Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/6f857d-c398-4d14-9074-3749d95dcd1f/1/v2ZxaXvA8wC2KWu2NCbHW-rorx8.roa
File: v2ZxaXvA8wC2KWu2NCbHW-rorx8.roa (raw, json)
Hash identifier: AW7z8q+CkLyVxp7jBeAbM7qUdAebcTUdBgph6g2fZiA=
Subject key identifier: BF:66:71:69:7B:C0:F3:00:B6:29:6B:B6:34:26:C7:5B:EA:E8:AF:1F
Certificate issuer: /CN=156d70330ec51e9ff1f7727b1781c47a7a9aa56d
Certificate serial: 01849F00098A5A028F68A78911ED61918619
Authority key identifier: 15:6D:70:33:0E:C5:1E:9F:F1:F7:72:7B:17:81:C4:7A:7A:9A:A5:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FW1wMw7FHp_x93J7F4HEenqapW0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/6f857d-c398-4d14-9074-3749d95dcd1f/1/v2ZxaXvA8wC2KWu2NCbHW-rorx8.roa
Signing time: Tue 22 Nov 2022 11:01:30 +0000
ROA not before: Tue 22 Nov 2022 11:01:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199524
IP address blocks: 45.147.160.0/24 maxlen: 24
45.147.161.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:9f:00:09:8a:5a:02:8f:68:a7:89:11:ed:61:91:86:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=156d70330ec51e9ff1f7727b1781c47a7a9aa56d
Validity
Not Before: Nov 22 11:01:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bf6671697bc0f300b6296bb63426c75beae8af1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:54:67:be:3c:f0:a2:6e:73:79:01:c1:f6:f6:
b7:e7:d0:ec:f9:5e:c3:94:cb:ac:00:61:8c:05:94:
ea:ca:26:0b:89:a7:c4:7e:65:f2:5e:f7:60:1f:3e:
4c:24:41:dd:8d:33:cc:27:1c:c9:38:8f:c0:82:28:
a3:3f:98:cf:b1:55:83:03:ad:c7:08:53:f3:da:65:
16:c5:43:9c:3d:27:fb:78:9c:74:25:c9:b2:4c:b8:
c6:4b:19:2e:56:3e:4e:79:81:92:83:50:7c:dd:e3:
dc:a6:f2:18:9a:00:8d:64:76:86:10:33:37:4f:01:
fe:7d:ee:f2:37:73:da:2f:dc:99:f6:f6:5e:be:9f:
c7:5b:f3:ec:4a:f5:80:c2:e1:f2:6d:5b:00:96:5f:
db:35:94:76:2e:af:00:4b:0e:75:d3:cc:22:74:fe:
14:ba:eb:ab:c3:b0:2e:98:98:ac:b3:2e:4f:89:01:
91:48:8d:06:b9:b4:dd:2f:d5:34:49:e0:50:78:f2:
82:ed:25:24:f3:64:70:59:95:3f:85:73:cb:0f:4c:
9e:5a:62:c7:91:7e:5d:44:f3:15:7e:81:97:88:0c:
19:1f:a5:53:81:1d:5c:19:a2:7d:40:31:f9:fd:0f:
2b:50:25:83:cb:de:f2:1c:c7:28:96:ac:25:df:c6:
91:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:66:71:69:7B:C0:F3:00:B6:29:6B:B6:34:26:C7:5B:EA:E8:AF:1F
X509v3 Authority Key Identifier:
keyid:15:6D:70:33:0E:C5:1E:9F:F1:F7:72:7B:17:81:C4:7A:7A:9A:A5:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FW1wMw7FHp_x93J7F4HEenqapW0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/6f857d-c398-4d14-9074-3749d95dcd1f/1/v2ZxaXvA8wC2KWu2NCbHW-rorx8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/6f857d-c398-4d14-9074-3749d95dcd1f/1/FW1wMw7FHp_x93J7F4HEenqapW0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.147.160.0/23
Signature Algorithm: sha256WithRSAEncryption
d0:3c:71:0f:d9:48:f4:20:d5:15:46:48:47:e4:c8:b0:83:78:
b4:47:30:1b:fd:93:e2:b7:ef:e1:ab:74:ef:d5:46:3f:e0:00:
d3:04:3b:17:c2:17:db:8d:e5:67:79:96:0e:42:29:03:b5:70:
48:83:80:ee:f2:4e:46:a5:ae:19:d2:41:32:b2:d0:11:a7:4d:
10:9b:a5:c2:c0:35:fa:cc:b0:73:a5:a7:0d:46:4f:2a:17:d7:
e8:39:43:70:ff:4a:0d:1b:21:de:d1:7f:27:87:74:f8:4f:c7:
62:58:2b:bd:ca:0a:44:e0:17:61:e9:e3:89:c9:2c:87:ec:9d:
db:51:60:84:d6:d9:c7:2e:f2:7e:ee:0f:d2:a1:ac:a1:b8:56:
98:1c:82:0d:af:13:c0:cf:83:d4:b2:c7:18:be:ee:b9:af:78:
27:0f:aa:f7:a5:b2:35:17:17:ae:74:44:5d:7b:0b:d6:dc:54:
3b:ee:eb:f1:3e:e4:f9:25:d8:30:99:3d:5f:0b:6b:60:63:d3:
c3:16:07:a7:d0:e1:95:e6:59:8d:e6:b1:a4:a3:9c:7d:65:b1:
0c:c6:b8:6c:47:ac:c4:34:7c:4a:3c:75:33:95:27:ac:80:cc:
8e:e1:e3:19:71:ba:60:d6:59:50:e7:0d:de:74:e4:7e:5a:e2:
f8:23:ca:65
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYSfAAmKWgKPaKeJEe1hkYYZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1NmQ3MDMzMGVjNTFlOWZmMWY3NzI3YjE3ODFjNDdhN2E5
YWE1NmQwHhcNMjIxMTIyMTEwMTMwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjY2NzE2OTdiYzBmMzAwYjYyOTZiYjYzNDI2Yzc1YmVhZThhZjFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqlRnvjzwom5zeQHB9va359Ds+V7D
lMusAGGMBZTqyiYLiafEfmXyXvdgHz5MJEHdjTPMJxzJOI/AgiijP5jPsVWDA63H
CFPz2mUWxUOcPSf7eJx0JcmyTLjGSxkuVj5OeYGSg1B83ePcpvIYmgCNZHaGEDM3
TwH+fe7yN3PaL9yZ9vZevp/HW/PsSvWAwuHybVsAll/bNZR2Lq8ASw5108widP4U
uuurw7AumJissy5PiQGRSI0GubTdL9U0SeBQePKC7SUk82RwWZU/hXPLD0yeWmLH
kX5dRPMVfoGXiAwZH6VTgR1cGaJ9QDH5/Q8rUCWDy97yHMcolqwl38aRxQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL9mcWl7wPMAtilrtjQmx1vq6K8fMB8GA1UdIwQY
MBaAFBVtcDMOxR6f8fdyexeBxHp6mqVtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRlcxd013N0ZIcF94OTNKN0Y0SEVlbnFhcFcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy82Zjg1N2QtYzM5OC00ZDE0LTkwNzQt
Mzc0OWQ5NWRjZDFmLzEvdjJaeGFYdkE4d0MyS1d1Mk5DYkhXLXJvcng4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy82Zjg1N2QtYzM5OC00ZDE0LTkwNzQtMzc0OWQ5NWRjZDFm
LzEvRlcxd013N0ZIcF94OTNKN0Y0SEVlbnFhcFcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLZOgMA0G
CSqGSIb3DQEBCwUAA4IBAQDQPHEP2Uj0INUVRkhH5Miwg3i0RzAb/ZPit+/hq3Tv
1UY/4ADTBDsXwhfbjeVneZYOQikDtXBIg4Du8k5Gpa4Z0kEystARp00Qm6XCwDX6
zLBzpacNRk8qF9foOUNw/0oNGyHe0X8nh3T4T8diWCu9ygpE4Bdh6eOJySyH7J3b
UWCE1tnHLvJ+7g/SoayhuFaYHIINrxPAz4PUsscYvu65r3gnD6r3pbI1FxeudERd
ewvW3FQ77uvxPuT5JdgwmT1fC2tgY9PDFgen0OGV5lmN5rGko5x9ZbEMxrhsR6zE
NHxKPHUzlSesgMyO4eMZcbpg1llQ5w3edOR+WuL4I8pl
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:51:47 2025 by rpki-client