Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/xn7K6-UsIXFubBzuPbYqcz2sRcY.roa
File: xn7K6-UsIXFubBzuPbYqcz2sRcY.roa (raw, json)
Hash identifier: ec5prom0ftObwH21SdmAfdUkvrXGNE8KOWAWmlOU4bU=
Subject key identifier: C6:7E:CA:EB:E5:2C:21:71:6E:6C:1C:EE:3D:B6:2A:73:3D:AC:45:C6
Certificate issuer: /CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Certificate serial: 018BC5DED7AF651E91E26FC711584B3F7718
Authority key identifier: 48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/xn7K6-UsIXFubBzuPbYqcz2sRcY.roa
Signing time: Sun 12 Nov 2023 23:29:57 +0000
ROA not before: Sun 12 Nov 2023 23:29:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47436
IP address blocks: 45.147.45.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:c5:de:d7:af:65:1e:91:e2:6f:c7:11:58:4b:3f:77:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Validity
Not Before: Nov 12 23:29:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c67ecaebe52c21716e6c1cee3db62a733dac45c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:75:d7:1b:4f:98:22:cc:83:9b:dd:6b:d1:c3:
91:8b:7c:21:a6:ff:6a:5b:da:c1:d2:3f:86:cc:db:
af:38:96:c9:da:06:7c:2c:60:ca:79:a9:8d:66:42:
59:09:92:ea:04:b5:0c:0b:ad:b4:ab:ee:59:15:b6:
cc:88:03:51:e6:51:b7:95:a2:14:cf:0f:0f:c9:8d:
70:66:db:0c:db:ee:be:6f:a9:92:ab:53:7a:f7:7e:
f5:75:20:d1:a3:b6:36:ad:7b:72:80:ae:e0:9a:82:
bd:38:31:18:02:7d:74:52:45:66:0c:48:aa:5a:29:
c3:30:e1:b3:44:f4:89:b0:e3:5a:a4:07:77:c0:e0:
11:14:0f:e0:bb:75:d0:d1:89:d3:57:23:21:cd:f9:
9c:7d:2f:96:ae:6d:b7:6b:e4:88:78:1e:c6:3f:28:
91:02:b5:e0:db:5f:89:ff:f6:79:c7:43:9f:53:71:
ae:38:76:4e:3f:e0:d1:b8:60:1b:13:9c:05:a6:b9:
b4:88:04:21:35:9d:d8:ce:3e:43:30:ab:d0:e7:c9:
69:e1:4f:f6:9e:77:ef:99:28:3d:d1:16:6c:b1:0e:
3e:28:d3:49:1c:b4:89:bd:80:d6:60:db:6a:dd:ab:
1e:d4:74:d4:33:91:f6:6d:e8:cc:6c:a5:15:f3:2b:
ce:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:7E:CA:EB:E5:2C:21:71:6E:6C:1C:EE:3D:B6:2A:73:3D:AC:45:C6
X509v3 Authority Key Identifier:
keyid:48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/xn7K6-UsIXFubBzuPbYqcz2sRcY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.147.45.0/24
Signature Algorithm: sha256WithRSAEncryption
48:29:f4:f7:a1:45:ee:05:78:5d:11:62:27:dc:a8:d2:de:22:
87:7f:1d:4c:1b:2f:ce:a3:6d:07:be:72:23:fb:51:98:51:59:
29:33:19:30:a3:0b:9a:e4:cd:d2:97:e4:8d:b4:f7:20:89:f7:
24:0c:56:fe:09:78:a3:da:00:9d:5d:4b:cf:0b:7b:f6:68:26:
49:5a:5c:4c:06:7a:c0:7e:68:d3:bd:cb:05:63:3b:5a:e4:0b:
4d:61:93:ce:3f:3d:a4:04:f0:ec:92:51:08:66:16:de:ce:77:
48:58:9d:0b:60:77:a2:b7:2f:5c:9c:6b:f0:ef:96:eb:ac:2c:
08:82:aa:71:de:80:e8:80:55:60:6c:c6:7f:80:52:4e:e4:d4:
5e:31:0c:fe:f3:53:33:b1:42:05:44:f2:69:47:34:6b:58:a2:
22:53:52:ab:90:19:8c:30:82:7d:c0:7a:cc:56:c3:c2:5d:41:
5c:1d:be:67:13:5c:77:71:e5:9b:af:18:b6:3d:87:87:c5:da:
49:99:83:dd:96:e0:fa:01:ad:08:48:9c:e8:cc:75:5c:50:17:
72:f4:ff:bd:ce:09:ec:a7:1c:d7:3a:3b:84:77:bf:f7:35:38:
75:bf:20:a0:8d:58:02:28:66:65:77:28:16:85:e9:ca:e9:3c:
3a:3f:c1:0d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYvF3tevZR6R4m/HEVhLP3cYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MDVmMTdjMmQ3MTMzZDJkYWQzYThkZjdlMzUzMTVlMzdl
ZjVkYWYwHhcNMjMxMTEyMjMyOTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjdlY2FlYmU1MmMyMTcxNmU2YzFjZWUzZGI2MmE3MzNkYWM0NWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuXXXG0+YIsyDm91r0cORi3whpv9q
W9rB0j+GzNuvOJbJ2gZ8LGDKeamNZkJZCZLqBLUMC620q+5ZFbbMiANR5lG3laIU
zw8PyY1wZtsM2+6+b6mSq1N69371dSDRo7Y2rXtygK7gmoK9ODEYAn10UkVmDEiq
WinDMOGzRPSJsONapAd3wOARFA/gu3XQ0YnTVyMhzfmcfS+Wrm23a+SIeB7GPyiR
ArXg21+J//Z5x0OfU3GuOHZOP+DRuGAbE5wFprm0iAQhNZ3Yzj5DMKvQ58lp4U/2
nnfvmSg90RZssQ4+KNNJHLSJvYDWYNtq3ase1HTUM5H2bejMbKUV8yvO+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMZ+yuvlLCFxbmwc7j22KnM9rEXGMB8GA1UdIwQY
MBaAFEgF8XwtcTPS2tOo3341MV43712vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUt
NWRkNmUyMmViYWIwLzEveG43SzYtVXNJWEZ1YkJ6dVBiWXFjejJzUmNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUtNWRkNmUyMmViYWIw
LzEvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZMtMA0G
CSqGSIb3DQEBCwUAA4IBAQBIKfT3oUXuBXhdEWIn3KjS3iKHfx1MGy/Oo20HvnIj
+1GYUVkpMxkwowua5M3Sl+SNtPcgifckDFb+CXij2gCdXUvPC3v2aCZJWlxMBnrA
fmjTvcsFYzta5AtNYZPOPz2kBPDsklEIZhbezndIWJ0LYHeity9cnGvw75brrCwI
gqpx3oDogFVgbMZ/gFJO5NReMQz+81MzsUIFRPJpRzRrWKIiU1KrkBmMMIJ9wHrM
VsPCXUFcHb5nE1x3ceWbrxi2PYeHxdpJmYPdluD6Aa0ISJzozHVcUBdy9P+9zgns
pxzXOjuEd7/3NTh1vyCgjVgCKGZldygWhenK6Tw6P8EN
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:45:21 2025 by rpki-client