Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/41fe89-08d6-44f8-b754-e08505c91066/1/6yzdWprLxW9UFeasorTcjvcNlGw.roa
File: 6yzdWprLxW9UFeasorTcjvcNlGw.roa (raw, json)
Hash identifier: R0g8P9zgf3YcrinJOcCt+BUGJNUr6H1BZbhIFTBnQ3k=
Subject key identifier: EB:2C:DD:5A:9A:CB:C5:6F:54:15:E6:AC:A2:B4:DC:8E:F7:0D:94:6C
Certificate issuer: /CN=8a72b60f5fb4930016ceb860cc174a53135f1616
Certificate serial: 01857014F9261A3152264AAD9BBC212934DF
Authority key identifier: 8A:72:B6:0F:5F:B4:93:00:16:CE:B8:60:CC:17:4A:53:13:5F:16:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/inK2D1-0kwAWzrhgzBdKUxNfFhY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/41fe89-08d6-44f8-b754-e08505c91066/1/6yzdWprLxW9UFeasorTcjvcNlGw.roa
Signing time: Mon 02 Jan 2023 01:25:00 +0000
ROA not before: Mon 02 Jan 2023 01:25:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 45009
IP address blocks: 45.150.43.0/24 maxlen: 24
45.150.40.0/24 maxlen: 24
45.150.41.0/24 maxlen: 24
45.150.40.0/22 maxlen: 22
45.150.42.0/24 maxlen: 24
2a0f:9201::/48 maxlen: 48
2a0f:9207::/32 maxlen: 32
2a0f:9200::/29 maxlen: 29
2a0f:9207::/48 maxlen: 48
2a0f:9200::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:14:f9:26:1a:31:52:26:4a:ad:9b:bc:21:29:34:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a72b60f5fb4930016ceb860cc174a53135f1616
Validity
Not Before: Jan 2 01:25:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=eb2cdd5a9acbc56f5415e6aca2b4dc8ef70d946c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:13:93:46:c1:26:96:d7:97:db:4c:89:d8:8b:
72:36:72:9a:ad:23:10:df:a3:91:21:a0:9b:84:79:
24:70:e1:00:68:41:d9:31:1c:a3:1e:93:36:92:83:
c0:1c:b1:55:ff:18:fc:7f:65:d7:5d:d9:e8:8a:5f:
34:24:9d:d5:6d:c0:5e:27:9d:c8:63:6c:98:50:7e:
ec:03:64:d3:b7:64:97:b5:70:27:55:a2:96:82:fc:
22:36:44:89:88:d4:3a:fc:f6:be:b9:1f:54:57:db:
48:74:87:47:4a:45:19:af:b0:fb:af:63:b1:a3:57:
cc:ee:80:bc:64:5e:79:9c:a2:cd:40:7b:69:ef:ec:
77:22:65:4e:07:21:0f:ee:7e:60:e2:40:d1:5b:84:
09:58:1e:8f:06:68:89:c1:de:ec:8b:40:79:cd:a0:
67:6e:d2:64:04:96:40:a0:79:5e:1c:d2:63:9d:98:
7c:12:67:41:4b:2a:85:e5:3e:63:7e:68:b3:97:15:
86:2f:6a:df:ef:12:6a:8e:32:2f:2e:eb:a2:eb:d4:
27:f2:82:aa:43:80:1b:6d:c8:d2:c7:f2:49:03:4b:
50:af:35:49:ba:b3:8b:06:30:c9:ca:f6:51:90:c4:
33:88:4a:4c:74:4e:ec:a8:96:e6:2e:41:d6:a5:ea:
57:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:2C:DD:5A:9A:CB:C5:6F:54:15:E6:AC:A2:B4:DC:8E:F7:0D:94:6C
X509v3 Authority Key Identifier:
keyid:8A:72:B6:0F:5F:B4:93:00:16:CE:B8:60:CC:17:4A:53:13:5F:16:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/inK2D1-0kwAWzrhgzBdKUxNfFhY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/41fe89-08d6-44f8-b754-e08505c91066/1/6yzdWprLxW9UFeasorTcjvcNlGw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/41fe89-08d6-44f8-b754-e08505c91066/1/inK2D1-0kwAWzrhgzBdKUxNfFhY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.150.40.0/22
IPv6:
2a0f:9200::/29
Signature Algorithm: sha256WithRSAEncryption
a5:38:c4:9c:ad:e8:65:cb:51:2a:a5:fe:dd:b4:9a:15:21:54:
32:24:3b:57:8d:7a:fb:f7:ce:91:d3:53:a6:f6:b2:e6:fd:e1:
ea:28:23:5f:93:48:f8:a3:a6:5d:93:78:c9:34:fa:b0:d4:6b:
8d:5a:ee:ff:42:b7:b3:3d:4a:a3:7a:7d:7f:fd:cf:d0:be:3e:
f5:c4:6a:3d:0a:04:de:e4:cf:a1:59:c3:14:f2:89:2c:6d:c6:
2e:37:81:6e:59:96:b2:90:ef:34:c9:08:33:9a:df:a8:30:b1:
11:f7:5a:ad:4c:15:10:d3:40:10:90:92:4b:cf:72:a4:15:27:
7f:b8:94:ec:2e:6d:ec:96:15:5b:6e:10:14:04:80:1c:6d:b1:
71:4a:cb:40:80:52:f7:78:d6:95:51:bd:e5:6f:93:60:09:cc:
88:fa:dd:cb:01:49:00:54:60:81:ed:6e:8c:b6:24:12:23:1b:
b9:4b:2b:83:47:17:f4:81:bf:3a:da:cd:60:a1:b9:dc:86:4f:
be:89:38:27:c2:21:19:1c:b1:21:15:8e:2d:b9:23:45:ad:bd:
73:de:eb:84:b0:32:b4:fc:6d:85:ca:36:f6:7e:43:75:cb:f5:
62:c1:86:b0:74:c2:7d:65:ff:e1:82:57:df:0e:25:c9:7d:d7:
a8:5a:56:16
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVwFPkmGjFSJkqtm7whKTTfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhNzJiNjBmNWZiNDkzMDAxNmNlYjg2MGNjMTc0YTUzMTM1
ZjE2MTYwHhcNMjMwMTAyMDEyNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjJjZGQ1YTlhY2JjNTZmNTQxNWU2YWNhMmI0ZGM4ZWY3MGQ5NDZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0BOTRsEmlteX20yJ2ItyNnKarSMQ
36ORIaCbhHkkcOEAaEHZMRyjHpM2koPAHLFV/xj8f2XXXdnoil80JJ3VbcBeJ53I
Y2yYUH7sA2TTt2SXtXAnVaKWgvwiNkSJiNQ6/Pa+uR9UV9tIdIdHSkUZr7D7r2Ox
o1fM7oC8ZF55nKLNQHtp7+x3ImVOByEP7n5g4kDRW4QJWB6PBmiJwd7si0B5zaBn
btJkBJZAoHleHNJjnZh8EmdBSyqF5T5jfmizlxWGL2rf7xJqjjIvLuui69Qn8oKq
Q4AbbcjSx/JJA0tQrzVJurOLBjDJyvZRkMQziEpMdE7sqJbmLkHWpepXdwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOss3Vqay8VvVBXmrKK03I73DZRsMB8GA1UdIwQY
MBaAFIpytg9ftJMAFs64YMwXSlMTXxYWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaW5LMkQxLTBrd0FXenJoZ3pCZEtVeE5mRmhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi80MWZlODktMDhkNi00NGY4LWI3NTQt
ZTA4NTA1YzkxMDY2LzEvNnl6ZFdwckx4VzlVRmVhc29yVGNqdmNObEd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi80MWZlODktMDhkNi00NGY4LWI3NTQtZTA4NTA1YzkxMDY2
LzEvaW5LMkQxLTBrd0FXenJoZ3pCZEtVeE5mRmhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLZYoMA0E
AgACMAcDBQMqD5IAMA0GCSqGSIb3DQEBCwUAA4IBAQClOMScrehly1Eqpf7dtJoV
IVQyJDtXjXr7986R01Om9rLm/eHqKCNfk0j4o6Zdk3jJNPqw1GuNWu7/QrezPUqj
en1//c/Qvj71xGo9CgTe5M+hWcMU8oksbcYuN4FuWZaykO80yQgzmt+oMLER91qt
TBUQ00AQkJJLz3KkFSd/uJTsLm3slhVbbhAUBIAcbbFxSstAgFL3eNaVUb3lb5Ng
CcyI+t3LAUkAVGCB7W6MtiQSIxu5SyuDRxf0gb862s1gobnchk++iTgnwiEZHLEh
FY4tuSNFrb1z3uuEsDK0/G2Fyjb2fkN1y/ViwYawdMJ9Zf/hglffDiXJfdeoWlYW
-----END CERTIFICATE-----
Generated at Wed Apr 23 02:20:56 2025 by rpki-client