Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/3hjK25kB54HWeMjDeKjlKFt7WMg.roa
File: 3hjK25kB54HWeMjDeKjlKFt7WMg.roa (raw, json)
Hash identifier: g6SyseNEdT1egYQy5ZTsCKJAiRZL6Bk8SMwzXZq7NQI=
Subject key identifier: DE:18:CA:DB:99:01:E7:81:D6:78:C8:C3:78:A8:E5:28:5B:7B:58:C8
Certificate issuer: /CN=1a7f036e2592391fb45a3dd33caf0b07956973cf
Certificate serial: 018A1D54A0C698421838F89563D6542A8E3A
Authority key identifier: 1A:7F:03:6E:25:92:39:1F:B4:5A:3D:D3:3C:AF:0B:07:95:69:73:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/3hjK25kB54HWeMjDeKjlKFt7WMg.roa
Signing time: Tue 22 Aug 2023 12:59:59 +0000
ROA not before: Tue 22 Aug 2023 12:59:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212027
IP address blocks: 45.156.145.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:1d:54:a0:c6:98:42:18:38:f8:95:63:d6:54:2a:8e:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a7f036e2592391fb45a3dd33caf0b07956973cf
Validity
Not Before: Aug 22 12:59:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=de18cadb9901e781d678c8c378a8e5285b7b58c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:b0:5b:ad:40:8d:3e:ac:3c:32:a1:e8:15:e5:
08:38:a0:7d:d9:01:04:ae:be:d7:17:16:69:d7:3e:
6d:42:ac:a3:90:ad:f9:39:c6:c6:f3:7e:b7:ce:ad:
34:27:8e:ea:62:be:af:11:31:16:09:48:45:ce:0a:
bb:ac:0c:2e:0b:fa:cb:ce:05:d3:93:6d:94:25:ee:
f4:14:a4:5c:89:53:6a:7b:e1:01:fb:b8:07:47:8e:
0c:63:d5:c6:22:74:9d:bd:d9:8b:c7:52:b3:53:b5:
81:77:35:b6:24:e6:9a:59:24:70:86:99:e2:d9:6a:
b1:7b:a5:97:88:7a:5f:54:77:8b:7e:b9:7d:c6:3b:
2f:34:44:63:7d:e3:0d:8e:cc:17:d2:5d:7f:48:9e:
e3:84:f3:2f:d9:4c:83:62:29:07:81:d5:24:69:0e:
fa:3d:fc:ef:7e:ea:f2:1c:c7:76:42:d4:11:23:1c:
f3:2d:15:ac:97:9b:32:c7:b9:22:94:b6:82:a8:24:
9b:58:f4:11:5f:b3:f8:2a:56:cb:35:5a:84:7f:65:
06:79:52:7d:ab:d2:8b:6f:d7:d5:93:8e:10:72:21:
de:fe:d8:f4:7b:4a:a1:60:87:a1:2d:96:f2:1e:37:
0f:22:c0:08:c9:36:b1:0f:07:18:60:14:8a:f5:90:
74:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:18:CA:DB:99:01:E7:81:D6:78:C8:C3:78:A8:E5:28:5B:7B:58:C8
X509v3 Authority Key Identifier:
keyid:1A:7F:03:6E:25:92:39:1F:B4:5A:3D:D3:3C:AF:0B:07:95:69:73:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/3hjK25kB54HWeMjDeKjlKFt7WMg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.145.0/24
Signature Algorithm: sha256WithRSAEncryption
69:16:0f:34:e4:99:4b:cd:d5:41:8c:22:ad:90:ba:c1:46:f3:
5a:a8:92:f3:56:9a:bb:61:3a:5f:13:7e:26:26:bf:47:2e:a5:
59:e6:54:9c:e5:33:26:d7:1f:bc:ab:f2:20:94:f0:72:90:c3:
85:bb:a9:6e:ae:ae:09:f6:a1:ce:af:32:e8:a0:70:de:69:9d:
25:2c:66:05:61:50:2b:03:e0:e1:c1:d0:91:1b:84:93:f3:1a:
1a:c5:43:f1:57:ba:5e:1e:95:a0:70:5a:b2:0d:41:a8:de:70:
cd:6a:7f:25:5e:32:2a:b3:21:d9:1e:97:ac:b6:9e:41:85:08:
19:43:ad:8b:c4:7e:a4:4d:1a:c5:b7:82:44:32:68:4e:e3:38:
62:e0:66:2d:87:0d:a0:60:eb:70:c7:69:34:26:84:5a:c2:4b:
91:6a:e7:99:20:e6:5a:01:2f:30:f4:07:af:aa:ff:1e:55:bb:
89:9b:5e:42:50:40:da:79:d3:97:46:64:d4:d7:b4:31:b1:03:
16:f4:c1:3b:e7:c4:68:b9:75:b6:b5:2f:d1:13:c3:42:e2:2d:
40:ac:49:75:a6:ab:48:e9:02:80:77:56:72:fc:75:bb:1a:46:
29:71:b8:69:b5:9a:df:03:d6:95:8c:e1:56:fe:5c:1d:fb:2e:
60:7a:fb:19
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYodVKDGmEIYOPiVY9ZUKo46MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhN2YwMzZlMjU5MjM5MWZiNDVhM2RkMzNjYWYwYjA3OTU2
OTczY2YwHhcNMjMwODIyMTI1OTU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTE4Y2FkYjk5MDFlNzgxZDY3OGM4YzM3OGE4ZTUyODViN2I1OGM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxrBbrUCNPqw8MqHoFeUIOKB92QEE
rr7XFxZp1z5tQqyjkK35OcbG8363zq00J47qYr6vETEWCUhFzgq7rAwuC/rLzgXT
k22UJe70FKRciVNqe+EB+7gHR44MY9XGInSdvdmLx1KzU7WBdzW2JOaaWSRwhpni
2Wqxe6WXiHpfVHeLfrl9xjsvNERjfeMNjswX0l1/SJ7jhPMv2UyDYikHgdUkaQ76
PfzvfuryHMd2QtQRIxzzLRWsl5syx7kilLaCqCSbWPQRX7P4KlbLNVqEf2UGeVJ9
q9KLb9fVk44QciHe/tj0e0qhYIehLZbyHjcPIsAIyTaxDwcYYBSK9ZB0EwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN4YytuZAeeB1njIw3io5Shbe1jIMB8GA1UdIwQY
MBaAFBp/A24lkjkftFo90zyvCweVaXPPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR244RGJpV1NPUi0wV2ozVFBLOExCNVZwYzg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC8yNGJlMWEtMTZkYS00ODFjLThiY2It
MzQwZDYyNWM2ZGJhLzEvM2hqSzI1a0I1NEhXZU1qRGVLamxLRnQ3V01nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC8yNGJlMWEtMTZkYS00ODFjLThiY2ItMzQwZDYyNWM2ZGJh
LzEvR244RGJpV1NPUi0wV2ozVFBLOExCNVZwYzg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZyRMA0G
CSqGSIb3DQEBCwUAA4IBAQBpFg805JlLzdVBjCKtkLrBRvNaqJLzVpq7YTpfE34m
Jr9HLqVZ5lSc5TMm1x+8q/IglPBykMOFu6lurq4J9qHOrzLooHDeaZ0lLGYFYVAr
A+DhwdCRG4ST8xoaxUPxV7peHpWgcFqyDUGo3nDNan8lXjIqsyHZHpestp5BhQgZ
Q62LxH6kTRrFt4JEMmhO4zhi4GYthw2gYOtwx2k0JoRawkuRaueZIOZaAS8w9Aev
qv8eVbuJm15CUEDaedOXRmTU17QxsQMW9ME758RouXW2tS/RE8NC4i1ArEl1pqtI
6QKAd1Zy/HW7GkYpcbhptZrfA9aVjOFW/lwd+y5gevsZ
-----END CERTIFICATE-----
Generated at Sat Apr 5 13:22:24 2025 by rpki-client