Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/d937e0-4277-4e6a-b593-46a880425799/1/fJGwmJrZ--t1T4xTyjeN774yfXY.roa
File: fJGwmJrZ--t1T4xTyjeN774yfXY.roa (raw, json)
Hash identifier: LvoqeLSjJ5r6BC+BwWyHyYGWKuHWW8jJU0MBKVjuVaE=
Subject key identifier: 7C:91:B0:98:9A:D9:FB:EB:75:4F:8C:53:CA:37:8D:EF:BE:32:7D:76
Certificate issuer: /CN=52aaa0a6188c97aa742cc786e3b70bc909cac44c
Certificate serial: 018571DE8566F4AC8A9B1715DEC9B900C5F7
Authority key identifier: 52:AA:A0:A6:18:8C:97:AA:74:2C:C7:86:E3:B7:0B:C9:09:CA:C4:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UqqgphiMl6p0LMeG47cLyQnKxEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/d937e0-4277-4e6a-b593-46a880425799/1/fJGwmJrZ--t1T4xTyjeN774yfXY.roa
Signing time: Mon 02 Jan 2023 09:44:46 +0000
ROA not before: Mon 02 Jan 2023 09:44:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48886
IP address blocks: 45.91.68.0/22 maxlen: 22
194.69.16.0/24 maxlen: 24
194.69.16.0/20 maxlen: 20
194.69.20.0/22 maxlen: 22
194.69.18.0/24 maxlen: 24
194.69.30.0/24 maxlen: 24
194.69.31.0/24 maxlen: 24
194.69.28.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:de:85:66:f4:ac:8a:9b:17:15:de:c9:b9:00:c5:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52aaa0a6188c97aa742cc786e3b70bc909cac44c
Validity
Not Before: Jan 2 09:44:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7c91b0989ad9fbeb754f8c53ca378defbe327d76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:fb:2f:87:12:48:40:44:b9:bd:50:5b:0b:a7:
c7:99:26:b2:ac:df:f4:2b:66:89:5b:22:9d:08:90:
ba:a8:85:12:61:3a:4e:50:96:e9:ef:1b:59:29:f0:
ff:0c:65:c4:1d:d0:91:a1:c2:29:c7:6b:35:2b:b5:
40:20:0b:09:41:21:93:62:3f:b6:18:98:09:d7:de:
2d:85:90:5f:68:40:78:32:ab:cd:19:b6:d2:e3:43:
1c:50:c7:e7:22:13:c0:17:46:b7:b1:47:98:2c:45:
9f:8d:32:c1:37:7d:ec:b2:e9:f8:bb:14:7c:67:ac:
dd:21:c3:76:fc:e3:f1:53:39:3f:59:98:07:32:be:
7a:8b:4a:90:f2:80:5c:7e:64:da:61:60:26:f1:cd:
43:82:81:31:65:17:7b:b2:cc:9e:40:9f:1a:f2:74:
7c:ef:e5:2e:aa:87:f4:d4:a5:ab:92:01:15:e0:65:
d3:14:e6:0f:6f:a6:a6:37:64:3c:01:f6:19:dc:8e:
da:b6:81:22:56:d1:d2:72:a9:f2:d8:b6:7e:20:6e:
26:73:a6:c7:8c:b3:2e:9f:0c:94:b3:81:af:cc:14:
51:4f:95:a6:1f:7d:03:4d:df:ef:0a:26:49:7c:70:
23:ef:af:89:65:7d:0a:78:ee:39:94:da:1e:9f:01:
17:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:91:B0:98:9A:D9:FB:EB:75:4F:8C:53:CA:37:8D:EF:BE:32:7D:76
X509v3 Authority Key Identifier:
keyid:52:AA:A0:A6:18:8C:97:AA:74:2C:C7:86:E3:B7:0B:C9:09:CA:C4:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UqqgphiMl6p0LMeG47cLyQnKxEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/d937e0-4277-4e6a-b593-46a880425799/1/fJGwmJrZ--t1T4xTyjeN774yfXY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/d937e0-4277-4e6a-b593-46a880425799/1/UqqgphiMl6p0LMeG47cLyQnKxEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.68.0/22
194.69.16.0/20
Signature Algorithm: sha256WithRSAEncryption
09:20:34:5c:cc:a7:04:e4:31:18:9a:ca:3f:3c:be:e9:44:f7:
24:cb:f1:32:02:c0:66:cc:7e:f3:46:60:d2:4e:a9:13:84:a8:
8d:46:72:07:ed:9f:51:89:fe:e9:99:b5:e6:66:24:de:10:66:
45:4f:b3:b7:ff:d0:a3:81:43:7f:ad:79:02:85:c8:ef:5c:b9:
69:67:f0:92:1e:b2:d1:aa:83:a7:f5:40:96:4d:9f:81:b7:78:
e8:51:e2:35:90:73:e2:a8:3c:d0:4a:49:e7:93:5c:61:74:6d:
51:b6:e0:19:36:eb:c7:a1:36:9d:21:7b:e1:c8:1a:c9:9c:1f:
4c:17:52:ac:4d:af:fb:ab:89:ff:56:27:46:ee:2c:93:a9:70:
2f:10:e5:98:bd:53:e3:9f:79:0c:84:ea:fc:c9:06:97:4e:c9:
b1:d9:07:f7:13:8e:02:10:f1:9d:ff:e3:44:7d:5a:d9:96:45:
dd:6b:45:47:d9:2c:6f:ae:c9:83:81:5e:87:61:43:a2:a0:56:
e4:22:37:a7:6b:70:a8:64:c7:11:a2:11:6a:c4:36:c5:6b:41:
06:15:11:b4:3e:d3:e1:2d:fc:01:7b:f1:94:c3:5c:2e:71:4a:
f0:4b:fa:a2:a6:26:b6:f5:d1:af:73:c0:33:a1:ec:50:6b:9f:
ae:c3:8c:28
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVx3oVm9KyKmxcV3sm5AMX3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyYWFhMGE2MTg4Yzk3YWE3NDJjYzc4NmUzYjcwYmM5MDlj
YWM0NGMwHhcNMjMwMTAyMDk0NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzkxYjA5ODlhZDlmYmViNzU0ZjhjNTNjYTM3OGRlZmJlMzI3ZDc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl/svhxJIQES5vVBbC6fHmSayrN/0
K2aJWyKdCJC6qIUSYTpOUJbp7xtZKfD/DGXEHdCRocIpx2s1K7VAIAsJQSGTYj+2
GJgJ194thZBfaEB4MqvNGbbS40McUMfnIhPAF0a3sUeYLEWfjTLBN33ssun4uxR8
Z6zdIcN2/OPxUzk/WZgHMr56i0qQ8oBcfmTaYWAm8c1DgoExZRd7ssyeQJ8a8nR8
7+Uuqof01KWrkgEV4GXTFOYPb6amN2Q8AfYZ3I7atoEiVtHScqny2LZ+IG4mc6bH
jLMunwyUs4GvzBRRT5WmH30DTd/vCiZJfHAj76+JZX0KeO45lNoenwEXuQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHyRsJia2fvrdU+MU8o3je++Mn12MB8GA1UdIwQY
MBaAFFKqoKYYjJeqdCzHhuO3C8kJysRMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXFxZ3BoaU1sNnAwTE1lRzQ3Y0x5UW5LeEV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9kOTM3ZTAtNDI3Ny00ZTZhLWI1OTMt
NDZhODgwNDI1Nzk5LzEvZkpHd21KclotLXQxVDR4VHlqZU43NzR5ZlhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy9kOTM3ZTAtNDI3Ny00ZTZhLWI1OTMtNDZhODgwNDI1Nzk5
LzEvVXFxZ3BoaU1sNnAwTE1lRzQ3Y0x5UW5LeEV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLVtEAwQE
wkUQMA0GCSqGSIb3DQEBCwUAA4IBAQAJIDRczKcE5DEYmso/PL7pRPcky/EyAsBm
zH7zRmDSTqkThKiNRnIH7Z9Rif7pmbXmZiTeEGZFT7O3/9CjgUN/rXkChcjvXLlp
Z/CSHrLRqoOn9UCWTZ+Bt3joUeI1kHPiqDzQSknnk1xhdG1RtuAZNuvHoTadIXvh
yBrJnB9MF1KsTa/7q4n/VidG7iyTqXAvEOWYvVPjn3kMhOr8yQaXTsmx2Qf3E44C
EPGd/+NEfVrZlkXda0VH2SxvrsmDgV6HYUOioFbkIjena3CoZMcRohFqxDbFa0EG
FRG0PtPhLfwBe/GUw1wucUrwS/qipia29dGvc8AzoexQa5+uw4wo
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:14:11 2025 by rpki-client