Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/685b53-6f11-41db-bead-43eaf7567caa/1/cAWcpQssiwYlNCim94blfnZeNms.roa
File: cAWcpQssiwYlNCim94blfnZeNms.roa (raw, json)
Hash identifier: XVIAXrWYpjFU/ZRjmKYDNSid5pF+Fi5ygKUzLuTQmAk=
Subject key identifier: 70:05:9C:A5:0B:2C:8B:06:25:34:28:A6:F7:86:E5:7E:76:5E:36:6B
Certificate issuer: /CN=485f76274c805d25b115a3adba1d2ea154deead7
Certificate serial: 014A0252
Authority key identifier: 48:5F:76:27:4C:80:5D:25:B1:15:A3:AD:BA:1D:2E:A1:54:DE:EA:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SF92J0yAXSWxFaOtuh0uoVTe6tc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/685b53-6f11-41db-bead-43eaf7567caa/1/cAWcpQssiwYlNCim94blfnZeNms.roa
Signing time: Sat 01 Jan 2022 06:54:17 +0000
ROA not before: Sat 01 Jan 2022 06:54:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206728
IP address blocks: 45.141.84.0/24 maxlen: 24
45.141.87.0/24 maxlen: 24
45.141.86.0/24 maxlen: 24
2a0b:7ec0::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21627474 (0x14a0252)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=485f76274c805d25b115a3adba1d2ea154deead7
Validity
Not Before: Jan 1 06:54:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=70059ca50b2c8b06253428a6f786e57e765e366b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:96:d8:30:0f:25:13:21:5c:aa:2d:86:cb:fe:
27:96:46:02:5b:b5:6f:7b:39:35:a7:bb:6a:e3:4c:
17:11:fc:8f:18:2b:15:55:c9:07:42:81:e0:02:1e:
88:90:d9:c8:9a:47:1a:b2:00:36:3c:b9:82:fb:19:
bd:a1:39:6d:af:04:33:a1:66:4b:0b:4b:50:dc:95:
4c:a4:0e:c5:49:7f:a6:b2:9d:97:21:71:e7:62:95:
1c:ef:4f:13:2a:9d:64:e3:71:2a:c7:28:b6:0a:e8:
d4:64:27:2b:cb:39:f7:2b:0c:e6:17:52:38:09:9d:
b4:d1:2f:d7:76:b9:3e:ee:d6:d2:42:35:f7:6d:16:
c6:d3:9d:ad:8f:97:84:6c:28:4c:37:42:a8:db:97:
a7:4b:87:d3:95:69:76:20:36:02:0a:49:01:83:3b:
d1:62:f7:83:ab:a0:66:40:27:a8:6f:1f:f8:97:3b:
12:79:30:e4:6c:dd:50:d8:32:52:1d:e5:87:c1:b0:
9c:d4:35:83:8d:5a:d9:0a:54:41:5a:fa:57:dd:f0:
4b:5f:65:f6:d7:d7:9d:d0:71:61:19:f0:00:d6:5c:
c8:8d:3e:8a:57:e4:90:27:e1:39:d6:fe:19:5b:28:
a8:8c:87:9c:1d:02:29:c5:8c:47:ba:4b:47:f1:78:
7d:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:05:9C:A5:0B:2C:8B:06:25:34:28:A6:F7:86:E5:7E:76:5E:36:6B
X509v3 Authority Key Identifier:
keyid:48:5F:76:27:4C:80:5D:25:B1:15:A3:AD:BA:1D:2E:A1:54:DE:EA:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SF92J0yAXSWxFaOtuh0uoVTe6tc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/685b53-6f11-41db-bead-43eaf7567caa/1/cAWcpQssiwYlNCim94blfnZeNms.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/685b53-6f11-41db-bead-43eaf7567caa/1/SF92J0yAXSWxFaOtuh0uoVTe6tc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.84.0/24
45.141.86.0/23
IPv6:
2a0b:7ec0::/29
Signature Algorithm: sha256WithRSAEncryption
de:f8:0e:fd:dd:08:be:db:14:f8:c9:58:b4:c4:9c:b0:bd:55:
c3:af:fd:b1:45:39:51:44:89:7f:bc:57:42:fa:e2:5e:cd:d0:
17:23:4d:b7:9b:5f:e8:64:69:d5:b3:79:c7:aa:30:3d:87:c5:
a6:86:37:c1:e0:e6:22:5e:07:72:7b:81:72:95:f7:cc:b8:cd:
37:11:54:34:77:77:4d:f7:5b:0f:a2:05:60:6c:94:35:58:b7:
28:86:70:12:43:dc:1d:69:84:ce:bd:0e:8f:ed:39:26:db:36:
cc:1d:92:88:7c:cc:fb:9b:12:04:88:ed:d7:ee:1e:81:5e:5b:
58:48:8e:d8:9e:58:de:62:87:ae:b5:56:ba:57:35:71:db:ed:
14:5b:e3:b0:43:3b:68:59:c3:28:2f:8e:56:ff:b9:75:42:ff:
a0:03:33:e5:01:aa:65:63:ac:21:07:2a:ad:2d:eb:2d:ff:de:
ca:ea:82:ff:f9:9d:bd:3b:a0:fe:c8:d6:cc:8f:70:96:3f:2f:
ff:ef:dd:94:64:51:67:bd:77:32:8a:89:2f:41:dd:a3:c3:bc:
f3:0c:6f:1d:df:41:da:da:22:8c:20:c5:c8:fc:6b:9b:af:18:
06:31:d2:e6:bc:38:38:41:45:b2:1f:c8:d8:51:56:69:0e:55:
de:16:e4:63
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEAUoCUjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ODVmNzYyNzRjODA1ZDI1YjExNWEzYWRiYTFkMmVhMTU0ZGVlYWQ3MB4XDTIyMDEw
MTA2NTQxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzAwNTljYTUwYjJj
OGIwNjI1MzQyOGE2Zjc4NmU1N2U3NjVlMzY2YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL+W2DAPJRMhXKothsv+J5ZGAlu1b3s5Nae7auNMFxH8jxgr
FVXJB0KB4AIeiJDZyJpHGrIANjy5gvsZvaE5ba8EM6FmSwtLUNyVTKQOxUl/prKd
lyFx52KVHO9PEyqdZONxKscotgro1GQnK8s59ysM5hdSOAmdtNEv13a5Pu7W0kI1
920WxtOdrY+XhGwoTDdCqNuXp0uH05VpdiA2AgpJAYM70WL3g6ugZkAnqG8f+Jc7
Enkw5GzdUNgyUh3lh8GwnNQ1g41a2QpUQVr6V93wS19l9tfXndBxYRnwANZcyI0+
ilfkkCfhOdb+GVsoqIyHnB0CKcWMR7pLR/F4fWUCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBRwBZylCyyLBiU0KKb3huV+dl42azAfBgNVHSMEGDAWgBRIX3YnTIBdJbEV
o626HS6hVN7q1zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1NGOTJKMHlBWFNXeEZhT3R1aDB1b1ZUZTZ0Yy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzAvNjg1YjUzLTZmMTEtNDFkYi1iZWFkLTQzZWFmNzU2N2NhYS8x
L2NBV2NwUXNzaXdZbE5DaW05NGJsZm5aZU5tcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzAv
Njg1YjUzLTZmMTEtNDFkYi1iZWFkLTQzZWFmNzU2N2NhYS8xL1NGOTJKMHlBWFNX
eEZhT3R1aDB1b1ZUZTZ0Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAC2NVAMEAS2NVjANBAIAAjAHAwUD
Kgt+wDANBgkqhkiG9w0BAQsFAAOCAQEA3vgO/d0IvtsU+MlYtMScsL1Vw6/9sUU5
UUSJf7xXQvriXs3QFyNNt5tf6GRp1bN5x6owPYfFpoY3weDmIl4HcnuBcpX3zLjN
NxFUNHd3TfdbD6IFYGyUNVi3KIZwEkPcHWmEzr0Oj+05Jts2zB2SiHzM+5sSBIjt
1+4egV5bWEiO2J5Y3mKHrrVWulc1cdvtFFvjsEM7aFnDKC+OVv+5dUL/oAMz5QGq
ZWOsIQcqrS3rLf/eyuqC//mdvTug/sjWzI9wlj8v/+/dlGRRZ713MoqJL0Hdo8O8
8wxvHd9B2toijCDFyPxrm68YBjHS5rw4OEFFsh/I2FFWaQ5V3hbkYw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:24:23 2025 by rpki-client