Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/e6f2ee-0476-40b4-bb6a-660778099b3d/1/_4XgleNuQemjxite7LNYE3p8YCU.roa
File: _4XgleNuQemjxite7LNYE3p8YCU.roa (raw, json)
Hash identifier: /VcSWLhSuvA+Fx8khDqZitP4VghiuWORh46gKmZUcPU=
Subject key identifier: FF:85:E0:95:E3:6E:41:E9:A3:C6:2B:5E:EC:B3:58:13:7A:7C:60:25
Certificate issuer: /CN=206d182a3b44a7be05d3ee70dc90a85d57abfb8d
Certificate serial: 01856FF96F106B59BFDD0A12B6F31FEB7527
Authority key identifier: 20:6D:18:2A:3B:44:A7:BE:05:D3:EE:70:DC:90:A8:5D:57:AB:FB:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IG0YKjtEp74F0-5w3JCoXVer-40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/e6f2ee-0476-40b4-bb6a-660778099b3d/1/_4XgleNuQemjxite7LNYE3p8YCU.roa
Signing time: Mon 02 Jan 2023 00:54:55 +0000
ROA not before: Mon 02 Jan 2023 00:54:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48813
IP address blocks: 45.140.108.0/22 maxlen: 24
185.145.248.0/22 maxlen: 24
193.19.208.0/22 maxlen: 24
2a07:4b00::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:f9:6f:10:6b:59:bf:dd:0a:12:b6:f3:1f:eb:75:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=206d182a3b44a7be05d3ee70dc90a85d57abfb8d
Validity
Not Before: Jan 2 00:54:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ff85e095e36e41e9a3c62b5eecb358137a7c6025
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:19:5b:9f:ab:ea:ec:9d:c3:2e:ca:46:55:11:
06:1f:fb:ed:4b:5e:27:ca:d4:94:4a:d3:ac:bb:83:
7b:91:bf:a2:b8:ac:73:ac:88:76:f3:4b:c6:81:d0:
57:1d:24:4b:c9:44:7c:a0:50:a2:ad:3a:04:8e:c3:
6e:e0:63:54:c0:8c:18:dd:a9:77:b0:a2:57:26:10:
bc:b9:55:b5:f1:c2:c3:b4:66:77:69:a4:ec:af:a8:
e7:c1:b2:8c:cb:1b:04:4b:92:ba:1d:d5:03:9b:1c:
f3:74:41:09:91:75:8e:43:f3:a9:37:eb:22:ff:ed:
4b:db:f3:37:ca:3e:c7:4b:fb:5b:ca:fc:c8:3c:c9:
9f:a3:ae:a3:e7:b2:14:ad:79:7d:38:f4:b2:e6:a1:
ae:42:31:9f:56:0b:12:cc:f5:c1:40:cd:2a:39:f5:
5a:c1:44:68:03:9f:66:12:84:24:a2:34:35:67:2a:
ea:d9:67:3d:28:70:53:55:e3:09:6d:f3:07:e5:d0:
e3:b3:2b:4c:5c:30:35:1f:fa:00:ab:6c:45:5e:1e:
6e:30:c3:30:b5:25:14:7f:0f:96:9e:f1:01:1f:51:
92:73:05:37:87:90:b0:45:d2:28:f4:9b:b0:8f:2a:
63:6f:9d:e7:e3:49:08:a3:e9:67:88:a4:f6:af:97:
ce:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:85:E0:95:E3:6E:41:E9:A3:C6:2B:5E:EC:B3:58:13:7A:7C:60:25
X509v3 Authority Key Identifier:
keyid:20:6D:18:2A:3B:44:A7:BE:05:D3:EE:70:DC:90:A8:5D:57:AB:FB:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IG0YKjtEp74F0-5w3JCoXVer-40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/e6f2ee-0476-40b4-bb6a-660778099b3d/1/_4XgleNuQemjxite7LNYE3p8YCU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/e6f2ee-0476-40b4-bb6a-660778099b3d/1/IG0YKjtEp74F0-5w3JCoXVer-40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.108.0/22
185.145.248.0/22
193.19.208.0/22
IPv6:
2a07:4b00::/29
Signature Algorithm: sha256WithRSAEncryption
4c:79:15:f5:df:a6:01:dd:76:a4:1f:36:7a:fa:b3:0e:d1:97:
63:46:09:34:58:e6:64:0d:01:20:f4:8c:97:7d:40:82:6a:da:
b5:79:02:3b:7e:71:4d:0e:01:dd:cf:19:e2:be:93:f0:70:66:
30:27:c0:7e:72:79:f5:7e:14:97:cb:9f:55:e8:d1:af:0b:66:
e7:9b:85:d3:70:52:33:b1:a8:7b:28:81:77:2f:2a:34:2e:a8:
1b:14:39:c0:98:d0:49:10:8e:46:d9:c2:e4:f2:18:f2:29:a7:
7c:a6:49:ff:bf:3f:61:6c:89:33:d1:f1:3e:0c:2d:d6:e8:7f:
4d:02:20:e6:fe:e0:47:d5:53:f6:ee:6f:84:01:0e:1b:7d:81:
f8:b4:8f:42:85:5f:4c:cd:0e:df:b5:68:c4:42:29:25:34:48:
8b:e9:a3:b6:29:d1:da:cd:da:b7:1d:3e:56:62:b2:83:57:b9:
1e:ee:fb:1a:73:dd:74:29:61:8e:a4:e1:c7:28:a7:59:d4:1d:
c9:8c:1a:81:c0:16:30:3b:06:70:3d:03:82:05:15:86:dc:be:
50:0e:f0:fd:b6:9b:13:c4:df:12:64:59:7b:45:87:c3:4e:b6:
48:74:2a:ab:0c:f2:59:53:ec:a2:ac:7a:da:7d:70:aa:d4:35:
08:31:7f:5b
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVv+W8Qa1m/3QoStvMf63UnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwNmQxODJhM2I0NGE3YmUwNWQzZWU3MGRjOTBhODVkNTdh
YmZiOGQwHhcNMjMwMTAyMDA1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjg1ZTA5NWUzNmU0MWU5YTNjNjJiNWVlY2IzNTgxMzdhN2M2MDI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnBlbn6vq7J3DLspGVREGH/vtS14n
ytSUStOsu4N7kb+iuKxzrIh280vGgdBXHSRLyUR8oFCirToEjsNu4GNUwIwY3al3
sKJXJhC8uVW18cLDtGZ3aaTsr6jnwbKMyxsES5K6HdUDmxzzdEEJkXWOQ/OpN+si
/+1L2/M3yj7HS/tbyvzIPMmfo66j57IUrXl9OPSy5qGuQjGfVgsSzPXBQM0qOfVa
wURoA59mEoQkojQ1Zyrq2Wc9KHBTVeMJbfMH5dDjsytMXDA1H/oAq2xFXh5uMMMw
tSUUfw+WnvEBH1GScwU3h5CwRdIo9Juwjypjb53n40kIo+lniKT2r5fOgwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFP+F4JXjbkHpo8YrXuyzWBN6fGAlMB8GA1UdIwQY
MBaAFCBtGCo7RKe+BdPucNyQqF1Xq/uNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUcwWUtqdEVwNzRGMC01dzNKQ29YVmVyLTQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9lNmYyZWUtMDQ3Ni00MGI0LWJiNmEt
NjYwNzc4MDk5YjNkLzEvXzRYZ2xlTnVRZW1qeGl0ZTdMTllFM3A4WUNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9lNmYyZWUtMDQ3Ni00MGI0LWJiNmEtNjYwNzc4MDk5YjNk
LzEvSUcwWUtqdEVwNzRGMC01dzNKQ29YVmVyLTQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCLYxsAwQC
uZH4AwQCwRPQMA0EAgACMAcDBQMqB0sAMA0GCSqGSIb3DQEBCwUAA4IBAQBMeRX1
36YB3XakHzZ6+rMO0ZdjRgk0WOZkDQEg9IyXfUCCatq1eQI7fnFNDgHdzxnivpPw
cGYwJ8B+cnn1fhSXy59V6NGvC2bnm4XTcFIzsah7KIF3Lyo0LqgbFDnAmNBJEI5G
2cLk8hjyKad8pkn/vz9hbIkz0fE+DC3W6H9NAiDm/uBH1VP27m+EAQ4bfYH4tI9C
hV9MzQ7ftWjEQiklNEiL6aO2KdHazdq3HT5WYrKDV7ke7vsac910KWGOpOHHKKdZ
1B3JjBqBwBYwOwZwPQOCBRWG3L5QDvD9tpsTxN8SZFl7RYfDTrZIdCqrDPJZU+yi
rHrafXCq1DUIMX9b
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:49:12 2025 by rpki-client