Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/48d609-088d-41e4-bec4-38ee8fd64e7d/1/buh53yoe6AsAmDexui29aGTzHCQ.roa
File: buh53yoe6AsAmDexui29aGTzHCQ.roa (raw, json)
Hash identifier: tHCt3s83prYeAyp0iJUYxHr8kai5u+iWfQxSL0L0I5U=
Subject key identifier: 6E:E8:79:DF:2A:1E:E8:0B:00:98:37:B1:BA:2D:BD:68:64:F3:1C:24
Certificate issuer: /CN=291f0b73e67d63c5a4c9046814166a9e21625f28
Certificate serial: 018573039B7C9D9CE4017E3DA01F726AD9D8
Authority key identifier: 29:1F:0B:73:E6:7D:63:C5:A4:C9:04:68:14:16:6A:9E:21:62:5F:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KR8Lc-Z9Y8WkyQRoFBZqniFiXyg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/48d609-088d-41e4-bec4-38ee8fd64e7d/1/buh53yoe6AsAmDexui29aGTzHCQ.roa
Signing time: Mon 02 Jan 2023 15:04:54 +0000
ROA not before: Mon 02 Jan 2023 15:04:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56595
IP address blocks: 198.52.45.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:03:9b:7c:9d:9c:e4:01:7e:3d:a0:1f:72:6a:d9:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=291f0b73e67d63c5a4c9046814166a9e21625f28
Validity
Not Before: Jan 2 15:04:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6ee879df2a1ee80b009837b1ba2dbd6864f31c24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:a6:9d:9c:cd:42:2b:b0:5e:fc:5b:87:d9:96:
0b:be:a4:8d:1e:82:78:1c:13:58:c6:09:36:b5:e0:
c4:62:be:ff:af:79:47:ec:8e:b5:10:21:de:64:77:
1a:d3:68:e9:ea:c1:a9:59:72:99:e8:51:61:d2:b9:
84:d4:64:e0:99:6a:91:aa:7c:d3:74:f1:14:c0:31:
4b:dd:1f:5f:1e:dd:78:c9:eb:5a:88:cb:eb:58:2f:
66:36:ca:2d:0a:51:47:5a:7d:ee:f1:4a:80:d1:cd:
86:f8:3c:e7:e5:51:8a:3c:f7:85:82:1a:50:68:6b:
a9:e4:a0:3f:bf:4a:e7:e1:7f:2a:f8:1f:a3:86:8e:
1e:9f:a3:aa:9d:39:19:bf:5a:5d:5f:cc:71:5e:89:
e0:b5:e4:95:dc:65:37:53:16:8e:f7:c2:71:fa:82:
52:77:76:24:ee:72:c5:48:6b:d6:31:35:2c:25:85:
64:ec:06:4e:89:1c:cc:aa:c4:41:c4:31:98:c5:dc:
5e:16:e3:f0:c8:60:9f:da:17:bc:a9:90:6f:30:11:
b8:e4:61:cd:a6:d4:44:5e:61:48:55:8c:a0:19:67:
9e:d0:1e:09:30:d8:7e:84:1e:af:b0:fb:78:09:16:
0a:4f:1b:b7:92:c5:34:fb:f8:55:51:05:5f:0c:43:
60:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:E8:79:DF:2A:1E:E8:0B:00:98:37:B1:BA:2D:BD:68:64:F3:1C:24
X509v3 Authority Key Identifier:
keyid:29:1F:0B:73:E6:7D:63:C5:A4:C9:04:68:14:16:6A:9E:21:62:5F:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KR8Lc-Z9Y8WkyQRoFBZqniFiXyg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/48d609-088d-41e4-bec4-38ee8fd64e7d/1/buh53yoe6AsAmDexui29aGTzHCQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/48d609-088d-41e4-bec4-38ee8fd64e7d/1/KR8Lc-Z9Y8WkyQRoFBZqniFiXyg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
198.52.45.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:1d:3e:d0:be:10:cb:d5:0d:c6:0e:c1:24:c0:c7:fd:d3:05:
9c:6a:d6:01:5a:fd:82:8b:64:41:ec:a0:64:85:97:9c:a4:da:
81:a5:17:71:69:7c:02:5c:47:8f:f3:f1:6f:a5:77:1f:70:a7:
1e:2e:da:dd:26:9d:07:0b:bf:db:ef:ce:70:82:47:61:d4:d4:
2d:da:80:8f:4f:ee:68:13:b1:ad:ce:db:f3:22:69:ed:49:29:
56:77:e5:48:4b:79:d5:18:3e:32:94:73:e4:97:f9:50:07:99:
d5:d1:a5:1f:73:90:9e:71:28:79:a0:f9:ee:94:10:9b:de:d8:
6b:22:f2:ad:64:3e:37:ed:a7:56:0e:ec:7d:4f:d7:aa:b3:27:
a6:b5:30:8d:9f:2c:4a:8d:01:91:e3:34:d8:f3:ab:7a:8e:b5:
4b:69:a1:fb:be:c3:f0:59:8c:78:56:72:8a:fa:67:22:82:fd:
0f:37:37:be:4f:fb:91:c3:34:e0:69:55:31:80:48:45:ec:37:
49:f6:a9:d3:1f:3f:25:5a:e4:57:c9:6a:4e:93:b0:ab:67:4c:
59:cd:11:d6:df:28:28:c6:c3:91:36:02:aa:77:4a:6e:95:f6:
73:1e:b8:15:e7:d3:ce:20:33:9d:c2:7c:69:bb:6a:dd:9f:43:
40:e8:75:e3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzA5t8nZzkAX49oB9yatnYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MWYwYjczZTY3ZDYzYzVhNGM5MDQ2ODE0MTY2YTllMjE2
MjVmMjgwHhcNMjMwMTAyMTUwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWU4NzlkZjJhMWVlODBiMDA5ODM3YjFiYTJkYmQ2ODY0ZjMxYzI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAraadnM1CK7Be/FuH2ZYLvqSNHoJ4
HBNYxgk2teDEYr7/r3lH7I61ECHeZHca02jp6sGpWXKZ6FFh0rmE1GTgmWqRqnzT
dPEUwDFL3R9fHt14yetaiMvrWC9mNsotClFHWn3u8UqA0c2G+Dzn5VGKPPeFghpQ
aGup5KA/v0rn4X8q+B+jho4en6OqnTkZv1pdX8xxXongteSV3GU3UxaO98Jx+oJS
d3Yk7nLFSGvWMTUsJYVk7AZOiRzMqsRBxDGYxdxeFuPwyGCf2he8qZBvMBG45GHN
ptREXmFIVYygGWee0B4JMNh+hB6vsPt4CRYKTxu3ksU0+/hVUQVfDENgMwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG7oed8qHugLAJg3sbotvWhk8xwkMB8GA1UdIwQY
MBaAFCkfC3PmfWPFpMkEaBQWap4hYl8oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1I4TGMtWjlZOFdreVFSb0ZCWnFuaUZpWHlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS80OGQ2MDktMDg4ZC00MWU0LWJlYzQt
MzhlZThmZDY0ZTdkLzEvYnVoNTN5b2U2QXNBbURleHVpMjlhR1R6SENRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS80OGQ2MDktMDg4ZC00MWU0LWJlYzQtMzhlZThmZDY0ZTdk
LzEvS1I4TGMtWjlZOFdreVFSb0ZCWnFuaUZpWHlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAxjQtMA0G
CSqGSIb3DQEBCwUAA4IBAQBMHT7QvhDL1Q3GDsEkwMf90wWcatYBWv2Ci2RB7KBk
hZecpNqBpRdxaXwCXEeP8/FvpXcfcKceLtrdJp0HC7/b785wgkdh1NQt2oCPT+5o
E7GtztvzImntSSlWd+VIS3nVGD4ylHPkl/lQB5nV0aUfc5CecSh5oPnulBCb3thr
IvKtZD437adWDux9T9eqsyemtTCNnyxKjQGR4zTY86t6jrVLaaH7vsPwWYx4VnKK
+mcigv0PNze+T/uRwzTgaVUxgEhF7DdJ9qnTHz8lWuRXyWpOk7CrZ0xZzRHW3ygo
xsORNgKqd0pulfZzHrgV59POIDOdwnxpu2rdn0NA6HXj
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:21:45 2025 by rpki-client