Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/12fc41-89dd-4a21-aa34-76525841dc28/1/Dfg0liIjgQ5mXhcCDEcmOxAxRT8.roa
File: Dfg0liIjgQ5mXhcCDEcmOxAxRT8.roa (raw, json)
Hash identifier: gipsJcTBTDF6ivkeG5Lz0akIzYJFXuJBif3laaVyvOo=
Subject key identifier: 0D:F8:34:96:22:23:81:0E:66:5E:17:02:0C:47:26:3B:10:31:45:3F
Certificate issuer: /CN=ced410ea6867ef63f959bad6b21b691cadff87d4
Certificate serial: 066715EC
Authority key identifier: CE:D4:10:EA:68:67:EF:63:F9:59:BA:D6:B2:1B:69:1C:AD:FF:87:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ztQQ6mhn72P5WbrWshtpHK3_h9Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/12fc41-89dd-4a21-aa34-76525841dc28/1/Dfg0liIjgQ5mXhcCDEcmOxAxRT8.roa
Signing time: Sat 01 Jan 2022 15:58:20 +0000
ROA not before: Sat 01 Jan 2022 15:58:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42053
IP address blocks: 45.152.92.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107419116 (0x66715ec)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ced410ea6867ef63f959bad6b21b691cadff87d4
Validity
Not Before: Jan 1 15:58:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0df834962223810e665e17020c47263b1031453f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:bc:bc:49:bf:62:88:ab:93:7f:69:57:dc:2e:
43:30:4d:11:a0:9d:fb:cd:41:9f:91:88:c9:a5:0c:
73:2b:a9:4f:e7:fe:a1:a9:af:26:d3:18:e5:55:fb:
16:cc:b7:b4:0e:b6:df:41:0e:b8:8b:65:b8:30:75:
5c:2b:89:7e:bd:0d:26:10:d7:99:fe:65:db:c4:29:
1c:80:50:93:e2:f7:76:dc:40:df:90:dc:b3:df:bd:
b6:39:a6:71:57:9c:5e:b9:7e:fc:3b:98:27:37:fb:
b3:af:72:12:3a:03:8a:73:6b:8d:76:b2:58:ac:dd:
35:50:6b:0e:c5:2e:6f:56:4b:a4:b3:76:9f:a9:75:
f8:51:8a:cd:2b:1c:c8:36:68:6d:86:02:63:6e:07:
6d:b9:a7:61:6f:00:b8:6e:72:6c:5c:af:f3:3b:87:
c4:63:3c:c8:5a:bd:99:27:35:97:39:c4:9e:06:a6:
65:3e:7d:09:8e:65:7d:05:4e:b6:7f:c3:0d:3f:85:
e8:ca:35:99:0e:d2:63:49:3d:3c:b8:bd:45:04:62:
60:4e:b2:74:dc:93:04:95:69:d5:55:34:da:f7:54:
77:fb:31:02:ec:71:f6:54:76:54:a7:e2:51:59:42:
de:95:1e:2c:bd:52:54:ca:6c:38:03:05:e3:04:e1:
8a:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:F8:34:96:22:23:81:0E:66:5E:17:02:0C:47:26:3B:10:31:45:3F
X509v3 Authority Key Identifier:
keyid:CE:D4:10:EA:68:67:EF:63:F9:59:BA:D6:B2:1B:69:1C:AD:FF:87:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ztQQ6mhn72P5WbrWshtpHK3_h9Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/12fc41-89dd-4a21-aa34-76525841dc28/1/Dfg0liIjgQ5mXhcCDEcmOxAxRT8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/12fc41-89dd-4a21-aa34-76525841dc28/1/ztQQ6mhn72P5WbrWshtpHK3_h9Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.152.92.0/22
Signature Algorithm: sha256WithRSAEncryption
24:7d:a5:7f:03:52:aa:d4:fb:d0:17:be:92:1d:23:92:97:11:
1a:cd:8d:0d:5e:a3:bf:03:91:33:d6:e9:da:07:05:22:ef:8e:
a7:cc:70:7b:53:32:3f:67:db:d5:13:69:79:63:56:9a:90:1a:
2c:cf:0b:31:fc:10:88:4f:d8:15:20:24:89:96:9b:97:b8:a4:
41:7c:8d:1e:52:f3:56:1b:f4:06:19:48:28:14:43:fa:26:93:
6b:0d:5b:c6:13:a4:a1:aa:af:98:fb:6e:94:01:e9:d8:8a:69:
6b:31:18:db:57:d2:2c:f0:42:01:8a:46:52:a3:91:7f:07:f9:
4f:fa:eb:5e:20:8d:5b:6c:c9:45:1a:1b:45:1e:a3:23:b4:f7:
f3:c8:70:88:c7:42:73:bc:68:44:c7:96:58:1f:a7:19:a6:2c:
b8:0f:ed:89:7f:54:45:12:d6:9c:84:8f:4c:a1:44:65:f5:79:
b1:c9:5e:95:50:17:99:a0:63:0e:de:07:f1:2d:ba:71:68:d0:
d6:c4:37:ff:37:93:18:7d:b7:1e:d4:e1:6c:02:38:25:0e:2e:
70:c2:76:78:b7:2b:4a:a0:9d:b3:a9:d5:a1:9d:18:22:b4:6a:
70:82:fd:b0:24:47:ea:22:75:25:13:68:d7:93:22:87:f7:72:
bc:4b:f5:4b
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBmcV7DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
ZWQ0MTBlYTY4NjdlZjYzZjk1OWJhZDZiMjFiNjkxY2FkZmY4N2Q0MB4XDTIyMDEw
MTE1NTgyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGRmODM0OTYyMjIz
ODEwZTY2NWUxNzAyMGM0NzI2M2IxMDMxNDUzZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK68vEm/Yoirk39pV9wuQzBNEaCd+81Bn5GIyaUMcyupT+f+
oamvJtMY5VX7Fsy3tA6230EOuItluDB1XCuJfr0NJhDXmf5l28QpHIBQk+L3dtxA
35Dcs9+9tjmmcVecXrl+/DuYJzf7s69yEjoDinNrjXayWKzdNVBrDsUub1ZLpLN2
n6l1+FGKzSscyDZobYYCY24HbbmnYW8AuG5ybFyv8zuHxGM8yFq9mSc1lznEngam
ZT59CY5lfQVOtn/DDT+F6Mo1mQ7SY0k9PLi9RQRiYE6ydNyTBJVp1VU02vdUd/sx
Auxx9lR2VKfiUVlC3pUeLL1SVMpsOAMF4wThirMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQN+DSWIiOBDmZeFwIMRyY7EDFFPzAfBgNVHSMEGDAWgBTO1BDqaGfvY/lZ
utayG2kcrf+H1DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3p0UVE2bWhuNzJQNVdicldzaHRwSEszX2g5US5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjMvMTJmYzQxLTg5ZGQtNGEyMS1hYTM0LTc2NTI1ODQxZGMyOC8x
L0RmZzBsaUlqZ1E1bVhoY0NERWNtT3hBeFJUOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjMv
MTJmYzQxLTg5ZGQtNGEyMS1hYTM0LTc2NTI1ODQxZGMyOC8xL3p0UVE2bWhuNzJQ
NVdicldzaHRwSEszX2g5US5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi2YXDANBgkqhkiG9w0BAQsFAAOC
AQEAJH2lfwNSqtT70Be+kh0jkpcRGs2NDV6jvwORM9bp2gcFIu+Op8xwe1MyP2fb
1RNpeWNWmpAaLM8LMfwQiE/YFSAkiZabl7ikQXyNHlLzVhv0BhlIKBRD+iaTaw1b
xhOkoaqvmPtulAHp2IppazEY21fSLPBCAYpGUqORfwf5T/rrXiCNW2zJRRobRR6j
I7T388hwiMdCc7xoRMeWWB+nGaYsuA/tiX9URRLWnISPTKFEZfV5sclelVAXmaBj
Dt4H8S26cWjQ1sQ3/zeTGH23HtThbAI4JQ4ucMJ2eLcrSqCds6nVoZ0YIrRqcIL9
sCRH6iJ1JRNo15Mih/dyvEv1Sw==
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:36:41 2025 by rpki-client