Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/6c953b-0763-4b6d-bf1a-6ce444ebeaf0/1/ow5mxhitZOQKEm-eY5uVnxqEB4g.roa
File: ow5mxhitZOQKEm-eY5uVnxqEB4g.roa (raw, json)
Hash identifier: 5+gWm6xAPOKCjJDp/0pQsondAs2Vjj71GFTsNdoSZYM=
Subject key identifier: A3:0E:66:C6:18:AD:64:E4:0A:12:6F:9E:63:9B:95:9F:1A:84:07:88
Certificate issuer: /CN=05a97ff404808ad34f9aa8251767d1aec890601f
Certificate serial: 0185737195F0135562C2ECE281855EC50BFE
Authority key identifier: 05:A9:7F:F4:04:80:8A:D3:4F:9A:A8:25:17:67:D1:AE:C8:90:60:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Bal_9ASAitNPmqglF2fRrsiQYB8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/6c953b-0763-4b6d-bf1a-6ce444ebeaf0/1/ow5mxhitZOQKEm-eY5uVnxqEB4g.roa
Signing time: Mon 02 Jan 2023 17:05:01 +0000
ROA not before: Mon 02 Jan 2023 17:05:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208416
IP address blocks: 45.138.121.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:71:95:f0:13:55:62:c2:ec:e2:81:85:5e:c5:0b:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05a97ff404808ad34f9aa8251767d1aec890601f
Validity
Not Before: Jan 2 17:05:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a30e66c618ad64e40a126f9e639b959f1a840788
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:0b:29:3c:d8:e3:3b:95:cd:c1:c6:59:2c:16:
5d:bd:b6:e2:dd:b7:c0:0f:e1:d9:49:5b:65:89:2e:
88:10:fb:4d:19:42:02:11:d7:81:40:47:f9:ba:f0:
94:c1:3c:27:41:f3:5d:3a:17:57:de:33:70:5d:79:
a9:b7:9d:a3:80:05:2d:f9:17:20:5f:e3:0e:e5:69:
31:43:5d:7a:19:d2:d1:ab:13:44:eb:cc:b9:bc:db:
ab:a4:7c:36:93:63:d7:4a:f7:cf:f9:6b:6a:11:20:
71:45:4b:92:22:9a:b8:75:99:00:f5:3e:4f:8b:65:
ae:bc:b0:53:c6:34:3e:c0:d2:ea:60:2f:6b:3c:2d:
01:61:8d:ea:ba:d1:6c:a3:7d:0e:fe:c0:55:0d:b0:
ac:b2:34:88:84:ed:28:90:31:c6:1e:b6:df:28:4b:
1e:a6:55:e8:03:13:40:6e:7d:45:59:8f:3d:3b:cf:
1c:15:c1:61:21:2b:47:bf:4f:a1:1d:b1:7d:41:49:
eb:24:c2:96:19:6b:0c:76:da:02:7d:76:77:13:cb:
e1:59:9c:a9:4b:80:c5:29:ca:4d:49:80:18:b8:f8:
ef:31:16:da:7f:64:80:b7:ff:61:44:30:2a:7f:fe:
7e:79:46:df:8b:be:40:3b:8b:ab:6a:7a:1c:2f:35:
34:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:0E:66:C6:18:AD:64:E4:0A:12:6F:9E:63:9B:95:9F:1A:84:07:88
X509v3 Authority Key Identifier:
keyid:05:A9:7F:F4:04:80:8A:D3:4F:9A:A8:25:17:67:D1:AE:C8:90:60:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Bal_9ASAitNPmqglF2fRrsiQYB8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/6c953b-0763-4b6d-bf1a-6ce444ebeaf0/1/ow5mxhitZOQKEm-eY5uVnxqEB4g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/6c953b-0763-4b6d-bf1a-6ce444ebeaf0/1/Bal_9ASAitNPmqglF2fRrsiQYB8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.138.121.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:bc:b3:88:77:bc:46:26:65:87:e4:6a:33:90:4f:fd:c9:a4:
0b:9a:b2:c7:18:1e:99:44:fc:bf:d1:49:71:d3:94:8a:42:3b:
b6:c4:07:3a:62:d7:5a:c2:7a:3a:c3:b0:4f:20:0b:f3:db:91:
f6:44:c8:55:66:1f:c4:97:c4:e1:cc:12:57:97:a0:e3:32:f3:
41:4f:7e:be:9c:c0:90:20:2e:e8:d7:12:90:db:2c:b3:15:bb:
93:a0:c9:97:ea:25:7c:a3:36:2b:a5:d5:e0:e6:8f:f7:b5:a0:
33:85:f2:63:2a:88:5e:66:28:7c:fd:eb:52:54:98:23:23:1d:
6f:2c:38:ff:4b:cb:a2:2f:77:3f:8d:be:26:24:e0:e4:6a:21:
f3:e8:46:5e:8a:7e:48:34:df:f0:5b:65:58:ac:64:0b:cf:54:
67:6d:5a:4f:6c:c5:51:17:8f:09:fb:b6:68:f6:02:cd:bd:9a:
30:f4:a2:9b:3b:a9:7e:2b:fb:fe:d7:30:58:4e:ec:53:67:00:
68:39:c7:b7:72:51:d3:cc:57:d3:98:7e:36:84:68:d3:74:ae:
29:fd:bf:07:17:33:b3:08:35:04:8b:c2:cb:45:4a:af:cd:2b:
9b:af:84:79:15:1a:57:eb:27:da:1b:48:68:fa:8d:4c:2b:c7:
4e:25:e1:c2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzcZXwE1ViwuzigYVexQv+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YTk3ZmY0MDQ4MDhhZDM0ZjlhYTgyNTE3NjdkMWFlYzg5
MDYwMWYwHhcNMjMwMTAyMTcwNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzBlNjZjNjE4YWQ2NGU0MGExMjZmOWU2MzliOTU5ZjFhODQwNzg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxQspPNjjO5XNwcZZLBZdvbbi3bfA
D+HZSVtliS6IEPtNGUICEdeBQEf5uvCUwTwnQfNdOhdX3jNwXXmpt52jgAUt+Rcg
X+MO5WkxQ116GdLRqxNE68y5vNurpHw2k2PXSvfP+WtqESBxRUuSIpq4dZkA9T5P
i2WuvLBTxjQ+wNLqYC9rPC0BYY3qutFso30O/sBVDbCssjSIhO0okDHGHrbfKEse
plXoAxNAbn1FWY89O88cFcFhIStHv0+hHbF9QUnrJMKWGWsMdtoCfXZ3E8vhWZyp
S4DFKcpNSYAYuPjvMRbaf2SAt/9hRDAqf/5+eUbfi75AO4uranocLzU0oQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKMOZsYYrWTkChJvnmOblZ8ahAeIMB8GA1UdIwQY
MBaAFAWpf/QEgIrTT5qoJRdn0a7IkGAfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmFsXzlBU0FpdE5QbXFnbEYyZlJyc2lRWUI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy82Yzk1M2ItMDc2My00YjZkLWJmMWEt
NmNlNDQ0ZWJlYWYwLzEvb3c1bXhoaXRaT1FLRW0tZVk1dVZueHFFQjRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy82Yzk1M2ItMDc2My00YjZkLWJmMWEtNmNlNDQ0ZWJlYWYw
LzEvQmFsXzlBU0FpdE5QbXFnbEYyZlJyc2lRWUI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYp5MA0G
CSqGSIb3DQEBCwUAA4IBAQAKvLOId7xGJmWH5GozkE/9yaQLmrLHGB6ZRPy/0Ulx
05SKQju2xAc6Ytdawno6w7BPIAvz25H2RMhVZh/El8ThzBJXl6DjMvNBT36+nMCQ
IC7o1xKQ2yyzFbuToMmX6iV8ozYrpdXg5o/3taAzhfJjKoheZih8/etSVJgjIx1v
LDj/S8uiL3c/jb4mJODkaiHz6EZein5INN/wW2VYrGQLz1RnbVpPbMVRF48J+7Zo
9gLNvZow9KKbO6l+K/v+1zBYTuxTZwBoOce3clHTzFfTmH42hGjTdK4p/b8HFzOz
CDUEi8LLRUqvzSubr4R5FRpX6yfaG0ho+o1MK8dOJeHC
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:17:47 2025 by rpki-client