Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/fa3544-1025-4e8f-a8fe-7a28af29cdc2/1/XgfeRRNy12V1B9Pl6i3RH-Cgv8g.roa
File: XgfeRRNy12V1B9Pl6i3RH-Cgv8g.roa (raw, json)
Hash identifier: A3vDLJSeuzulhsfmX/rT8RkWCNOQtAo1/4rIIC7F5l0=
Subject key identifier: 5E:07:DE:45:13:72:D7:65:75:07:D3:E5:EA:2D:D1:1F:E0:A0:BF:C8
Certificate issuer: /CN=2c71c96005e13a84a3f31ef1d991777f4b6e31a7
Certificate serial: 018B3DC0BC0DDFCD379BB91677987C0A2AD0
Authority key identifier: 2C:71:C9:60:05:E1:3A:84:A3:F3:1E:F1:D9:91:77:7F:4B:6E:31:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LHHJYAXhOoSj8x7x2ZF3f0tuMac.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/fa3544-1025-4e8f-a8fe-7a28af29cdc2/1/XgfeRRNy12V1B9Pl6i3RH-Cgv8g.roa
Signing time: Tue 17 Oct 2023 13:08:43 +0000
ROA not before: Tue 17 Oct 2023 13:08:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210240
IP address blocks: 45.151.60.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:3d:c0:bc:0d:df:cd:37:9b:b9:16:77:98:7c:0a:2a:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2c71c96005e13a84a3f31ef1d991777f4b6e31a7
Validity
Not Before: Oct 17 13:08:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5e07de451372d7657507d3e5ea2dd11fe0a0bfc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:3b:10:22:83:1d:2f:3c:82:e1:de:86:fd:f1:
c0:e3:e8:94:78:f9:cb:b3:0e:ae:b3:ee:b5:f1:f2:
70:38:c9:d0:d3:27:ca:a0:87:a1:12:cf:b0:07:e3:
40:fa:cd:50:05:6d:3f:3b:46:58:1d:df:2b:90:5b:
4b:d6:53:64:f4:cf:24:68:f8:95:44:65:c5:ec:97:
ca:77:f2:a7:3b:86:9d:88:21:99:52:cb:b7:64:18:
d6:9d:ba:70:48:65:55:35:c9:76:98:38:95:05:97:
c3:e5:3c:b1:33:4b:3f:ab:66:1b:82:4a:14:c8:df:
41:d6:35:b9:6e:a4:77:69:4b:ff:93:1a:d9:e3:8f:
cf:ff:a9:ed:ab:89:9f:d0:2c:46:36:ab:a9:2e:93:
7d:c7:a2:3e:91:94:df:04:9b:b5:ff:fa:6c:30:e0:
36:7e:74:88:00:0b:d7:13:e9:6a:5a:11:fd:31:15:
2b:59:24:25:bf:7f:85:a9:92:95:11:d5:ea:ec:cf:
46:0c:00:9b:b2:d0:0b:72:10:06:33:97:d0:5a:eb:
83:5f:04:9b:74:9b:45:ee:4a:1c:46:63:76:de:cf:
92:18:c7:51:57:21:46:fd:a6:7c:74:77:1e:04:30:
41:43:75:6f:98:43:ba:22:17:14:dc:5b:ff:a8:fa:
98:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:07:DE:45:13:72:D7:65:75:07:D3:E5:EA:2D:D1:1F:E0:A0:BF:C8
X509v3 Authority Key Identifier:
keyid:2C:71:C9:60:05:E1:3A:84:A3:F3:1E:F1:D9:91:77:7F:4B:6E:31:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LHHJYAXhOoSj8x7x2ZF3f0tuMac.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/fa3544-1025-4e8f-a8fe-7a28af29cdc2/1/XgfeRRNy12V1B9Pl6i3RH-Cgv8g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/fa3544-1025-4e8f-a8fe-7a28af29cdc2/1/LHHJYAXhOoSj8x7x2ZF3f0tuMac.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.60.0/24
Signature Algorithm: sha256WithRSAEncryption
43:f1:b9:83:dc:ed:66:3c:ec:34:9e:14:51:0a:f7:07:63:58:
f0:d4:85:97:49:f8:23:ac:d3:ba:b6:2a:b6:66:77:22:7f:65:
62:f6:29:22:9d:cd:b0:6d:42:75:24:0f:2b:9e:81:0e:01:a1:
d0:8a:6a:6f:84:fe:66:bb:bb:1d:63:99:ad:05:63:a9:61:0a:
ac:9f:22:b1:9a:3f:02:6c:31:49:9a:69:57:17:d1:c3:df:76:
73:d3:3d:2f:82:cd:38:24:8e:14:40:ea:90:5c:e0:3c:5f:79:
80:6c:ef:42:70:5a:21:e2:e7:85:22:c8:02:46:f1:1c:50:fb:
19:fd:57:4f:62:40:50:6a:24:13:ec:25:3f:a2:aa:94:d7:a2:
53:c3:9d:26:4a:41:58:a3:e6:33:84:8e:f0:23:6a:35:17:87:
4e:e8:8e:8e:27:0d:7c:d4:c1:46:0e:bd:2a:2c:19:5e:05:3c:
98:c5:4e:b5:f6:a7:d3:8b:79:fa:7f:7d:7b:1b:be:ec:19:6d:
9d:c9:00:43:31:2d:d0:a5:7f:84:b2:07:dc:18:31:f1:dd:e4:
e1:81:a3:7f:1f:8d:f3:c9:c2:4c:bd:32:fc:11:e9:43:f3:58:
1f:99:9b:48:1c:b3:c8:1a:6d:ab:1e:74:99:31:f2:03:81:63:
d0:bc:15:83
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYs9wLwN3803m7kWd5h8CirQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjNzFjOTYwMDVlMTNhODRhM2YzMWVmMWQ5OTE3NzdmNGI2
ZTMxYTcwHhcNMjMxMDE3MTMwODQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTA3ZGU0NTEzNzJkNzY1NzUwN2QzZTVlYTJkZDExZmUwYTBiZmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAijsQIoMdLzyC4d6G/fHA4+iUePnL
sw6us+618fJwOMnQ0yfKoIehEs+wB+NA+s1QBW0/O0ZYHd8rkFtL1lNk9M8kaPiV
RGXF7JfKd/KnO4adiCGZUsu3ZBjWnbpwSGVVNcl2mDiVBZfD5TyxM0s/q2YbgkoU
yN9B1jW5bqR3aUv/kxrZ44/P/6ntq4mf0CxGNqupLpN9x6I+kZTfBJu1//psMOA2
fnSIAAvXE+lqWhH9MRUrWSQlv3+FqZKVEdXq7M9GDACbstALchAGM5fQWuuDXwSb
dJtF7kocRmN23s+SGMdRVyFG/aZ8dHceBDBBQ3VvmEO6IhcU3Fv/qPqYtQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF4H3kUTctdldQfT5eot0R/goL/IMB8GA1UdIwQY
MBaAFCxxyWAF4TqEo/Me8dmRd39LbjGnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEhISllBWGhPb1NqOHg3eDJaRjNmMHR1TWFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9mYTM1NDQtMTAyNS00ZThmLWE4ZmUt
N2EyOGFmMjljZGMyLzEvWGdmZVJSTnkxMlYxQjlQbDZpM1JILUNndjhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9mYTM1NDQtMTAyNS00ZThmLWE4ZmUtN2EyOGFmMjljZGMy
LzEvTEhISllBWGhPb1NqOHg3eDJaRjNmMHR1TWFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZc8MA0G
CSqGSIb3DQEBCwUAA4IBAQBD8bmD3O1mPOw0nhRRCvcHY1jw1IWXSfgjrNO6tiq2
Zncif2Vi9ikinc2wbUJ1JA8rnoEOAaHQimpvhP5mu7sdY5mtBWOpYQqsnyKxmj8C
bDFJmmlXF9HD33Zz0z0vgs04JI4UQOqQXOA8X3mAbO9CcFoh4ueFIsgCRvEcUPsZ
/VdPYkBQaiQT7CU/oqqU16JTw50mSkFYo+YzhI7wI2o1F4dO6I6OJw181MFGDr0q
LBleBTyYxU619qfTi3n6f317G77sGW2dyQBDMS3QpX+EsgfcGDHx3eThgaN/H43z
ycJMvTL8EelD81gfmZtIHLPIGm2rHnSZMfIDgWPQvBWD
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:17:23 2025 by rpki-client