Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/bf8bca-c4a0-429d-9f4d-0eb6bbf65b1f/1/O9QFAr_WjTs5ZZ3p-EZ3xRS7MBI.roa
File: O9QFAr_WjTs5ZZ3p-EZ3xRS7MBI.roa (raw, json)
Hash identifier: 7HFCsTwpgT44aA44x4icDJL/zmkSDEvTV2kuNQNDna4=
Subject key identifier: 3B:D4:05:02:BF:D6:8D:3B:39:65:9D:E9:F8:46:77:C5:14:BB:30:12
Certificate issuer: /CN=618855635e4794f5878e3b985fed8935ae06c5a1
Certificate serial: 018ABD540EBB20039BC5FC4110085A40DC22
Authority key identifier: 61:88:55:63:5E:47:94:F5:87:8E:3B:98:5F:ED:89:35:AE:06:C5:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YYhVY15HlPWHjjuYX-2JNa4GxaE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/bf8bca-c4a0-429d-9f4d-0eb6bbf65b1f/1/O9QFAr_WjTs5ZZ3p-EZ3xRS7MBI.roa
Signing time: Fri 22 Sep 2023 14:38:37 +0000
ROA not before: Fri 22 Sep 2023 14:38:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15830
IP address blocks: 45.142.128.0/22 maxlen: 24
2a12:21c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:bd:54:0e:bb:20:03:9b:c5:fc:41:10:08:5a:40:dc:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=618855635e4794f5878e3b985fed8935ae06c5a1
Validity
Not Before: Sep 22 14:38:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3bd40502bfd68d3b39659de9f84677c514bb3012
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:da:d4:4a:72:85:74:75:0b:d9:73:47:37:7c:
b4:b3:97:f4:4e:ff:0f:8c:6f:57:3a:1b:9a:a4:71:
22:c5:0a:79:20:0a:54:3b:a5:05:68:d3:0f:47:a9:
73:4e:8a:e9:4e:cc:6a:70:7b:68:ab:49:12:ac:22:
cc:38:21:a7:df:6b:bc:b9:d0:fc:e4:10:8e:0b:83:
48:b3:1d:9d:8b:5d:33:a3:ba:5c:d0:0e:5f:15:15:
7e:0c:ae:88:86:8c:b1:3a:2a:60:17:a0:f0:c3:1a:
c6:19:6e:cd:54:6a:04:0b:d2:39:50:13:31:30:c2:
60:d0:26:ed:d5:03:79:06:16:4c:8d:08:9a:28:31:
f7:90:37:a8:ec:8c:97:77:7a:26:92:81:7a:8e:0d:
f8:69:5c:5a:09:9d:af:d2:ba:6d:4a:2d:41:d2:28:
ae:bf:02:3a:66:0b:85:f9:39:a4:38:8d:81:02:84:
84:17:d5:f8:a7:b5:ed:b9:11:42:f5:53:e6:b6:fc:
44:34:b2:69:74:88:f0:84:74:03:4b:fc:16:aa:9e:
63:c5:2f:0a:a1:55:85:d7:6a:4e:c2:f2:4e:19:f9:
72:fb:69:50:ae:eb:bc:3a:2a:56:94:e3:c3:23:4c:
c7:d7:5a:91:65:f7:80:f8:b6:9e:62:1a:7d:66:ce:
b6:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:D4:05:02:BF:D6:8D:3B:39:65:9D:E9:F8:46:77:C5:14:BB:30:12
X509v3 Authority Key Identifier:
keyid:61:88:55:63:5E:47:94:F5:87:8E:3B:98:5F:ED:89:35:AE:06:C5:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YYhVY15HlPWHjjuYX-2JNa4GxaE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/bf8bca-c4a0-429d-9f4d-0eb6bbf65b1f/1/O9QFAr_WjTs5ZZ3p-EZ3xRS7MBI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/bf8bca-c4a0-429d-9f4d-0eb6bbf65b1f/1/YYhVY15HlPWHjjuYX-2JNa4GxaE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.128.0/22
IPv6:
2a12:21c0::/32
Signature Algorithm: sha256WithRSAEncryption
2d:26:c6:e3:97:6a:52:b1:c9:16:6e:c2:db:f2:0d:7c:13:05:
68:60:c0:b6:1a:a9:e6:6b:81:9d:92:80:1a:2a:b2:ab:45:be:
70:4d:ba:81:46:ab:09:1e:11:57:f3:9c:22:56:68:d2:d8:67:
01:2f:da:99:14:7e:7f:cc:93:db:57:6a:ce:6d:45:bb:b0:a9:
7e:91:22:1a:0e:30:2f:9c:7a:f5:a7:06:d8:af:6e:13:d4:4e:
6b:7b:11:ea:c4:dd:5c:4a:39:40:05:6d:31:9e:b5:d2:06:40:
c3:f3:d7:55:ce:89:57:f8:de:f3:50:1e:e8:b5:da:5f:1b:29:
ad:81:cd:52:16:16:77:25:c3:ed:3e:f1:fa:60:be:b3:e2:f5:
74:7e:44:f1:0a:bf:c5:ce:32:b2:36:c1:75:d8:a7:1d:86:53:
78:e3:1a:92:c4:8b:e0:2f:78:f7:e6:5b:15:f0:be:c1:f2:da:
69:67:64:d2:aa:24:48:1c:ed:f1:29:5f:4c:36:a9:3a:72:34:
65:51:7c:01:c6:47:17:91:23:49:04:ea:04:7f:e8:7b:19:dd:
be:9b:8d:dc:c8:80:c6:6f:06:73:c9:6d:4a:7e:3c:eb:5a:39:
f6:9a:1f:a1:1b:f7:12:c0:7e:06:04:65:44:6d:bd:b0:ae:19:
37:1d:98:c4
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYq9VA67IAObxfxBEAhaQNwiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxODg1NTYzNWU0Nzk0ZjU4NzhlM2I5ODVmZWQ4OTM1YWUw
NmM1YTEwHhcNMjMwOTIyMTQzODM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmQ0MDUwMmJmZDY4ZDNiMzk2NTlkZTlmODQ2NzdjNTE0YmIzMDEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh9rUSnKFdHUL2XNHN3y0s5f0Tv8P
jG9XOhuapHEixQp5IApUO6UFaNMPR6lzTorpTsxqcHtoq0kSrCLMOCGn32u8udD8
5BCOC4NIsx2di10zo7pc0A5fFRV+DK6IhoyxOipgF6DwwxrGGW7NVGoEC9I5UBMx
MMJg0Cbt1QN5BhZMjQiaKDH3kDeo7IyXd3omkoF6jg34aVxaCZ2v0rptSi1B0iiu
vwI6ZguF+TmkOI2BAoSEF9X4p7XtuRFC9VPmtvxENLJpdIjwhHQDS/wWqp5jxS8K
oVWF12pOwvJOGfly+2lQruu8OipWlOPDI0zH11qRZfeA+LaeYhp9Zs62HQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDvUBQK/1o07OWWd6fhGd8UUuzASMB8GA1UdIwQY
MBaAFGGIVWNeR5T1h447mF/tiTWuBsWhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVloVlkxNUhsUFdIamp1WVgtMkpOYTRHeGFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi9iZjhiY2EtYzRhMC00MjlkLTlmNGQt
MGViNmJiZjY1YjFmLzEvTzlRRkFyX1dqVHM1WlozcC1FWjN4UlM3TUJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi9iZjhiY2EtYzRhMC00MjlkLTlmNGQtMGViNmJiZjY1YjFm
LzEvWVloVlkxNUhsUFdIamp1WVgtMkpOYTRHeGFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLY6AMA0E
AgACMAcDBQAqEiHAMA0GCSqGSIb3DQEBCwUAA4IBAQAtJsbjl2pSsckWbsLb8g18
EwVoYMC2Gqnma4GdkoAaKrKrRb5wTbqBRqsJHhFX85wiVmjS2GcBL9qZFH5/zJPb
V2rObUW7sKl+kSIaDjAvnHr1pwbYr24T1E5rexHqxN1cSjlABW0xnrXSBkDD89dV
zolX+N7zUB7otdpfGymtgc1SFhZ3JcPtPvH6YL6z4vV0fkTxCr/FzjKyNsF12Kcd
hlN44xqSxIvgL3j35lsV8L7B8tppZ2TSqiRIHO3xKV9MNqk6cjRlUXwBxkcXkSNJ
BOoEf+h7Gd2+m43cyIDGbwZzyW1KfjzrWjn2mh+hG/cSwH4GBGVEbb2wrhk3HZjE
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:23:49 2025 by rpki-client