Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/973047-8914-41c6-a1e0-0ac7b7ede42b/1/blARtlHPnCVhVzAna6Meuh6B_Xg.roa
File: blARtlHPnCVhVzAna6Meuh6B_Xg.roa (raw, json)
Hash identifier: 2uMvo9C/LkuuEys4aMRSw9V1iFMCVPs9d1K47dfL6f8=
Subject key identifier: 6E:50:11:B6:51:CF:9C:25:61:57:30:27:6B:A3:1E:BA:1E:81:FD:78
Certificate issuer: /CN=a5b9df7e98f6f39fe2ba4022da277d2819828021
Certificate serial: 0186970C37DD49B88BDAF7204DC443381D91
Authority key identifier: A5:B9:DF:7E:98:F6:F3:9F:E2:BA:40:22:DA:27:7D:28:19:82:80:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pbnffpj285_iukAi2id9KBmCgCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/973047-8914-41c6-a1e0-0ac7b7ede42b/1/blARtlHPnCVhVzAna6Meuh6B_Xg.roa
Signing time: Tue 28 Feb 2023 08:03:25 +0000
ROA not before: Tue 28 Feb 2023 08:03:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208414
IP address blocks: 45.138.105.0/24 maxlen: 29
45.138.104.0/24 maxlen: 29
45.138.107.0/24 maxlen: 24
45.138.106.0/24 maxlen: 24
2a0e:acc0::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:97:0c:37:dd:49:b8:8b:da:f7:20:4d:c4:43:38:1d:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5b9df7e98f6f39fe2ba4022da277d2819828021
Validity
Not Before: Feb 28 08:03:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6e5011b651cf9c25615730276ba31eba1e81fd78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:4e:d0:e5:29:15:f5:07:4f:e0:0a:4a:29:20:
2f:98:c4:24:de:a3:10:82:4a:fc:08:f1:d7:b9:09:
cf:01:29:55:53:47:ed:91:35:89:d8:e5:f8:c8:d0:
ef:81:d6:a7:10:f3:8b:da:88:47:db:7e:7a:a3:87:
89:3d:d1:02:1e:6e:b4:9d:b6:4e:a9:eb:14:6c:9e:
6c:79:62:91:b5:6d:54:68:e7:eb:fe:a8:4e:ef:dc:
f6:00:99:92:b3:3e:2d:c3:1e:3a:6d:c2:62:ae:a4:
7c:55:75:a5:29:55:27:96:e3:1c:e4:64:12:f1:d9:
9c:e2:8f:b6:0b:58:e1:8a:b3:d6:d2:ff:23:ed:98:
4e:03:e9:e1:a5:f8:73:a8:27:cd:6d:25:1c:df:62:
76:ca:94:fe:a1:f9:3a:c9:a4:a6:ef:33:61:35:05:
af:58:96:0c:92:56:b1:da:85:5e:13:6c:6e:bc:36:
73:44:c3:16:ed:09:d3:c6:c7:1f:c4:38:b6:54:b9:
85:10:84:55:5f:24:78:5c:b2:32:c8:75:4d:60:fd:
06:f4:e0:b2:01:8d:39:18:9d:26:ff:09:ed:d8:48:
92:e2:34:50:cd:df:02:ee:e8:30:b5:dd:fd:b2:66:
d8:35:01:be:20:cd:06:85:f6:1a:63:38:5c:8e:fd:
5a:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:50:11:B6:51:CF:9C:25:61:57:30:27:6B:A3:1E:BA:1E:81:FD:78
X509v3 Authority Key Identifier:
keyid:A5:B9:DF:7E:98:F6:F3:9F:E2:BA:40:22:DA:27:7D:28:19:82:80:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pbnffpj285_iukAi2id9KBmCgCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/973047-8914-41c6-a1e0-0ac7b7ede42b/1/blARtlHPnCVhVzAna6Meuh6B_Xg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/973047-8914-41c6-a1e0-0ac7b7ede42b/1/pbnffpj285_iukAi2id9KBmCgCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.138.104.0/22
IPv6:
2a0e:acc0::/29
Signature Algorithm: sha256WithRSAEncryption
38:fc:3e:64:1b:77:b7:18:ac:ac:6d:2b:6a:68:f8:7d:18:ed:
0c:76:65:0b:64:af:68:ef:cf:e5:7e:de:f4:31:17:52:19:45:
5f:49:cd:5a:5f:01:71:83:3b:6b:17:79:8f:53:bc:45:55:7a:
84:d1:e2:20:1e:d1:f1:b3:89:33:f4:cc:24:48:02:6b:11:ff:
6f:74:58:2d:8c:12:93:cc:a0:5f:82:53:6f:ee:2d:d1:81:03:
51:0e:92:0f:bd:47:31:b9:f8:b7:ef:f3:e8:b1:11:3b:f0:9d:
b3:98:a3:85:f9:b6:89:10:e3:69:bf:44:3f:87:9d:16:4f:5e:
d2:5e:28:d6:ed:71:fb:9b:ab:c6:55:ea:dc:d0:3a:da:6b:b7:
e9:6c:8c:c1:51:61:d2:3e:4b:28:b3:91:82:de:d5:e4:f1:cf:
64:0f:93:20:39:fa:73:eb:9f:92:bd:13:24:6a:ed:3c:3b:f1:
6d:f9:fb:3a:eb:4b:0a:34:29:3c:d3:3a:09:21:98:c8:aa:ec:
66:2d:3c:2b:39:bb:91:52:2f:f6:53:e7:aa:b6:07:fc:98:3b:
49:46:1c:3e:43:85:f2:d9:75:2b:3a:52:3c:01:db:71:e1:e5:
63:24:05:b1:24:88:25:88:c7:71:0b:9d:60:0d:ee:b5:f9:b1:
6c:8e:09:29
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYaXDDfdSbiL2vcgTcRDOB2RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YjlkZjdlOThmNmYzOWZlMmJhNDAyMmRhMjc3ZDI4MTk4
MjgwMjEwHhcNMjMwMjI4MDgwMzI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTUwMTFiNjUxY2Y5YzI1NjE1NzMwMjc2YmEzMWViYTFlODFmZDc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA407Q5SkV9QdP4ApKKSAvmMQk3qMQ
gkr8CPHXuQnPASlVU0ftkTWJ2OX4yNDvgdanEPOL2ohH2356o4eJPdECHm60nbZO
qesUbJ5seWKRtW1UaOfr/qhO79z2AJmSsz4twx46bcJirqR8VXWlKVUnluMc5GQS
8dmc4o+2C1jhirPW0v8j7ZhOA+nhpfhzqCfNbSUc32J2ypT+ofk6yaSm7zNhNQWv
WJYMklax2oVeE2xuvDZzRMMW7QnTxscfxDi2VLmFEIRVXyR4XLIyyHVNYP0G9OCy
AY05GJ0m/wnt2EiS4jRQzd8C7ugwtd39smbYNQG+IM0GhfYaYzhcjv1a3QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFG5QEbZRz5wlYVcwJ2ujHroegf14MB8GA1UdIwQY
MBaAFKW5336Y9vOf4rpAItonfSgZgoAhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGJuZmZwajI4NV9pdWtBaTJpZDlLQm1DZ0NFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC85NzMwNDctODkxNC00MWM2LWExZTAt
MGFjN2I3ZWRlNDJiLzEvYmxBUnRsSFBuQ1ZoVnpBbmE2TWV1aDZCX1hnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC85NzMwNDctODkxNC00MWM2LWExZTAtMGFjN2I3ZWRlNDJi
LzEvcGJuZmZwajI4NV9pdWtBaTJpZDlLQm1DZ0NFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLYpoMA0E
AgACMAcDBQMqDqzAMA0GCSqGSIb3DQEBCwUAA4IBAQA4/D5kG3e3GKysbStqaPh9
GO0MdmULZK9o78/lft70MRdSGUVfSc1aXwFxgztrF3mPU7xFVXqE0eIgHtHxs4kz
9MwkSAJrEf9vdFgtjBKTzKBfglNv7i3RgQNRDpIPvUcxufi37/PosRE78J2zmKOF
+baJEONpv0Q/h50WT17SXijW7XH7m6vGVerc0Draa7fpbIzBUWHSPksos5GC3tXk
8c9kD5MgOfpz65+SvRMkau08O/Ft+fs660sKNCk80zoJIZjIquxmLTwrObuRUi/2
U+eqtgf8mDtJRhw+Q4Xy2XUrOlI8Adtx4eVjJAWxJIgliMdxC51gDe61+bFsjgkp
-----END CERTIFICATE-----
Generated at Sat Apr 19 08:11:42 2025 by rpki-client