Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/b45765-2c33-4a49-91eb-946892f88beb/1/1-oDsGyQZzMkrLDJbSNGZvzctAx8.roa
File: 1-oDsGyQZzMkrLDJbSNGZvzctAx8.roa (raw, json)
Hash identifier: eZ198Ism71RJfBCfKsblDzlkoPSDp4k9QdJ4sTnA2V8=
Subject key identifier: FA:80:EC:1B:24:19:CC:C9:2B:2C:32:5B:48:D1:99:BF:37:2D:03:1F
Certificate issuer: /CN=6cf9b24f2c0847d041c1e66a12f01eaba478b4fc
Certificate serial: 03D3BE3F
Authority key identifier: 6C:F9:B2:4F:2C:08:47:D0:41:C1:E6:6A:12:F0:1E:AB:A4:78:B4:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bPmyTywIR9BBweZqEvAeq6R4tPw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/b45765-2c33-4a49-91eb-946892f88beb/1/1-oDsGyQZzMkrLDJbSNGZvzctAx8.roa
Signing time: Sat 01 Jan 2022 00:50:57 +0000
ROA not before: Sat 01 Jan 2022 00:50:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208168
IP address blocks: 45.156.152.0/22 maxlen: 24
2a0f:2480::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64208447 (0x3d3be3f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6cf9b24f2c0847d041c1e66a12f01eaba478b4fc
Validity
Not Before: Jan 1 00:50:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fa80ec1b2419ccc92b2c325b48d199bf372d031f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:6d:86:06:f9:2d:b7:40:0c:8f:4b:e6:42:3f:
84:f4:48:ae:4a:50:dd:16:1f:2a:93:50:e1:3c:60:
66:22:3b:79:2b:6d:8c:d1:d3:48:22:6a:50:d0:35:
31:ca:48:6b:ce:b6:cf:98:2f:05:23:bc:3c:8f:cc:
ab:94:af:e1:6d:dc:69:f6:a8:a1:f8:57:ac:c5:2e:
3b:20:7a:d6:fd:77:4c:84:5b:a9:de:e5:df:6e:26:
a5:70:18:f9:1e:58:44:3a:15:15:6b:7e:45:cf:1b:
4c:8a:dd:3a:d2:4a:38:17:39:9c:49:18:09:d6:d3:
ef:3c:90:1c:6a:47:16:46:0f:48:64:3f:cd:03:bf:
a8:29:ee:db:76:91:1a:6e:d5:8f:22:41:d8:a6:52:
7d:b8:02:8a:85:51:10:31:1d:fa:5a:f8:9c:74:1b:
4c:5a:18:d0:2f:c4:8a:f8:fc:96:6b:67:6c:72:ef:
5c:04:31:8d:c7:1d:fc:5c:d3:f9:10:fe:98:39:47:
e4:fe:1c:12:10:be:f8:aa:0c:31:20:f3:0c:35:bf:
a4:40:04:70:a9:1e:a4:f8:4e:7d:eb:b0:2e:8d:13:
4b:74:94:40:1f:e4:cf:e5:49:82:44:cc:0a:d5:14:
e6:8c:be:40:07:f1:02:e8:ac:4b:a5:1d:5d:df:f3:
f7:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:80:EC:1B:24:19:CC:C9:2B:2C:32:5B:48:D1:99:BF:37:2D:03:1F
X509v3 Authority Key Identifier:
keyid:6C:F9:B2:4F:2C:08:47:D0:41:C1:E6:6A:12:F0:1E:AB:A4:78:B4:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bPmyTywIR9BBweZqEvAeq6R4tPw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/b45765-2c33-4a49-91eb-946892f88beb/1/1-oDsGyQZzMkrLDJbSNGZvzctAx8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/b45765-2c33-4a49-91eb-946892f88beb/1/bPmyTywIR9BBweZqEvAeq6R4tPw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.152.0/22
IPv6:
2a0f:2480::/29
Signature Algorithm: sha256WithRSAEncryption
9e:de:3a:e1:a5:4b:7e:96:13:b6:91:cb:0b:2c:97:21:c6:c5:
37:99:d5:32:07:a7:31:be:eb:72:09:2d:4d:5f:fc:32:09:0f:
0f:67:15:7e:47:c0:cf:00:93:0a:25:c4:29:99:cc:32:2b:9e:
f4:3b:b6:41:22:45:34:5a:94:c2:26:5c:5f:24:6a:5c:18:83:
aa:b9:f2:fa:51:4c:8d:d9:a6:e2:15:09:74:d8:95:67:d3:47:
55:0f:f1:bd:d3:50:89:b0:6d:13:72:2d:00:a7:c8:70:b4:9c:
35:87:0a:66:13:ce:07:0c:f8:84:5d:a4:af:11:78:d5:76:4b:
f3:8b:fc:98:1b:fc:6c:cd:5d:1d:89:77:fb:08:32:dc:e3:76:
77:40:3f:e4:68:fc:5a:ad:b5:6a:42:75:a1:39:96:f3:60:3f:
34:fb:07:1b:be:fa:53:f4:e6:71:8f:d2:5c:0a:7f:aa:17:a2:
7e:54:34:0e:74:48:4a:77:4e:51:60:bd:35:3e:6e:9b:a6:69:
5e:83:2d:69:7e:bf:b8:33:0d:d5:70:d4:89:6a:a4:5f:df:3d:
22:5d:19:f4:20:25:ef:77:7f:27:2e:87:88:1a:8b:6b:f7:13:
72:48:84:c2:41:3d:25:a0:39:16:f8:d0:0a:e7:36:b5:5e:03:
e5:21:bd:51
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIEA9O+PzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
Y2Y5YjI0ZjJjMDg0N2QwNDFjMWU2NmExMmYwMWVhYmE0NzhiNGZjMB4XDTIyMDEw
MTAwNTA1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmE4MGVjMWIyNDE5
Y2NjOTJiMmMzMjViNDhkMTk5YmYzNzJkMDMxZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANVthgb5LbdADI9L5kI/hPRIrkpQ3RYfKpNQ4TxgZiI7eStt
jNHTSCJqUNA1McpIa862z5gvBSO8PI/Mq5Sv4W3cafaoofhXrMUuOyB61v13TIRb
qd7l324mpXAY+R5YRDoVFWt+Rc8bTIrdOtJKOBc5nEkYCdbT7zyQHGpHFkYPSGQ/
zQO/qCnu23aRGm7VjyJB2KZSfbgCioVREDEd+lr4nHQbTFoY0C/Eivj8lmtnbHLv
XAQxjccd/FzT+RD+mDlH5P4cEhC++KoMMSDzDDW/pEAEcKkepPhOfeuwLo0TS3SU
QB/kz+VJgkTMCtUU5oy+QAfxAuisS6UdXd/z97kCAwEAAaOCAhkwggIVMB0GA1Ud
DgQWBBT6gOwbJBnMySssMltI0Zm/Ny0DHzAfBgNVHSMEGDAWgBRs+bJPLAhH0EHB
5moS8B6rpHi0/DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JQbXlUeXdJUjlCQndlWnFFdkFlcTZSNHRQdy5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWYvYjQ1NzY1LTJjMzMtNGE0OS05MWViLTk0Njg5MmY4OGJlYi8x
LzEtb0RzR3lRWnpNa3JMREpiU05HWnZ6Y3RBeDgucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Fm
L2I0NTc2NS0yYzMzLTRhNDktOTFlYi05NDY4OTJmODhiZWIvMS9iUG15VHl3SVI5
QkJ3ZVpxRXZBZXE2UjR0UHcuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
LgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAItnJgwDQQCAAIwBwMFAyoPJIAw
DQYJKoZIhvcNAQELBQADggEBAJ7eOuGlS36WE7aRywsslyHGxTeZ1TIHpzG+63IJ
LU1f/DIJDw9nFX5HwM8AkwolxCmZzDIrnvQ7tkEiRTRalMImXF8kalwYg6q58vpR
TI3ZpuIVCXTYlWfTR1UP8b3TUImwbRNyLQCnyHC0nDWHCmYTzgcM+IRdpK8ReNV2
S/OL/Jgb/GzNXR2Jd/sIMtzjdndAP+Ro/FqttWpCdaE5lvNgPzT7Bxu++lP05nGP
0lwKf6oXon5UNA50SEp3TlFgvTU+bpumaV6DLWl+v7gzDdVw1IlqpF/fPSJdGfQg
Je93fycuh4gai2v3E3JIhMJBPSWgORb40ArnNrVeA+UhvVE=
-----END CERTIFICATE-----
Generated at Thu Mar 13 21:16:09 2025 by rpki-client