Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/q8WLUEUySzbg7oPKwG-bdk7OhQ8.roa
File: q8WLUEUySzbg7oPKwG-bdk7OhQ8.roa (raw, json)
Hash identifier: 8yX6HDnRDg69NVHlqLQAHKuMLAZHCkhqxz5/uYtO4v0=
Subject key identifier: AB:C5:8B:50:45:32:4B:36:E0:EE:83:CA:C0:6F:9B:76:4E:CE:85:0F
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018AAD6DD2B5F56B97CDFB1205EDF59595E1
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/q8WLUEUySzbg7oPKwG-bdk7OhQ8.roa
Signing time: Tue 19 Sep 2023 12:32:50 +0000
ROA not before: Tue 19 Sep 2023 12:32:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209371
IP address blocks: 45.128.96.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ad:6d:d2:b5:f5:6b:97:cd:fb:12:05:ed:f5:95:95:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Sep 19 12:32:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=abc58b5045324b36e0ee83cac06f9b764ece850f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:fc:cf:1e:12:0f:56:c2:d3:ad:db:29:95:cf:
6d:22:a2:6e:df:46:c6:4a:75:09:94:61:12:1d:73:
70:3b:3a:55:a2:cd:e5:f1:81:b2:bf:a5:fe:72:5f:
be:9f:47:95:2f:bc:6e:fc:0c:92:82:76:c9:36:db:
fc:c6:f2:5d:23:85:7b:64:00:86:8a:9e:67:d2:50:
bb:d8:4a:b1:7b:d2:c5:3b:df:08:13:9e:28:2e:70:
59:b6:dc:cf:4c:a7:ed:08:a6:38:7f:f7:47:97:40:
aa:9c:dc:75:f3:70:ad:9c:a2:7c:03:a2:d2:af:b6:
07:3e:58:1e:9a:ed:68:4f:a2:82:68:5b:ae:0d:d9:
c6:bd:63:3e:2a:d4:77:1a:b1:ff:c3:e0:15:90:9f:
f6:28:1d:f2:69:d0:10:ba:2f:0c:6d:ba:5e:af:ad:
5a:cc:7e:80:2d:62:c2:ca:c2:af:c4:04:88:e1:2c:
be:dc:a3:1d:9c:b9:ee:1d:fb:c0:4c:0c:b4:d4:77:
ef:da:b3:89:df:93:cb:cc:52:d9:1f:b6:01:da:1d:
bd:e6:4e:be:17:77:36:6f:3f:36:22:0d:4f:c7:85:
60:dd:7b:ba:f8:24:ca:ed:08:1e:6a:25:b1:a2:d9:
66:f1:5f:79:d9:2d:dd:5e:3e:e4:f7:79:79:96:85:
5a:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:C5:8B:50:45:32:4B:36:E0:EE:83:CA:C0:6F:9B:76:4E:CE:85:0F
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/q8WLUEUySzbg7oPKwG-bdk7OhQ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.96.0/24
Signature Algorithm: sha256WithRSAEncryption
73:45:c0:c8:d3:9d:90:09:c7:5d:f2:38:69:fa:a2:42:bf:29:
ff:e1:64:89:0a:ca:47:a8:70:d5:ad:26:7f:57:2a:cd:02:62:
4a:99:69:98:41:f9:43:dd:e4:09:ad:40:46:ad:ea:23:c7:85:
28:d0:b8:8e:44:54:38:e4:35:9f:0b:f6:96:b1:d2:ed:f5:e1:
4b:67:81:5a:b8:16:c2:dd:c7:5a:5c:29:2f:2a:fd:a7:27:02:
3e:f3:3c:c4:15:55:f4:bf:5f:a9:f0:46:12:99:97:f6:e5:88:
44:26:c8:63:15:82:9d:6d:26:9f:64:96:8f:f2:28:3d:bd:9a:
71:28:51:ab:3f:e9:d9:e1:af:94:81:0f:bc:12:8e:0c:9d:60:
41:c8:3b:31:61:49:e9:af:3d:5b:d8:0e:9f:52:f6:4d:6f:d8:
ff:3d:15:b3:fa:7e:78:df:7b:18:32:c4:21:71:67:76:73:98:
2a:80:42:7e:e0:86:42:ba:15:6f:22:4e:a3:b1:f3:02:fa:ec:
ab:79:34:84:ec:45:c4:28:7f:63:5f:c5:0f:27:44:a6:be:3f:
59:90:21:07:e7:17:0b:b8:50:ea:e3:a2:26:8e:d4:f8:ee:41:
1e:0d:16:0f:30:e2:16:5e:11:d1:03:34:0b:d9:fd:e5:c5:51:
eb:06:12:39
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYqtbdK19WuXzfsSBe31lZXhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwOTE5MTIzMjUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYmM1OGI1MDQ1MzI0YjM2ZTBlZTgzY2FjMDZmOWI3NjRlY2U4NTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyvzPHhIPVsLTrdsplc9tIqJu30bG
SnUJlGESHXNwOzpVos3l8YGyv6X+cl++n0eVL7xu/AySgnbJNtv8xvJdI4V7ZACG
ip5n0lC72Eqxe9LFO98IE54oLnBZttzPTKftCKY4f/dHl0CqnNx183CtnKJ8A6LS
r7YHPlgemu1oT6KCaFuuDdnGvWM+KtR3GrH/w+AVkJ/2KB3yadAQui8Mbbper61a
zH6ALWLCysKvxASI4Sy+3KMdnLnuHfvATAy01Hfv2rOJ35PLzFLZH7YB2h295k6+
F3c2bz82Ig1Px4Vg3Xu6+CTK7QgeaiWxotlm8V952S3dXj7k93l5loVaYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKvFi1BFMks24O6DysBvm3ZOzoUPMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvcThXTFVFVXlTemJnN29QS3dHLWJkazdPaFE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYBgMA0G
CSqGSIb3DQEBCwUAA4IBAQBzRcDI052QCcdd8jhp+qJCvyn/4WSJCspHqHDVrSZ/
VyrNAmJKmWmYQflD3eQJrUBGreojx4Uo0LiORFQ45DWfC/aWsdLt9eFLZ4FauBbC
3cdaXCkvKv2nJwI+8zzEFVX0v1+p8EYSmZf25YhEJshjFYKdbSafZJaP8ig9vZpx
KFGrP+nZ4a+UgQ+8Eo4MnWBByDsxYUnprz1b2A6fUvZNb9j/PRWz+n5433sYMsQh
cWd2c5gqgEJ+4IZCuhVvIk6jsfMC+uyreTSE7EXEKH9jX8UPJ0Smvj9ZkCEH5xcL
uFDq46ImjtT47kEeDRYPMOIWXhHRAzQL2f3lxVHrBhI5
-----END CERTIFICATE-----
Generated at Sat May 3 18:34:02 2025 by rpki-client