Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/003f70-0a88-4fab-b374-af6be905799d/1/gS0lrZiGsmufYdmgV8GKTH-Ld_M.roa
File: gS0lrZiGsmufYdmgV8GKTH-Ld_M.roa (raw, json)
Hash identifier: oL9A9rjQjyucY4VLfL2gAVdjBb+/qqkjXAsDcXLRb3k=
Subject key identifier: 81:2D:25:AD:98:86:B2:6B:9F:61:D9:A0:57:C1:8A:4C:7F:8B:77:F3
Certificate issuer: /CN=62c5fce77dde4e2ee4fd6535100529c2f444d79a
Certificate serial: 0755DABB
Authority key identifier: 62:C5:FC:E7:7D:DE:4E:2E:E4:FD:65:35:10:05:29:C2:F4:44:D7:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YsX8533eTi7k_WU1EAUpwvRE15o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/003f70-0a88-4fab-b374-af6be905799d/1/gS0lrZiGsmufYdmgV8GKTH-Ld_M.roa
Signing time: Sat 01 Jan 2022 09:59:56 +0000
ROA not before: Sat 01 Jan 2022 09:59:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 0
IP address blocks: 45.158.64.0/24 maxlen: 24
45.158.64.0/22 maxlen: 22
45.158.67.0/24 maxlen: 24
45.158.66.0/24 maxlen: 24
45.158.65.0/24 maxlen: 24
193.104.15.0/24 maxlen: 24
95.214.130.0/24 maxlen: 24
95.214.129.0/24 maxlen: 24
95.214.128.0/22 maxlen: 22
95.214.128.0/24 maxlen: 24
95.214.131.0/24 maxlen: 24
2a09:e180::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 123067067 (0x755dabb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62c5fce77dde4e2ee4fd6535100529c2f444d79a
Validity
Not Before: Jan 1 09:59:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=812d25ad9886b26b9f61d9a057c18a4c7f8b77f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:10:1d:b6:30:5a:c7:f3:25:83:d2:0b:f2:17:
b4:cb:9d:cd:8c:40:6a:18:f5:09:48:3e:b2:0e:de:
83:b7:da:9d:95:68:ee:ce:f1:f4:11:b8:6b:69:6c:
55:83:48:db:ae:c7:2f:24:05:e5:99:ad:c9:ba:49:
1f:19:99:fd:9c:fb:5d:66:e7:bb:d6:36:36:5e:97:
bc:a1:02:d6:48:c3:e7:c7:0a:ed:6a:16:d0:1a:fc:
76:9e:09:82:59:cd:6f:ca:f5:ac:9f:aa:3d:ad:82:
12:a5:c0:99:4a:81:75:ce:24:2c:02:c9:67:c6:66:
ab:aa:4a:c0:f6:c7:68:1d:bd:44:61:9f:7d:3d:5e:
46:47:ee:2c:c2:0b:b6:c8:c0:f8:9a:6e:26:ff:7f:
6d:30:84:84:20:26:f2:c8:22:ab:21:93:36:d6:7c:
fd:43:07:7d:d5:c0:95:89:e1:27:d4:1c:5b:0d:a0:
05:b7:53:02:65:fc:78:f7:e7:bb:74:8a:83:d2:7b:
89:25:1f:d9:64:a0:d1:30:13:1c:f0:c4:18:f7:74:
1c:00:8e:9d:20:4b:f5:db:1f:cf:bd:c8:b7:ec:f2:
63:4f:9a:01:b3:86:63:d8:92:59:49:1e:5c:d9:1d:
70:76:95:68:e9:df:bb:79:b1:92:9d:ee:72:3c:90:
e0:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:2D:25:AD:98:86:B2:6B:9F:61:D9:A0:57:C1:8A:4C:7F:8B:77:F3
X509v3 Authority Key Identifier:
keyid:62:C5:FC:E7:7D:DE:4E:2E:E4:FD:65:35:10:05:29:C2:F4:44:D7:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YsX8533eTi7k_WU1EAUpwvRE15o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/003f70-0a88-4fab-b374-af6be905799d/1/gS0lrZiGsmufYdmgV8GKTH-Ld_M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/003f70-0a88-4fab-b374-af6be905799d/1/YsX8533eTi7k_WU1EAUpwvRE15o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.158.64.0/22
95.214.128.0/22
193.104.15.0/24
IPv6:
2a09:e180::/29
Signature Algorithm: sha256WithRSAEncryption
18:84:e4:75:fb:93:3b:9a:1e:9c:d0:a7:bf:f4:ed:e2:89:b2:
4f:e0:25:47:46:bb:f2:4d:79:5b:9c:66:51:8b:0f:17:41:f8:
63:68:fe:0c:d3:03:43:5f:6f:7c:df:cb:91:b8:09:c7:04:f2:
f9:3a:99:f4:4f:cb:e5:88:9d:51:6a:62:dd:74:16:23:31:87:
3a:db:92:de:66:f0:b0:0a:14:fd:e9:9e:fb:96:cd:83:65:6f:
b4:37:da:e7:66:c8:d7:f5:e2:eb:09:8b:ae:3f:0b:9b:fc:7f:
0b:f6:eb:ab:4e:48:a2:48:1d:d7:b9:8f:83:1a:98:ab:23:35:
1d:d3:68:57:ee:3a:cb:51:68:ee:ae:18:b2:c0:1d:19:b2:3f:
40:d4:77:bf:24:19:5c:4f:2a:4e:da:0d:51:e3:54:5a:fb:51:
44:d5:9f:b4:5e:18:94:aa:b1:61:75:ec:b0:7e:25:db:d3:e9:
4d:f7:06:17:34:56:c8:53:e4:d7:1b:8d:91:60:d1:bd:02:04:
ee:2e:a5:9d:05:74:ea:d9:48:b1:cd:04:18:13:4f:f4:85:dd:
0c:20:79:66:92:15:f0:f9:2a:24:e1:ab:4c:f7:6e:f2:8b:67:
a0:f2:a6:60:6f:82:9b:dd:b9:ba:60:e1:e4:30:84:24:b0:d8:
68:83:c6:4a
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEB1XauzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
MmM1ZmNlNzdkZGU0ZTJlZTRmZDY1MzUxMDA1MjljMmY0NDRkNzlhMB4XDTIyMDEw
MTA5NTk1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODEyZDI1YWQ5ODg2
YjI2YjlmNjFkOWEwNTdjMThhNGM3ZjhiNzdmMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANUQHbYwWsfzJYPSC/IXtMudzYxAahj1CUg+sg7eg7fanZVo
7s7x9BG4a2lsVYNI267HLyQF5ZmtybpJHxmZ/Zz7XWbnu9Y2Nl6XvKEC1kjD58cK
7WoW0Br8dp4JglnNb8r1rJ+qPa2CEqXAmUqBdc4kLALJZ8Zmq6pKwPbHaB29RGGf
fT1eRkfuLMILtsjA+JpuJv9/bTCEhCAm8sgiqyGTNtZ8/UMHfdXAlYnhJ9QcWw2g
BbdTAmX8ePfnu3SKg9J7iSUf2WSg0TATHPDEGPd0HACOnSBL9dsfz73It+zyY0+a
AbOGY9iSWUkeXNkdcHaVaOnfu3mxkp3ucjyQ4EkCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBSBLSWtmIaya59h2aBXwYpMf4t38zAfBgNVHSMEGDAWgBRixfznfd5OLuT9
ZTUQBSnC9ETXmjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1lzWDg1MzNlVGk3a19XVTFFQVVwd3ZSRTE1by5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDAvMDAzZjcwLTBhODgtNGZhYi1iMzc0LWFmNmJlOTA1Nzk5ZC8x
L2dTMGxyWmlHc211ZllkbWdWOEdLVEgtTGRfTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDAv
MDAzZjcwLTBhODgtNGZhYi1iMzc0LWFmNmJlOTA1Nzk5ZC8xL1lzWDg1MzNlVGk3
a19XVTFFQVVwd3ZSRTE1by5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEAi2eQAMEAl/WgAMEAMFoDzANBAIA
AjAHAwUDKgnhgDANBgkqhkiG9w0BAQsFAAOCAQEAGITkdfuTO5oenNCnv/Tt4omy
T+AlR0a78k15W5xmUYsPF0H4Y2j+DNMDQ19vfN/LkbgJxwTy+TqZ9E/L5YidUWpi
3XQWIzGHOtuS3mbwsAoU/eme+5bNg2VvtDfa52bI1/Xi6wmLrj8Lm/x/C/brq05I
okgd17mPgxqYqyM1HdNoV+46y1Fo7q4YssAdGbI/QNR3vyQZXE8qTtoNUeNUWvtR
RNWftF4YlKqxYXXssH4l29PpTfcGFzRWyFPk1xuNkWDRvQIE7i6lnQV06tlIsc0E
GBNP9IXdDCB5ZpIV8PkqJOGrTPdu8otnoPKmYG+Cm925umDh5DCEJLDYaIPGSg==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:16:09 2025 by rpki-client