Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/5cfc47-2210-4739-a964-cef01362c4a8/1/45WOUnQSZLi_sFG1sxTzo7BDxoE.roa
File: 45WOUnQSZLi_sFG1sxTzo7BDxoE.roa (raw, json)
Hash identifier: JdtQKi6TzAaVtpxv8x0Plr4D+Nr8CHIct0U7gH9aMTQ=
Subject key identifier: E3:95:8E:52:74:12:64:B8:BF:B0:51:B5:B3:14:F3:A3:B0:43:C6:81
Certificate issuer: /CN=87ae0af282dd4e9bc1b82194aed3b19693d87298
Certificate serial: 01856FC254B98D6FE37D757B986B853A91DA
Authority key identifier: 87:AE:0A:F2:82:DD:4E:9B:C1:B8:21:94:AE:D3:B1:96:93:D8:72:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h64K8oLdTpvBuCGUrtOxlpPYcpg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/5cfc47-2210-4739-a964-cef01362c4a8/1/45WOUnQSZLi_sFG1sxTzo7BDxoE.roa
Signing time: Sun 01 Jan 2023 23:54:44 +0000
ROA not before: Sun 01 Jan 2023 23:54:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 78.108.124.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:c2:54:b9:8d:6f:e3:7d:75:7b:98:6b:85:3a:91:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87ae0af282dd4e9bc1b82194aed3b19693d87298
Validity
Not Before: Jan 1 23:54:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e3958e52741264b8bfb051b5b314f3a3b043c681
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:12:d7:f6:5c:10:6b:c1:25:01:c8:dd:e7:7e:
04:1e:41:3b:85:44:a3:eb:8e:e1:87:78:d9:3b:04:
a3:fd:5e:12:6f:95:e2:9c:af:6e:28:db:af:f5:2d:
f9:6a:d6:3f:c8:b6:05:7b:5f:2a:a0:50:88:2a:74:
47:9c:27:9e:ee:83:19:d4:e5:d2:5a:ae:0c:e6:2f:
7d:cf:6c:2e:c0:9a:cf:47:3c:ef:78:be:b8:81:eb:
8c:05:62:98:43:09:c9:99:86:8f:ed:34:0f:44:99:
50:0d:01:a1:f1:9d:02:41:39:64:56:cb:6a:11:05:
c6:28:44:31:f3:41:70:db:8e:42:5b:41:16:8d:73:
6d:e4:d1:98:e4:3c:34:67:33:39:19:c6:07:06:de:
b5:d4:6f:ca:1e:4f:4c:56:fc:8f:59:11:f5:d8:dd:
9e:4e:30:e4:9b:f6:e4:b0:8e:2e:0b:f6:40:f7:66:
2b:f9:bd:ee:2d:2a:be:c1:26:96:37:5c:f5:5f:c1:
25:22:33:e5:da:ec:26:d8:f7:bd:f2:81:66:f7:8a:
26:57:27:fe:9e:81:19:71:62:be:23:ca:f5:71:2c:
66:f8:36:7c:8e:99:80:2a:a9:c9:56:66:45:05:c9:
1c:14:bd:ad:9a:b5:2d:a0:b0:4d:8c:f4:2e:08:e6:
c3:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:95:8E:52:74:12:64:B8:BF:B0:51:B5:B3:14:F3:A3:B0:43:C6:81
X509v3 Authority Key Identifier:
keyid:87:AE:0A:F2:82:DD:4E:9B:C1:B8:21:94:AE:D3:B1:96:93:D8:72:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h64K8oLdTpvBuCGUrtOxlpPYcpg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/5cfc47-2210-4739-a964-cef01362c4a8/1/45WOUnQSZLi_sFG1sxTzo7BDxoE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/5cfc47-2210-4739-a964-cef01362c4a8/1/h64K8oLdTpvBuCGUrtOxlpPYcpg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.108.124.0/23
Signature Algorithm: sha256WithRSAEncryption
38:ea:53:94:0a:28:ba:62:2b:1a:6e:13:02:c1:86:84:3b:e4:
5c:fb:8a:fd:8c:b0:a6:e9:9e:d5:88:00:af:30:d1:09:c3:b4:
79:b8:a4:85:bb:f7:97:04:b8:8e:b8:7c:8b:2e:34:82:05:34:
dc:35:14:6b:a5:8e:a7:79:91:06:39:78:e0:ee:d4:f6:b9:22:
62:38:52:21:a9:bc:b8:e0:71:94:4a:e0:0a:d4:ef:ef:04:c2:
66:75:2c:55:43:98:20:0d:be:3a:2f:2c:cb:ef:96:8d:ca:42:
b7:22:a1:83:50:41:70:87:e7:3e:21:e4:e7:fa:c8:89:c5:8f:
b8:d5:13:2b:68:4f:7e:8c:59:2e:7b:13:bf:fc:7d:23:89:a6:
24:bd:c9:4d:af:37:2a:e7:c6:0c:ba:d3:9d:b7:07:0d:07:62:
92:bb:e1:80:e1:3e:24:8a:81:f0:6a:af:d0:88:1d:cf:60:78:
ef:a8:9e:52:97:44:82:f6:1f:ac:03:e0:f7:91:a9:42:b9:23:
b1:9f:da:fe:f6:97:13:9e:c2:98:da:b7:cc:ef:65:a6:fc:25:
2f:67:90:95:84:83:bc:9e:82:42:d8:80:1c:6b:9b:a8:af:f0:
ef:cd:77:85:d9:a4:13:c6:74:e2:75:f4:2e:62:81:42:93:c5:
e5:bc:59:14
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvwlS5jW/jfXV7mGuFOpHaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3YWUwYWYyODJkZDRlOWJjMWI4MjE5NGFlZDNiMTk2OTNk
ODcyOTgwHhcNMjMwMTAxMjM1NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzk1OGU1Mjc0MTI2NGI4YmZiMDUxYjViMzE0ZjNhM2IwNDNjNjgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqBLX9lwQa8ElAcjd534EHkE7hUSj
647hh3jZOwSj/V4Sb5XinK9uKNuv9S35atY/yLYFe18qoFCIKnRHnCee7oMZ1OXS
Wq4M5i99z2wuwJrPRzzveL64geuMBWKYQwnJmYaP7TQPRJlQDQGh8Z0CQTlkVstq
EQXGKEQx80Fw245CW0EWjXNt5NGY5Dw0ZzM5GcYHBt611G/KHk9MVvyPWRH12N2e
TjDkm/bksI4uC/ZA92Yr+b3uLSq+wSaWN1z1X8ElIjPl2uwm2Pe98oFm94omVyf+
noEZcWK+I8r1cSxm+DZ8jpmAKqnJVmZFBckcFL2tmrUtoLBNjPQuCObDqwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOOVjlJ0EmS4v7BRtbMU86OwQ8aBMB8GA1UdIwQY
MBaAFIeuCvKC3U6bwbghlK7TsZaT2HKYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDY0SzhvTGRUcHZCdUNHVXJ0T3hscFBZY3BnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS81Y2ZjNDctMjIxMC00NzM5LWE5NjQt
Y2VmMDEzNjJjNGE4LzEvNDVXT1VuUVNaTGlfc0ZHMXN4VHpvN0JEeG9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS81Y2ZjNDctMjIxMC00NzM5LWE5NjQtY2VmMDEzNjJjNGE4
LzEvaDY0SzhvTGRUcHZCdUNHVXJ0T3hscFBZY3BnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBTmx8MA0G
CSqGSIb3DQEBCwUAA4IBAQA46lOUCii6YisabhMCwYaEO+Rc+4r9jLCm6Z7ViACv
MNEJw7R5uKSFu/eXBLiOuHyLLjSCBTTcNRRrpY6neZEGOXjg7tT2uSJiOFIhqby4
4HGUSuAK1O/vBMJmdSxVQ5ggDb46LyzL75aNykK3IqGDUEFwh+c+IeTn+siJxY+4
1RMraE9+jFkuexO//H0jiaYkvclNrzcq58YMutOdtwcNB2KSu+GA4T4kioHwaq/Q
iB3PYHjvqJ5Sl0SC9h+sA+D3kalCuSOxn9r+9pcTnsKY2rfM72Wm/CUvZ5CVhIO8
noJC2IAca5uor/DvzXeF2aQTxnTidfQuYoFCk8XlvFkU
-----END CERTIFICATE-----
Generated at Mon Apr 7 19:17:14 2025 by rpki-client