Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/343Genc7fVITEPsx6e5SECa1k1g.roa
File: 343Genc7fVITEPsx6e5SECa1k1g.roa (raw, json)
Hash identifier: obQFKGDJGuLXG4kQ+maS7hexTJvV3mXN3YUvN+6LX+0=
Subject key identifier: DF:8D:C6:7A:77:3B:7D:52:13:10:FB:31:E9:EE:52:10:26:B5:93:58
Certificate issuer: /CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
Certificate serial: 0187DD2EC6BC085CF07159AC8EC15E1F7D40
Authority key identifier: 82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/343Genc7fVITEPsx6e5SECa1k1g.roa
Signing time: Tue 02 May 2023 15:57:22 +0000
ROA not before: Tue 02 May 2023 15:57:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 45.157.72.0/23 maxlen: 23
92.119.183.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:dd:2e:c6:bc:08:5c:f0:71:59:ac:8e:c1:5e:1f:7d:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
Validity
Not Before: May 2 15:57:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=df8dc67a773b7d521310fb31e9ee521026b59358
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:73:3b:df:fb:9a:f4:3e:c0:19:bc:56:62:c8:
53:f5:10:b4:db:00:58:f7:e3:19:d3:e1:77:94:ec:
8d:7e:bd:b9:84:10:ee:b2:3d:56:1a:c6:5c:d8:35:
71:bb:53:b9:8b:30:f1:20:fe:03:5c:a0:6f:5d:95:
68:eb:af:59:b5:89:a9:a1:57:32:13:e5:71:49:9f:
61:51:e4:c5:63:13:42:6f:ce:d1:bd:a5:80:fd:c3:
8d:0b:11:fa:7f:13:04:e0:2c:88:8b:a4:41:1e:eb:
13:a4:9b:92:01:80:d5:23:7a:9b:c1:42:fb:57:a6:
7c:6a:22:99:83:f0:06:e2:01:69:45:54:25:c2:55:
82:20:a7:7c:64:97:1c:1d:8b:ec:7d:65:de:05:ed:
2a:bd:f4:c3:71:d7:54:fa:4d:6e:a0:cd:79:e9:6f:
99:35:a8:9f:50:4f:bd:4c:c3:32:97:22:e0:6c:b5:
f4:57:53:34:57:7d:6a:1e:5e:3d:7f:c8:c6:61:a6:
a3:c7:7b:1e:3d:ae:2d:f0:d0:b9:ab:78:1d:9f:a1:
e7:5b:7d:bd:f5:b7:b4:c5:6f:80:cc:06:2e:a2:5b:
a8:fb:7a:dc:91:47:74:4d:0a:b5:a4:e4:c5:9e:91:
d5:fc:57:3f:ca:b2:7a:ed:aa:78:b6:d6:42:d7:a1:
6b:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:8D:C6:7A:77:3B:7D:52:13:10:FB:31:E9:EE:52:10:26:B5:93:58
X509v3 Authority Key Identifier:
keyid:82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/343Genc7fVITEPsx6e5SECa1k1g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.72.0/23
92.119.183.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:4e:56:15:e1:1f:39:fe:cd:00:30:d6:f6:16:8f:10:eb:43:
bb:ad:40:33:d3:6a:67:59:4b:3d:1d:f2:b3:be:56:d9:4a:30:
bf:9d:ea:e2:1f:55:0f:fe:c4:d6:1e:2c:b8:45:bf:7c:1b:b6:
49:83:b8:2c:67:ed:78:41:fd:71:77:a0:a4:92:e0:12:d6:c7:
16:bf:88:aa:8f:8a:fe:4c:29:34:b8:3a:54:7b:6e:84:72:4f:
52:46:55:b8:9f:37:d6:cf:a0:27:1e:ef:0e:03:03:a9:06:34:
b3:7a:37:46:73:e4:72:ec:78:a8:b1:47:09:4d:9e:40:37:74:
13:e9:4d:9a:8e:2a:6b:2e:f3:6e:b0:cf:32:54:6e:b9:74:21:
7e:be:a1:de:ef:fa:e9:d2:53:7a:1b:5d:a0:44:71:81:20:8a:
b0:9e:c2:97:0e:af:01:ff:d2:e4:9b:f5:cf:74:4a:a0:52:bf:
95:bf:73:bc:e4:6f:c3:a3:e7:f1:fb:7d:f6:af:f8:43:71:e3:
29:f5:b3:de:5a:f3:94:6f:da:02:5b:ae:ce:89:51:f3:55:41:
2b:3a:83:96:17:95:7f:f0:a5:25:1e:25:e1:7e:9b:15:47:8b:
f3:40:8b:66:5a:25:ee:f7:31:93:14:eb:66:35:99:5f:77:c3:
38:53:9e:76
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYfdLsa8CFzwcVmsjsFeH31AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyMWEzZjIxZmIwYzI5NGQ2ZDRhNTI5YjJmMWRiZDRiZDEx
MTliZDcwHhcNMjMwNTAyMTU1NzIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjhkYzY3YTc3M2I3ZDUyMTMxMGZiMzFlOWVlNTIxMDI2YjU5MzU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1XM73/ua9D7AGbxWYshT9RC02wBY
9+MZ0+F3lOyNfr25hBDusj1WGsZc2DVxu1O5izDxIP4DXKBvXZVo669ZtYmpoVcy
E+VxSZ9hUeTFYxNCb87RvaWA/cONCxH6fxME4CyIi6RBHusTpJuSAYDVI3qbwUL7
V6Z8aiKZg/AG4gFpRVQlwlWCIKd8ZJccHYvsfWXeBe0qvfTDcddU+k1uoM156W+Z
NaifUE+9TMMylyLgbLX0V1M0V31qHl49f8jGYaajx3sePa4t8NC5q3gdn6HnW329
9be0xW+AzAYuoluo+3rckUd0TQq1pOTFnpHV/Fc/yrJ67ap4ttZC16Fr5wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFN+Nxnp3O31SExD7MenuUhAmtZNYMB8GA1UdIwQY
MBaAFIIaPyH7DClNbUpSmy8dvUvREZvXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMt
YjZmMmFjODZlZjI3LzEvMzQzR2VuYzdmVklURVBzeDZlNVNFQ2ExazFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMtYjZmMmFjODZlZjI3
LzEvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLZ1IAwQA
XHe3MA0GCSqGSIb3DQEBCwUAA4IBAQCxTlYV4R85/s0AMNb2Fo8Q60O7rUAz02pn
WUs9HfKzvlbZSjC/neriH1UP/sTWHiy4Rb98G7ZJg7gsZ+14Qf1xd6CkkuAS1scW
v4iqj4r+TCk0uDpUe26Eck9SRlW4nzfWz6AnHu8OAwOpBjSzejdGc+Ry7HiosUcJ
TZ5AN3QT6U2ajiprLvNusM8yVG65dCF+vqHe7/rp0lN6G12gRHGBIIqwnsKXDq8B
/9Lkm/XPdEqgUr+Vv3O85G/Do+fx+332r/hDceMp9bPeWvOUb9oCW67OiVHzVUEr
OoOWF5V/8KUlHiXhfpsVR4vzQItmWiXu9zGTFOtmNZlfd8M4U552
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:58:26 2025 by rpki-client