Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/1-CXOJuGtNtB-kSys9qlBJqj5ES8.roa
File: 1-CXOJuGtNtB-kSys9qlBJqj5ES8.roa (raw, json)
Hash identifier: b1dutKPImpibwN3ah8wJmv986emWwepIJlA3E66yg64=
Subject key identifier: F8:25:CE:26:E1:AD:36:D0:7E:91:2C:AC:F6:A9:41:26:A8:F9:11:2F
Certificate issuer: /CN=ba4d0e69ab769f65bb2b155bdfa83a7186eeac44
Certificate serial: 018476D72DE23051B5FA74AF187CA9B060C6
Authority key identifier: BA:4D:0E:69:AB:76:9F:65:BB:2B:15:5B:DF:A8:3A:71:86:EE:AC:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uk0Oaat2n2W7KxVb36g6cYburEQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/1-CXOJuGtNtB-kSys9qlBJqj5ES8.roa
Signing time: Mon 14 Nov 2022 15:52:04 +0000
ROA not before: Mon 14 Nov 2022 15:52:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210439
IP address blocks: 45.143.161.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:76:d7:2d:e2:30:51:b5:fa:74:af:18:7c:a9:b0:60:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba4d0e69ab769f65bb2b155bdfa83a7186eeac44
Validity
Not Before: Nov 14 15:52:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f825ce26e1ad36d07e912cacf6a94126a8f9112f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:39:66:0e:8e:d8:98:d4:c7:a8:de:29:ab:53:
79:89:fe:c7:9b:fb:b6:4f:59:10:6c:53:0a:f3:8c:
eb:f2:38:5a:cf:ee:da:02:1e:6d:3f:54:ed:22:54:
45:78:55:21:7a:cf:e1:18:3c:40:7b:79:50:7c:e1:
fd:fe:7d:e3:df:ef:4f:07:ad:bd:1e:fb:94:4e:11:
b0:78:66:da:8c:28:21:10:5f:c3:57:bc:c0:4e:79:
aa:cc:cb:02:34:60:e7:51:12:61:e4:6f:00:b5:d1:
b4:56:29:9a:96:ea:e0:53:8a:ee:e0:62:06:20:be:
bd:fc:49:7f:71:b6:7e:7c:8e:32:ca:e1:08:59:10:
44:93:64:bb:b5:5d:58:f1:f9:75:92:b3:8d:d7:01:
ac:8c:25:6e:58:e2:8c:7f:fa:37:42:01:ff:d2:f4:
62:b0:7f:f1:7a:8a:b2:2c:00:63:a2:a6:69:33:fd:
80:1e:2e:a5:c8:c0:46:33:da:e5:17:c4:37:a2:f7:
c5:d3:1d:6d:b1:8c:78:fb:6b:ac:e4:01:58:45:6c:
2e:2d:49:e3:b0:af:2d:98:3c:96:c2:56:42:e8:dc:
eb:bf:c4:64:d9:52:44:a7:6f:78:a4:ab:fa:aa:ab:
44:f7:b8:99:f2:b0:30:5b:06:9f:57:03:8e:dc:7a:
fd:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:25:CE:26:E1:AD:36:D0:7E:91:2C:AC:F6:A9:41:26:A8:F9:11:2F
X509v3 Authority Key Identifier:
keyid:BA:4D:0E:69:AB:76:9F:65:BB:2B:15:5B:DF:A8:3A:71:86:EE:AC:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uk0Oaat2n2W7KxVb36g6cYburEQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/1-CXOJuGtNtB-kSys9qlBJqj5ES8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/uk0Oaat2n2W7KxVb36g6cYburEQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.161.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:69:0f:69:9c:31:05:99:dc:74:10:a1:d4:1e:1e:f4:0b:1c:
77:af:61:a0:f6:b4:90:4d:43:78:23:30:44:f9:0b:27:48:da:
3d:b0:37:ca:bb:93:f0:3e:24:55:ef:2d:c4:f9:0d:51:91:0c:
4f:fe:56:45:ba:32:15:e3:d7:6a:69:42:b8:80:d6:ee:c6:cd:
5c:98:96:0e:e4:ae:30:1d:3c:ab:cc:75:74:b0:cf:e9:56:1f:
34:8f:a3:1e:19:5b:ce:70:ba:65:c7:a8:b3:63:e8:69:5a:04:
a8:c9:ab:c5:46:f6:95:f9:7f:cc:08:3b:e2:9e:7d:03:5f:50:
11:ab:52:cc:5a:de:c0:41:b7:30:15:e0:67:5e:ed:35:56:74:
08:3a:9e:21:ac:f2:c4:d6:f3:24:60:7c:70:6a:9a:0f:cb:30:
1d:f7:ea:ea:83:81:6a:32:48:02:4b:54:07:98:d5:25:05:0a:
c5:41:ab:c9:21:a5:74:e1:57:c5:97:3f:09:aa:01:03:d3:e3:
ac:da:f4:14:b0:ca:f1:6f:13:46:52:cf:68:a1:ef:6c:a4:21:
74:a4:45:4a:f6:20:00:eb:32:6f:4f:a1:91:4b:54:fb:01:54:
76:0d:4f:da:1a:94:54:02:36:9f:e3:5f:a5:09:e0:d3:b1:a8:
b3:90:8a:e0
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYR21y3iMFG1+nSvGHypsGDGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNGQwZTY5YWI3NjlmNjViYjJiMTU1YmRmYTgzYTcxODZl
ZWFjNDQwHhcNMjIxMTE0MTU1MjA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODI1Y2UyNmUxYWQzNmQwN2U5MTJjYWNmNmE5NDEyNmE4ZjkxMTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkTlmDo7YmNTHqN4pq1N5if7Hm/u2
T1kQbFMK84zr8jhaz+7aAh5tP1TtIlRFeFUhes/hGDxAe3lQfOH9/n3j3+9PB629
HvuUThGweGbajCghEF/DV7zATnmqzMsCNGDnURJh5G8AtdG0VimalurgU4ru4GIG
IL69/El/cbZ+fI4yyuEIWRBEk2S7tV1Y8fl1krON1wGsjCVuWOKMf/o3QgH/0vRi
sH/xeoqyLABjoqZpM/2AHi6lyMBGM9rlF8Q3ovfF0x1tsYx4+2us5AFYRWwuLUnj
sK8tmDyWwlZC6Nzrv8Rk2VJEp294pKv6qqtE97iZ8rAwWwafVwOO3Hr9rQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPglzibhrTbQfpEsrPapQSao+REvMB8GA1UdIwQY
MBaAFLpNDmmrdp9luysVW9+oOnGG7qxEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWswT2FhdDJuMlc3S3hWYjM2ZzZjWWJ1ckVRLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC8zZDZkNmMtZjU4ZC00MmU2LWI2ODgt
OGVmZjNmZDNjNDhhLzEvMS1DWE9KdUd0TnRCLWtTeXM5cWxCSnFqNUVTOC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYTgvM2Q2ZDZjLWY1OGQtNDJlNi1iNjg4LThlZmYzZmQzYzQ4
YS8xL3VrME9hYXQybjJXN0t4VmIzNmc2Y1lidXJFUS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC2PoTAN
BgkqhkiG9w0BAQsFAAOCAQEAnmkPaZwxBZncdBCh1B4e9Ascd69hoPa0kE1DeCMw
RPkLJ0jaPbA3yruT8D4kVe8txPkNUZEMT/5WRboyFePXamlCuIDW7sbNXJiWDuSu
MB08q8x1dLDP6VYfNI+jHhlbznC6Zceos2PoaVoEqMmrxUb2lfl/zAg74p59A19Q
EatSzFrewEG3MBXgZ17tNVZ0CDqeIazyxNbzJGB8cGqaD8swHffq6oOBajJIAktU
B5jVJQUKxUGrySGldOFXxZc/CaoBA9PjrNr0FLDK8W8TRlLPaKHvbKQhdKRFSvYg
AOsyb0+hkUtU+wFUdg1P2hqUVAI2n+NfpQng07Gos5CK4A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:08 2024 by rpki-client on console-ams.rpki-client.org