Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/c0301d-5801-4ac6-b503-44ea64721c9e/1/pwJGMoq9QvmCbJCJZakM9qzhHic.roa
File: pwJGMoq9QvmCbJCJZakM9qzhHic.roa (raw, json)
Hash identifier: 9VCKQzQXtvz3R/cv0Sj2omaF7+8mitDTirLDr4m6F9Q=
Subject key identifier: A7:02:46:32:8A:BD:42:F9:82:6C:90:89:65:A9:0C:F6:AC:E1:1E:27
Certificate issuer: /CN=7ca643bb399c6d87adc4c7cba5d2b72fbd00d046
Certificate serial: 01856FA719175412AC260D5123CEAEA622E6
Authority key identifier: 7C:A6:43:BB:39:9C:6D:87:AD:C4:C7:CB:A5:D2:B7:2F:BD:00:D0:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fKZDuzmcbYetxMfLpdK3L70A0EY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/c0301d-5801-4ac6-b503-44ea64721c9e/1/pwJGMoq9QvmCbJCJZakM9qzhHic.roa
Signing time: Sun 01 Jan 2023 23:24:59 +0000
ROA not before: Sun 01 Jan 2023 23:24:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7029
IP address blocks: 45.13.251.0/24 maxlen: 24
45.13.250.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:a7:19:17:54:12:ac:26:0d:51:23:ce:ae:a6:22:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ca643bb399c6d87adc4c7cba5d2b72fbd00d046
Validity
Not Before: Jan 1 23:24:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a70246328abd42f9826c908965a90cf6ace11e27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:e4:f8:8b:bd:21:36:be:56:eb:96:51:00:9a:
57:09:c6:76:ca:ae:42:e8:36:4e:81:df:1e:82:d7:
d7:7a:bb:a4:99:12:b2:eb:1b:d2:28:85:45:10:b2:
49:5a:36:d0:a7:ec:60:fc:58:a8:05:59:91:9c:c7:
0f:fd:45:83:e2:32:86:4a:ff:4f:78:e7:fb:d5:57:
0e:f9:35:5b:a0:c9:a8:a2:70:a5:6e:52:d6:dd:99:
48:a7:88:7b:ef:29:3a:68:72:7c:96:a5:e3:60:e5:
1a:e0:6b:9d:d4:41:e7:72:f9:c6:ea:f0:19:cb:69:
91:e2:c7:7c:d1:bf:ba:04:12:e3:cf:ca:fc:2c:7a:
4e:03:37:85:bb:7d:e8:da:c1:3c:19:f5:46:85:20:
28:7a:28:0b:00:38:37:c6:ff:c9:5b:80:2b:70:df:
bf:62:52:b3:e4:45:96:f7:80:1b:d1:fd:fa:34:57:
c9:07:a7:3f:42:f0:23:78:81:c0:58:5c:4f:ea:05:
91:88:eb:75:5c:b7:a7:42:c2:6c:c4:e5:7c:8a:cb:
a1:ee:15:e4:5a:55:27:b1:ed:34:06:87:6f:1f:35:
05:c3:84:0b:c1:7f:a7:96:ba:e3:ba:c2:db:68:6d:
cf:78:35:42:a9:4a:7c:0b:de:01:9c:68:29:ee:01:
9c:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:02:46:32:8A:BD:42:F9:82:6C:90:89:65:A9:0C:F6:AC:E1:1E:27
X509v3 Authority Key Identifier:
keyid:7C:A6:43:BB:39:9C:6D:87:AD:C4:C7:CB:A5:D2:B7:2F:BD:00:D0:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fKZDuzmcbYetxMfLpdK3L70A0EY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/c0301d-5801-4ac6-b503-44ea64721c9e/1/pwJGMoq9QvmCbJCJZakM9qzhHic.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/c0301d-5801-4ac6-b503-44ea64721c9e/1/fKZDuzmcbYetxMfLpdK3L70A0EY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.250.0/23
Signature Algorithm: sha256WithRSAEncryption
b2:95:a1:4c:cb:2c:13:e1:c2:82:86:15:ca:a4:89:00:5c:5d:
3d:44:e4:71:fe:25:f9:85:be:14:26:a9:12:40:40:3d:b3:4e:
fa:d4:56:43:a8:a1:05:b2:9e:40:c8:ba:e9:9f:42:58:e3:6c:
e0:c6:5f:89:df:9c:d5:f2:87:18:73:09:d1:05:14:c8:22:52:
37:e8:d3:c5:ec:37:8a:1d:41:43:c6:e2:73:3c:82:15:89:dd:
9e:1d:12:4f:ad:eb:0f:2a:67:61:bc:6a:4d:48:44:70:aa:4a:
b2:e7:c8:98:64:da:4d:55:2d:45:b7:89:2b:a4:45:b6:08:51:
6c:4c:3a:9e:3a:be:20:53:b5:25:97:73:92:89:03:34:c1:6d:
6e:b8:3b:9f:f4:fe:a5:c3:0f:68:fa:b5:c4:67:cc:1e:28:4a:
39:62:e7:ec:5f:eb:96:2b:55:d3:ec:02:63:9a:48:64:5b:b8:
f3:af:86:8f:65:b2:87:fa:a7:66:05:f3:12:f5:20:19:36:cb:
a7:b5:75:eb:e3:d1:56:e4:64:54:ae:6e:db:84:38:88:fb:0f:
40:32:1a:51:14:f8:f2:61:82:9a:05:ca:52:17:f7:79:e6:fd:
4e:76:41:6f:19:46:67:96:82:7d:65:77:c7:86:f1:02:b2:92:
59:78:8c:d7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvpxkXVBKsJg1RI86upiLmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjYTY0M2JiMzk5YzZkODdhZGM0YzdjYmE1ZDJiNzJmYmQw
MGQwNDYwHhcNMjMwMTAxMjMyNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzAyNDYzMjhhYmQ0MmY5ODI2YzkwODk2NWE5MGNmNmFjZTExZTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8uT4i70hNr5W65ZRAJpXCcZ2yq5C
6DZOgd8egtfXerukmRKy6xvSKIVFELJJWjbQp+xg/FioBVmRnMcP/UWD4jKGSv9P
eOf71VcO+TVboMmoonClblLW3ZlIp4h77yk6aHJ8lqXjYOUa4Gud1EHncvnG6vAZ
y2mR4sd80b+6BBLjz8r8LHpOAzeFu33o2sE8GfVGhSAoeigLADg3xv/JW4ArcN+/
YlKz5EWW94Ab0f36NFfJB6c/QvAjeIHAWFxP6gWRiOt1XLenQsJsxOV8isuh7hXk
WlUnse00BodvHzUFw4QLwX+nlrrjusLbaG3PeDVCqUp8C94BnGgp7gGcCwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKcCRjKKvUL5gmyQiWWpDPas4R4nMB8GA1UdIwQY
MBaAFHymQ7s5nG2HrcTHy6XSty+9ANBGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZktaRHV6bWNiWWV0eE1mTHBkSzNMNzBBMEVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi9jMDMwMWQtNTgwMS00YWM2LWI1MDMt
NDRlYTY0NzIxYzllLzEvcHdKR01vcTlRdm1DYkpDSlpha005cXpoSGljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi9jMDMwMWQtNTgwMS00YWM2LWI1MDMtNDRlYTY0NzIxYzll
LzEvZktaRHV6bWNiWWV0eE1mTHBkSzNMNzBBMEVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLQ36MA0G
CSqGSIb3DQEBCwUAA4IBAQCylaFMyywT4cKChhXKpIkAXF09RORx/iX5hb4UJqkS
QEA9s0761FZDqKEFsp5AyLrpn0JY42zgxl+J35zV8ocYcwnRBRTIIlI36NPF7DeK
HUFDxuJzPIIVid2eHRJPresPKmdhvGpNSERwqkqy58iYZNpNVS1Ft4krpEW2CFFs
TDqeOr4gU7Ull3OSiQM0wW1uuDuf9P6lww9o+rXEZ8weKEo5YufsX+uWK1XT7AJj
mkhkW7jzr4aPZbKH+qdmBfMS9SAZNsuntXXr49FW5GRUrm7bhDiI+w9AMhpRFPjy
YYKaBcpSF/d55v1OdkFvGUZnloJ9ZXfHhvECspJZeIzX
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:28:47 2025 by rpki-client