Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/lQ5TrdjsV-8GP_cCnpDY1U2qqAo.roa
File: lQ5TrdjsV-8GP_cCnpDY1U2qqAo.roa (raw, json)
Hash identifier: MyZM1BG8+7DbJIhLCKKvq9vcpg4lt2dO3NPGOr787i0=
Subject key identifier: 95:0E:53:AD:D8:EC:57:EF:06:3F:F7:02:9E:90:D8:D5:4D:AA:A8:0A
Certificate issuer: /CN=cf1df6667da38e57a25b1945fa40e593e5adfa00
Certificate serial: 01856F14AF263295DB9148B0AAF363F8C79D
Authority key identifier: CF:1D:F6:66:7D:A3:8E:57:A2:5B:19:45:FA:40:E5:93:E5:AD:FA:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/lQ5TrdjsV-8GP_cCnpDY1U2qqAo.roa
Signing time: Sun 01 Jan 2023 20:45:04 +0000
ROA not before: Sun 01 Jan 2023 20:45:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200702
IP address blocks: 45.159.16.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:14:af:26:32:95:db:91:48:b0:aa:f3:63:f8:c7:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf1df6667da38e57a25b1945fa40e593e5adfa00
Validity
Not Before: Jan 1 20:45:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=950e53add8ec57ef063ff7029e90d8d54daaa80a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:ab:0a:ed:03:a1:e5:0c:a6:fa:16:68:d0:79:
4a:0f:15:f8:9c:95:31:a3:c8:fa:73:05:cd:a9:79:
bf:9f:07:9e:89:5c:09:31:b0:ec:ec:5e:0d:7d:45:
c6:71:87:5a:6c:f2:fb:7f:72:a1:3e:4d:cc:c1:78:
2e:a7:0e:61:bd:33:fb:62:b6:54:46:bb:98:64:9a:
9b:97:87:b9:b4:55:a0:9a:be:88:b4:92:05:27:7c:
86:6e:51:b1:37:a8:50:93:56:66:0d:61:d7:93:bc:
11:b0:75:aa:21:a4:a0:d9:0c:5f:31:af:2f:e4:d4:
24:9b:63:03:b2:7a:a0:0d:c3:0d:7c:31:bb:ba:2a:
76:31:24:50:a5:3a:34:f8:20:0c:55:3d:86:93:fd:
7e:19:55:ac:0b:1f:92:38:86:7c:ef:65:19:b9:7c:
8f:b5:1f:7c:26:3f:96:2f:6c:eb:b8:74:26:89:e0:
91:98:b5:c1:f7:de:79:e5:76:c0:44:22:60:c8:f0:
7d:c1:f3:d9:4b:fd:f8:9e:d9:8f:c5:ef:c7:d5:c7:
9f:0c:a7:d3:50:0b:6c:1c:c3:f3:67:e5:67:65:02:
d9:43:0e:a1:af:c9:d6:3b:70:b7:30:f0:22:18:eb:
48:32:63:0b:b3:bc:aa:99:64:27:ea:af:8f:49:46:
2a:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:0E:53:AD:D8:EC:57:EF:06:3F:F7:02:9E:90:D8:D5:4D:AA:A8:0A
X509v3 Authority Key Identifier:
keyid:CF:1D:F6:66:7D:A3:8E:57:A2:5B:19:45:FA:40:E5:93:E5:AD:FA:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/lQ5TrdjsV-8GP_cCnpDY1U2qqAo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/zx32Zn2jjleiWxlF-kDlk-Wt-gA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.16.0/22
Signature Algorithm: sha256WithRSAEncryption
61:3e:e3:f6:25:54:c5:38:70:c4:9a:dc:e3:c0:7d:f9:33:9b:
55:18:fb:fc:2a:90:4d:8c:33:0e:21:44:de:d7:ec:a6:35:ef:
ba:e6:9b:22:56:0f:12:21:6b:f3:cc:4e:82:b3:e2:79:de:c3:
7f:4e:27:c9:81:94:cb:a7:48:86:dc:6e:af:a3:71:8c:57:b5:
5b:08:4f:ed:b9:a0:5c:2c:2a:b1:f5:e6:e8:56:86:a2:af:cc:
9f:d2:bf:c2:18:49:02:60:ca:92:1c:d9:8e:fc:d3:e9:d6:02:
50:df:53:77:01:63:07:a1:fa:38:5a:1c:4a:1b:eb:dc:fc:e3:
06:b2:88:9b:b3:96:70:52:0d:32:59:e8:ea:11:3e:15:05:66:
65:4f:23:4f:f5:f1:af:62:46:2a:a4:0b:85:dc:05:e7:a5:86:
29:af:e6:77:04:58:e5:54:0b:aa:96:ee:03:20:ae:3a:c1:f1:
85:47:d1:fb:04:4b:d6:a8:e8:95:65:95:9a:5c:9e:68:36:0e:
a0:31:8f:4e:f3:db:19:2a:d7:54:3b:4a:16:05:aa:6d:42:80:
51:8e:ef:51:56:89:28:3b:62:6b:7d:d2:b6:ce:07:93:e1:f3:
a5:eb:02:b9:8b:d8:8a:0e:8c:8e:16:a5:17:2b:49:fd:75:a7:
50:23:16:d5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvFK8mMpXbkUiwqvNj+MedMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmMWRmNjY2N2RhMzhlNTdhMjViMTk0NWZhNDBlNTkzZTVh
ZGZhMDAwHhcNMjMwMTAxMjA0NTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTBlNTNhZGQ4ZWM1N2VmMDYzZmY3MDI5ZTkwZDhkNTRkYWFhODBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm6sK7QOh5Qym+hZo0HlKDxX4nJUx
o8j6cwXNqXm/nweeiVwJMbDs7F4NfUXGcYdabPL7f3KhPk3MwXgupw5hvTP7YrZU
RruYZJqbl4e5tFWgmr6ItJIFJ3yGblGxN6hQk1ZmDWHXk7wRsHWqIaSg2QxfMa8v
5NQkm2MDsnqgDcMNfDG7uip2MSRQpTo0+CAMVT2Gk/1+GVWsCx+SOIZ872UZuXyP
tR98Jj+WL2zruHQmieCRmLXB99555XbARCJgyPB9wfPZS/34ntmPxe/H1cefDKfT
UAtsHMPzZ+VnZQLZQw6hr8nWO3C3MPAiGOtIMmMLs7yqmWQn6q+PSUYqRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJUOU63Y7FfvBj/3Ap6Q2NVNqqgKMB8GA1UdIwQY
MBaAFM8d9mZ9o45XolsZRfpA5ZPlrfoAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvengzMlpuMmpqbGVpV3hsRi1rRGxrLVd0LWdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9lNTc4OWEtMTYwZC00ODk2LWEyNWEt
OGRmMzYzMzdlNmJjLzEvbFE1VHJkanNWLThHUF9jQ25wRFkxVTJxcUFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9lNTc4OWEtMTYwZC00ODk2LWEyNWEtOGRmMzYzMzdlNmJj
LzEvengzMlpuMmpqbGVpV3hsRi1rRGxrLVd0LWdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZ8QMA0G
CSqGSIb3DQEBCwUAA4IBAQBhPuP2JVTFOHDEmtzjwH35M5tVGPv8KpBNjDMOIUTe
1+ymNe+65psiVg8SIWvzzE6Cs+J53sN/TifJgZTLp0iG3G6vo3GMV7VbCE/tuaBc
LCqx9eboVoair8yf0r/CGEkCYMqSHNmO/NPp1gJQ31N3AWMHofo4WhxKG+vc/OMG
soibs5ZwUg0yWejqET4VBWZlTyNP9fGvYkYqpAuF3AXnpYYpr+Z3BFjlVAuqlu4D
IK46wfGFR9H7BEvWqOiVZZWaXJ5oNg6gMY9O89sZKtdUO0oWBaptQoBRju9RVoko
O2JrfdK2zgeT4fOl6wK5i9iKDoyOFqUXK0n9dadQIxbV
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:13:56 2025 by rpki-client