Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/ofq2qh8h-lBg4QGsVldOts5uXfI.roa
File: ofq2qh8h-lBg4QGsVldOts5uXfI.roa (raw, json)
Hash identifier: VNs7EzoxgTIjGSK7Ak4k/AEMi5hNjTsE69uMxJ4qg9g=
Subject key identifier: A1:FA:B6:AA:1F:21:FA:50:60:E1:01:AC:56:57:4E:B6:CE:6E:5D:F2
Certificate issuer: /CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Certificate serial: 018433FC8839971AE24C8E6F9A539FAAF479
Authority key identifier: 49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/ofq2qh8h-lBg4QGsVldOts5uXfI.roa
Signing time: Tue 01 Nov 2022 16:18:18 +0000
ROA not before: Tue 01 Nov 2022 16:18:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 32097
IP address blocks: 45.138.14.0/24 maxlen: 24
45.138.15.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:33:fc:88:39:97:1a:e2:4c:8e:6f:9a:53:9f:aa:f4:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Validity
Not Before: Nov 1 16:18:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a1fab6aa1f21fa5060e101ac56574eb6ce6e5df2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:88:00:9f:7f:be:14:43:b9:d7:dc:d4:42:47:
c9:b9:b3:07:77:45:c0:88:4c:e2:da:93:a1:b3:8b:
c8:ef:67:c2:00:3e:a9:76:1d:a1:95:42:4c:af:83:
64:d9:5b:0d:db:54:df:7c:8b:33:a3:e8:0c:4f:db:
63:f8:7e:80:ed:cc:c2:54:89:d0:30:b1:fa:bf:b2:
72:07:2c:4e:9d:de:f0:f4:c8:e6:da:c0:51:8b:e4:
53:f6:ec:47:32:cb:ba:70:0b:0a:de:d0:b6:d8:df:
b5:f9:93:fd:2d:da:16:38:c4:f5:62:d5:14:a7:31:
84:91:c8:c8:a7:66:2a:56:f2:2e:bf:7c:5f:80:07:
10:d6:ef:f9:19:ca:e3:9f:d4:32:e6:58:b1:31:da:
ce:08:96:21:c4:c8:0f:96:63:6b:a8:a3:ff:33:42:
fa:ea:c5:7d:54:89:e0:d2:5f:6b:99:36:f7:81:12:
11:27:b1:8e:6a:dd:87:69:97:6c:83:b3:e5:59:a0:
bf:81:b2:8b:fa:1d:cd:c6:4c:36:8e:62:ec:f2:7d:
b4:a0:3e:d6:b5:93:39:e8:7a:60:c1:a0:48:e3:02:
2a:35:b1:62:2c:85:94:b6:58:bd:11:85:84:09:04:
14:d9:25:c4:e4:28:9c:51:de:19:c4:f3:db:72:f3:
de:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:FA:B6:AA:1F:21:FA:50:60:E1:01:AC:56:57:4E:B6:CE:6E:5D:F2
X509v3 Authority Key Identifier:
keyid:49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/ofq2qh8h-lBg4QGsVldOts5uXfI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/SYbHOZTQLZH8l9kW6YCabZgeaxc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.138.14.0/23
Signature Algorithm: sha256WithRSAEncryption
6a:42:9c:87:5e:4a:82:13:ed:a1:3b:83:c0:56:06:26:b9:f9:
b9:80:63:82:70:33:63:64:ca:ab:ab:d7:46:4a:1a:1d:ec:89:
20:04:61:49:bf:cc:6c:6c:4b:30:72:8e:b6:ff:b9:69:3d:d9:
81:9f:b6:a0:62:72:f2:60:9d:b7:3a:e3:f1:f3:68:6e:ae:9c:
25:81:8a:fc:f6:13:96:d3:bc:98:60:83:8b:52:bc:3a:3a:d0:
2f:15:90:a1:06:de:22:94:72:05:a4:b0:8f:48:e9:f4:53:3f:
23:15:70:84:be:9c:32:0b:9d:89:f3:12:8f:f8:11:9f:fc:82:
91:28:00:c2:2c:f2:88:36:01:bb:20:e5:85:6f:ec:3b:3f:e0:
15:d7:79:d8:e9:35:76:63:88:44:eb:d2:9c:23:4a:e1:5c:21:
99:c6:3a:75:89:d5:e3:5a:f4:bc:85:fb:93:a4:99:ad:7d:7e:
51:ee:bc:2b:19:25:8d:8b:31:b6:98:35:9c:55:ec:24:51:f7:
cd:9c:ce:6c:7b:ba:ab:8a:3b:3d:c8:63:39:a9:9c:04:33:5f:
4f:2a:8a:6b:b1:46:87:eb:88:f8:2a:37:5c:ce:d1:e4:85:41:
1d:bf:33:bc:e9:47:fe:7e:c4:78:f6:47:eb:90:6d:4c:50:c7:
05:c3:ac:98
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQz/Ig5lxriTI5vmlOfqvR5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ODZjNzM5OTRkMDJkOTFmYzk3ZDkxNmU5ODA5YTZkOTgx
ZTZiMTcwHhcNMjIxMTAxMTYxODE4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWZhYjZhYTFmMjFmYTUwNjBlMTAxYWM1NjU3NGViNmNlNmU1ZGYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnIgAn3++FEO519zUQkfJubMHd0XA
iEzi2pOhs4vI72fCAD6pdh2hlUJMr4Nk2VsN21TffIszo+gMT9tj+H6A7czCVInQ
MLH6v7JyByxOnd7w9Mjm2sBRi+RT9uxHMsu6cAsK3tC22N+1+ZP9LdoWOMT1YtUU
pzGEkcjIp2YqVvIuv3xfgAcQ1u/5Gcrjn9Qy5lixMdrOCJYhxMgPlmNrqKP/M0L6
6sV9VIng0l9rmTb3gRIRJ7GOat2HaZdsg7PlWaC/gbKL+h3Nxkw2jmLs8n20oD7W
tZM56HpgwaBI4wIqNbFiLIWUtli9EYWECQQU2SXE5CicUd4ZxPPbcvPeLwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKH6tqofIfpQYOEBrFZXTrbObl3yMB8GA1UdIwQY
MBaAFEmGxzmU0C2R/JfZFumAmm2YHmsXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzIt
OWU4OTVkMGVmOGQyLzEvb2ZxMnFoOGgtbEJnNFFHc1ZsZE90czV1WGZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzItOWU4OTVkMGVmOGQy
LzEvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLYoOMA0G
CSqGSIb3DQEBCwUAA4IBAQBqQpyHXkqCE+2hO4PAVgYmufm5gGOCcDNjZMqrq9dG
Shod7IkgBGFJv8xsbEswco62/7lpPdmBn7agYnLyYJ23OuPx82hurpwlgYr89hOW
07yYYIOLUrw6OtAvFZChBt4ilHIFpLCPSOn0Uz8jFXCEvpwyC52J8xKP+BGf/IKR
KADCLPKINgG7IOWFb+w7P+AV13nY6TV2Y4hE69KcI0rhXCGZxjp1idXjWvS8hfuT
pJmtfX5R7rwrGSWNizG2mDWcVewkUffNnM5se7qrijs9yGM5qZwEM19PKoprsUaH
64j4KjdcztHkhUEdvzO86Uf+fsR49kfrkG1MUMcFw6yY
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:03:14 2025 by rpki-client