87:4c:d2:
4c:b0:06:66:b6:ef:c5:be:d0:f3:16:e5:d1:e4:52:08:3e:98:
2d:b6:7d:72:a5:4b:1d:84:b0:93:f5:40:b2:2d:6b:cb:8f:98:
0c:f8:0e:ca:21:61:18:f6:ef:87:fa:3e:93:c0:a2:49:27:54:
2e:c5:07:2d:ea:14:38:7e:26:61:8a:b8:08:4f:3e:2b:65:40:
74:6d:df:93:32:34:9d:48:ba:6b:6a:7a:09:73:6e:6a:89:58:
ce:b7:e5:a4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvpxtLGZQ8WoH3fNxWrdScMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjYTY0M2JiMzk5YzZkODdhZGM0YzdjYmE1ZDJiNzJmYmQw
MGQwNDYwHhcNMjMwMTAxMjMyNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDA3N2UyNWYwOGVlOGNiODAzZjUwNWIzYjExMzc1N2Q0MmJiNzljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk+it6fzGajPd659kNTIcFhvGCT6p
HkaV1YjED9IFLQh+is0oXAuGeqqJI5G0kn+K4t85b5jKtqgu/4SFagc5wdbe8zsh
dr6Fhfd7RMPm4m3aBpE9zaN56gd2kTIJ/7O5BKf8SzSBdzdWq7tEQHeoLHQnxqI9
RhdbAAoBJCCrXx9036+maSXPn6LyevHg+8lJ80eI3FdAXpF2UWGQiCZdDTJJZGvL
994IyDM5CzRVRSwr/YUYqVpkRb9k8lvfvaEYZCWYSaTd0ZttNhRnCSnFKegFngy4
B1pAr3LAFUwC8x+8vL3SeONg623atdbXI8R2XnOAXzbJIMXqTDVRVNFwIQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG0HfiXwjujLgD9QWzsRN1fUK7ecMB8GA1UdIwQY
MBaAFHymQ7s5nG2HrcTHy6XSty+9ANBGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZktaRHV6bWNiWWV0eE1mTHBkSzNMNzBBMEVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi9jMDMwMWQtNTgwMS00YWM2LWI1MDMt
NDRlYTY0NzIxYzllLzEvYlFkLUpmQ082TXVBUDFCYk94RTNWOVFydDV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi9jMDMwMWQtNTgwMS00YWM2LWI1MDMtNDRlYTY0NzIxYzll
LzEvZktaRHV6bWNiWWV0eE1mTHBkSzNMNzBBMEVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYJAMA0G
CSqGSIb3DQEBCwUAA4IBAQCaF1ED/0nULaelGm1p5stp5EOrXvtcEA34fI1vKRzQ
kxkWTuSPe0WsycCUcVZPkSD04SW777eyTE9PI97a+ExkyZrG7DirsdeF1oP3J4y5
k20cZuOj/jzs6B7tXctF04jXopyJjx+SRCvnKfcz9OZ5FdU8eXb1NNES3nDqtErZ
+hwjtqp0ARHHOj7oFFbvJBAF8Npdx+03QGx1LTPTiamHTNJMsAZmtu/FvtDzFuXR
5FIIPpgttn1ypUsdhLCT9UCyLWvLj5gM+A7KIWEY9u+H+j6TwKJJJ1QuxQct6hQ4
fiZhirgITz4rZUB0bd+TMjSdSLpranoJc25qiVjOt+Wk
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:24:32 2025 by rpki-client