Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/aoDlrp4EGo7cx0qW_jE9RWvMr-c.roa
File: aoDlrp4EGo7cx0qW_jE9RWvMr-c.roa (raw, json)
Hash identifier: 3vTXkeozAk1qCQPHDu5yeAGbnJat7Hxlg9//Q8qJfj0=
Subject key identifier: 6A:80:E5:AE:9E:04:1A:8E:DC:C7:4A:96:FE:31:3D:45:6B:CC:AF:E7
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 0187800FA4D2CEA3E4A35A3FEE4105E4DE04
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/aoDlrp4EGo7cx0qW_jE9RWvMr-c.roa
Signing time: Fri 14 Apr 2023 13:58:41 +0000
ROA not before: Fri 14 Apr 2023 13:58:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35409
IP address blocks: 45.8.254.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:80:0f:a4:d2:ce:a3:e4:a3:5a:3f:ee:41:05:e4:de:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Apr 14 13:58:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6a80e5ae9e041a8edcc74a96fe313d456bccafe7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:4d:bc:2d:c1:3f:b0:45:d6:a0:33:4d:4c:e2:
3a:3b:a1:22:45:69:a7:e5:e4:98:f6:3b:02:9d:24:
0b:ff:7b:10:9d:6e:3a:fb:2c:7b:e6:d0:85:9c:2d:
4c:04:eb:34:d4:e9:b0:b8:4e:67:fd:42:54:83:3e:
f2:31:c9:50:0c:94:6d:b5:8f:95:7b:ca:cb:63:94:
ba:5d:a9:05:1b:94:07:99:74:d0:6a:93:ae:5d:ee:
6c:9c:16:95:8c:f7:84:de:93:23:3c:48:e0:ca:0c:
bc:b8:09:47:21:99:21:96:59:5e:90:2a:bb:bc:10:
79:17:f9:1d:56:9a:e4:80:cb:bf:53:8f:1b:26:90:
70:da:34:9e:f7:ed:60:be:65:2b:92:46:54:77:a2:
49:9a:56:23:96:b7:cf:26:5f:a8:21:e1:b0:73:60:
01:08:a6:8c:d4:13:97:75:55:03:d1:c0:9a:fc:14:
40:0f:7b:0e:f7:75:e7:b5:6f:53:06:cd:8c:3e:13:
58:a5:1d:6f:6e:a0:de:58:03:6d:c6:11:77:5b:c5:
41:f1:a7:e7:e0:6a:79:d2:8b:a2:43:a7:d1:6c:70:
f2:47:14:63:a7:c6:fa:02:79:8f:0a:4d:8b:63:39:
e8:42:a9:6b:74:dd:18:fd:b0:1f:32:44:97:11:ed:
fb:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:80:E5:AE:9E:04:1A:8E:DC:C7:4A:96:FE:31:3D:45:6B:CC:AF:E7
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/aoDlrp4EGo7cx0qW_jE9RWvMr-c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.254.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:c4:d1:ab:2b:01:bf:d0:fe:d9:f5:54:f4:6a:5e:08:97:a3:
b1:76:ff:be:ac:a3:33:94:72:b9:37:b4:0d:91:58:ac:c8:07:
57:dc:35:e7:b4:54:8d:ab:4c:58:63:5b:8c:3e:e5:19:31:25:
c2:ea:4e:ac:a1:a2:1e:16:74:96:1c:89:56:a6:7d:3e:a9:35:
b7:3b:4b:ed:0a:60:aa:15:02:e7:73:ae:a2:a8:2e:2b:33:1a:
04:81:1b:d9:25:ef:e7:82:1a:ad:64:ba:46:19:73:ac:fa:12:
ee:21:72:7d:78:cc:c4:3a:ec:34:dc:0c:93:75:f7:ed:2b:10:
ff:9e:2a:ff:58:2d:d3:57:fe:d7:20:b8:91:79:eb:ce:4f:f4:
97:00:32:d2:7e:ea:f8:bb:98:50:d4:1f:be:d8:1c:c1:28:73:
56:e3:8b:80:9a:7a:51:83:d1:96:3d:d5:eb:8a:60:d2:6b:83:
a3:f1:40:32:b0:e4:fe:ec:fe:70:86:f4:6b:5e:bd:cf:1e:92:
61:f9:c2:64:e9:92:39:42:93:da:02:ac:0e:2d:92:9e:fe:34:
74:5b:d1:31:86:d9:38:4a:7e:a6:ca:cb:26:56:a6:ff:4d:59:
85:53:01:db:0a:6b:f1:8f:17:ab:ed:e4:20:47:bd:91:5d:88:
00:21:c9:1b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYeAD6TSzqPko1o/7kEF5N4EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjMwNDE0MTM1ODQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTgwZTVhZTllMDQxYThlZGNjNzRhOTZmZTMxM2Q0NTZiY2NhZmU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm028LcE/sEXWoDNNTOI6O6EiRWmn
5eSY9jsCnSQL/3sQnW46+yx75tCFnC1MBOs01OmwuE5n/UJUgz7yMclQDJRttY+V
e8rLY5S6XakFG5QHmXTQapOuXe5snBaVjPeE3pMjPEjgygy8uAlHIZkhlllekCq7
vBB5F/kdVprkgMu/U48bJpBw2jSe9+1gvmUrkkZUd6JJmlYjlrfPJl+oIeGwc2AB
CKaM1BOXdVUD0cCa/BRAD3sO93XntW9TBs2MPhNYpR1vbqDeWANtxhF3W8VB8afn
4Gp50ouiQ6fRbHDyRxRjp8b6AnmPCk2LYznoQqlrdN0Y/bAfMkSXEe37lQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGqA5a6eBBqO3MdKlv4xPUVrzK/nMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvYW9EbHJwNEVHbzdjeDBxV19qRTlSV3ZNci1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQj+MA0G
CSqGSIb3DQEBCwUAA4IBAQBaxNGrKwG/0P7Z9VT0al4Il6Oxdv++rKMzlHK5N7QN
kVisyAdX3DXntFSNq0xYY1uMPuUZMSXC6k6soaIeFnSWHIlWpn0+qTW3O0vtCmCq
FQLnc66iqC4rMxoEgRvZJe/nghqtZLpGGXOs+hLuIXJ9eMzEOuw03AyTdfftKxD/
nir/WC3TV/7XILiReevOT/SXADLSfur4u5hQ1B++2BzBKHNW44uAmnpRg9GWPdXr
imDSa4Oj8UAysOT+7P5whvRrXr3PHpJh+cJk6ZI5QpPaAqwOLZKe/jR0W9Exhtk4
Sn6myssmVqb/TVmFUwHbCmvxjxer7eQgR72RXYgAIckb
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:30:17 2025 by rpki-client