Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/59831b-de8a-40ac-a949-7a836800e9f7/1/elkBJMebFTIqRd9KzrynzvwZhs8.roa
File: elkBJMebFTIqRd9KzrynzvwZhs8.roa (raw, json)
Hash identifier: +esbZ6DFtzQCbHhNsBPSgr8pkOEQqxu3+mDLIWaMKgU=
Subject key identifier: 7A:59:01:24:C7:9B:15:32:2A:45:DF:4A:CE:BC:A7:CE:FC:19:86:CF
Certificate issuer: /CN=ef440e13cd26112ccb5951760fcfb2d4916d7127
Certificate serial: 01856EB8ED3F27D49F085974F778823630E9
Authority key identifier: EF:44:0E:13:CD:26:11:2C:CB:59:51:76:0F:CF:B2:D4:91:6D:71:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/70QOE80mESzLWVF2D8-y1JFtcSc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/59831b-de8a-40ac-a949-7a836800e9f7/1/elkBJMebFTIqRd9KzrynzvwZhs8.roa
Signing time: Sun 01 Jan 2023 19:04:51 +0000
ROA not before: Sun 01 Jan 2023 19:04:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208952
IP address blocks: 45.14.33.0/24 maxlen: 24
45.14.32.0/24 maxlen: 24
45.14.35.0/24 maxlen: 24
45.14.34.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:b8:ed:3f:27:d4:9f:08:59:74:f7:78:82:36:30:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef440e13cd26112ccb5951760fcfb2d4916d7127
Validity
Not Before: Jan 1 19:04:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7a590124c79b15322a45df4acebca7cefc1986cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:b2:c6:36:ea:81:e1:38:36:3e:f3:51:bb:92:
fe:58:16:8e:42:70:93:93:66:78:bd:14:b7:ba:73:
09:09:f4:aa:e9:a5:e2:b0:77:9d:b2:70:42:0b:8a:
dc:0e:15:45:7b:68:bd:07:fb:e2:07:56:fe:04:b6:
95:a1:a3:dd:02:68:71:ff:22:8c:8c:a4:2e:d3:92:
ee:59:57:34:08:d3:d9:a7:db:28:f0:94:58:4d:59:
64:2e:51:43:b8:48:14:90:03:f8:6d:fd:eb:bc:a0:
90:bd:79:ac:1a:01:04:ce:9e:44:da:a0:bc:92:75:
e4:58:f0:4e:96:76:c8:89:9b:a6:f0:fa:56:17:c2:
b3:52:14:d1:31:d9:c3:af:c4:18:7f:7c:1f:f3:5f:
0a:32:ce:fe:7c:32:41:99:e3:01:2a:d4:b5:b1:cc:
7e:eb:6d:68:d6:02:39:64:80:a1:f4:eb:30:cb:23:
5c:3c:79:9e:1f:3c:9c:3b:a2:91:7e:13:69:98:03:
94:ba:05:86:40:4e:13:61:68:dc:2b:3c:06:17:0e:
57:18:2f:ca:e6:07:f1:d9:40:1b:3a:f0:d0:f8:d5:
c8:e6:5e:83:b0:06:6f:c9:8b:8b:d2:2c:0e:36:44:
0a:91:c0:65:0f:c2:95:d1:a0:41:4b:29:5e:53:0c:
09:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:59:01:24:C7:9B:15:32:2A:45:DF:4A:CE:BC:A7:CE:FC:19:86:CF
X509v3 Authority Key Identifier:
keyid:EF:44:0E:13:CD:26:11:2C:CB:59:51:76:0F:CF:B2:D4:91:6D:71:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/70QOE80mESzLWVF2D8-y1JFtcSc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/59831b-de8a-40ac-a949-7a836800e9f7/1/elkBJMebFTIqRd9KzrynzvwZhs8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/59831b-de8a-40ac-a949-7a836800e9f7/1/70QOE80mESzLWVF2D8-y1JFtcSc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.32.0/22
Signature Algorithm: sha256WithRSAEncryption
46:57:44:18:71:51:e3:83:69:50:55:90:b3:02:60:56:34:d0:
07:c9:dc:2d:a5:b8:b9:89:c0:9d:36:95:ff:e7:23:67:88:c9:
c7:da:65:31:56:ae:8b:2d:63:57:44:75:15:56:12:04:50:f3:
90:42:8d:49:01:85:83:d4:14:77:c4:71:b2:5d:29:e6:12:25:
16:11:bc:69:67:88:7a:06:b9:8c:74:ce:f1:24:7b:db:20:47:
c7:2f:04:b7:b3:e9:67:0f:12:10:01:3e:07:5f:63:41:13:ab:
68:04:a3:1d:4e:86:31:a1:41:58:f7:b9:48:25:4e:6b:a8:f1:
aa:6a:d3:57:85:5d:97:01:5d:0f:0c:5f:ba:a1:99:e1:82:69:
ed:45:97:3b:cc:45:88:df:40:26:e5:09:6f:e2:bd:74:29:5c:
b3:8b:07:da:a3:5c:a3:af:b9:23:ed:8c:02:65:d0:48:c4:3a:
4a:24:2e:21:97:6e:f2:dd:2a:8f:11:32:19:72:16:c3:92:aa:
c0:3b:f4:c8:4f:da:aa:b5:d9:c2:9b:29:80:31:67:ac:28:f4:
72:8e:88:cd:72:2b:bb:16:db:eb:82:ca:c8:39:f0:97:60:86:
c6:21:b2:e4:37:14:23:19:5c:e4:9f:80:dc:ac:0c:e6:43:3d:
5c:e3:8b:36
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuuO0/J9SfCFl093iCNjDpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNDQwZTEzY2QyNjExMmNjYjU5NTE3NjBmY2ZiMmQ0OTE2
ZDcxMjcwHhcNMjMwMTAxMTkwNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTU5MDEyNGM3OWIxNTMyMmE0NWRmNGFjZWJjYTdjZWZjMTk4NmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmLLGNuqB4Tg2PvNRu5L+WBaOQnCT
k2Z4vRS3unMJCfSq6aXisHedsnBCC4rcDhVFe2i9B/viB1b+BLaVoaPdAmhx/yKM
jKQu05LuWVc0CNPZp9so8JRYTVlkLlFDuEgUkAP4bf3rvKCQvXmsGgEEzp5E2qC8
knXkWPBOlnbIiZum8PpWF8KzUhTRMdnDr8QYf3wf818KMs7+fDJBmeMBKtS1scx+
621o1gI5ZICh9OswyyNcPHmeHzycO6KRfhNpmAOUugWGQE4TYWjcKzwGFw5XGC/K
5gfx2UAbOvDQ+NXI5l6DsAZvyYuL0iwONkQKkcBlD8KV0aBBSyleUwwJmwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHpZASTHmxUyKkXfSs68p878GYbPMB8GA1UdIwQY
MBaAFO9EDhPNJhEsy1lRdg/PstSRbXEnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzBRT0U4MG1FU3pMV1ZGMkQ4LXkxSkZ0Y1NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS81OTgzMWItZGU4YS00MGFjLWE5NDkt
N2E4MzY4MDBlOWY3LzEvZWxrQkpNZWJGVElxUmQ5S3pyeW56dndaaHM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS81OTgzMWItZGU4YS00MGFjLWE5NDktN2E4MzY4MDBlOWY3
LzEvNzBRT0U4MG1FU3pMV1ZGMkQ4LXkxSkZ0Y1NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLQ4gMA0G
CSqGSIb3DQEBCwUAA4IBAQBGV0QYcVHjg2lQVZCzAmBWNNAHydwtpbi5icCdNpX/
5yNniMnH2mUxVq6LLWNXRHUVVhIEUPOQQo1JAYWD1BR3xHGyXSnmEiUWEbxpZ4h6
BrmMdM7xJHvbIEfHLwS3s+lnDxIQAT4HX2NBE6toBKMdToYxoUFY97lIJU5rqPGq
atNXhV2XAV0PDF+6oZnhgmntRZc7zEWI30Am5Qlv4r10KVyziwfao1yjr7kj7YwC
ZdBIxDpKJC4hl27y3SqPETIZchbDkqrAO/TIT9qqtdnCmymAMWesKPRyjojNciu7
FtvrgsrIOfCXYIbGIbLkNxQjGVzkn4DcrAzmQz1c44s2
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:24:39 2025 by rpki-client