Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/768f14-a721-46f0-9199-4f4b994e0eb2/1/L08RfGmtp4Go9ZF8xp9MFyzvU8E.roa
File: L08RfGmtp4Go9ZF8xp9MFyzvU8E.roa (raw, json)
Hash identifier: y/TvKE2Ulspetlz8JnMCx0jQk1KKPdlrE+KOXbXakrA=
Subject key identifier: 2F:4F:11:7C:69:AD:A7:81:A8:F5:91:7C:C6:9F:4C:17:2C:EF:53:C1
Certificate issuer: /CN=4beccc9d1a76e91469cb63b12bf725d7debafb1b
Certificate serial: 018538DB8D1ADC8A07C064445D7FB269CD06
Authority key identifier: 4B:EC:CC:9D:1A:76:E9:14:69:CB:63:B1:2B:F7:25:D7:DE:BA:FB:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S-zMnRp26RRpy2OxK_cl1966-xs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/768f14-a721-46f0-9199-4f4b994e0eb2/1/L08RfGmtp4Go9ZF8xp9MFyzvU8E.roa
Signing time: Thu 22 Dec 2022 08:03:10 +0000
ROA not before: Thu 22 Dec 2022 08:03:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50316
IP address blocks: 45.82.202.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:38:db:8d:1a:dc:8a:07:c0:64:44:5d:7f:b2:69:cd:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4beccc9d1a76e91469cb63b12bf725d7debafb1b
Validity
Not Before: Dec 22 08:03:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2f4f117c69ada781a8f5917cc69f4c172cef53c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:41:42:4a:51:79:47:f2:7f:6f:dd:76:7f:62:
ac:63:63:f7:90:7b:50:83:5c:91:26:88:73:b9:69:
cf:ec:54:90:ee:80:3a:ed:c6:42:5a:29:85:71:33:
a7:c8:48:0a:c1:3b:c1:af:c5:5d:d9:16:4f:54:2d:
cd:52:0c:fa:f1:81:51:88:00:eb:31:9f:6b:b3:9c:
c8:69:1e:58:0c:3c:c0:e4:87:76:85:54:93:f5:00:
4d:f4:a3:20:cf:10:3f:f9:f2:df:09:27:0b:20:3b:
88:77:f6:a6:7d:72:81:a2:b9:f7:9c:02:db:c9:3d:
95:b1:d0:b4:9c:a5:9a:d7:88:eb:fd:b6:c5:7d:46:
c8:30:d9:66:b8:76:4a:1a:49:0f:10:26:bf:7e:f1:
18:11:c8:62:83:1b:d4:62:17:d7:8b:db:39:fe:ab:
74:ce:49:55:3c:21:76:21:9f:bf:1d:53:ab:3b:9c:
56:35:20:eb:00:8f:cc:33:b1:b7:01:76:f3:55:71:
4c:e1:86:ff:f6:09:fa:20:42:cf:f3:84:68:c8:d6:
5e:52:97:22:ca:71:72:fd:35:bb:dc:95:19:13:11:
4d:9f:9b:ec:9b:fe:36:53:02:5a:f6:f1:05:59:5a:
f4:76:e6:7d:59:76:d7:14:82:95:b1:1e:da:50:bd:
8d:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:4F:11:7C:69:AD:A7:81:A8:F5:91:7C:C6:9F:4C:17:2C:EF:53:C1
X509v3 Authority Key Identifier:
keyid:4B:EC:CC:9D:1A:76:E9:14:69:CB:63:B1:2B:F7:25:D7:DE:BA:FB:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S-zMnRp26RRpy2OxK_cl1966-xs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/768f14-a721-46f0-9199-4f4b994e0eb2/1/L08RfGmtp4Go9ZF8xp9MFyzvU8E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/768f14-a721-46f0-9199-4f4b994e0eb2/1/S-zMnRp26RRpy2OxK_cl1966-xs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.82.202.0/24
Signature Algorithm: sha256WithRSAEncryption
59:e3:d1:6c:0e:57:c3:84:89:27:c9:d0:7c:23:ba:da:9e:9c:
9d:e5:c9:62:1f:0d:d6:bb:7b:11:d1:07:7d:8e:b2:c6:88:b5:
6a:18:9a:a2:81:82:47:81:f3:d7:5d:32:3d:da:d8:67:2b:1b:
59:15:3a:82:16:a7:14:2b:37:58:5a:4c:a4:3d:c6:b6:08:77:
c5:d9:27:1e:71:cc:03:a3:6e:59:ba:38:0b:26:7e:d4:c6:c8:
77:f9:fa:01:b8:e5:1d:8d:05:f7:31:aa:08:c7:66:d1:84:97:
cb:b2:0f:fb:97:00:72:7f:f2:78:58:7c:d4:52:9c:93:18:d5:
11:22:cd:d4:ff:f9:b9:93:26:79:b1:be:63:1e:6b:7c:e4:e9:
72:92:f9:99:cd:5e:99:63:ee:86:20:e7:10:19:1e:ac:da:92:
3a:b2:80:d8:81:22:58:4b:5d:cb:a9:8a:de:59:d6:80:eb:88:
41:71:dd:62:f5:ee:84:27:2b:5d:11:5f:e7:08:fa:12:4f:b8:
81:a4:23:06:5d:5e:19:e0:a8:3b:eb:8d:86:a4:fc:80:84:9c:
e9:a8:9e:30:b2:62:b0:81:87:72:db:13:fb:f4:72:72:4e:84:
35:ff:71:4d:e7:7d:42:26:16:d0:c6:08:e7:5d:b7:07:24:f8:
9a:85:a5:f3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYU4240a3IoHwGREXX+yac0GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiZWNjYzlkMWE3NmU5MTQ2OWNiNjNiMTJiZjcyNWQ3ZGVi
YWZiMWIwHhcNMjIxMjIyMDgwMzEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjRmMTE3YzY5YWRhNzgxYThmNTkxN2NjNjlmNGMxNzJjZWY1M2MxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgkFCSlF5R/J/b912f2KsY2P3kHtQ
g1yRJohzuWnP7FSQ7oA67cZCWimFcTOnyEgKwTvBr8Vd2RZPVC3NUgz68YFRiADr
MZ9rs5zIaR5YDDzA5Id2hVST9QBN9KMgzxA/+fLfCScLIDuId/amfXKBorn3nALb
yT2VsdC0nKWa14jr/bbFfUbIMNlmuHZKGkkPECa/fvEYEchigxvUYhfXi9s5/qt0
zklVPCF2IZ+/HVOrO5xWNSDrAI/MM7G3AXbzVXFM4Yb/9gn6IELP84RoyNZeUpci
ynFy/TW73JUZExFNn5vsm/42UwJa9vEFWVr0duZ9WXbXFIKVsR7aUL2NHwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC9PEXxpraeBqPWRfMafTBcs71PBMB8GA1UdIwQY
MBaAFEvszJ0adukUactjsSv3JdfeuvsbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUy16TW5ScDI2UlJweTJPeEtfY2wxOTY2LXhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS83NjhmMTQtYTcyMS00NmYwLTkxOTkt
NGY0Yjk5NGUwZWIyLzEvTDA4UmZHbXRwNEdvOVpGOHhwOU1GeXp2VThFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS83NjhmMTQtYTcyMS00NmYwLTkxOTktNGY0Yjk5NGUwZWIy
LzEvUy16TW5ScDI2UlJweTJPeEtfY2wxOTY2LXhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVLKMA0G
CSqGSIb3DQEBCwUAA4IBAQBZ49FsDlfDhIknydB8I7ranpyd5cliHw3Wu3sR0Qd9
jrLGiLVqGJqigYJHgfPXXTI92thnKxtZFTqCFqcUKzdYWkykPca2CHfF2SceccwD
o25ZujgLJn7Uxsh3+foBuOUdjQX3MaoIx2bRhJfLsg/7lwByf/J4WHzUUpyTGNUR
Is3U//m5kyZ5sb5jHmt85OlykvmZzV6ZY+6GIOcQGR6s2pI6soDYgSJYS13LqYre
WdaA64hBcd1i9e6EJytdEV/nCPoST7iBpCMGXV4Z4Kg7642GpPyAhJzpqJ4wsmKw
gYdy2xP79HJyToQ1/3FN531CJhbQxgjnXbcHJPiahaXz
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:43:39 2025 by rpki-client