Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/5da729-ba26-4fda-9011-0b04375f9b36/1/66Wt4FAKjRu0tcLnq2GmMAeVWlQ.roa
File: 66Wt4FAKjRu0tcLnq2GmMAeVWlQ.roa (raw, json)
Hash identifier: IK4ScXgHbUN/lhc7sKfe+Q3cfp7YOa1APPu50WzUJdw=
Subject key identifier: EB:A5:AD:E0:50:0A:8D:1B:B4:B5:C2:E7:AB:61:A6:30:07:95:5A:54
Certificate issuer: /CN=42cf4a128d09dfc4b8b035a12cd831f9f7b01469
Certificate serial: A0585A
Authority key identifier: 42:CF:4A:12:8D:09:DF:C4:B8:B0:35:A1:2C:D8:31:F9:F7:B0:14:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qs9KEo0J38S4sDWhLNgx-fewFGk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/5da729-ba26-4fda-9011-0b04375f9b36/1/66Wt4FAKjRu0tcLnq2GmMAeVWlQ.roa
Signing time: Sat 01 Jan 2022 00:54:50 +0000
ROA not before: Sat 01 Jan 2022 00:54:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209380
IP address blocks: 45.67.152.0/24 maxlen: 24
45.67.155.0/24 maxlen: 24
45.67.153.0/24 maxlen: 24
45.67.154.0/24 maxlen: 24
91.247.168.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10508378 (0xa0585a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42cf4a128d09dfc4b8b035a12cd831f9f7b01469
Validity
Not Before: Jan 1 00:54:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=eba5ade0500a8d1bb4b5c2e7ab61a63007955a54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:9f:dd:09:56:7c:26:5f:c9:f8:6a:7f:e1:7f:
9a:fd:e8:09:f8:d4:00:25:84:a5:2e:ba:7f:32:53:
53:b6:d7:26:4c:53:02:ac:50:4c:52:b0:78:f0:39:
a2:a8:55:26:5f:0e:7c:5f:2a:fb:e2:fe:d2:df:4f:
c6:65:67:a4:8e:65:c1:91:f4:84:ed:c4:70:ed:55:
4c:5c:c9:99:72:af:55:48:d5:b6:7d:10:3b:5f:0e:
70:a1:a7:07:63:19:03:02:98:1d:23:c4:2a:eb:fb:
6c:f5:6d:15:d8:40:f9:42:7a:6c:ca:46:86:d5:23:
ea:de:ea:06:a9:03:7e:7f:da:14:b6:81:57:42:07:
eb:56:81:f4:25:5b:5c:cd:0d:db:33:91:51:f0:26:
ae:62:08:66:f8:d2:06:78:95:30:3e:5d:d0:4c:5b:
ce:e1:27:ca:ab:2c:ea:85:18:e4:6c:d5:60:0d:dc:
ec:81:b4:31:e5:c8:03:fb:46:b2:08:c9:03:28:09:
84:b3:98:45:52:5b:39:74:f5:ed:72:fa:fc:35:98:
44:69:74:31:66:89:65:03:03:dd:4f:3c:4c:e9:17:
68:22:47:51:53:28:cd:bb:03:7a:b3:2d:19:9e:47:
bb:c5:a1:31:1e:70:92:fc:95:5a:f5:57:da:f8:5f:
bf:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:A5:AD:E0:50:0A:8D:1B:B4:B5:C2:E7:AB:61:A6:30:07:95:5A:54
X509v3 Authority Key Identifier:
keyid:42:CF:4A:12:8D:09:DF:C4:B8:B0:35:A1:2C:D8:31:F9:F7:B0:14:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qs9KEo0J38S4sDWhLNgx-fewFGk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/5da729-ba26-4fda-9011-0b04375f9b36/1/66Wt4FAKjRu0tcLnq2GmMAeVWlQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/5da729-ba26-4fda-9011-0b04375f9b36/1/Qs9KEo0J38S4sDWhLNgx-fewFGk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.152.0/22
91.247.168.0/24
Signature Algorithm: sha256WithRSAEncryption
54:21:80:49:3e:39:16:a2:f5:58:54:1b:0d:21:4c:4d:98:a8:
61:5c:af:e0:60:6b:69:0b:ae:8e:17:14:00:d7:a3:f1:e0:3a:
a5:10:11:4d:56:4b:ce:0b:2e:2b:bf:53:7d:6d:33:a3:67:17:
09:74:37:91:d5:c0:ed:1e:d4:c3:55:a7:10:c1:c2:fa:cc:bc:
6e:e4:1e:f2:8b:63:35:91:15:6e:cf:13:a1:cd:f9:16:ac:a9:
20:20:85:96:4e:01:3a:b0:9a:62:01:6d:fa:e1:05:69:13:a1:
91:ef:6b:bf:e0:77:52:12:41:f2:7b:13:4b:03:c8:9b:26:69:
00:d5:aa:6f:e1:a7:eb:7e:57:2d:18:be:0c:09:1d:bf:31:42:
e8:bf:49:0d:e9:f2:9e:d7:02:cc:5d:c2:57:2e:15:ea:bc:e6:
a4:a2:5e:9c:c0:c3:9e:ca:d2:14:5f:b3:ea:e0:93:e3:8e:bd:
7b:cb:d6:03:77:15:12:8a:87:aa:f9:1c:97:7c:3e:ed:1f:59:
3d:6f:f3:e3:e7:c6:63:ac:44:24:f8:b6:e4:c2:1b:e8:79:ee:
3e:bb:1f:f4:a0:5d:8f:48:56:d2:47:53:28:26:19:7a:c3:74:
4d:c5:87:fa:15:aa:6e:00:0e:e0:3b:cc:be:70:ed:c1:79:90:
22:16:0a:d5
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEAKBYWjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MmNmNGExMjhkMDlkZmM0YjhiMDM1YTEyY2Q4MzFmOWY3YjAxNDY5MB4XDTIyMDEw
MTAwNTQ1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWJhNWFkZTA1MDBh
OGQxYmI0YjVjMmU3YWI2MWE2MzAwNzk1NWE1NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKuf3QlWfCZfyfhqf+F/mv3oCfjUACWEpS66fzJTU7bXJkxT
AqxQTFKwePA5oqhVJl8OfF8q++L+0t9PxmVnpI5lwZH0hO3EcO1VTFzJmXKvVUjV
tn0QO18OcKGnB2MZAwKYHSPEKuv7bPVtFdhA+UJ6bMpGhtUj6t7qBqkDfn/aFLaB
V0IH61aB9CVbXM0N2zORUfAmrmIIZvjSBniVMD5d0ExbzuEnyqss6oUY5GzVYA3c
7IG0MeXIA/tGsgjJAygJhLOYRVJbOXT17XL6/DWYRGl0MWaJZQMD3U88TOkXaCJH
UVMozbsDerMtGZ5Hu8WhMR5wkvyVWvVX2vhfv8UCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTrpa3gUAqNG7S1wuerYaYwB5VaVDAfBgNVHSMEGDAWgBRCz0oSjQnfxLiw
NaEs2DH597AUaTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1FzOUtFbzBKMzhTNHNEV2hMTmd4LWZld0ZHay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDQvNWRhNzI5LWJhMjYtNGZkYS05MDExLTBiMDQzNzVmOWIzNi8x
LzY2V3Q0RkFLalJ1MHRjTG5xMkdtTUFlVldsUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDQv
NWRhNzI5LWJhMjYtNGZkYS05MDExLTBiMDQzNzVmOWIzNi8xL1FzOUtFbzBKMzhT
NHNEV2hMTmd4LWZld0ZHay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAi1DmAMEAFv3qDANBgkqhkiG9w0B
AQsFAAOCAQEAVCGAST45FqL1WFQbDSFMTZioYVyv4GBraQuujhcUANej8eA6pRAR
TVZLzgsuK79TfW0zo2cXCXQ3kdXA7R7Uw1WnEMHC+sy8buQe8otjNZEVbs8Toc35
FqypICCFlk4BOrCaYgFt+uEFaROhke9rv+B3UhJB8nsTSwPImyZpANWqb+Gn635X
LRi+DAkdvzFC6L9JDenyntcCzF3CVy4V6rzmpKJenMDDnsrSFF+z6uCT4469e8vW
A3cVEoqHqvkcl3w+7R9ZPW/z4+fGY6xEJPi25MIb6HnuPrsf9KBdj0hW0kdTKCYZ
esN0TcWH+hWqbgAO4DvMvnDtwXmQIhYK1Q==
-----END CERTIFICATE-----
Generated at Fri Apr 18 00:47:09 2025 by rpki-client