Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/8d7c57-ba65-47fc-bcc4-c33018633d33/1/j20M6dAFWZ4hCYmZd4lkOvJVhSQ.roa
File: j20M6dAFWZ4hCYmZd4lkOvJVhSQ.roa (raw, json)
Hash identifier: Vx+7BLVh+R5N00mE4TdG6Kn9Q5PtoMVmHr29Ka5b3Mg=
Subject key identifier: 8F:6D:0C:E9:D0:05:59:9E:21:09:89:99:77:89:64:3A:F2:55:85:24
Certificate issuer: /CN=30f1ba6111c8f1d3f37c1b7c1a5ed737402192f2
Certificate serial: 0185711E474B83E69BBDF1286DCF463E9E1D
Authority key identifier: 30:F1:BA:61:11:C8:F1:D3:F3:7C:1B:7C:1A:5E:D7:37:40:21:92:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MPG6YRHI8dPzfBt8Gl7XN0AhkvI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/8d7c57-ba65-47fc-bcc4-c33018633d33/1/j20M6dAFWZ4hCYmZd4lkOvJVhSQ.roa
Signing time: Mon 02 Jan 2023 06:14:47 +0000
ROA not before: Mon 02 Jan 2023 06:14:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208482
IP address blocks: 45.84.98.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:1e:47:4b:83:e6:9b:bd:f1:28:6d:cf:46:3e:9e:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30f1ba6111c8f1d3f37c1b7c1a5ed737402192f2
Validity
Not Before: Jan 2 06:14:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8f6d0ce9d005599e210989997789643af2558524
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:d7:fc:70:92:14:f3:b8:f8:bf:a2:02:5e:ad:
2e:91:6d:e6:9b:21:9c:3b:ae:6e:60:c3:20:53:18:
63:3e:6d:86:6f:d9:10:e2:5f:6a:75:4e:50:fb:3a:
15:b6:98:64:f7:ee:51:68:f9:0f:05:5b:20:bf:e8:
4c:c9:12:ae:72:7e:40:4a:2b:e3:98:a7:e5:fb:c0:
09:d8:b7:94:5a:0c:29:e5:2d:f5:d8:4c:ff:8a:17:
36:22:75:d8:75:1e:60:4e:af:f3:ca:69:6a:c0:ce:
fe:6a:3a:5b:0e:8b:32:35:6d:2a:22:78:49:7e:83:
bf:a1:60:43:8d:79:6f:87:a0:31:7e:86:03:21:4b:
30:88:bd:67:0f:7c:0b:55:81:83:81:b9:a2:5b:f3:
e7:4b:3f:24:39:24:9e:da:13:89:c9:a7:43:e6:fe:
80:7b:77:c3:97:46:1e:67:29:ec:ec:94:37:78:53:
01:a1:57:62:81:d5:c4:08:06:56:37:35:f3:4a:25:
2d:c0:36:21:19:38:87:88:0e:f3:1a:49:c8:79:53:
55:70:0e:e4:d9:96:7c:4d:45:cd:3b:63:13:63:08:
b7:2c:bc:be:c9:a5:de:33:cf:1c:00:9e:f0:73:9e:
03:26:71:ad:80:86:f0:bb:c8:b3:07:08:a9:43:df:
0d:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:6D:0C:E9:D0:05:59:9E:21:09:89:99:77:89:64:3A:F2:55:85:24
X509v3 Authority Key Identifier:
keyid:30:F1:BA:61:11:C8:F1:D3:F3:7C:1B:7C:1A:5E:D7:37:40:21:92:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MPG6YRHI8dPzfBt8Gl7XN0AhkvI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/8d7c57-ba65-47fc-bcc4-c33018633d33/1/j20M6dAFWZ4hCYmZd4lkOvJVhSQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/8d7c57-ba65-47fc-bcc4-c33018633d33/1/MPG6YRHI8dPzfBt8Gl7XN0AhkvI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.98.0/23
Signature Algorithm: sha256WithRSAEncryption
31:ab:f3:b3:31:36:4e:2d:3e:d5:62:b4:54:46:17:20:2c:53:
3c:5b:fe:1c:6a:70:d2:07:8c:5c:2d:4a:00:69:6b:74:9c:0e:
b8:f5:80:c4:eb:e3:69:1b:e6:dc:88:15:cc:d2:5b:9f:4f:e5:
89:f5:d0:3f:a5:3f:25:2c:67:70:65:29:d4:8b:fd:b0:c8:57:
9c:69:61:fc:38:1d:14:98:7e:53:3e:4e:b7:db:db:1d:33:0f:
20:c7:2f:00:91:16:71:0c:25:14:36:31:1b:4b:2e:03:0d:c0:
2e:b8:04:1a:48:a3:cb:d1:a1:3b:e0:c8:38:51:3d:ed:f6:92:
50:2d:b5:e8:a9:49:d4:c5:ab:4b:1a:18:cf:e8:26:7e:bc:f7:
8a:10:86:df:0d:fc:48:70:a1:5c:f0:1d:1a:78:4f:d0:42:cf:
cb:45:6a:82:81:22:d0:3c:e9:45:63:ce:d1:20:e1:f6:90:cb:
5d:48:45:06:d5:65:7c:b8:3a:0a:89:c3:77:4a:85:ff:c6:bc:
70:a0:b3:00:3d:d3:2e:50:3c:ba:4f:db:f7:59:a3:8c:20:37:
19:b5:4e:7e:32:dc:cb:45:9a:af:c1:1a:92:11:b5:28:d2:8e:
8c:6d:2e:14:87:e6:90:52:8a:5d:f9:a6:df:41:6c:0c:d5:55:
c3:85:86:95
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxHkdLg+abvfEobc9GPp4dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwZjFiYTYxMTFjOGYxZDNmMzdjMWI3YzFhNWVkNzM3NDAy
MTkyZjIwHhcNMjMwMTAyMDYxNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjZkMGNlOWQwMDU1OTllMjEwOTg5OTk3Nzg5NjQzYWYyNTU4NTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgNf8cJIU87j4v6ICXq0ukW3mmyGc
O65uYMMgUxhjPm2Gb9kQ4l9qdU5Q+zoVtphk9+5RaPkPBVsgv+hMyRKucn5ASivj
mKfl+8AJ2LeUWgwp5S312Ez/ihc2InXYdR5gTq/zymlqwM7+ajpbDosyNW0qInhJ
foO/oWBDjXlvh6AxfoYDIUswiL1nD3wLVYGDgbmiW/PnSz8kOSSe2hOJyadD5v6A
e3fDl0YeZyns7JQ3eFMBoVdigdXECAZWNzXzSiUtwDYhGTiHiA7zGknIeVNVcA7k
2ZZ8TUXNO2MTYwi3LLy+yaXeM88cAJ7wc54DJnGtgIbwu8izBwipQ98N/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI9tDOnQBVmeIQmJmXeJZDryVYUkMB8GA1UdIwQY
MBaAFDDxumERyPHT83wbfBpe1zdAIZLyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVBHNllSSEk4ZFB6ZkJ0OEdsN1hOMEFoa3ZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy84ZDdjNTctYmE2NS00N2ZjLWJjYzQt
YzMzMDE4NjMzZDMzLzEvajIwTTZkQUZXWjRoQ1ltWmQ0bGtPdkpWaFNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy84ZDdjNTctYmE2NS00N2ZjLWJjYzQtYzMzMDE4NjMzZDMz
LzEvTVBHNllSSEk4ZFB6ZkJ0OEdsN1hOMEFoa3ZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLVRiMA0G
CSqGSIb3DQEBCwUAA4IBAQAxq/OzMTZOLT7VYrRURhcgLFM8W/4canDSB4xcLUoA
aWt0nA649YDE6+NpG+bciBXM0lufT+WJ9dA/pT8lLGdwZSnUi/2wyFecaWH8OB0U
mH5TPk6329sdMw8gxy8AkRZxDCUUNjEbSy4DDcAuuAQaSKPL0aE74Mg4UT3t9pJQ
LbXoqUnUxatLGhjP6CZ+vPeKEIbfDfxIcKFc8B0aeE/QQs/LRWqCgSLQPOlFY87R
IOH2kMtdSEUG1WV8uDoKicN3SoX/xrxwoLMAPdMuUDy6T9v3WaOMIDcZtU5+MtzL
RZqvwRqSEbUo0o6MbS4Uh+aQUopd+abfQWwM1VXDhYaV
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:39:05 2025 by rpki-client