Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/d7e660-6912-4380-ab4f-718b9c40fd25/1/hErIRGQhnF3u_P9YCwShyPkNj7Q.roa
File: hErIRGQhnF3u_P9YCwShyPkNj7Q.roa (raw, json)
Hash identifier: sGnaak3WhpAUbYRFXzFH146GkJfZ4lcJdbpczBX0qnE=
Subject key identifier: 84:4A:C8:44:64:21:9C:5D:EE:FC:FF:58:0B:04:A1:C8:F9:0D:8F:B4
Certificate issuer: /CN=cf2eee78a0084d831de1a2500183e16489516ccf
Certificate serial: 97BAB3
Authority key identifier: CF:2E:EE:78:A0:08:4D:83:1D:E1:A2:50:01:83:E1:64:89:51:6C:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zy7ueKAITYMd4aJQAYPhZIlRbM8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/d7e660-6912-4380-ab4f-718b9c40fd25/1/hErIRGQhnF3u_P9YCwShyPkNj7Q.roa
Signing time: Sat 01 Jan 2022 01:51:07 +0000
ROA not before: Sat 01 Jan 2022 01:51:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211215
IP address blocks: 45.95.8.0/24 maxlen: 24
2a0c:3300::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9943731 (0x97bab3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf2eee78a0084d831de1a2500183e16489516ccf
Validity
Not Before: Jan 1 01:51:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=844ac84464219c5deefcff580b04a1c8f90d8fb4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:6a:b7:e9:78:cb:8d:77:c2:9c:66:72:01:20:
07:74:c9:a0:00:43:b4:4e:0e:e6:be:af:ec:70:3e:
80:cb:83:e9:4b:bd:0a:ac:d7:5e:85:3d:b3:44:a2:
e7:9f:95:3a:d3:9c:ad:8f:44:5a:15:f0:0d:82:78:
78:c1:f3:f9:bc:47:17:d7:95:cb:3f:af:9b:aa:e8:
a9:19:95:4d:59:67:16:b2:15:2f:7b:a2:39:1d:fc:
53:f2:93:d2:b4:4a:8c:7a:6b:a2:ba:d4:1c:08:76:
f2:b9:13:a5:a2:87:f0:85:f4:4d:fb:f5:21:aa:ba:
da:9e:2d:49:09:b0:44:0f:a7:e2:7a:b1:10:82:06:
fc:f4:17:e4:4e:db:43:38:b0:13:ca:fc:29:29:a9:
29:58:b4:c8:91:fe:3f:86:65:47:6c:bd:3b:10:d0:
99:f8:21:db:c5:03:fe:ab:2a:28:5a:b3:7c:fe:da:
3b:e0:8c:71:e7:89:8e:a4:75:97:59:95:32:36:17:
75:7f:8f:34:6d:98:3a:4d:2b:a3:bf:73:68:73:76:
a1:74:a8:40:77:04:d8:37:4f:fd:00:47:70:47:c5:
9f:a3:49:db:57:23:a2:8b:01:ca:88:db:b8:b4:69:
23:38:01:8d:a5:d5:51:ce:22:ba:f3:40:74:94:44:
03:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:4A:C8:44:64:21:9C:5D:EE:FC:FF:58:0B:04:A1:C8:F9:0D:8F:B4
X509v3 Authority Key Identifier:
keyid:CF:2E:EE:78:A0:08:4D:83:1D:E1:A2:50:01:83:E1:64:89:51:6C:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zy7ueKAITYMd4aJQAYPhZIlRbM8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/d7e660-6912-4380-ab4f-718b9c40fd25/1/hErIRGQhnF3u_P9YCwShyPkNj7Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/d7e660-6912-4380-ab4f-718b9c40fd25/1/zy7ueKAITYMd4aJQAYPhZIlRbM8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.8.0/24
IPv6:
2a0c:3300::/32
Signature Algorithm: sha256WithRSAEncryption
1a:35:7e:da:56:bb:6e:7d:f3:39:19:0a:e4:e5:95:b1:bc:79:
96:46:65:46:9c:30:ad:bb:9b:9b:9e:d1:74:c0:ba:93:36:0e:
ff:e5:89:11:fc:a6:6e:a6:0f:ea:7a:08:e4:e5:c9:8d:59:36:
85:92:fb:8c:16:67:c8:25:e1:f6:6a:86:27:a5:9e:5c:dc:1b:
83:e7:b5:d9:13:3d:a0:7c:19:7b:63:f4:18:44:16:fa:33:32:
db:72:8d:a1:48:c3:08:d7:93:be:d7:84:c4:63:8e:20:a2:8e:
8d:b2:d2:6f:82:9b:40:72:3c:4d:66:30:06:81:cd:c8:21:ed:
0d:4d:81:b4:31:6e:aa:c7:4a:0e:5d:8c:37:90:5a:e6:b4:03:
30:bf:2d:31:43:37:05:cb:ad:08:c7:52:a7:76:a2:f2:63:de:
07:2c:33:e5:55:84:dd:25:e8:5c:5d:1f:43:15:9b:8c:4b:c5:
88:d8:51:c8:b3:e9:3b:b1:58:8e:20:f3:17:ea:af:5a:b0:d1:
a1:55:33:14:71:11:53:b4:fb:57:f4:bf:4b:f4:5b:19:ed:7a:
55:f1:b9:b2:94:32:ba:90:00:dc:fc:78:a5:84:d6:3a:75:d7:
74:bc:9d:9e:32:85:ae:cb:d2:86:bc:2e:94:c5:cc:02:c8:ef:
48:3e:66:02
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEAJe6szANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
ZjJlZWU3OGEwMDg0ZDgzMWRlMWEyNTAwMTgzZTE2NDg5NTE2Y2NmMB4XDTIyMDEw
MTAxNTEwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODQ0YWM4NDQ2NDIx
OWM1ZGVlZmNmZjU4MGIwNGExYzhmOTBkOGZiNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMdqt+l4y413wpxmcgEgB3TJoABDtE4O5r6v7HA+gMuD6Uu9
CqzXXoU9s0Si55+VOtOcrY9EWhXwDYJ4eMHz+bxHF9eVyz+vm6roqRmVTVlnFrIV
L3uiOR38U/KT0rRKjHprorrUHAh28rkTpaKH8IX0Tfv1Iaq62p4tSQmwRA+n4nqx
EIIG/PQX5E7bQziwE8r8KSmpKVi0yJH+P4ZlR2y9OxDQmfgh28UD/qsqKFqzfP7a
O+CMceeJjqR1l1mVMjYXdX+PNG2YOk0ro79zaHN2oXSoQHcE2DdP/QBHcEfFn6NJ
21cjoosByojbuLRpIzgBjaXVUc4iuvNAdJREA6ECAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSESshEZCGcXe78/1gLBKHI+Q2PtDAfBgNVHSMEGDAWgBTPLu54oAhNgx3h
olABg+FkiVFszzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3p5N3VlS0FJVFlNZDRhSlFBWVBoWklsUmJNOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTkvZDdlNjYwLTY5MTItNDM4MC1hYjRmLTcxOGI5YzQwZmQyNS8x
L2hFcklSR1FobkYzdV9QOVlDd1NoeVBrTmo3US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTkv
ZDdlNjYwLTY5MTItNDM4MC1hYjRmLTcxOGI5YzQwZmQyNS8xL3p5N3VlS0FJVFlN
ZDRhSlFBWVBoWklsUmJNOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAC1fCDANBAIAAjAHAwUAKgwzADAN
BgkqhkiG9w0BAQsFAAOCAQEAGjV+2la7bn3zORkK5OWVsbx5lkZlRpwwrbubm57R
dMC6kzYO/+WJEfymbqYP6noI5OXJjVk2hZL7jBZnyCXh9mqGJ6WeXNwbg+e12RM9
oHwZe2P0GEQW+jMy23KNoUjDCNeTvteExGOOIKKOjbLSb4KbQHI8TWYwBoHNyCHt
DU2BtDFuqsdKDl2MN5Ba5rQDML8tMUM3BcutCMdSp3ai8mPeBywz5VWE3SXoXF0f
QxWbjEvFiNhRyLPpO7FYjiDzF+qvWrDRoVUzFHERU7T7V/S/S/RbGe16VfG5spQy
upAA3Px4pYTWOnXXdLydnjKFrsvShrwulMXMAsjvSD5mAg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:39:13 2025 by rpki-client