Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/PFQHzgdql47KVv9FfcCHRgXcccQ.roa
File: PFQHzgdql47KVv9FfcCHRgXcccQ.roa (raw, json)
Hash identifier: c3IZnrgf2n8a6GNET+sKPVKkJM8x+PKLgdvnOkNNyUY=
Subject key identifier: 3C:54:07:CE:07:6A:97:8E:CA:56:FF:45:7D:C0:87:46:05:DC:71:C4
Certificate issuer: /CN=359f1e3b80551e98a16fc2bbcb7dd87c9a0efe25
Certificate serial: 01856E54155BBA676F08D9BE2635A6A6C23A
Authority key identifier: 35:9F:1E:3B:80:55:1E:98:A1:6F:C2:BB:CB:7D:D8:7C:9A:0E:FE:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NZ8eO4BVHpihb8K7y33YfJoO_iU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/PFQHzgdql47KVv9FfcCHRgXcccQ.roa
Signing time: Sun 01 Jan 2023 17:14:42 +0000
ROA not before: Sun 01 Jan 2023 17:14:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 141384
IP address blocks: 45.129.227.0/24 maxlen: 28
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:54:15:5b:ba:67:6f:08:d9:be:26:35:a6:a6:c2:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=359f1e3b80551e98a16fc2bbcb7dd87c9a0efe25
Validity
Not Before: Jan 1 17:14:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3c5407ce076a978eca56ff457dc0874605dc71c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:02:61:d1:ba:06:7d:35:ae:93:2e:c6:d7:f1:
8c:4b:6a:ca:75:45:a5:bf:3a:52:70:fc:40:cb:43:
89:dd:45:85:2a:39:4e:97:06:20:ff:17:bb:e2:12:
96:48:46:f2:7b:68:dc:1e:22:14:f8:50:62:10:3f:
15:bd:86:68:9f:7d:4c:c8:83:fe:95:e6:72:02:0f:
b0:fa:6b:3b:97:5b:df:08:46:75:e1:ad:52:6d:e3:
b6:f4:1e:09:17:cc:e3:de:54:a8:d8:98:b5:dd:c0:
c7:24:9c:2c:7f:46:05:21:28:45:40:1e:87:33:7c:
b2:c9:b4:3c:0e:9f:40:8f:70:16:b7:30:89:00:65:
34:63:e7:64:b8:91:bd:80:4f:20:ab:94:cb:60:d0:
bd:34:66:3f:52:8c:59:66:34:ce:95:fc:2c:9e:31:
ce:14:81:f9:b3:f7:3e:c4:26:a8:e3:6a:74:dc:a2:
d3:6c:0f:99:08:5b:cf:7f:17:0f:5c:4d:6c:3d:fd:
68:87:7b:6f:6f:b3:ba:5a:f8:af:03:1c:2f:32:b6:
2a:9a:3e:24:e7:26:d5:73:41:1b:8b:ec:4f:8e:c4:
fd:dc:5f:c3:16:4d:43:12:d7:b6:de:5b:a3:e1:ba:
1b:dc:01:84:85:78:e9:ac:65:52:a1:3a:d3:32:7e:
60:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:54:07:CE:07:6A:97:8E:CA:56:FF:45:7D:C0:87:46:05:DC:71:C4
X509v3 Authority Key Identifier:
keyid:35:9F:1E:3B:80:55:1E:98:A1:6F:C2:BB:CB:7D:D8:7C:9A:0E:FE:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZ8eO4BVHpihb8K7y33YfJoO_iU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/PFQHzgdql47KVv9FfcCHRgXcccQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/89fd43-54f0-4a15-b2b1-3f3a02748c2a/1/NZ8eO4BVHpihb8K7y33YfJoO_iU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.227.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:01:ae:2f:d2:3f:b7:fb:da:95:86:4a:e5:03:75:42:04:8e:
d5:ef:34:68:8e:65:80:14:6e:4f:d1:92:8c:1d:25:26:b6:20:
7a:c2:a3:32:94:15:06:45:96:05:89:bc:66:4f:2f:f7:60:a9:
54:63:72:93:8e:82:d8:39:16:8e:0e:83:31:09:10:1d:b3:bd:
2e:5e:04:5e:c6:6b:80:86:74:38:51:e7:c2:31:c6:68:66:5a:
59:4d:67:96:6e:93:53:9c:dd:c9:82:d1:ee:4e:ae:d4:92:01:
f3:77:03:02:bb:29:51:95:9c:d2:d6:66:51:bf:62:88:92:f6:
be:c9:fe:10:c5:5e:5b:f9:81:e4:2c:a2:96:8e:c0:55:f6:c2:
0d:d6:78:89:a7:89:ef:3e:eb:ca:4d:f8:c8:11:01:2f:79:41:
ca:55:41:ca:86:e5:e2:d9:45:7c:ed:4c:04:b2:80:92:3d:05:
70:69:72:e6:3a:a7:55:36:ff:d6:4a:06:0a:7e:ad:7f:4c:2d:
6a:7c:24:d8:17:bf:01:fc:d3:49:18:57:49:06:b1:f0:b7:fe:
74:41:35:61:22:52:5f:4f:bc:3e:cd:c4:80:91:38:23:a7:a9:
a0:19:f1:8a:49:39:6f:36:48:05:95:5f:5c:ad:63:f0:0c:1c:
f5:9d:c4:1b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuVBVbumdvCNm+JjWmpsI6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1OWYxZTNiODA1NTFlOThhMTZmYzJiYmNiN2RkODdjOWEw
ZWZlMjUwHhcNMjMwMTAxMTcxNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzU0MDdjZTA3NmE5NzhlY2E1NmZmNDU3ZGMwODc0NjA1ZGM3MWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxgJh0boGfTWuky7G1/GMS2rKdUWl
vzpScPxAy0OJ3UWFKjlOlwYg/xe74hKWSEbye2jcHiIU+FBiED8VvYZon31MyIP+
leZyAg+w+ms7l1vfCEZ14a1SbeO29B4JF8zj3lSo2Ji13cDHJJwsf0YFIShFQB6H
M3yyybQ8Dp9Aj3AWtzCJAGU0Y+dkuJG9gE8gq5TLYNC9NGY/UoxZZjTOlfwsnjHO
FIH5s/c+xCao42p03KLTbA+ZCFvPfxcPXE1sPf1oh3tvb7O6WvivAxwvMrYqmj4k
5ybVc0Ebi+xPjsT93F/DFk1DEte23luj4bob3AGEhXjprGVSoTrTMn5g7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDxUB84HapeOylb/RX3Ah0YF3HHEMB8GA1UdIwQY
MBaAFDWfHjuAVR6YoW/Cu8t92HyaDv4lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlo4ZU80QlZIcGloYjhLN3kzM1lmSm9PX2lVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS84OWZkNDMtNTRmMC00YTE1LWIyYjEt
M2YzYTAyNzQ4YzJhLzEvUEZRSHpnZHFsNDdLVnY5RmZjQ0hSZ1hjY2NRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS84OWZkNDMtNTRmMC00YTE1LWIyYjEtM2YzYTAyNzQ4YzJh
LzEvTlo4ZU80QlZIcGloYjhLN3kzM1lmSm9PX2lVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYHjMA0G
CSqGSIb3DQEBCwUAA4IBAQCiAa4v0j+3+9qVhkrlA3VCBI7V7zRojmWAFG5P0ZKM
HSUmtiB6wqMylBUGRZYFibxmTy/3YKlUY3KTjoLYORaODoMxCRAds70uXgRexmuA
hnQ4UefCMcZoZlpZTWeWbpNTnN3JgtHuTq7UkgHzdwMCuylRlZzS1mZRv2KIkva+
yf4QxV5b+YHkLKKWjsBV9sIN1niJp4nvPuvKTfjIEQEveUHKVUHKhuXi2UV87UwE
soCSPQVwaXLmOqdVNv/WSgYKfq1/TC1qfCTYF78B/NNJGFdJBrHwt/50QTVhIlJf
T7w+zcSAkTgjp6mgGfGKSTlvNkgFlV9crWPwDBz1ncQb
-----END CERTIFICATE-----
Generated at Fri Apr 18 06:56:53 2025 by rpki-client