Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/c67522-71c5-4061-a18b-6933a90c53fa/1/IR4FkYjo2jSsXgjEp8KN0axeco8.roa
File: IR4FkYjo2jSsXgjEp8KN0axeco8.roa (raw, json)
Hash identifier: ZTQr2W4eU0sVz5DWcmbLdwkykHqB1r/YHsOWefH63FE=
Subject key identifier: 21:1E:05:91:88:E8:DA:34:AC:5E:08:C4:A7:C2:8D:D1:AC:5E:72:8F
Certificate issuer: /CN=72769d6e4a0fc2c98013b722eb2beb9e6e871fc6
Certificate serial: 01856CF844B5F7FD91BD601D0DC03E279F82
Authority key identifier: 72:76:9D:6E:4A:0F:C2:C9:80:13:B7:22:EB:2B:EB:9E:6E:87:1F:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cnadbkoPwsmAE7ci6yvrnm6HH8Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/c67522-71c5-4061-a18b-6933a90c53fa/1/IR4FkYjo2jSsXgjEp8KN0axeco8.roa
Signing time: Sun 01 Jan 2023 10:54:47 +0000
ROA not before: Sun 01 Jan 2023 10:54:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58317
IP address blocks: 45.85.75.0/24 maxlen: 24
45.85.74.0/24 maxlen: 24
45.85.73.0/24 maxlen: 24
45.85.72.0/24 maxlen: 24
45.85.72.0/22 maxlen: 24
2a0e:bb80::/29 maxlen: 32
2a0e:bb81::/32 maxlen: 32
2a0e:bb82::/32 maxlen: 32
2a0e:bb80::/32 maxlen: 32
2a0e:bb83::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:f8:44:b5:f7:fd:91:bd:60:1d:0d:c0:3e:27:9f:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72769d6e4a0fc2c98013b722eb2beb9e6e871fc6
Validity
Not Before: Jan 1 10:54:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=211e059188e8da34ac5e08c4a7c28dd1ac5e728f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:b7:b6:1a:7e:b6:70:04:95:2b:a9:30:a7:a5:
a1:7c:28:3d:85:0f:79:90:40:f0:03:35:ef:2b:59:
54:5b:80:64:38:dc:ea:82:ac:49:98:6b:bd:53:6c:
45:aa:d3:1d:9d:ee:42:5a:24:38:af:31:72:54:4c:
8d:cd:0c:78:90:c0:99:a0:7b:6e:1f:96:e0:9f:99:
c2:9c:e3:48:6e:66:45:41:57:08:41:67:d8:43:3b:
69:4e:80:01:cb:68:54:c3:82:d1:a2:16:d5:b0:ae:
d7:6b:7e:89:41:a2:86:b0:82:b8:d0:d9:94:f3:ef:
e7:71:bc:51:6b:d4:b8:af:50:76:21:cd:e5:a5:de:
c4:59:be:23:52:a5:53:14:24:c3:e9:88:dd:2c:7e:
16:71:2c:54:5e:ec:8c:d5:8b:cc:94:38:58:b6:34:
a5:86:f5:41:ff:7f:1e:e8:cd:7c:75:73:e1:69:e2:
95:03:fa:ee:81:c1:51:f9:96:2d:da:8c:4a:bf:01:
f0:dd:35:b9:26:a5:3c:c5:0b:1b:24:14:8d:f2:57:
86:3b:99:8c:28:b4:69:77:11:6a:93:a0:74:84:95:
90:e8:79:7b:e5:fa:a1:83:2a:0f:d0:40:c7:b4:95:
10:f9:42:ab:45:2b:3a:8c:22:9d:17:66:9f:2c:ef:
cb:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:1E:05:91:88:E8:DA:34:AC:5E:08:C4:A7:C2:8D:D1:AC:5E:72:8F
X509v3 Authority Key Identifier:
keyid:72:76:9D:6E:4A:0F:C2:C9:80:13:B7:22:EB:2B:EB:9E:6E:87:1F:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cnadbkoPwsmAE7ci6yvrnm6HH8Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/c67522-71c5-4061-a18b-6933a90c53fa/1/IR4FkYjo2jSsXgjEp8KN0axeco8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/c67522-71c5-4061-a18b-6933a90c53fa/1/cnadbkoPwsmAE7ci6yvrnm6HH8Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.72.0/22
IPv6:
2a0e:bb80::/29
Signature Algorithm: sha256WithRSAEncryption
6f:32:75:6d:61:7c:08:e7:8d:80:43:a3:5f:dc:cf:7e:94:5b:
b4:65:6f:28:5a:11:40:bc:53:ca:5d:06:69:20:1f:d7:d6:6f:
65:aa:08:81:f6:66:c5:49:c2:03:9c:33:14:30:a6:2c:ef:74:
8e:21:46:79:f2:23:b0:b1:14:67:bd:b1:53:16:9f:ce:11:23:
f7:54:5a:b1:33:69:42:fd:43:4c:fa:84:2d:ab:a4:fa:71:a7:
ac:80:3f:ba:5e:7c:d0:ce:68:3e:2f:9f:de:ca:98:88:7c:68:
ee:31:82:fe:1a:6d:75:a4:b8:7b:36:d5:1f:76:c2:19:94:42:
b3:1c:80:f7:21:c6:63:08:75:6a:9e:78:88:5e:0f:f9:d6:01:
89:2a:00:1e:82:fa:44:2b:8a:44:92:40:69:2e:3a:71:f0:8e:
e0:d3:be:b9:b8:3d:bb:92:4b:f8:38:e0:3b:6b:be:41:1f:56:
44:54:f2:5b:46:a1:8a:ef:4e:87:bb:1d:19:76:00:b2:49:21:
98:cf:63:b7:4d:62:5d:d9:bb:5c:07:82:3c:f7:7a:db:fa:c8:
04:7a:d4:a8:48:ea:76:a8:f0:98:46:b1:12:d4:8b:a4:a3:04:
93:fa:bc:32:11:39:d7:dd:8d:ca:a1:5f:5e:fe:ce:8e:6b:6a:
18:e8:29:54
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVs+ES19/2RvWAdDcA+J5+CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyNzY5ZDZlNGEwZmMyYzk4MDEzYjcyMmViMmJlYjllNmU4
NzFmYzYwHhcNMjMwMTAxMTA1NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTFlMDU5MTg4ZThkYTM0YWM1ZTA4YzRhN2MyOGRkMWFjNWU3MjhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh7e2Gn62cASVK6kwp6WhfCg9hQ95
kEDwAzXvK1lUW4BkONzqgqxJmGu9U2xFqtMdne5CWiQ4rzFyVEyNzQx4kMCZoHtu
H5bgn5nCnONIbmZFQVcIQWfYQztpToABy2hUw4LRohbVsK7Xa36JQaKGsIK40NmU
8+/ncbxRa9S4r1B2Ic3lpd7EWb4jUqVTFCTD6YjdLH4WcSxUXuyM1YvMlDhYtjSl
hvVB/38e6M18dXPhaeKVA/rugcFR+ZYt2oxKvwHw3TW5JqU8xQsbJBSN8leGO5mM
KLRpdxFqk6B0hJWQ6Hl75fqhgyoP0EDHtJUQ+UKrRSs6jCKdF2afLO/LewIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCEeBZGI6No0rF4IxKfCjdGsXnKPMB8GA1UdIwQY
MBaAFHJ2nW5KD8LJgBO3Iusr655uhx/GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY25hZGJrb1B3c21BRTdjaTZ5dnJubTZISDhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9jNjc1MjItNzFjNS00MDYxLWExOGIt
NjkzM2E5MGM1M2ZhLzEvSVI0RmtZam8yalNzWGdqRXA4S04wYXhlY284LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS9jNjc1MjItNzFjNS00MDYxLWExOGItNjkzM2E5MGM1M2Zh
LzEvY25hZGJrb1B3c21BRTdjaTZ5dnJubTZISDhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLVVIMA0E
AgACMAcDBQMqDruAMA0GCSqGSIb3DQEBCwUAA4IBAQBvMnVtYXwI542AQ6Nf3M9+
lFu0ZW8oWhFAvFPKXQZpIB/X1m9lqgiB9mbFScIDnDMUMKYs73SOIUZ58iOwsRRn
vbFTFp/OESP3VFqxM2lC/UNM+oQtq6T6caesgD+6XnzQzmg+L5/eypiIfGjuMYL+
Gm11pLh7NtUfdsIZlEKzHID3IcZjCHVqnniIXg/51gGJKgAegvpEK4pEkkBpLjpx
8I7g0765uD27kkv4OOA7a75BH1ZEVPJbRqGK706Hux0ZdgCySSGYz2O3TWJd2btc
B4I893rb+sgEetSoSOp2qPCYRrES1IukowST+rwyETnX3Y3KoV9e/s6Oa2oY6ClU
-----END CERTIFICATE-----
Generated at Tue Apr 22 05:43:10 2025 by rpki-client