Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/l08Mb2a5NW9PLL5xnZJo5RgBXDk.roa
File: l08Mb2a5NW9PLL5xnZJo5RgBXDk.roa (raw, json)
Hash identifier: HJOsQdlQvURCbh/dLBks60GN6Imv4Xgr3b3fNw4bsoo=
Subject key identifier: 97:4F:0C:6F:66:B9:35:6F:4F:2C:BE:71:9D:92:68:E5:18:01:5C:39
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01856DCAE5530F359C6E6F0E0E78B5E46424
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/l08Mb2a5NW9PLL5xnZJo5RgBXDk.roa
Signing time: Sun 01 Jan 2023 14:44:51 +0000
ROA not before: Sun 01 Jan 2023 14:44:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 174
IP address blocks: 45.137.87.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ca:e5:53:0f:35:9c:6e:6f:0e:0e:78:b5:e4:64:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jan 1 14:44:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=974f0c6f66b9356f4f2cbe719d9268e518015c39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:9d:fc:a1:29:c0:5f:43:bf:79:5a:91:94:78:
c0:1f:56:e1:20:18:dc:f7:18:49:f0:7e:0e:2a:16:
ee:b2:6c:1e:92:f6:ed:23:78:8b:da:65:8c:68:10:
2c:93:2c:43:ca:cb:1d:a6:7a:c6:fe:a3:a5:e5:3f:
80:6f:e4:a5:a5:d1:af:89:3d:0f:7d:ae:e1:4e:db:
cb:b1:0e:19:54:ec:d9:d6:84:0e:7b:f9:53:38:62:
6e:17:53:72:5d:8b:7c:f9:72:bd:d9:13:a3:39:47:
0e:05:8b:f6:ea:87:46:88:fd:93:5f:eb:99:fb:10:
69:e1:e8:96:9f:74:1b:19:3a:99:90:26:7a:d0:b4:
8a:ca:fe:01:2b:14:cd:c0:0f:a0:ee:9d:ef:5d:47:
3a:2c:e0:78:cb:4a:f4:d2:f9:a6:72:b4:49:fd:9b:
7f:06:95:6d:f0:a5:b1:5f:52:85:b0:a9:26:47:0d:
9d:65:b7:9b:62:71:62:09:b5:6e:03:a2:65:3f:29:
4e:08:6f:92:27:fa:3a:16:52:bb:ea:69:8d:c0:fb:
89:0e:dc:74:08:35:64:31:65:3d:4c:d8:98:98:4d:
d4:0f:fe:17:df:03:5c:25:10:be:99:d1:05:18:06:
78:a0:c2:fd:59:49:be:8e:cd:83:e4:b3:42:a3:d5:
22:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:4F:0C:6F:66:B9:35:6F:4F:2C:BE:71:9D:92:68:E5:18:01:5C:39
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/l08Mb2a5NW9PLL5xnZJo5RgBXDk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.87.0/24
Signature Algorithm: sha256WithRSAEncryption
97:15:a6:3d:2b:0e:0b:3c:a8:e3:c1:98:f0:94:52:2a:a9:f9:
9d:9b:40:29:40:5c:88:b5:e5:c5:a4:28:aa:f7:cb:fa:66:32:
d9:d2:47:e0:4e:df:7b:85:9f:4f:e7:08:0d:ce:2c:d9:05:35:
8b:ce:33:19:be:34:cb:a1:0c:6b:98:d2:e3:fb:f6:8f:55:4f:
f6:af:d0:df:f9:dd:7a:c1:43:27:f0:39:6b:98:cb:b6:96:23:
9c:89:13:67:b6:4c:d0:66:f4:10:0b:15:41:49:8e:ed:4e:42:
91:2b:ea:52:f1:08:cc:65:25:66:8d:c5:3f:42:5c:08:f2:df:
17:b8:f9:f5:68:fc:fc:7c:66:2b:5e:f7:f8:57:ca:41:8d:a3:
33:91:f0:76:26:4a:ac:23:78:62:d0:dd:78:87:7e:12:50:35:
ef:9d:3d:d1:5a:8d:48:30:64:8c:30:13:b6:5e:c8:c2:c5:b0:
92:44:48:c8:ca:fd:f4:98:36:9a:a2:8f:c7:c2:c0:7a:17:21:
c1:43:c7:d5:08:15:47:5b:0f:28:61:97:c8:27:f6:c9:8c:2a:
7a:1b:fd:86:e9:f4:18:e2:9f:74:60:6c:a0:34:d3:7e:b8:fc:
f2:9e:58:7f:99:ea:d1:aa:a6:ee:bb:0e:31:a9:e5:22:4b:95:
7f:8f:2c:43
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtyuVTDzWcbm8ODni15GQkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMwMTAxMTQ0NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzRmMGM2ZjY2YjkzNTZmNGYyY2JlNzE5ZDkyNjhlNTE4MDE1YzM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtJ38oSnAX0O/eVqRlHjAH1bhIBjc
9xhJ8H4OKhbusmwekvbtI3iL2mWMaBAskyxDyssdpnrG/qOl5T+Ab+SlpdGviT0P
fa7hTtvLsQ4ZVOzZ1oQOe/lTOGJuF1NyXYt8+XK92ROjOUcOBYv26odGiP2TX+uZ
+xBp4eiWn3QbGTqZkCZ60LSKyv4BKxTNwA+g7p3vXUc6LOB4y0r00vmmcrRJ/Zt/
BpVt8KWxX1KFsKkmRw2dZbebYnFiCbVuA6JlPylOCG+SJ/o6FlK76mmNwPuJDtx0
CDVkMWU9TNiYmE3UD/4X3wNcJRC+mdEFGAZ4oML9WUm+js2D5LNCo9UiXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJdPDG9muTVvTyy+cZ2SaOUYAVw5MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvbDA4TWIyYTVOVzlQTEw1eG5aSm81UmdCWERrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYlXMA0G
CSqGSIb3DQEBCwUAA4IBAQCXFaY9Kw4LPKjjwZjwlFIqqfmdm0ApQFyIteXFpCiq
98v6ZjLZ0kfgTt97hZ9P5wgNzizZBTWLzjMZvjTLoQxrmNLj+/aPVU/2r9Df+d16
wUMn8DlrmMu2liOciRNntkzQZvQQCxVBSY7tTkKRK+pS8QjMZSVmjcU/QlwI8t8X
uPn1aPz8fGYrXvf4V8pBjaMzkfB2JkqsI3hi0N14h34SUDXvnT3RWo1IMGSMMBO2
XsjCxbCSREjIyv30mDaaoo/HwsB6FyHBQ8fVCBVHWw8oYZfIJ/bJjCp6G/2G6fQY
4p90YGygNNN+uPzynlh/merRqqbuuw4xqeUiS5V/jyxD
-----END CERTIFICATE-----
Generated at Fri May 9 10:34:10 2025 by rpki-client