Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/3f04c9-e6e1-4506-b8fa-40d1911fa7f3/1/GroZ0z45-VWUj5STl1vScjRFxHY.roa
File: GroZ0z45-VWUj5STl1vScjRFxHY.roa (raw, json)
Hash identifier: /zaqAeSblzqqnghppj/+AnbHpOCZVbihIDiCcGtIWc0=
Subject key identifier: 1A:BA:19:D3:3E:39:F9:55:94:8F:94:93:97:5B:D2:72:34:45:C4:76
Certificate issuer: /CN=d0a38542cfdb1ee6e075eae6b101e7bb5b14c436
Certificate serial: 01856D78752C1530066FC1DA208B02015FD8
Authority key identifier: D0:A3:85:42:CF:DB:1E:E6:E0:75:EA:E6:B1:01:E7:BB:5B:14:C4:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0KOFQs_bHubgdermsQHnu1sUxDY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/3f04c9-e6e1-4506-b8fa-40d1911fa7f3/1/GroZ0z45-VWUj5STl1vScjRFxHY.roa
Signing time: Sun 01 Jan 2023 13:14:48 +0000
ROA not before: Sun 01 Jan 2023 13:14:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 137457
IP address blocks: 145.34.152.0/24 maxlen: 24
145.34.152.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:78:75:2c:15:30:06:6f:c1:da:20:8b:02:01:5f:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d0a38542cfdb1ee6e075eae6b101e7bb5b14c436
Validity
Not Before: Jan 1 13:14:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1aba19d33e39f955948f9493975bd2723445c476
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:e2:b5:3c:a7:24:82:37:67:86:bb:a9:33:b5:
5a:92:48:50:78:dd:cb:09:65:61:12:69:f5:be:5e:
f0:d0:3f:97:53:b0:e9:2d:3b:1f:3b:89:10:a3:1e:
2b:0a:36:95:8b:43:a0:06:b0:15:b3:df:88:7d:ad:
96:6e:8d:5d:4a:07:91:ee:0f:4f:8d:50:15:64:0c:
af:0e:ca:d1:03:87:7a:47:cf:fd:da:7e:b0:1a:b7:
22:75:09:74:ee:f0:cb:34:ea:a8:a1:4e:bf:b5:7a:
64:12:67:df:25:8d:e7:07:d2:17:dc:06:cc:54:e5:
a1:e4:7f:30:62:00:68:6a:21:0c:04:97:a7:0a:1e:
3f:6d:3e:b3:8d:c1:d4:fa:ed:a5:26:65:58:4f:6d:
1b:43:38:3c:94:57:e1:7d:ab:c9:88:22:5c:46:1a:
72:c6:e9:2a:f0:07:cd:94:dc:b5:6e:6b:0a:3c:9e:
cb:e7:ac:a5:18:aa:00:d7:62:08:28:c1:31:01:3a:
fa:ac:78:d5:9c:f8:f3:3d:53:ed:1e:10:c4:c4:98:
96:11:00:2c:34:39:cb:f2:06:48:91:61:87:56:40:
45:30:dc:cc:93:1c:31:1d:2a:9b:d0:81:36:4a:5e:
e6:ed:5b:bc:be:24:12:90:4f:be:33:65:55:b5:8a:
9a:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:BA:19:D3:3E:39:F9:55:94:8F:94:93:97:5B:D2:72:34:45:C4:76
X509v3 Authority Key Identifier:
keyid:D0:A3:85:42:CF:DB:1E:E6:E0:75:EA:E6:B1:01:E7:BB:5B:14:C4:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0KOFQs_bHubgdermsQHnu1sUxDY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/3f04c9-e6e1-4506-b8fa-40d1911fa7f3/1/GroZ0z45-VWUj5STl1vScjRFxHY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/3f04c9-e6e1-4506-b8fa-40d1911fa7f3/1/0KOFQs_bHubgdermsQHnu1sUxDY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.34.152.0/21
Signature Algorithm: sha256WithRSAEncryption
1b:b3:24:3c:31:df:d3:bf:1d:52:81:db:ec:a9:94:fd:56:b3:
5f:72:0c:35:69:4b:61:96:d0:2e:9a:5a:7e:30:6e:a2:d4:7d:
82:72:fc:c0:86:61:6a:26:ab:ed:fd:40:74:ff:34:b4:4f:44:
2b:98:a1:c7:ca:73:35:c5:9f:c5:28:8d:5f:01:7c:a4:fd:a9:
9f:ca:8c:98:e9:a6:9f:04:87:de:a4:62:9a:d7:64:64:99:fe:
04:35:05:5f:46:9a:e4:25:93:6e:e6:6d:a3:7d:1c:b5:a2:1f:
e5:72:3d:a2:4f:04:c5:0c:90:b2:53:e0:4f:78:59:38:d0:f9:
fb:fd:8f:25:f5:06:c8:76:ba:b0:5d:c4:14:9e:1d:a6:99:5d:
1f:3f:ad:c1:27:4d:33:66:74:71:4a:9d:f9:f1:f4:69:b0:78:
be:f0:a5:8b:62:92:49:14:70:f2:ac:12:d6:a3:8e:d8:f8:a1:
03:28:fe:89:a9:8c:8c:b8:ee:76:e2:19:c4:1c:26:c7:3f:e6:
62:da:5c:e2:61:4d:d7:92:41:8c:2c:4b:a8:ec:09:b8:9e:1a:
db:32:e5:d1:bc:5d:9c:d2:4a:74:5e:80:6b:56:93:8e:25:c6:
6a:30:e3:9d:0f:9c:fc:ba:a9:d1:99:ef:e9:22:85:2a:ff:1d:
ae:22:86:a0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVteHUsFTAGb8HaIIsCAV/YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwYTM4NTQyY2ZkYjFlZTZlMDc1ZWFlNmIxMDFlN2JiNWIx
NGM0MzYwHhcNMjMwMTAxMTMxNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWJhMTlkMzNlMzlmOTU1OTQ4Zjk0OTM5NzViZDI3MjM0NDVjNDc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxeK1PKckgjdnhrupM7VakkhQeN3L
CWVhEmn1vl7w0D+XU7DpLTsfO4kQox4rCjaVi0OgBrAVs9+Ifa2Wbo1dSgeR7g9P
jVAVZAyvDsrRA4d6R8/92n6wGrcidQl07vDLNOqooU6/tXpkEmffJY3nB9IX3AbM
VOWh5H8wYgBoaiEMBJenCh4/bT6zjcHU+u2lJmVYT20bQzg8lFfhfavJiCJcRhpy
xukq8AfNlNy1bmsKPJ7L56ylGKoA12IIKMExATr6rHjVnPjzPVPtHhDExJiWEQAs
NDnL8gZIkWGHVkBFMNzMkxwxHSqb0IE2Sl7m7Vu8viQSkE++M2VVtYqa7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBq6GdM+OflVlI+Uk5db0nI0RcR2MB8GA1UdIwQY
MBaAFNCjhULP2x7m4HXq5rEB57tbFMQ2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEtPRlFzX2JIdWJnZGVybXNRSG51MXNVeERZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC8zZjA0YzktZTZlMS00NTA2LWI4ZmEt
NDBkMTkxMWZhN2YzLzEvR3JvWjB6NDUtVldVajVTVGwxdlNjalJGeEhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC8zZjA0YzktZTZlMS00NTA2LWI4ZmEtNDBkMTkxMWZhN2Yz
LzEvMEtPRlFzX2JIdWJnZGVybXNRSG51MXNVeERZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDkSKYMA0G
CSqGSIb3DQEBCwUAA4IBAQAbsyQ8Md/Tvx1SgdvsqZT9VrNfcgw1aUthltAumlp+
MG6i1H2CcvzAhmFqJqvt/UB0/zS0T0QrmKHHynM1xZ/FKI1fAXyk/amfyoyY6aaf
BIfepGKa12Rkmf4ENQVfRprkJZNu5m2jfRy1oh/lcj2iTwTFDJCyU+BPeFk40Pn7
/Y8l9QbIdrqwXcQUnh2mmV0fP63BJ00zZnRxSp358fRpsHi+8KWLYpJJFHDyrBLW
o47Y+KEDKP6JqYyMuO524hnEHCbHP+Zi2lziYU3XkkGMLEuo7Am4nhrbMuXRvF2c
0kp0XoBrVpOOJcZqMOOdD5z8uqnRme/pIoUq/x2uIoag
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:15:23 2025 by rpki-client