Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/PaAXufhuEPxUdTacZY415imtRKg.roa
File: PaAXufhuEPxUdTacZY415imtRKg.roa (raw, json)
Hash identifier: xItz+O4HHgY+pz3f8ip+69ZESrEFkWjrB+dfQPRTBUA=
Subject key identifier: 3D:A0:17:B9:F8:6E:10:FC:54:75:36:9C:65:8E:35:E6:29:AD:44:A8
Certificate issuer: /CN=7df132df13e4be53d8250c8c48420264eef6c14c
Certificate serial: 01851646C8393CF17C6D87D22F098D3A44EF
Authority key identifier: 7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/PaAXufhuEPxUdTacZY415imtRKg.roa
Signing time: Thu 15 Dec 2022 14:53:35 +0000
ROA not before: Thu 15 Dec 2022 14:53:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41043
IP address blocks: 89.45.47.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:16:46:c8:39:3c:f1:7c:6d:87:d2:2f:09:8d:3a:44:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7df132df13e4be53d8250c8c48420264eef6c14c
Validity
Not Before: Dec 15 14:53:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3da017b9f86e10fc5475369c658e35e629ad44a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:6b:57:45:b8:2c:41:bb:66:f4:71:61:12:02:
31:b7:30:d6:b8:44:b8:23:d8:5b:cf:ec:83:d3:ac:
43:12:38:15:e4:fe:78:8d:6f:46:a4:03:f2:33:3b:
37:9e:a6:ea:98:cf:05:60:59:13:c1:ca:6e:81:34:
e4:69:f5:31:03:5a:6d:91:c3:b8:60:8a:4a:8d:95:
27:f2:6e:4e:07:6b:a0:79:48:63:fb:e7:0f:d0:37:
52:bc:11:2c:2f:80:aa:29:ab:63:0b:47:5c:60:d3:
db:31:03:b3:d2:e0:6b:14:27:f1:5d:a7:f9:5f:40:
c4:cc:de:17:b5:09:2c:b8:26:ab:c7:ec:9f:cd:35:
91:83:97:fd:16:aa:f3:fc:10:9f:2c:34:a9:d6:d2:
2f:07:52:5e:15:29:7a:b9:97:c2:02:2b:b6:01:f3:
2a:42:f6:47:0f:9b:66:e8:ac:6d:f2:6a:3c:82:00:
e0:a7:31:f8:d9:0a:3d:2f:da:cf:88:a9:97:4a:7e:
aa:12:fb:a8:20:6f:cb:1a:c3:b1:22:9c:b7:1b:11:
fe:ef:ba:bc:86:fa:2f:d4:97:51:00:68:ca:45:b7:
94:7e:5c:27:21:24:ab:14:6a:4d:8a:89:63:34:52:
63:49:b5:47:3a:bc:b8:f4:9f:f5:00:76:a9:fe:36:
a2:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:A0:17:B9:F8:6E:10:FC:54:75:36:9C:65:8E:35:E6:29:AD:44:A8
X509v3 Authority Key Identifier:
keyid:7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/PaAXufhuEPxUdTacZY415imtRKg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.45.47.0/24
Signature Algorithm: sha256WithRSAEncryption
36:7d:7c:f3:e4:e1:b8:e8:4f:d3:a2:a7:25:7e:c3:7c:fa:27:
84:63:9a:46:11:3e:f8:c1:54:31:5c:3e:4c:47:0a:d0:53:ec:
41:1c:75:e0:6e:fd:db:cb:f8:91:6f:f1:f8:e9:ad:e5:a9:f8:
e1:d5:72:85:63:97:9c:5c:14:09:01:46:e4:c6:7c:d1:e9:9d:
9c:80:1d:cb:48:ad:fa:92:a0:54:a3:0e:e2:73:be:e4:35:8b:
38:80:d3:9d:b3:54:58:c5:8a:5b:e7:89:46:8c:bd:cf:e5:fd:
01:4a:37:40:bd:c3:4f:06:08:62:84:9e:c0:91:ab:7e:0d:d3:
89:55:0e:59:b5:3a:a8:20:3e:d0:5d:4d:9a:d9:15:b2:e6:28:
80:e7:0d:d8:2d:bb:7c:94:71:84:31:a4:5f:39:29:d2:d2:d3:
21:26:26:bb:af:28:bd:00:4d:00:38:5d:50:f7:26:65:4e:c3:
f2:ee:dc:59:6c:c6:67:11:5d:fc:f5:56:d7:d6:9b:e6:94:5a:
69:d7:82:df:87:a9:90:b7:18:50:ab:ce:4a:2b:7c:33:ea:1f:
c4:60:cc:ee:60:ce:6b:98:cd:9f:86:da:e9:00:ed:7d:e5:1d:
94:e6:6b:84:aa:cd:99:d1:77:95:56:82:8e:90:2d:02:01:d1:
69:ce:7a:49
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYUWRsg5PPF8bYfSLwmNOkTvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZjEzMmRmMTNlNGJlNTNkODI1MGM4YzQ4NDIwMjY0ZWVm
NmMxNGMwHhcNMjIxMjE1MTQ1MzM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGEwMTdiOWY4NmUxMGZjNTQ3NTM2OWM2NThlMzVlNjI5YWQ0NGE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqmtXRbgsQbtm9HFhEgIxtzDWuES4
I9hbz+yD06xDEjgV5P54jW9GpAPyMzs3nqbqmM8FYFkTwcpugTTkafUxA1ptkcO4
YIpKjZUn8m5OB2ugeUhj++cP0DdSvBEsL4CqKatjC0dcYNPbMQOz0uBrFCfxXaf5
X0DEzN4XtQksuCarx+yfzTWRg5f9Fqrz/BCfLDSp1tIvB1JeFSl6uZfCAiu2AfMq
QvZHD5tm6Kxt8mo8ggDgpzH42Qo9L9rPiKmXSn6qEvuoIG/LGsOxIpy3GxH+77q8
hvov1JdRAGjKRbeUflwnISSrFGpNioljNFJjSbVHOry49J/1AHap/jaiFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD2gF7n4bhD8VHU2nGWONeYprUSoMB8GA1UdIwQY
MBaAFH3xMt8T5L5T2CUMjEhCAmTu9sFMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYt
OTc3ODY3NGVkYzk3LzEvUGFBWHVmaHVFUHhVZFRhY1pZNDE1aW10UktnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYtOTc3ODY3NGVkYzk3
LzEvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWS0vMA0G
CSqGSIb3DQEBCwUAA4IBAQA2fXzz5OG46E/ToqclfsN8+ieEY5pGET74wVQxXD5M
RwrQU+xBHHXgbv3by/iRb/H46a3lqfjh1XKFY5ecXBQJAUbkxnzR6Z2cgB3LSK36
kqBUow7ic77kNYs4gNOds1RYxYpb54lGjL3P5f0BSjdAvcNPBghihJ7Akat+DdOJ
VQ5ZtTqoID7QXU2a2RWy5iiA5w3YLbt8lHGEMaRfOSnS0tMhJia7ryi9AE0AOF1Q
9yZlTsPy7txZbMZnEV389VbX1pvmlFpp14Lfh6mQtxhQq85KK3wz6h/EYMzuYM5r
mM2fhtrpAO195R2U5muEqs2Z0XeVVoKOkC0CAdFpznpJ
-----END CERTIFICATE-----
Generated at Sat Apr 19 01:16:48 2025 by rpki-client