Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/03ca23-a143-4df0-afb9-a24e3a0a31ef/1/71k7M69wwWVt68_BNbPPEhOAl08.roa
File: 71k7M69wwWVt68_BNbPPEhOAl08.roa (raw, json)
Hash identifier: cZc+xSF55Qfa7yfjCX/4yp3qESPN0QUVYQlUfzJ3v5Y=
Subject key identifier: EF:59:3B:33:AF:70:C1:65:6D:EB:CF:C1:35:B3:CF:12:13:80:97:4F
Certificate issuer: /CN=98728e8a27d30c83aee5f496240985ee40cb378b
Certificate serial: 01856CE61D28031AF706EB5CCB6286B426C7
Authority key identifier: 98:72:8E:8A:27:D3:0C:83:AE:E5:F4:96:24:09:85:EE:40:CB:37:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mHKOiifTDIOu5fSWJAmF7kDLN4s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/03ca23-a143-4df0-afb9-a24e3a0a31ef/1/71k7M69wwWVt68_BNbPPEhOAl08.roa
Signing time: Sun 01 Jan 2023 10:34:58 +0000
ROA not before: Sun 01 Jan 2023 10:34:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8873
IP address blocks: 45.154.28.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:e6:1d:28:03:1a:f7:06:eb:5c:cb:62:86:b4:26:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=98728e8a27d30c83aee5f496240985ee40cb378b
Validity
Not Before: Jan 1 10:34:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ef593b33af70c1656debcfc135b3cf121380974f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:c9:76:da:c9:d9:cc:a8:d0:b6:cc:59:d8:a4:
95:d6:1f:9c:cf:27:42:45:6a:92:93:a9:e0:93:c3:
63:18:66:53:d3:e5:39:7e:8a:77:30:87:0a:4b:83:
cd:14:c9:6d:f8:3f:8a:dd:26:17:29:e6:13:7d:5b:
0e:6e:0c:77:9a:32:5f:57:d6:cd:16:7c:72:e2:37:
61:63:b0:af:a5:a0:64:03:61:19:fe:86:98:8d:23:
ab:49:81:42:4f:ab:a9:9b:19:2c:33:c7:3f:89:9d:
34:81:31:a6:f0:5c:64:fb:54:04:04:ea:d9:ee:f4:
73:a6:58:be:8a:52:9d:10:63:b8:5f:a3:bb:99:a0:
c8:00:b0:d0:4f:88:c6:77:d6:fd:f3:5f:b5:60:6f:
5d:46:f4:34:18:b5:a3:57:e0:e1:f7:e9:7e:f1:ff:
fb:ee:8b:e5:6c:e0:14:3a:c6:1a:b9:d1:5a:21:55:
69:32:4c:d2:d0:06:66:c3:31:c7:e4:ed:ec:18:80:
1d:b8:97:0b:51:74:83:b1:65:dc:09:7d:27:f6:6a:
f1:14:5d:1f:0a:0b:60:a4:47:15:45:39:f1:bf:ec:
bc:5a:60:4f:be:6b:a0:31:1f:ed:03:06:bc:5d:c0:
98:f1:12:7d:e7:69:81:13:21:53:c0:45:51:ab:5e:
fa:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:59:3B:33:AF:70:C1:65:6D:EB:CF:C1:35:B3:CF:12:13:80:97:4F
X509v3 Authority Key Identifier:
keyid:98:72:8E:8A:27:D3:0C:83:AE:E5:F4:96:24:09:85:EE:40:CB:37:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mHKOiifTDIOu5fSWJAmF7kDLN4s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/03ca23-a143-4df0-afb9-a24e3a0a31ef/1/71k7M69wwWVt68_BNbPPEhOAl08.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/03ca23-a143-4df0-afb9-a24e3a0a31ef/1/mHKOiifTDIOu5fSWJAmF7kDLN4s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.28.0/22
Signature Algorithm: sha256WithRSAEncryption
c8:39:b0:16:66:91:62:fd:0a:08:a5:66:57:12:af:38:9c:95:
81:d6:d3:16:38:dd:09:96:1d:77:8b:56:7d:8e:5f:b1:7a:bf:
1d:b7:77:6a:00:6c:1d:86:a6:18:83:33:b8:c2:35:b9:bb:ac:
b5:96:01:9c:55:da:bf:0a:d7:ab:af:10:a7:ca:ab:5b:66:0c:
6e:a1:21:60:1b:b4:5d:47:67:d3:06:b3:a1:a6:1b:98:26:e2:
04:a8:8e:dc:d7:57:f5:33:52:63:ba:8e:d9:92:98:23:c3:1c:
95:b3:6b:8f:bd:16:2b:58:00:87:53:32:22:ec:b1:39:82:b7:
01:96:da:a6:07:46:fe:46:23:63:88:21:77:33:b2:93:f8:70:
19:fc:df:a5:c5:9e:52:db:f0:5c:1b:f5:3a:aa:94:18:36:37:
5f:37:85:76:7b:79:d1:7a:f8:6c:3a:4c:95:d4:ae:76:f8:a9:
b1:de:1c:12:91:a0:52:95:d8:90:18:6c:80:18:cd:cc:a5:26:
53:56:26:53:20:81:95:05:cc:bf:e2:e7:84:6c:a7:ff:b9:68:
56:81:e3:2e:e9:c3:97:37:fb:48:75:d1:88:76:92:35:2d:75:
26:af:1b:14:e1:fa:17:d7:ce:ae:28:fc:87:dd:bf:ca:d8:7f:
b3:e5:0a:d5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVs5h0oAxr3Butcy2KGtCbHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4NzI4ZThhMjdkMzBjODNhZWU1ZjQ5NjI0MDk4NWVlNDBj
YjM3OGIwHhcNMjMwMTAxMTAzNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjU5M2IzM2FmNzBjMTY1NmRlYmNmYzEzNWIzY2YxMjEzODA5NzRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi8l22snZzKjQtsxZ2KSV1h+czydC
RWqSk6ngk8NjGGZT0+U5fop3MIcKS4PNFMlt+D+K3SYXKeYTfVsObgx3mjJfV9bN
Fnxy4jdhY7CvpaBkA2EZ/oaYjSOrSYFCT6upmxksM8c/iZ00gTGm8Fxk+1QEBOrZ
7vRzpli+ilKdEGO4X6O7maDIALDQT4jGd9b981+1YG9dRvQ0GLWjV+Dh9+l+8f/7
7ovlbOAUOsYaudFaIVVpMkzS0AZmwzHH5O3sGIAduJcLUXSDsWXcCX0n9mrxFF0f
CgtgpEcVRTnxv+y8WmBPvmugMR/tAwa8XcCY8RJ952mBEyFTwEVRq176mwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO9ZOzOvcMFlbevPwTWzzxITgJdPMB8GA1UdIwQY
MBaAFJhyjoon0wyDruX0liQJhe5AyzeLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUhLT2lpZlRESU91NWZTV0pBbUY3a0RMTjRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC8wM2NhMjMtYTE0My00ZGYwLWFmYjkt
YTI0ZTNhMGEzMWVmLzEvNzFrN002OXd3V1Z0NjhfQk5iUFBFaE9BbDA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC8wM2NhMjMtYTE0My00ZGYwLWFmYjktYTI0ZTNhMGEzMWVm
LzEvbUhLT2lpZlRESU91NWZTV0pBbUY3a0RMTjRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZocMA0G
CSqGSIb3DQEBCwUAA4IBAQDIObAWZpFi/QoIpWZXEq84nJWB1tMWON0Jlh13i1Z9
jl+xer8dt3dqAGwdhqYYgzO4wjW5u6y1lgGcVdq/CterrxCnyqtbZgxuoSFgG7Rd
R2fTBrOhphuYJuIEqI7c11f1M1Jjuo7ZkpgjwxyVs2uPvRYrWACHUzIi7LE5grcB
ltqmB0b+RiNjiCF3M7KT+HAZ/N+lxZ5S2/BcG/U6qpQYNjdfN4V2e3nRevhsOkyV
1K52+Kmx3hwSkaBSldiQGGyAGM3MpSZTViZTIIGVBcy/4ueEbKf/uWhWgeMu6cOX
N/tIddGIdpI1LXUmrxsU4foX186uKPyH3b/K2H+z5QrV
-----END CERTIFICATE-----
Generated at Sun Apr 27 22:20:14 2025 by rpki-client