Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/c67522-71c5-4061-a18b-6933a90c53fa/1/Vau6WDCpc3oeLy-BtkP-P5kfhxo.roa
File: Vau6WDCpc3oeLy-BtkP-P5kfhxo.roa (raw, json)
Hash identifier: kPt+S93dkOoulYbmYBKRC8UVdWP9HC3hl5/A0VSUvuQ=
Subject key identifier: 55:AB:BA:58:30:A9:73:7A:1E:2F:2F:81:B6:43:FE:3F:99:1F:87:1A
Certificate issuer: /CN=72769d6e4a0fc2c98013b722eb2beb9e6e871fc6
Certificate serial: 018A22641AA7AF6C2D3BE43A6CDA668F319F
Authority key identifier: 72:76:9D:6E:4A:0F:C2:C9:80:13:B7:22:EB:2B:EB:9E:6E:87:1F:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cnadbkoPwsmAE7ci6yvrnm6HH8Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/c67522-71c5-4061-a18b-6933a90c53fa/1/Vau6WDCpc3oeLy-BtkP-P5kfhxo.roa
Signing time: Wed 23 Aug 2023 12:35:00 +0000
ROA not before: Wed 23 Aug 2023 12:35:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58317
IP address blocks: 45.85.75.0/24 maxlen: 24
45.85.74.0/24 maxlen: 24
45.85.73.0/24 maxlen: 24
45.85.72.0/22 maxlen: 24
45.85.72.0/24 maxlen: 24
2a0e:bb80::/29 maxlen: 32
2a0e:bb81::/32 maxlen: 48
2a0e:bb82::/32 maxlen: 32
2a0e:bb80::/32 maxlen: 32
2a0e:bb83::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:22:64:1a:a7:af:6c:2d:3b:e4:3a:6c:da:66:8f:31:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72769d6e4a0fc2c98013b722eb2beb9e6e871fc6
Validity
Not Before: Aug 23 12:35:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=55abba5830a9737a1e2f2f81b643fe3f991f871a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:6a:ea:f0:a9:74:74:ba:6c:d5:0c:81:1c:c0:
63:9c:4d:81:9b:64:8d:66:13:6a:62:b6:ff:37:13:
51:01:01:7a:27:fe:92:29:6c:28:86:a8:d5:91:c3:
27:53:36:62:85:9c:15:ff:19:83:69:4b:7a:31:0b:
9d:e6:75:7e:d8:57:bc:42:cf:20:1e:1e:cb:fb:64:
4e:2e:31:07:5d:28:50:49:50:5c:89:13:a8:52:6e:
42:ca:1f:10:89:bf:97:2d:4e:e3:26:7a:fd:e2:90:
bf:cb:83:79:53:4e:fe:88:c6:f0:e5:ef:0a:37:f8:
2d:12:79:11:e5:6b:25:ef:61:60:8d:91:ce:d3:de:
bf:63:fb:cc:16:25:db:17:a8:b1:a3:56:44:fd:42:
f6:b7:fe:2c:26:8b:6d:76:5d:9a:ab:d4:e4:fa:a1:
b9:db:f5:5f:90:79:c9:b9:37:98:28:1b:0d:0d:9e:
f8:88:a2:13:a8:44:1f:75:41:d0:17:89:9e:7b:2f:
de:ac:9f:a6:b1:19:50:d7:57:75:c0:0e:48:bf:12:
bb:6f:0a:df:8c:c9:f6:07:90:66:3f:77:b6:e7:2e:
9f:1f:20:4c:fd:fe:f5:56:12:85:60:34:5a:d8:ce:
3a:82:91:6d:48:2e:d2:ed:80:c0:87:73:98:d9:fa:
63:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:AB:BA:58:30:A9:73:7A:1E:2F:2F:81:B6:43:FE:3F:99:1F:87:1A
X509v3 Authority Key Identifier:
keyid:72:76:9D:6E:4A:0F:C2:C9:80:13:B7:22:EB:2B:EB:9E:6E:87:1F:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cnadbkoPwsmAE7ci6yvrnm6HH8Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/c67522-71c5-4061-a18b-6933a90c53fa/1/Vau6WDCpc3oeLy-BtkP-P5kfhxo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/c67522-71c5-4061-a18b-6933a90c53fa/1/cnadbkoPwsmAE7ci6yvrnm6HH8Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.72.0/22
IPv6:
2a0e:bb80::/29
Signature Algorithm: sha256WithRSAEncryption
20:6e:03:5d:47:3e:1a:11:86:ae:4b:9c:50:2d:41:f0:6a:81:
49:08:1a:0a:0c:e2:e9:67:92:5a:22:b9:04:aa:46:3c:32:54:
a7:32:96:80:47:4d:b2:e7:99:21:a2:17:17:10:d9:3d:63:85:
af:8a:2b:2e:62:40:51:3d:cd:a7:94:44:64:6c:ef:d4:24:fa:
e1:e9:18:a0:26:ac:40:a2:1a:fc:fc:dc:48:a5:f8:c6:02:e1:
46:ce:b7:04:15:02:88:be:18:f2:88:19:bb:47:f8:79:a7:79:
38:c4:bc:79:98:08:06:9f:e0:a6:a1:ba:b6:57:05:59:9f:b7:
02:05:26:f2:99:d6:aa:8f:8b:a9:64:4d:45:d3:c3:8f:0c:27:
8f:b3:8b:39:65:98:98:d3:d6:9e:e5:3d:8e:8b:1c:72:0d:d9:
04:d3:cf:d3:32:3f:73:1b:72:de:87:bf:1a:6c:ec:ba:cb:60:
9b:48:75:74:63:d5:f0:60:6c:56:52:52:2d:94:25:ef:73:96:
18:f5:97:40:0b:a3:b2:af:67:76:ad:eb:82:01:5e:f7:35:d6:
78:00:66:e7:d6:04:32:55:7a:31:35:31:94:d6:40:53:99:bd:
bf:b3:78:f3:3d:d2:d5:01:d1:c6:50:d4:2d:ea:68:50:ae:7a:
fd:65:1a:cd
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYoiZBqnr2wtO+Q6bNpmjzGfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyNzY5ZDZlNGEwZmMyYzk4MDEzYjcyMmViMmJlYjllNmU4
NzFmYzYwHhcNMjMwODIzMTIzNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NWFiYmE1ODMwYTk3MzdhMWUyZjJmODFiNjQzZmUzZjk5MWY4NzFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsmrq8Kl0dLps1QyBHMBjnE2Bm2SN
ZhNqYrb/NxNRAQF6J/6SKWwohqjVkcMnUzZihZwV/xmDaUt6MQud5nV+2Fe8Qs8g
Hh7L+2ROLjEHXShQSVBciROoUm5Cyh8Qib+XLU7jJnr94pC/y4N5U07+iMbw5e8K
N/gtEnkR5Wsl72FgjZHO096/Y/vMFiXbF6ixo1ZE/UL2t/4sJottdl2aq9Tk+qG5
2/VfkHnJuTeYKBsNDZ74iKITqEQfdUHQF4meey/erJ+msRlQ11d1wA5IvxK7bwrf
jMn2B5BmP3e25y6fHyBM/f71VhKFYDRa2M46gpFtSC7S7YDAh3OY2fpjCQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFWrulgwqXN6Hi8vgbZD/j+ZH4caMB8GA1UdIwQY
MBaAFHJ2nW5KD8LJgBO3Iusr655uhx/GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY25hZGJrb1B3c21BRTdjaTZ5dnJubTZISDhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9jNjc1MjItNzFjNS00MDYxLWExOGIt
NjkzM2E5MGM1M2ZhLzEvVmF1NldEQ3BjM29lTHktQnRrUC1QNWtmaHhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS9jNjc1MjItNzFjNS00MDYxLWExOGItNjkzM2E5MGM1M2Zh
LzEvY25hZGJrb1B3c21BRTdjaTZ5dnJubTZISDhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLVVIMA0E
AgACMAcDBQMqDruAMA0GCSqGSIb3DQEBCwUAA4IBAQAgbgNdRz4aEYauS5xQLUHw
aoFJCBoKDOLpZ5JaIrkEqkY8MlSnMpaAR02y55khohcXENk9Y4WviisuYkBRPc2n
lERkbO/UJPrh6RigJqxAohr8/NxIpfjGAuFGzrcEFQKIvhjyiBm7R/h5p3k4xLx5
mAgGn+Cmobq2VwVZn7cCBSbymdaqj4upZE1F08OPDCePs4s5ZZiY09ae5T2Oixxy
DdkE08/TMj9zG3Leh78abOy6y2CbSHV0Y9XwYGxWUlItlCXvc5YY9ZdAC6Oyr2d2
reuCAV73NdZ4AGbn1gQyVXoxNTGU1kBTmb2/s3jzPdLVAdHGUNQt6mhQrnr9ZRrN
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:17:37 2025 by rpki-client