Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/3cd45f-0b79-43b7-a9e6-c0bcedb34274/1/IuRhvBc-eKMBJOgphLah_Vfs2Vc.roa
File: IuRhvBc-eKMBJOgphLah_Vfs2Vc.roa (raw, json)
Hash identifier: dgs7yPsrZkVLtLNL0++viXBNuGNnB3q8kXT1QyhdU6U=
Subject key identifier: 22:E4:61:BC:17:3E:78:A3:01:24:E8:29:84:B6:A1:FD:57:EC:D9:57
Certificate issuer: /CN=bda1e55f744e1412bd753fd277b77408dcdf8cb4
Certificate serial: 0187EB0E3E9A78CDB1BF3DF14DD443F465D1
Authority key identifier: BD:A1:E5:5F:74:4E:14:12:BD:75:3F:D2:77:B7:74:08:DC:DF:8C:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vaHlX3ROFBK9dT_Sd7d0CNzfjLQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/3cd45f-0b79-43b7-a9e6-c0bcedb34274/1/IuRhvBc-eKMBJOgphLah_Vfs2Vc.roa
Signing time: Fri 05 May 2023 08:36:31 +0000
ROA not before: Fri 05 May 2023 08:36:31 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44377
IP address blocks: 45.143.216.0/22 maxlen: 24
45.137.248.0/22 maxlen: 24
92.242.224.0/19 maxlen: 24
193.19.220.0/22 maxlen: 24
185.121.200.0/22 maxlen: 24
2a13:ca80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:eb:0e:3e:9a:78:cd:b1:bf:3d:f1:4d:d4:43:f4:65:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bda1e55f744e1412bd753fd277b77408dcdf8cb4
Validity
Not Before: May 5 08:36:31 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=22e461bc173e78a30124e82984b6a1fd57ecd957
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:0d:68:d3:56:fd:9c:27:9b:ae:6b:8d:a2:94:
68:d8:1e:87:ae:58:7b:58:58:2e:af:c9:7e:d1:ba:
01:3e:ae:33:b3:5c:28:be:1a:69:22:66:2e:86:57:
3b:81:e0:ae:25:b1:22:58:4f:26:bf:98:4b:33:77:
c7:90:f2:91:95:45:d1:07:43:98:86:c3:a6:f6:f8:
e6:f3:8a:f5:32:1c:ef:aa:71:32:14:67:c9:f6:aa:
9b:c2:42:25:a5:30:9f:ed:b2:68:7b:80:9f:56:5d:
df:24:d7:2e:bf:00:6e:24:5a:51:15:cd:05:70:05:
58:3c:f9:37:73:56:36:ac:1c:1e:8b:7f:fd:94:82:
ce:ed:5d:aa:82:27:7f:55:0b:ab:e5:1c:cd:51:6b:
21:83:54:2e:c7:98:19:13:12:16:12:e8:0c:11:57:
06:10:d4:95:ac:21:d0:30:9e:2b:49:3d:bd:eb:79:
95:cf:22:c8:fa:50:6f:9b:68:2a:7d:aa:69:1a:b7:
b1:ae:64:34:73:0c:c8:73:c9:93:00:97:a1:2e:15:
a0:8b:78:7d:6c:fc:61:75:c1:88:a5:fd:25:87:4d:
d7:8a:8c:af:f4:d1:92:12:e3:67:1c:b5:30:13:c9:
9d:92:87:a5:5c:1b:24:10:b4:88:96:a9:f8:d4:76:
58:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:E4:61:BC:17:3E:78:A3:01:24:E8:29:84:B6:A1:FD:57:EC:D9:57
X509v3 Authority Key Identifier:
keyid:BD:A1:E5:5F:74:4E:14:12:BD:75:3F:D2:77:B7:74:08:DC:DF:8C:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vaHlX3ROFBK9dT_Sd7d0CNzfjLQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/3cd45f-0b79-43b7-a9e6-c0bcedb34274/1/IuRhvBc-eKMBJOgphLah_Vfs2Vc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/3cd45f-0b79-43b7-a9e6-c0bcedb34274/1/vaHlX3ROFBK9dT_Sd7d0CNzfjLQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.248.0/22
45.143.216.0/22
92.242.224.0/19
185.121.200.0/22
193.19.220.0/22
IPv6:
2a13:ca80::/29
Signature Algorithm: sha256WithRSAEncryption
4f:f5:1a:cb:2f:5d:b3:b6:99:75:fa:4a:ed:07:72:75:c2:02:
57:78:a0:6a:1d:a8:24:6c:ad:58:9d:f2:e8:e8:a5:24:43:02:
bb:84:75:fb:50:5c:b0:b7:47:72:da:34:92:b5:aa:5c:75:50:
f6:53:0f:02:33:4c:15:9e:ba:85:61:3a:f3:63:ec:4a:bc:3a:
5c:1b:c4:3e:b7:28:06:4b:ec:2f:29:af:88:df:cb:c4:80:58:
3c:4c:ab:1a:53:e4:08:40:a2:27:93:57:81:8c:b9:60:f8:ff:
41:8b:55:f6:b5:7c:9f:0b:a8:82:1b:3b:85:be:f8:14:47:34:
8b:de:7c:c2:19:8c:92:27:be:61:d1:1b:e6:14:aa:5e:b3:fe:
51:78:e2:2d:7b:04:fe:e4:80:27:c1:cd:7e:38:51:f8:d4:b9:
e8:2c:68:4d:d8:34:20:75:7a:f9:1b:4b:02:00:8a:37:31:6a:
93:34:41:de:03:49:eb:52:a7:9f:83:6a:ca:39:d8:20:73:76:
3e:65:72:53:4c:0c:70:5a:f4:8f:a5:fb:36:a7:3f:f2:2a:6a:
e9:26:cd:17:a8:2f:2b:dd:56:a8:eb:63:b7:81:ca:ee:d0:27:
a8:6e:39:86:67:db:be:1c:b4:43:08:45:a1:48:4e:b7:58:58:
6f:2d:4b:60
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYfrDj6aeM2xvz3xTdRD9GXRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkYTFlNTVmNzQ0ZTE0MTJiZDc1M2ZkMjc3Yjc3NDA4ZGNk
ZjhjYjQwHhcNMjMwNTA1MDgzNjMxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmU0NjFiYzE3M2U3OGEzMDEyNGU4Mjk4NGI2YTFmZDU3ZWNkOTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjA1o01b9nCebrmuNopRo2B6Hrlh7
WFgur8l+0boBPq4zs1wovhppImYuhlc7geCuJbEiWE8mv5hLM3fHkPKRlUXRB0OY
hsOm9vjm84r1MhzvqnEyFGfJ9qqbwkIlpTCf7bJoe4CfVl3fJNcuvwBuJFpRFc0F
cAVYPPk3c1Y2rBwei3/9lILO7V2qgid/VQur5RzNUWshg1Qux5gZExIWEugMEVcG
ENSVrCHQMJ4rST2963mVzyLI+lBvm2gqfappGrexrmQ0cwzIc8mTAJehLhWgi3h9
bPxhdcGIpf0lh03Xioyv9NGSEuNnHLUwE8mdkoelXBskELSIlqn41HZYXQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFCLkYbwXPnijASToKYS2of1X7NlXMB8GA1UdIwQY
MBaAFL2h5V90ThQSvXU/0ne3dAjc34y0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmFIbFgzUk9GQks5ZFRfU2Q3ZDBDTnpmakxRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi8zY2Q0NWYtMGI3OS00M2I3LWE5ZTYt
YzBiY2VkYjM0Mjc0LzEvSXVSaHZCYy1lS01CSk9ncGhMYWhfVmZzMlZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi8zY2Q0NWYtMGI3OS00M2I3LWE5ZTYtYzBiY2VkYjM0Mjc0
LzEvdmFIbFgzUk9GQks5ZFRfU2Q3ZDBDTnpmakxRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCLYn4AwQC
LY/YAwQFXPLgAwQCuXnIAwQCwRPcMA0EAgACMAcDBQMqE8qAMA0GCSqGSIb3DQEB
CwUAA4IBAQBP9RrLL12ztpl1+krtB3J1wgJXeKBqHagkbK1YnfLo6KUkQwK7hHX7
UFywt0dy2jSStapcdVD2Uw8CM0wVnrqFYTrzY+xKvDpcG8Q+tygGS+wvKa+I38vE
gFg8TKsaU+QIQKInk1eBjLlg+P9Bi1X2tXyfC6iCGzuFvvgURzSL3nzCGYySJ75h
0RvmFKpes/5ReOItewT+5IAnwc1+OFH41LnoLGhN2DQgdXr5G0sCAIo3MWqTNEHe
A0nrUqefg2rKOdggc3Y+ZXJTTAxwWvSPpfs2pz/yKmrpJs0XqC8r3Vao62O3gcru
0CeobjmGZ9u+HLRDCEWhSE63WFhvLUtg
-----END CERTIFICATE-----
Generated at Mon Apr 21 14:59:45 2025 by rpki-client