Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/2c57e5-402b-4896-929f-54341cd13a9d/1/a0YVaal0L0wf-OO0WIjAsqt0ytU.roa
File: a0YVaal0L0wf-OO0WIjAsqt0ytU.roa (raw, json)
Hash identifier: SwCV2zDplkdE8XPGluZheuLrqlv5oKm6wWAg5Qs8uJM=
Subject key identifier: 6B:46:15:69:A9:74:2F:4C:1F:F8:E3:B4:58:88:C0:B2:AB:74:CA:D5
Certificate issuer: /CN=edee25a78a816bde362c40c86e39b947d0ee2ff3
Certificate serial: 03E9518A
Authority key identifier: ED:EE:25:A7:8A:81:6B:DE:36:2C:40:C8:6E:39:B9:47:D0:EE:2F:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7e4lp4qBa942LEDIbjm5R9DuL_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/2c57e5-402b-4896-929f-54341cd13a9d/1/a0YVaal0L0wf-OO0WIjAsqt0ytU.roa
Signing time: Sat 01 Jan 2022 14:56:43 +0000
ROA not before: Sat 01 Jan 2022 14:56:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207867
IP address blocks: 45.159.104.0/23 maxlen: 23
45.159.104.0/24 maxlen: 24
45.159.104.0/22 maxlen: 24
45.159.105.0/24 maxlen: 24
45.159.107.0/24 maxlen: 24
188.68.191.0/24 maxlen: 24
188.68.188.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65622410 (0x3e9518a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=edee25a78a816bde362c40c86e39b947d0ee2ff3
Validity
Not Before: Jan 1 14:56:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6b461569a9742f4c1ff8e3b45888c0b2ab74cad5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:fc:96:21:d0:c9:0e:38:f4:e0:3d:65:81:5b:
60:c2:67:13:39:aa:ed:7e:d5:74:9d:a5:14:f7:1f:
97:31:fe:04:02:cb:41:4e:a3:51:56:09:74:5f:34:
da:6d:8b:a7:89:3f:51:81:d2:a3:05:b7:a5:73:ef:
92:d5:d3:04:07:5d:81:dd:58:d9:27:5c:37:aa:a0:
21:c4:b6:b8:21:6a:99:67:cb:de:d6:7c:c9:0b:0e:
f2:85:af:fa:64:09:aa:10:ee:54:cc:06:76:88:9c:
d8:50:46:04:4e:9e:c1:af:25:f9:6e:55:30:a1:7b:
6b:e4:38:a7:7b:25:99:4d:bb:1a:85:47:b4:6d:24:
34:e0:69:6d:d9:07:d4:aa:33:b1:1c:9b:be:51:2b:
1a:3e:66:2c:13:fa:c9:11:54:f8:59:a6:8d:2b:36:
8f:0e:6b:ac:d9:06:4c:c9:a6:3d:a7:59:2b:d0:19:
25:88:1e:82:2f:be:43:54:79:62:3d:9b:40:f3:9c:
9f:0a:d1:72:8e:3d:95:97:d4:ec:81:f3:7e:8d:b4:
f3:26:db:c2:af:fe:ed:d0:b5:a1:26:e2:a7:f4:a2:
24:a0:95:6a:ab:1d:bd:e6:d5:50:f5:db:01:3c:e2:
4f:80:5e:a7:02:3e:24:ae:c3:bd:f8:52:07:af:6e:
f9:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:46:15:69:A9:74:2F:4C:1F:F8:E3:B4:58:88:C0:B2:AB:74:CA:D5
X509v3 Authority Key Identifier:
keyid:ED:EE:25:A7:8A:81:6B:DE:36:2C:40:C8:6E:39:B9:47:D0:EE:2F:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e4lp4qBa942LEDIbjm5R9DuL_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/2c57e5-402b-4896-929f-54341cd13a9d/1/a0YVaal0L0wf-OO0WIjAsqt0ytU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/2c57e5-402b-4896-929f-54341cd13a9d/1/7e4lp4qBa942LEDIbjm5R9DuL_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.104.0/22
188.68.188.0/24
188.68.191.0/24
Signature Algorithm: sha256WithRSAEncryption
af:91:12:09:4a:c2:c2:4e:29:69:30:a7:f7:5b:4d:b1:46:cb:
5c:ca:60:ed:0c:78:26:b3:b5:be:5c:b9:a9:73:e2:59:18:6a:
6b:53:9a:ef:5b:a4:94:08:02:37:20:f0:d9:42:49:2a:cc:1b:
73:2c:90:c2:96:72:24:9a:84:9b:3e:f3:90:0d:ba:50:a7:4a:
04:9b:f5:f2:2c:2a:4f:96:70:db:bb:be:55:4f:19:e0:ea:50:
d8:a2:f2:6c:34:0b:39:dc:a9:78:6e:8d:2e:73:5d:c3:21:89:
10:7f:11:c2:a8:4b:b4:8e:c6:57:12:5b:7f:1b:2c:b3:c6:a3:
1a:b6:33:34:64:65:92:c9:7f:42:15:ee:5e:ec:89:ce:3a:4d:
fb:58:8c:78:6f:62:ab:18:95:71:4d:cd:36:7e:50:a5:64:fa:
a8:82:17:36:c9:5e:a8:55:d7:0b:29:ca:ce:9e:50:0f:79:7d:
ea:42:40:8e:34:54:12:27:de:89:30:05:83:ce:7a:a0:43:ea:
11:af:57:db:91:e5:84:ed:fe:1d:41:5b:7f:6f:d6:de:1a:ad:
ee:c1:cd:df:a0:e7:fe:0f:a8:7d:47:a5:d0:9c:f3:e4:7b:c1:
75:06:57:8b:4f:96:1e:99:1c:0a:e0:67:39:8d:1c:c3:78:08:
61:e7:61:08
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEA+lRijANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
ZGVlMjVhNzhhODE2YmRlMzYyYzQwYzg2ZTM5Yjk0N2QwZWUyZmYzMB4XDTIyMDEw
MTE0NTY0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmI0NjE1NjlhOTc0
MmY0YzFmZjhlM2I0NTg4OGMwYjJhYjc0Y2FkNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANb8liHQyQ449OA9ZYFbYMJnEzmq7X7VdJ2lFPcflzH+BALL
QU6jUVYJdF802m2Lp4k/UYHSowW3pXPvktXTBAddgd1Y2SdcN6qgIcS2uCFqmWfL
3tZ8yQsO8oWv+mQJqhDuVMwGdoic2FBGBE6ewa8l+W5VMKF7a+Q4p3slmU27GoVH
tG0kNOBpbdkH1KozsRybvlErGj5mLBP6yRFU+FmmjSs2jw5rrNkGTMmmPadZK9AZ
JYgegi++Q1R5Yj2bQPOcnwrRco49lZfU7IHzfo208ybbwq/+7dC1oSbip/SiJKCV
aqsdvebVUPXbATziT4BepwI+JK7DvfhSB69u+T8CAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBRrRhVpqXQvTB/447RYiMCyq3TK1TAfBgNVHSMEGDAWgBTt7iWnioFr3jYs
QMhuOblH0O4v8zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzdlNGxwNHFCYTk0MkxFREliam01UjlEdUxfTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGYvMmM1N2U1LTQwMmItNDg5Ni05MjlmLTU0MzQxY2QxM2E5ZC8x
L2EwWVZhYWwwTDB3Zi1PTzBXSWpBc3F0MHl0VS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGYv
MmM1N2U1LTQwMmItNDg5Ni05MjlmLTU0MzQxY2QxM2E5ZC8xLzdlNGxwNHFCYTk0
MkxFREliam01UjlEdUxfTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAi2faAMEALxEvAMEALxEvzANBgkq
hkiG9w0BAQsFAAOCAQEAr5ESCUrCwk4paTCn91tNsUbLXMpg7Qx4JrO1vly5qXPi
WRhqa1Oa71uklAgCNyDw2UJJKswbcyyQwpZyJJqEmz7zkA26UKdKBJv18iwqT5Zw
27u+VU8Z4OpQ2KLybDQLOdypeG6NLnNdwyGJEH8RwqhLtI7GVxJbfxsss8ajGrYz
NGRlksl/QhXuXuyJzjpN+1iMeG9iqxiVcU3NNn5QpWT6qIIXNsleqFXXCynKzp5Q
D3l96kJAjjRUEifeiTAFg856oEPqEa9X25HlhO3+HUFbf2/W3hqt7sHN36Dn/g+o
fUel0Jzz5HvBdQZXi0+WHpkcCuBnOY0cw3gIYedhCA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:46:06 2025 by rpki-client