Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/0c9b54-130a-499a-bf9f-7610aabaa274/1/w0O7At7B9xDDon87JxgPAAAiGhc.roa
File: w0O7At7B9xDDon87JxgPAAAiGhc.roa (raw, json)
Hash identifier: Zw1t2IwFcQCcXcYo5GdM4mYWVWPwiboui7iLomUtIds=
Subject key identifier: C3:43:BB:02:DE:C1:F7:10:C3:A2:7F:3B:27:18:0F:00:00:22:1A:17
Certificate issuer: /CN=725c0c7111e2f57fcaf8113a42e556e882dd5c4b
Certificate serial: 018570CBD977207B6A1D5AE0F63FAE4BCCE8
Authority key identifier: 72:5C:0C:71:11:E2:F5:7F:CA:F8:11:3A:42:E5:56:E8:82:DD:5C:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/clwMcRHi9X_K-BE6QuVW6ILdXEs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/0c9b54-130a-499a-bf9f-7610aabaa274/1/w0O7At7B9xDDon87JxgPAAAiGhc.roa
Signing time: Mon 02 Jan 2023 04:44:45 +0000
ROA not before: Mon 02 Jan 2023 04:44:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200497
IP address blocks: 151.248.15.0/24 maxlen: 24
151.248.12.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:cb:d9:77:20:7b:6a:1d:5a:e0:f6:3f:ae:4b:cc:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=725c0c7111e2f57fcaf8113a42e556e882dd5c4b
Validity
Not Before: Jan 2 04:44:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c343bb02dec1f710c3a27f3b27180f0000221a17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:f0:11:9f:61:13:88:18:9e:ee:62:c8:92:e4:
5b:a9:b9:e9:4b:fa:f0:5d:27:dc:3e:05:6e:8f:2b:
7e:e4:14:80:67:a9:42:45:65:a2:f3:e9:5b:23:cc:
87:10:b0:44:ba:c9:20:76:8b:0f:36:cc:7d:60:92:
74:6c:ee:39:eb:46:a5:af:59:6d:a8:c0:73:fc:ea:
de:51:3e:00:71:6b:c7:df:ac:cd:c6:db:11:b3:44:
fc:60:dd:97:0b:49:ad:fb:61:04:97:7c:26:88:67:
08:ef:6b:57:dd:10:63:72:ca:8f:03:b6:08:9f:83:
69:1b:4f:fd:b7:f6:fb:10:a1:2b:b9:94:0a:1c:78:
1d:e1:4c:4d:31:f6:e9:01:43:de:55:51:2f:02:4a:
2f:16:2b:f2:58:6a:77:90:de:48:a8:31:3c:ba:44:
13:dc:43:df:af:1d:7c:a4:fe:c7:21:c8:ac:e8:a6:
d4:dd:7e:49:39:5e:6b:f9:21:63:e5:de:61:f7:fe:
fc:0f:8d:ce:4d:ee:81:bd:8e:e4:59:dc:6e:79:c2:
7f:01:34:16:ff:49:f4:d6:de:0d:4e:b3:87:f0:54:
3a:11:fc:fa:af:bf:c2:42:58:0b:f6:d1:81:b9:e5:
bb:40:4d:20:70:e1:3d:85:e8:84:33:03:36:ae:e0:
d1:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:43:BB:02:DE:C1:F7:10:C3:A2:7F:3B:27:18:0F:00:00:22:1A:17
X509v3 Authority Key Identifier:
keyid:72:5C:0C:71:11:E2:F5:7F:CA:F8:11:3A:42:E5:56:E8:82:DD:5C:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/clwMcRHi9X_K-BE6QuVW6ILdXEs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/0c9b54-130a-499a-bf9f-7610aabaa274/1/w0O7At7B9xDDon87JxgPAAAiGhc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/0c9b54-130a-499a-bf9f-7610aabaa274/1/clwMcRHi9X_K-BE6QuVW6ILdXEs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.248.12.0/24
151.248.15.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:7d:4a:fe:3c:da:21:2c:6f:42:1c:10:2a:51:59:da:40:8a:
1d:7f:9e:9b:6f:f2:63:3f:f5:77:23:1d:83:ad:8e:cf:4a:b2:
fe:cf:b6:94:4a:aa:7e:0c:e8:42:f8:7e:a9:55:15:5b:59:89:
d1:b8:06:9e:e4:0d:11:ff:af:fe:d5:ab:48:79:30:33:07:70:
cd:0c:a8:44:91:88:91:50:c0:a6:4f:9f:64:b3:fa:f3:a0:df:
d9:f3:56:f0:18:6b:94:27:04:e7:5b:f3:a4:4d:0b:b9:13:37:
c7:ef:eb:a4:3a:f5:f7:87:0a:f9:64:07:12:aa:9d:00:f0:3b:
b8:e9:45:4a:af:73:1d:c3:d5:fc:11:ca:b2:14:80:de:fe:f5:
f6:78:dd:a9:b0:80:be:d8:45:cd:1f:fe:54:76:d6:a7:fc:cd:
81:9f:14:b1:58:b9:9f:a6:e2:7c:be:95:22:df:3f:f5:e3:1e:
eb:1a:09:32:fb:5b:e6:1a:7f:6f:4b:6a:26:49:b0:81:d7:72:
e6:3c:fc:ca:38:90:95:08:c9:47:8e:f3:c6:9d:d0:fd:b3:73:
05:61:f1:5f:76:8d:7e:dd:e0:23:af:fa:24:1e:94:bb:20:e7:
f6:56:4e:d1:b3:75:48:b7:ef:d0:72:88:ca:f8:03:6d:49:e2:
08:8f:80:e7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVwy9l3IHtqHVrg9j+uS8zoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyNWMwYzcxMTFlMmY1N2ZjYWY4MTEzYTQyZTU1NmU4ODJk
ZDVjNGIwHhcNMjMwMTAyMDQ0NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzQzYmIwMmRlYzFmNzEwYzNhMjdmM2IyNzE4MGYwMDAwMjIxYTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgfARn2ETiBie7mLIkuRbqbnpS/rw
XSfcPgVujyt+5BSAZ6lCRWWi8+lbI8yHELBEuskgdosPNsx9YJJ0bO4560alr1lt
qMBz/OreUT4AcWvH36zNxtsRs0T8YN2XC0mt+2EEl3wmiGcI72tX3RBjcsqPA7YI
n4NpG0/9t/b7EKEruZQKHHgd4UxNMfbpAUPeVVEvAkovFivyWGp3kN5IqDE8ukQT
3EPfrx18pP7HIcis6KbU3X5JOV5r+SFj5d5h9/78D43OTe6BvY7kWdxuecJ/ATQW
/0n01t4NTrOH8FQ6Efz6r7/CQlgL9tGBueW7QE0gcOE9heiEMwM2ruDRbwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMNDuwLewfcQw6J/OycYDwAAIhoXMB8GA1UdIwQY
MBaAFHJcDHER4vV/yvgROkLlVuiC3VxLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2x3TWNSSGk5WF9LLUJFNlF1Vlc2SUxkWEVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS8wYzliNTQtMTMwYS00OTlhLWJmOWYt
NzYxMGFhYmFhMjc0LzEvdzBPN0F0N0I5eEREb244N0p4Z1BBQUFpR2hjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS8wYzliNTQtMTMwYS00OTlhLWJmOWYtNzYxMGFhYmFhMjc0
LzEvY2x3TWNSSGk5WF9LLUJFNlF1Vlc2SUxkWEVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAl/gMAwQA
l/gPMA0GCSqGSIb3DQEBCwUAA4IBAQAefUr+PNohLG9CHBAqUVnaQIodf56bb/Jj
P/V3Ix2DrY7PSrL+z7aUSqp+DOhC+H6pVRVbWYnRuAae5A0R/6/+1atIeTAzB3DN
DKhEkYiRUMCmT59ks/rzoN/Z81bwGGuUJwTnW/OkTQu5EzfH7+ukOvX3hwr5ZAcS
qp0A8Du46UVKr3Mdw9X8EcqyFIDe/vX2eN2psIC+2EXNH/5Udtan/M2BnxSxWLmf
puJ8vpUi3z/14x7rGgky+1vmGn9vS2omSbCB13LmPPzKOJCVCMlHjvPGndD9s3MF
YfFfdo1+3eAjr/okHpS7IOf2Vk7Rs3VIt+/QcojK+ANtSeIIj4Dn
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:36:43 2025 by rpki-client