Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/kFDJJ0vNABGadYubOnDHC3dGCIQ.roa
File: kFDJJ0vNABGadYubOnDHC3dGCIQ.roa (raw, json)
Hash identifier: lp6BvV/DKZSiBWnbe22GfijO3jXSZ2QB2kKwQ84LB5o=
Subject key identifier: 90:50:C9:27:4B:CD:00:11:9A:75:8B:9B:3A:70:C7:0B:77:46:08:84
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0188E795D5B9E669178285F79E5B7749A067
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/kFDJJ0vNABGadYubOnDHC3dGCIQ.roa
Signing time: Fri 23 Jun 2023 09:28:56 +0000
ROA not before: Fri 23 Jun 2023 09:28:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 4320
IP address blocks: 45.135.38.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:e7:95:d5:b9:e6:69:17:82:85:f7:9e:5b:77:49:a0:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jun 23 09:28:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9050c9274bcd00119a758b9b3a70c70b77460884
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:db:6a:be:a7:05:f0:db:1b:db:1b:eb:00:e2:
ee:7a:0e:2d:5c:66:21:5c:e9:42:85:23:98:4b:93:
2d:d0:ca:02:2d:5d:4a:96:63:cd:df:21:54:91:90:
0c:1c:75:5e:33:95:fa:8a:03:69:f3:b5:98:58:f6:
1c:6f:78:9e:77:a8:49:39:5d:cf:b4:e6:65:25:6a:
45:3f:0d:0c:35:b1:73:ff:dc:de:54:27:c9:77:cb:
6c:29:78:1f:58:81:3a:cd:30:02:a5:53:66:c2:f0:
55:c9:7f:05:0b:b8:41:b0:6a:51:3e:0f:10:b8:96:
90:90:dd:f3:b5:e0:8d:81:9c:c9:59:25:21:9c:a7:
82:b9:e1:55:3c:c9:4f:1d:ab:d1:de:53:70:6d:16:
22:ff:e4:69:ab:e1:12:33:81:47:0b:64:f1:c5:b2:
e4:89:de:e1:a6:85:98:5f:75:5a:f1:c7:21:97:82:
3e:aa:9b:8a:e5:35:77:70:81:de:b7:b4:34:6d:92:
e1:17:c5:4d:65:4d:5c:c5:71:b8:4a:83:f1:c1:04:
01:45:b3:bc:4f:fc:c7:cf:ff:20:6e:6e:35:48:ad:
ae:e6:e4:2b:70:88:8f:84:ba:ca:f0:31:5f:b2:c5:
59:4e:c0:73:08:d2:68:68:df:0f:3e:2d:06:59:bc:
a5:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:50:C9:27:4B:CD:00:11:9A:75:8B:9B:3A:70:C7:0B:77:46:08:84
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/kFDJJ0vNABGadYubOnDHC3dGCIQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.38.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:8b:a7:67:66:49:11:86:96:12:6b:e4:34:7f:22:06:b6:b8:
66:f9:c6:bd:88:a4:9a:88:71:90:be:9b:f7:5a:24:5d:c7:c5:
89:1a:f2:25:8b:dc:1a:72:5a:25:58:76:bc:43:30:93:14:78:
9c:b8:6a:3e:3b:76:36:3c:10:19:b4:bf:e4:8d:56:ec:77:04:
af:e3:1a:0c:a2:8a:6f:47:ed:83:b3:11:be:ce:ff:7f:e8:1c:
99:fb:5f:97:0d:6b:54:5c:88:55:5e:f0:02:87:a8:9f:2b:43:
bb:a2:ef:c4:eb:1c:2f:06:a6:8c:33:05:79:5c:d4:fd:c8:64:
a1:02:1c:d3:f5:a5:1d:0e:53:a2:99:8a:04:aa:3c:0d:00:fe:
3d:ce:50:57:5a:fa:ab:af:04:a9:e4:d1:c1:11:a1:09:50:3a:
de:bd:a4:4a:61:85:02:66:94:23:c7:b0:12:4d:77:af:87:d2:
92:9c:c8:42:19:56:3f:9b:2e:11:cc:0f:16:1f:b4:5f:bf:b4:
6d:1e:ef:9e:31:66:5d:43:d9:1c:0d:84:10:a2:e4:35:1c:5a:
b9:5b:a6:14:f2:6d:3b:ac:e4:c9:c6:ca:92:51:04:98:b5:2c:
11:4d:22:d2:bb:6e:09:8c:9b:f8:72:d8:9f:9a:e5:1d:6c:ad:
fb:b4:01:c1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYjnldW55mkXgoX3nlt3SaBnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMwNjIzMDkyODU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDUwYzkyNzRiY2QwMDExOWE3NThiOWIzYTcwYzcwYjc3NDYwODg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhttqvqcF8Nsb2xvrAOLueg4tXGYh
XOlChSOYS5Mt0MoCLV1KlmPN3yFUkZAMHHVeM5X6igNp87WYWPYcb3ied6hJOV3P
tOZlJWpFPw0MNbFz/9zeVCfJd8tsKXgfWIE6zTACpVNmwvBVyX8FC7hBsGpRPg8Q
uJaQkN3zteCNgZzJWSUhnKeCueFVPMlPHavR3lNwbRYi/+Rpq+ESM4FHC2TxxbLk
id7hpoWYX3Va8cchl4I+qpuK5TV3cIHet7Q0bZLhF8VNZU1cxXG4SoPxwQQBRbO8
T/zHz/8gbm41SK2u5uQrcIiPhLrK8DFfssVZTsBzCNJoaN8PPi0GWbyl4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJBQySdLzQARmnWLmzpwxwt3RgiEMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEva0ZESkowdk5BQkdhZFl1Yk9uREhDM2RHQ0lRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYcmMA0G
CSqGSIb3DQEBCwUAA4IBAQAqi6dnZkkRhpYSa+Q0fyIGtrhm+ca9iKSaiHGQvpv3
WiRdx8WJGvIli9waclolWHa8QzCTFHicuGo+O3Y2PBAZtL/kjVbsdwSv4xoMoopv
R+2DsxG+zv9/6ByZ+1+XDWtUXIhVXvACh6ifK0O7ou/E6xwvBqaMMwV5XNT9yGSh
AhzT9aUdDlOimYoEqjwNAP49zlBXWvqrrwSp5NHBEaEJUDrevaRKYYUCZpQjx7AS
TXevh9KSnMhCGVY/my4RzA8WH7Rfv7RtHu+eMWZdQ9kcDYQQouQ1HFq5W6YU8m07
rOTJxsqSUQSYtSwRTSLSu24JjJv4ctifmuUdbK37tAHB
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:13:26 2025 by rpki-client